Alexander is Principal Forensic Consultant at Truesec and spends most of his time providing incident response services to companies that have suffered from an attack. He has led hundreds of complex investigations into everything from full-scale ransomware attacks to zero-day exploits and APT campaigns. Whenever not in an active incident, Alexander spends time in research and development with a focus on both novel forensic tooling and offensive offensive vulnerability research.
- Attacking PowerShell CLIXML Deserialization
Anton helps corporations keep their secrets, by helping them understand and fix their cyber security risks and issues with technology.
- Path to an Advanced Vulnerability Management Program
Chris Farris is an independent cloud security consultant. With an IT career spanning over 25 years, he has focused the last ten years on public cloud and public cloud security in media and entertainment, leveraging his expertise to build and evolve multiple cloud security programs.
Chris is passionate about enabling the broader security team's objectives of secure design, incident response, and vulnerability management. He has developed cloud security standards and training to provide risk-base
- The Cloud is getting darker and more full of terrors
Christina Lekati is a psychologist and a social engineer.
She works with Cyber Risk GmbH as a social engineering consultant and trainer.
Christina is the leading developer of the social engineering training programs provided by Cyber Risk GmbH. She also conducts vulnerability assessments on corporations and high-value targets. Those reports are based on Open-Source Intelligence (OSINT). Their goal is to help organizations identify and manage risks related to human or physical vulnerabilities.
- A New Era of Artful Deception: The Present State of AI-powered Social Engineering
Christoffer (Kugg) is a freelance security consultant and frequent participant in the security community. Swedish podcast listeners may have heard him on the podcast säkerhetssnack. You can find some of his latest research nuggets on his company blog
- Playing hide and seek in Java land
Daniel Frank is the Threat Research Team Leader at Palo Alto Networks, with over a decade of experience. Frank previously worked in RSA Security, F5 Networks, and Cybereason. His core roles include researching emerging threats, reverse-engineering malware, threat hunting, and threat intelligence. Frank has a BSc degree in information systems.
- Over the Cassowary’s Nest - Dissecting Turla’s Latest Revision of the Kazuar Backdoor
David is a Malware Researcher at CyberArk with close to a decade of experience in tracking and researching threat actors.
In the past, he has analyzed everything from cybercrime to state-backed threats. Lately, he has focused on lesser-known threat landscapes and analyzed the effects of generative AI on the world of malware. Additionally, he has contributed to both research and development of projects in the field of automatic code analysis and classification.
- Behind the Cheats: A Tale About the Greedy Cheat Developer
Having Grown Up On The Internet, Elin has worked on trying to translate the computer to the humans since childhood. She's currently an intelligence analyst and OSINT-specialist in private security, with a penchant for feminist threat intel and digital self defense training for activists, journalists and any one who needs help.
- How To Find Crazy People Online or All my Facebook accounts are real
Joel is an extroverted nerd that enjoys hacking, devops and most humans. With the experience of both building and breaking things professionally, Joel spends most of his days teaching (what is to hopefully become) the next generation of our security community.
- Demystifying confidential computing
Security researcher.
- Playing hide and seek in Java land
Jonas is a Principal Security Consultant at WithSecure. A pentester turned red teamer. Enjoys coffee, coding, bypassing EDRs, Windows privilege escalation bugs and getting Domain Admin.
- Hello my name is QSECOFR
Joona is a seasoned hacker with over two decades of experience in the fields of software development and information security. He is recognized for his significant contributions to the open-source community, notably his work on acme-dns, ffuf, and certbot.
During days he works to secure hundreds of applications as the Head of Security Testing at Visma
- Flipping Bits: Your Credentials Are Certainly Mine
Joris has many years of experience writing safe C code, of which more than 15 years in the OpenBSD project and over 10 years designing and writing code for high assurance cryptographic systems used in classified networks.
- Blessed sanctum, save us.
Julia performs penetration tests and Red Team assessments for a wide range of IT Projects as an IT Security Specialist at SecuRing. Her main area of interest revolves around Red Teaming, specifically access control systems assessments, RFID hacking, social engineering, and other related topics. She has been selected as the best speaker at SEC-T 2023. She also presented at CONFidence in Poland, No Hat in Italy and Insomni'Hack in Switzerland.
- Behind Closed Doors - Hacking RFID Readers
Lior Rochberger is a senior threat researcher at Palo Alto Networks, focusing on threat hunting and malware research. Lior has a decade of experience, where she mostly focused on OSINT, incident response, threat hunting and malware analysis.
