Opisi predavanj HEK.SI 2022


20 Free Ways to Improve Your Defenses Today

Most organizations don’t have enough budget to buy every tool nor hire every person they need. They also don’t realize there are plenty of FREE tools, tactics and procedures available to the Blue Team. Here’s 20 things you can do today to level up your People, Processes, and Technology at little to no cost.

Robert Wagner
Petek, 28.01.2022
14:45 - 15:15
O predavatelju

Attacking the Cloud

Nowadays, migration to Cloud is a trend. It keeps getting more and more attention, especially from malicious actors. This technology evolves day by day, so does the importance of security for it. We'll see some methods that attackers are using to abuse your Cloud deployment.

Cristian Cornea
Četrtek, 27.01.2022
12:30 - 13:00
O predavatelju

Blockchain security threats - an updated perspective

In this presentation we will talk about the blockchain industry, the most common threats, how much money was lost since the crypto "boom", why bad actors are targeting blockchain, how one can protect from it/blockchain security.

Andrei Buiu
Četrtek, 27.01.2022
14:00 - 14:30
O predavatelju

Bypassing UAC With UACMe

This presentation will cover the process of elevating privileges on a Windows system by bypassing UAC with UACMe.
UACMe is a Windows post-exploitation tool that can defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor.



Alexis Ahmed
Četrtek, 27.01.2022
15:00 - 15:30
O predavatelju

Celovitost varovanja informacij pri preprečevanju hekerskih napadov

Miha Ozimek
Sava Re d.d. in SIQ Ljubljana
Četrtek, 27.01.2022
08:45 - 09:15
O predavatelju

CrowdSec: Leveraging the power of the crowd to fight back against cyber criminals

For the better part of the last 30 years, the mass scale hack problem hasn’t been solved. Even entities with almost unlimited cybersec budgets like large companies & governments get hacked. It seems that stacking products and people doesn't quite make the cut. So maybe it's time to propose another path: free, collaborative security empowered by the power of the crowd. By leveraging a huge interception network, IPs used by malevolent actors can quickly be spotted and blocked before they even attack you. We have produced a free (as in speech), open source tool that does just that by extracting unwanted behavior from logs, blocking the attacks, and sharing their metadata with all other users (after curation). We see this as a form of Internet Neighborhood watch system that should allow us to establish a Digital Herd Immunity - made by the community and for the community.

Klaus Agnoletti
Petek, 28.01.2022
09:00 - 09:30
O predavatelju

Cybersecurity: The Big Short(age)

In a field that is set to grow exponentially, businesses are constantly reporting staff shortages, while prospective candidates are reporting an inability to land a job in cybersecurity. In this analysis of the cybersecurity job market, we will do a deep dive into this disparity and its possible solutions.

Nino Karamehmedović
Petek, 28.01.2022
10:45 - 11:15
O predavatelju


Michael Stout
Petek, 28.01.2022
13:15 - 13:45
O predavatelju

Dark Web

Aleksandar Mirković
Četrtek, 27.01.2022
16:00 - 16:30
O predavatelju

Database Vault without Database Vault

Oracle has a product called database vault that provides a deeper level of security of data by applying rules and realms around data and functionality. These rules allow protection from access to data from even the DBA and developers in the database with simple rules and features that are applied "on top of" the normal database security. This is a great product but only works in the most expensive Enterprise Edition licensed databases. What if you cannot afford it or worse you use Standard edition database where Database Vault cannot be licensed? Pete will look at the core ideas of Database Vault and how to achieve similar results in a database without database vault with a combination of technical solutions and also process based ideas.

Pete Finnigan
Pete Finnigan Ltd.
Četrtek, 27.01.2022
11:30 - 12:00
O predavatelju

Defeating AV and EDR solutions in user-land by chaining well-known deception techniques

In the current Cybersecurity world, both Anti-Virus (AV) and Endpoint Detection and Response (EDR) solutions are becoming more and more successful in blocking emerging threats. External attackers need to develop highly sophisticated payloads to circumvent all these security controls, raising the bar for defenders to detect them as well as for threat emulators to emulate them. Although useful, are these controls enough to block more complex malwares? This talk will go over the most successful techniques used to bypass AV and EDR controls, and the tradecraft theory used in malwares to evade EDRs and other endpoint controls. This will primarily focus on general techniques to ensure malwares and other payloads can evade signature-based detection, behavioural analysis, and user-land hooking. This talk will then present Inceptor, a recent AV and EDR bypass framework I’ve developed and open-sourced, highlighting some of its features, implemented to aid red teamers and Pentesters during operations. By the end of this talk, the audience should get a detailed overview about how to use Inceptor, along with other tricks and opsec considerations useful to develop payloads which can run undetected.

