Meet the lecturers
Aleksandar Mirković
Lecture:
What is so funny on DarkWeb?
Aleksandar Mirković is an Information Security professional with more than seven years on a leading (CISO) positions in financial and retail institutions. He is founder of eSigurnost Association that gather a lot of security professionals from the region. Also, he is a board member of ITVestak Association, largest digital forensics and court expert witnesses in the region. Aleksandar is teaching security in the past few years, from hands-on trainings, such as CEH to Management trainings such as CISSP, Security +, and working as an Information Security consultant and penetration tester.
Alessandro Vannini
Lecture:
Where is your data gone? A Hacker's Story
Sysadmin and Security Expert for work, Hacker for consequence. He divides his time between administering companies that are his customers and securying others companies by pentesting and vulnerability assessments. He spends his free time (few) moderating 3 Microsoft Technet Forums and managing an Italian Commuity called The Phoenix Group a facebook Cybersec and Sysadmin-Network group. He is a Certified Ethical Hacker since 2016 and he is actually in charge of 6th MVP Award in a row.
Andrei Cotaie
Lecture:
Weaponising Neural Networks. In your browser!
Andrei Cotaie is a Security Engineer specialized in Incident Response. Currently working for Adobe’s Security Coordination Center, Andrei made the transition from the public to the private sector almost 5 years ago. A big fan of automation and machine learning enthusiast, Andrei spends most of his time involved in monitoring and threat hunting projects, always trying to identify the latest unconventional attacks.
Andrei Grigoras
Lecture:
Weaponizing ROP with pwntools
Even though he has worked in the security field for only 1.5 years, he has been fascinated since the first year of college.
He is mainly focused on the ethical hacking/penetration testing field with a high low-level knowledge on the Linux OS. He won multiple CTF contest prizes and was participant and speaker at HackTheZone and Defcamp.
Catalin Curelaru
Lecture:
The Empire Strikes
Catalin is a passionate cybersecurity professional for whom security is more than a job, it's a habit. He works at Visma as a Product Security Engineer, enjoying his time into the Product Security Operations team, and is the OWASP Timisoara Chapter Leader where he aims to create a strong local security community focused on improving the application security world. Has also several recognized certifications in the security field like: MCSA, MCSE, Security+, CASP, CEH.
Csaba Virág
Lecture:
Intelligence: Do you have it?
Csaba Virág has more than a decade of experience in strategic, technical and administrative layers of the IT sector, in the security domain as an ethical hacker, cybersecurity professional and private sector subject matter expert.
Up to the summer of 2015 Csaba was leading several security sensitive IT developments, mainly focusing on critical infrastructures like transportation, healthcare and the telecommunication sector, since then he is focusing on cybersecurity and cyber defence related capability and capacity building activities.
As Head of Cybersecurity Competence Centre at Cyber Services he is responsible for novel knowledge transfer solutions, capacity and capability building developments along with delivering capacity building activities for critical infrastructure providers, CERTs, law enforcement and defense sector. His main focus area is enabling organizations with effective defensive capabilities through evidence based solutions. As pro bono activity he develops and provides awareness training for children, teachers and parents.
Csaba is member of the Board of Directors at European Cyber Security Organisation, drill planner and coordinator for UN-ITU Regional Cyber Drill series and member of DIGITAL SME Focus Group on AI.
Holger Spohn
Lecture:
Cyberwar, fact, myth or legend
Born on the 29th of Feb 72 in Karlsruhe, Germany.
After attending school, which ended with a high school diploma, I joined the German Air Force.
There I made my masters in Electrical Engineering, after that worked in Air Traffic Controlling, from there became an IT officer which led me to the NATO Airborne Early Warning & Control Force Command (AWACS) in SHAPE.
I was a Communication officer in the HQ, with the responsibility for frequency management, Air and Ground communication, the Communication Budget of the HQ and related tasks.
Once finished, I left the military and I joined SHAPE as a NATO Civilian, working in the Intelligence Division (J2) as a CIS Security Supervisor.
Main job functions are inspections, policy development, incident management, security awareness, technical and threat advice and now Intel Support to the Cyber domain, which is a capability we want to build up for the future. I am also supporting CIS Security responsibilities for our operation on Afghanistan, which right now focuses on Train, Advice and Assist of the AFG security forces.
Jagor Čakmak
Lecture:
Trends in mobile application vulnerabilities in the region
Jagor Čakmak is currently working as Information Security Consultant in Penetration Testing team at Infigo IS. He has finished Telecommunication and Informatics masters programme at Faculty of Electrical Engineering and Computing in Zagreb and started working in security field at Croatian National CERT within Croatian Academic and Research Network. After incident response and R&D projects he moved to Erste Group Card Processor as an Operations Security Officer. In the end he switched his blue team role to red team at current company.