Tom Fakterman is a Senior Threat Researcher at Palo Alto Networks. On his day to day, Tom focuses on threat hunting, malware research, and threat intelligence. Tom has a decade of experience, where he mostly focused on incident response and malware analysis
- Operation Diplomatic Specter: An Active Chinese Cyber Espionage Campaign Leverages Rare Toolset to Target Governmental Entities in the Middle East, Africa and Asia
MC has been programming professionally since 1995 and recreationally since 1985. At Tillitis he's doing research and programming on all software parts: the emulator, the firmware, the device apps, and the client apps, as well as helping define the hardware/software interface. In his spare time he enjoys retro-computing, practising longsword fighting in the German tradition, and biking around on minimalist single-speeds.
- Verifying the Tillitis TKey
Orange Tsai, is the principal security researcher of DEVCORE and the core member of CHROOT security group in Taiwan. He is the champion and the "Master of Pwn" title holder at Pwn2Own Vancouver 2021 and Toronto 2022.
Currently, Orange is a 0day researcher focusing on Web and Application Security. His research not only earned him the Pwnie Awards winner for "Best Server-Side Bug" in 2019 and 2021 but also secured 1st place in the "Top 10 Web Hacking Techniques" for 2017 and 2018.
- Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
Or Yair is a security research professional with 6+ years of experience, currently the Security Research Team Lead at SafeBreach. His primary focus lies in vulnerabilities in Windows OS's components, though his past work also included research of Linux kernel components and some Android components. Or's research is driven by innovation and a commitment to challenging conventional thinking. He enjoys contradicting assumptions and consider creativity as a key skill for research.
- MagicDot: A Hacker's Magic Show of Disappearing Dots and Spaces
Robert is the founder and president of the Trace Labs, a non profit organization that crowdsources open source intelligence (OSINT) to help locate missing persons. He has spoken at conferences and podcasts around the world on subjects such as social engineering, open source intelligence, physical security, insider threats, operational security and other topics. Robert primarily works in the aerospace industry where he assists newly acquired organizations to secure their environments.
- What we can learn about OSINT from Border Services Trackers
Samuel is a Security Engineer with experience in many areas of the field. He began his career building security teams and security cultures. He studied cyber security at The University of Alabama in Huntsville, and has more than a decade of experience the Security industry, across the 3 continents. Lately, Samuel has been focused on building Security Programs at speed and scale. He currently works at Einride in Stockholm.
- Path to an Advanced Vulnerability Management Program
Solomon Sonya (@0xSolomonSonya) is a Computer Science Graduate Student at Purdue University. He earned his undergraduate degree in Computer Science and Master’s Degrees in Computer Science, Information Systems Engineering, and Operational Strategy. Solomon routinely develops new cybersecurity tools and presents research, leads workshops, and delivers keynote addresses at cyber security conferences around the world.
Prior to attending Purdue, Solomon was the Director of Cyber Operations Train
- Harnessing the Power of Machine Learning to Enhance Malware Classification & Detection
STÖK operates at the crossroads of cybersecurity & creativity. With Swedish roots, STÖK has carved out a distinctive niche as a creative, hacker, keynote speaker and cybersecurity professional. His curiosity and dedication to sharing what he learned shines through his robust online community. His creative presentation style and hacker insights have graced the main stages of globally recognized cybersecurity events such as Black Hat USA, DEF CON, Securityfest, SEC-T, Disobey, and Eko Party
- Flipping Bits: Your Credentials Are Certainly Mine
Hi! I'm a Security Researcher and Bug Hunter from Italy, living in Sweden. I spent some years as a backend engineer and love building and especially breaking web applications. My main focus is finding new ways to exploit authentication and access control solutions, possibly with a beer in my hand.
- Hijacking accounts left and right via Swedish BankID misconfigurations
Tom Fakterman is a Senior Threat Researcher at Palo Alto Networks. On his day to day, Tom focuses on threat hunting, malware research, and threat intelligence. Tom has a decade of experience, where he mostly focused on incident response and malware analysis.
- Over the Cassowary’s Nest - Dissecting Turla’s Latest Revision of the Kazuar Backdoor
Wojciech Regula is a Principal IT Security Specialist working at SecuRing. He specializes in application security on Apple devices. He has created the iOS Security Suite - an open-source anti-tampering framework. Bugcrowd MVP, has found vulnerabilities in Apple, Facebook, Malwarebytes, Slack, Atlassian, and others. In his free time, he runs an infosec blog - https://wojciechregula.blog. He has shared his research at, among others, Typhoon, Black Hat US & EU, DEF CON, Objective by the Sea.
- Broken isolation - draining your credentials from popular macOS password managers