Alessandro Magnosi
Četrtek, 27.01.2022
13:30 - 14:00
O predavatelju

Definitive Approach to Pentest Cloud

This talk will cover cloud pentesting methodology and techniques. You will learn different ways to enumerate cloud environments and later use this information to pwn the cloud.
Piyush Patil will discuss different types of cloud attack surfaces and different ways how attackers can get initial access to your cloud environment. This talk is meant for anyone who wants to understand vulnerabilities in a Cloud environment, relevant hacking techniques, and knowing how to protect your cloud environment from bad hackers.

Piyush Patil
Četrtek, 27.01.2022
10:30 - 11:00
O predavatelju

End-To-End Encrypted Anonymous Messaging through the Dark Web

Masayuki Hatta
Petek, 28.01.2022
08:30 - 09:00
O predavatelju

Exploiting template injections

In this presentation we are going to get a better understanding about template injections and how we can exploit them to gain advantage. Templates are widely used by web applications to present dynamic data via web pages and emails. Unsafely embedding user input in templates leads to server-side template injection ( SSTI). It is frequently a critical vulnerability that leads to RCE. In some cases it is mistaken for XXS or entirely missed. This talk is for everyone who wants to get more information about this vulnerability and who wants to learn how to exploit it!

Milan Veljković
Petek, 28.01.2022
09:30 - 10:00
O predavatelju

MODERATOR: Andrej Rakar, CISO, Petrol d.d.

Četrtek, 27.01.2022
17:05 - 17:06
O predavatelju

MODERATOR: Gorazd Rolih, General Police Directorate, Security Operations Center

Petek, 28.01.2022
15:50 - 00:00
O predavatelju

Never Judge An E-book By Its Cover: Exploiting EPUB Reading Systems Through E-books

In recent years, global e-book sales have shot through the roof and e-book reading applications have sprouted like mushrooms. EPUB, the most popular open e-book format, is supported by free applications on virtually any device, ranging from desktops to smartphones. But how sure are we that these e-books aren't actually reading us?
To answer this question, we analyzed 97 free EPUB reading applications across seven platforms and five physical e-readers using a self-developed semi-automated testbed. It turns out that half of these applications are not compliant with the security recommendations of the EPUB specification. For instance, a malicious e-book is able to leak local file system information in 16 of the evaluated applications.
To further demonstrate the severity of these results, we also performed three case studies in which we manually exploited the most popular application on three different platforms (e.g. Amazon Kindle, Apple Books, and EPUBReader for Chrome and Firefox). Moreover, we demonstrate that distributing malicious e-books through official e-book vendors is very much feasible through self-publishing.

Gertjan Franken
DistriNet-imec, KU Leuven
Četrtek, 27.01.2022
12:00 - 12:30
O predavatelju

Next Gen Social Engineering

We will discuss about social engineering techniques and we will compare past and present techniques. The criminals are usually trying to trick you into giving them your passwords, bank information or access your computer to secretly install malicious software in order to get passwords and bank information. 

Ranjeet Ambarte
Petek, 28.01.2022
14:15 - 14:45
O predavatelju

Planning for DDoS Resiliency in the Cloud

Nicholas Doropoulos
Petek, 28.01.2022
11:45 - 12:15
O predavatelju

Post-quantum cryptography in 5G networks

Scientists are working on the creation of quantum computers. On October 23 2019, Google announced that it has achieved quantum supremacy. This means the great speedup of the quantum processors compared to the fastest classic computer. On December 06 2020, scientists in China also announced that they also achieved quantum supremacy. Quantum computers will probably destroy most cryptosystems that are widely used in practice. A variety of “resistant to quantum attacks,” alternatives are developed. However, to date a number of successful attacks is recorded on the given system. It is also shown that these schemes have efficiency problems.
The telecoms industry is undergoing a major transformation towards 5G networks in order to fulfill the needs of existing and emerging use cases. This will bring new challenges for the 5G cybersecurity systems and its functionality. The 3rd Generation Partnership Project (3GPP) offers a standard for 5G networks. It contains the identity protection scheme, which addresses the important privacy problem of permanent subscriber-identity disclosure. This offer contains two stages: the identification stage, which is followed by providing the security context between service providers and mobile subscribers using the authenticated key agreement with the symmetric key. 3GPP offers to protect the identification stage by means of a public-key scheme. They offer to use Elliptic Curve Integrated Encryption Scheme (ECIES). The offered scheme is not secure against the attacks of quantum computers. It is important to integrate the quantum resistant scheme into 5G networks.
At Ethical Hacking Conference HEK.SI I will offer the methodology of the integration of post-quantum scheme into 5G architecture.