Jannis Kirschner
Lecture:
Vulnerability Research in Large-Scale Systems
Jannis is one of Switzerland’s leading cybersecurity researchers and CTF players.
With a passion for reverse engineering and exploit development, he loves to analyze complex applications.
Jannis regularly participates in challenging national and international cybersecurity competitions and speaks about cutting-edge security topics at various conferences and events.
Julian Suleder
Lecture:
Medical Device Security: Please (don’t) be patient!
Julian Suleder is a Security Researcher and Penetration Tester at ERNW Research GmbH.
His special research interest is the security of medical devices as he holds a master’s degree in medical informatics from Heidelberg University and Heilbronn University, Germany. Besides his studies, he worked as Academic Assistant at Heilbronn University and taught the concepts of the risk-driven approach for the specification of requirements for the reliability and information security of complex systems, as well as methods and techniques for the safe design and safe development of software.
Besides IT security, he researches in the field of consumer health informatics and recently published his findings in the topics of technology adoption, motivational aspects of and privacy concerns on wearables in the German running community in one of the most relevant scientific journals of medical informatics.
Mane Piperevski
Lecture:
Mane Piperevski is a security expert with over 10 years of experience and expertise in the field of Ethical Hacking/Penetration Testing and ICT Forensics. He works currently as CEO and IT Security Consultant at Piperevski&Associates and he is also contributor to open software security community as OWASP Chapter Leader for Macedonia. Recently published white papers “Hacker Attacks - Undetectable attacks from trojans with reverse communication” and “Hacking Attacks - Security Threats in IPv6 networks”. Holder of numerous security certifications (C|EH, E|CSA, C|HFI, E|CIH, E|CSP .NET, MCSA, MCSE, MCITP, C|EI, MCT) and Europe highly ranged Cyber Crime instructor and trainer.
Marcello Pogliani
Lecture:
Attacking the Wide Attack Surface of Manufacturing Systems
Marcello Pogliani holds a PhD in Information Technology from Politecnico di Milano with a dissertation on the security of manufacturing systems. He is affiliated with the NECST Laboratory of the same university, where he works with the Computer Security group. His current research interests revolve around the security of cyber-physical systems. He is also generally interested in broader system-, web- and network- security issues. In his spare time, he enjoys playing and organizing Capture The Flag competitions with Politecnico's team, Tower of Hanoi and mHACKeroni.
Matteo Cuscusa
Lecture:
The time when I became a puppeteer
Matteo Cuscusa is an ethical hacker and a social engineer. He’s been passionate about technology since when he was a kid and he founded Cuscusa Web & Security in 2009. He provides companies with offensive security services and simulated real world attack scenarios to help them understand their security posture. He’s the PoC of DC999, a group of thinkers, creators and hackers.
Matteo Peruzzi
Lecture:
Scarecrow’s hands-on guide for Penetration Testing
Matteo Peruzzi (aka iamscarecrow) is an italian Hacker and Penetration Tester living in London. Born on the 19th Feb 1996 and graduated in Mathematical Computer Science, he is a Msc Cyber Security Student at UWL currently researching on Secure Boot in embedded systems using Hardware modules such as TPMs. Member of hackthebox since one year, he hacked over 55 machines within the platform. His main interests are Penetration testing, Red Teaming, creating Exploits and hacking scripts, zero-days and Social Engineering.
Pablo Endres
Lecture:
How to shield an IoT product from the OWASP IoT TOP 10?
Pablo Endres is the founder and Managing Director of SevenShift GmbH, an IoT boutique security company. He is an experienced Security Consultant, Professional Hacker, Technological Solution Architect and published author. He is a computer engineer, and he holds a handful of security certifications ISC2 CISSP, CompTIA Security+, and ISECOM’s, OPSA + OPST. Pablo’s career has taken place mostly doing security in a variety of industries, like wireless phone, VoIP solution and Cloud Service providers, Banks, contact centers and university labs. Pablo has founded multiple companies in different continents and enjoys hacking, IoT, reverse engineering, teaching, working with new technologies, startups, collaborating with Open Source projects, learning new things, teaching, networking and being challenged. In the last couple of years, he has been working mainly in IoT security, testing dozens of
devices and working with multiple platform providers to secure their solutions. Additionally, here teaches a hand-ons training on IoT security.
Pete Finnigan
Lecture:
Un-hacking the Oracle database
Pete Finnigan is one of the most well-known experts in database security. Pete Finnigan created the SANS Oracle security step-by-step guide and the CIS Oracle benchmark used by NIST, USA DoD and more is a reference to secure Oracle databases. Pete worked out the mechanisms that Oracle used to protect PL/SQL and showed how they can be easily defeated at the Black Hat conference in Las Vegas in 2006. Pete has published multiple books on databases security and speaks and publishes papers regularly. His company also produces the tool PFCLScan used to protect Oracle databases.