Maksim Iavich
Četrtek, 27.01.2022
11:00 - 11:30
O predavatelju

Pravni izzivi varstva zasebnosti na področju umetne inteligence

Umetna inteligenca obljublja veliko, obenem pa prinaša določena tveganja z vidika zasebnosti in informacijske varnosti. Na predavanju bodo predstavljena stališča mednarodnih organov za varstvo osebnih podatkov ter predlog regulacije umetne inteligence na EU nivoju. 

Andrej Tomšič
Informacijski pooblaščenec Republike Slovenije
Četrtek, 27.01.2022
09:45 - 10:15
O predavatelju

Pwned in Space

In this presentation we will discuss both theoretical and real-world examples of space systems cybersecurity issues. There are many components and systems that may be targeted in a space system by adversaries including ground station systems, satellites and space vehicles. This presentation will step through attack trees for targeting space systems. Examples of real-world cybersecurity events involving space assets will be covered. Recommendations for improving the security of space systems will also be presented.

Paul Coggin
nou Systems, Inc
Petek, 28.01.2022
13:45 - 14:15
O predavatelju

Ready for (nearly) anything: Five things to prepare for a cyber security incident

Every organisation has experienced, or will experience, a cyber security incident; depending on how you define the term, most have multiple every day.
Increasingly punitive data protection law, plus increasing public awareness and scrutiny of organisations’ responses, means that it’s more important than ever to respond effectively. However, many cyber security teams still struggle to do so.
In this talk, Gabriel will cover the five key things that cyber security teams should have in place to prepare for an incident, which will improve the efficiency and effectiveness of their response.

1. Documented processes with the considerations, decisions and actions to be taken in an incident
2. Skilled and experienced people to lead and deliver the response
3. Logs to gain an understanding of what has happened, when, and how
4. Containment and eradication technology to take actions that mitigate risk
5. Coordination technology to communicate and collaborate, delegate and track actions, and manage delivery


Gabriel Currie
Četrtek, 27.01.2022
14:30 - 15:00
O predavatelju

Secure Power Platform Development

Power Apps and Power Automate (Flow)are low/no-code platforms within the larger Power Platform, that are all tightly integrated within products such as Office 365, Dynamics 365, Azure, Teams, etc.
These platforms enable and democratise programming for individuals working outside of IT and without formal software training, who Gartner defines as a “Citizen Developer”(though of course PowerApps and Automate/Floware of great value to traditional Developers and IT Professionals as well). However, and for all its simplicity and power, the Power Platform carries risk like any development platform. The biggest security vulnerability of Power Platform-based Apps, Automate/Flows, and Chatbots is oversharing of data -either within the tenant or by “punching a hole” in the tenant boundary and sharing data with external and potentially compromised destinations.
Don’s highly relevant presentation will discuss how to secure your organization’s Power Platform deployment, e.g. Tenant, which begins with the Power Platform Admin Center (PPAC). He shares how Microsoft has locked down its internal Power Platform deployment, recent changes to PPAC that significantly reduce risk, and how security-focused features are increasingly deployed into the platform.
In closing, he shares a framework for evaluating the risk of any Power Platform solution, that Microsoft deploys within its own internal security operations –and can also be used by external customers.

Božidar Radosavljević
MCT and CEH trainer, ComTrade System Integration
Četrtek, 27.01.2022
15:30 - 16:00
O predavatelju

Secure your data or Bust

This is a rapid walk through the data security landscape and particularly how this relates to Oracle database security. We look at an overview of the space, the data security landscape, the major fines now possible for companies to pay for data loss, the rise of hacking and the "data gold rush" and how data loss has now become pure crime. We look at the main threats posed to an Oracle database as well as my view of the current Oracle security landscape and finally the reality that we must in this day and age secure data or potentially go bust (bankrupt). 

Pete Finnigan
Pete Finnigan Ltd.
Četrtek, 27.01.2022
09:15 - 09:45
O predavatelju

Virtual machine exploitation and threat mitigations

Virtualization brings compelling features to individual computer systems and organizations allowing for the concurrent execution of multiple operating systems and applications on the same physical server. However, for all the performance as virtualization becomes a pervasive technology in information systems, it becomes an additional point of vulnerability from potential attackers. The topic will hold a discussion of the importance of virtualization in comparison to traditional IT solutions, as well as exhibiting several VM escape vulnerabilities and how to exploit them within an OS guest operating on a virtual machine, in the addition of organizing defensive mechanisms/mitigation ideas.

Alex Nakouzi
Petek, 28.01.2022
12:45 - 13:15
O predavatelju

Why I Go to the Dark Web Every Day

It is not a surprise that the Dark Web is full of stolen data. By the end of each day, nearly every company and individual has been victimized by cybercrime and has their data trafficked on the dark side of the Internet. Most of us are fighting cybercriminals from within our corporate fortresses building defenses against an enemy that is constantly attacking our virtual perimeter walls. But what would happen if we journeyed beyond our walls into the enemy territory? We could try to gather intelligence about the cybercriminal’s actions and technology and find ways to mitigate the loss of the data they have taken hostage.
This approach is not new but is still rarely utilized by the cyber security community. It is often feared and misunderstood. But those that take this leap find themselves in a new world that is traitorous and obfuscated, but full of treasures that can improve our defense capabilities.

Alex Holden
Hold Security, LLC
Petek, 28.01.2022
15:15 - 15:45
O predavatelju

Windows Privilege Escalation

How secure is Windows environment? Let's see a few tactics and techniques designed to help improve the privilege escalation.

Adrian Borlea
Petek, 28.01.2022
10:15 - 10:45
O predavatelju

You’re Doing It Wrong!

Since 1994, I have broken into many of the largest companies, governments, and private businesses to help advised my clients on how they are doing it wrong. This speech will focus on what has worked (and failed) and why I think the entire security industry needs to step back and refocus on what’s important. This quick paced, humorous, factual discussion will address many of the challenges and missteps that have led us to the corporate security dumpster fire that is 2020. Companies continue to do what they are told by overly broad compliance requirements and industry “best practices” that don’t address the unique business or their needs. Millions of dollars are spent each year to check boxes so that the C-levels can say that they did their due diligence. But the truth is, these businesses are often assessing less than 10% of their assets and relying on “hacker insurance” when they get owned. They pay out for identity protection or to settle class action lawsuits, while BILLIONS of people continue lose any expectation of protection, privacy, or anonymity they had. This is NOT OK and we have to do better. I will present real world examples, methodologies, and provide a fresh look at how we should be protecting our businesses and clients in an ever increasingly complex world.

Luke McOmie
Četrtek, 27.01.2022
16:30 - 17:00
O predavatelju
Konferenca bo potekala
Cena za HEK.SI
Ob prijavi na konferenco HEK.SI 2024, prejmete VIP VSTOPNICO za konferenco INFOSEK 2024!

Cene ne vsebujejo DDV

Cena za HEK.SI 1. dan

(Četrtek, 15.2.2024)


Cene ne vsebujejo 22% DDV

Cena za HEK.SI 2. dan

(Petek, 16.2.2024)

500 €

Cene ne vsebujejo 22% DDV

Cena za HEK.SI

Ob prijavi na konferenco
HEK.SI 2024, prejmete
VIP VSTOPNICO za konferenco


Cene ne vsebujejo 22% DDV

Zlati sponzorji


Medijski sponzorji

Obveščamo vas, da so bili naši pogoji poslovanja posodobljeni.
Sprememba se nanaša na člen »Odpoved ali sprememba dogodka s strani organizatorja«. Zaradi nepredvidenih dogodkov, kot je tudi trenutna epidemija koronavirusa, si pridržujemo pravico, da posamezna izobraževanja odpovemo ali spremenimo termin oz. način izvedbe (online izvedba).

Odpoved ali sprememba dogodka s strani organizatorja
Organizator si pridržuje pravico do odpovedi posameznega izobraževanja, delavnice, dogodka, seminarja ali spremembe terminov oz. načina izvedbe (namesto osebne izvedbe dogodka, izvedba dogodka preko spleta ali na drug način, pri čemer se ključna vsebina in obseg dogodka ne spreminjata oziroma se prilagodita glede na spremembo, npr. zamenjava predavatelja, prilagoditev urnika ipd., vendar se ohrani enakovredna kakovost izvedenega dogodka). Zavezuje se k obvestilu prijavljenim najkasneje en delovni dan pred predvidenim pričetkom izobraževanja oz. takoj, ko prejme novico o morebitnih izrednih dogodkih, ki so razlog za spremembo/odpoved. V primeru odpovedi izobraževanja s strani organizatorja, organizator, morebitno že vplačano kotizacijo, brezobrestno povrne v roku štirinajstih dni od obvestila o odpovedi ali pa omogoči stranki, da kotizacijo porabi za druge izdelke ali storitve. V primeru spremembe načina izvedbe ostanejo plačila v veljavi, v primeru spremembe termina pa ima udeleženec možnost odpovedati udeležbo iz utemeljenih razlogov po določbi Odpoved s strani udeleženca ali pa se odjaviti na način v rokih, ki jih predvideva določba Odjava udeleženca. 

Celotni pogoji poslovanja so dostopni tukaj: https://poslovanje.pogoji.si/tos/29xyi0o

Ta spletna stran uporablja piškotke. Z obiskom in uporabo spletne strani soglašate s piškotki.  DOVOLIM Več informacij o piškotkih najdete in nastavitve tukaj.