Ravishankar Borgaonkar
Lecture:
4G to 5G security challenges
He holds a Ph.D. in telecommunication security area from Technischen Universität Berlin, Germany. At SINTEF Digital, he researches securing next-generation digital communication and his primary research themes are related to mobile telecommunication and involved security threats. This ranges from 2G/3G/4G/5G network security to end-user device security. He has extensive experience in security architecture, vulnerability analysis, and cybersecurity as a researcher (University of Oxford (UK), Deutsche Telekom's T-Labs (Germany), and Intel Collaborative Research Institute for Secure Computing at Aalto University (Finland)), focusing lately on securing 5G enabled use-cases. With a great interest in offensive research methodologies, Ravi is best known for the discovery of several protocol flaws in 3G/4G/5G technologies (affecting billions of devices) and assisted in shaping the existing 3G/4G and upcoming 5G security standards designed by the 3GPP international telecommunication standard body. Ravi gave over 30 talks at leading hacking/industry/academic conferences and his work is regularly covered by major news outlets including the BBC, Washington Post, Wired, Forbes, the Huffington Post, and Independent.
Severin Winkler
Lecture:
From Zero to Hero – A practical example of a real-life Penetration Test
Severin Winkler has been in the InfoSec field since 2007 starting as security researcher after his studies at the Technical University of Vienna. He has been penetration tester at SBA Research gGmbH in Vienna and is currently employed at the KPMG Cyber Security Team performing and coordinginating security tests and Cyber Defense in general.
Stefan Janković
Lecture:
How malware works?
Stefan Janković is Ethical Hacker and penetration tester from Serbia.
He has been doing penetration testing for 4 years now. He became interested in hacking as a young person. He took cybrary academy and udemy courses online. He also learned python programming and shell script. As he got further into hacking, he became interested in malware and malware analysis. He says he is still at the beginning, but day by day he learns something new and he wants to share his knowledge with us.
Thomas Rhyner
Lecture:
Mainframes are ! dead
Thomas is an Information Security Professional with more than 19 years of experience in the fields of cyber security and information technology. At KPMG, Thomas leads the Cyber Defense service offering, which includes KPMG Switzerland’s Penetration Testing team, based in Zurich and Geneva. Prior to joining KPMG, Thomas worked at a major Swiss telecommunication company for several years as an Information Security Officer. In addition, Thomas was certified as a system specialist for mainframe system z/OS and iSeries (AS400) for a major global Insurance company. He started on a 2 year full-time mainframe trainee program, which included one year full time of theoretical mainframe basics training and one year on the job training in the mainframe operations team. Upon completion, he was promoted to a mainframe system specialist and worked in this area for several years. In his free time, Thomas furthers developed his expertise through conducting mainframe security research.
Thomas Roccia
Lecture:
The endless escalation of Malware Evasion Techniques
Thomas Roccia is a security researcher on the McAfee Advanced Threat Research team. He works on threat intelligence, tracking APT and cybercrime campaigns and collaborating with law enforcement agencies. In his previous role, Thomas worked on the McAfee Foundstone team, performing worldwide incident response, malware hunting, and penetration testing. He has helped customers during major outbreaks and managed highly critical situations. Thomas has developed workshops, training courses, and presentations. His work in security research includes malware, reverse engineering, vulnerabilities. He speaks regularly at security conferences.
Tiberiu Boros
Lecture:
Weaponising Neural Networks. In your browser!
Tiberiu Boros is a Ph.D. in computer science, specifically in the field of Text-to-Speech (TTS) Synthesis. He is currently working for Adobe Systems Romania and is an associate of the Research Institute for Artificial Intelligence of the Romanian Academy. Additionally, he maintains two Machine Learning open source projects (TTS-Cube and NLP-Cube) and is a contributor to the DyNet Machine Learning Framework (developed by Carnegie Mellon University and many others). His research is focused on applied Natural Language and Speech Processing, but for the last couple of years he focused his skillset on applying data science on security/incident response problems.
Vesna Manojlović
Lecture:
Vesna Manojlovic is a Community Builder at RIPE NCC: trainer, lecturer, hacker, organiser of events and connecting people in communities as varied as network operators, hackers, software developers, anarchists and artists.
During her 25 years in the Internet industry and hackers community, and during the last 10 years in the Internet infrastructure measurements, She has experienced the dilemmas that arise from intentions when building the technologies and the consequences of these technologies being put to use.
On-Line
When registering for the HEK.SI 2024, you get FREE TICKET for the INFOSEK 2024!