Lectures

 

AI Exploitations

The potential for AI to exploit cybersecurity threats exists, as sophisticated algorithms can be used to automate and enhance various attack methods.
AI can analyze vulnerabilities, execute phishing attacks, and even learn to evade detection mechanisms. Developing robust cybersecurity measures is crucial to mitigate these risks.

Ranjeet Ambarte
Thursday, 15.02.2024
15:00 - 15:30
About Lecturer

AI in Cybersecurity and vice versa

AI has become a hot topic over last 2 years and cyber security has not been an exception. AI will influence the cyber security in many aspects and we keep hearing about this on a daily basis. However, we do not hear a lot on cyber security within the AI. This talk will cover basic stuff about the AI, how it influences cyber security processes, but also how the cyber security principles should be applied while building AI.

Jurica Čular
Infobip
Friday, 16.02.2024
10:00 - 10:30
About Lecturer

Balanced approach: Offense and defense

Organizations today build strong defenses by implementing as many checks and solutions as they can, and they keep doing this for every threat without realizing how much security their architecture needs. In this lecture, we will look at how one can determine which defense is best for them with the help of offensive security practices.

Ahsan Azad
ABM Infotech
Friday, 16.02.2024
09:30 - 10:00
About Lecturer

CTI Monitoring - Dark Web & InfoStealers: Uncovering Threats and Safeguarding Data

In an era where cyber threats are constantly evolving, organisations face significant challenges in securing their digital assets and sensitive information. This presentation delves into the realm of Cyber Threat Intelligence (CTI) monitoring, with a particular focus on the Dark Web and InfoStealers.
The Dark Web, an obscure underworld of the internet, harbors malicious actors who exploit vulnerabilities, trade stolen data, and launch cyber attacks. Understanding the intricacies of this hidden ecosystem is crucial for preemptively countering threats. Equally important is comprehending the techniques employed by InfoStealers, a class of malware designed to pilfer sensitive information from unsuspecting victims.
During this presentation, we will explore the methods employed by threat actors to operate within the Dark Web and distribute InfoStealers. We will delve into the Dark Web's structure, the types of illicit activities it facilitates, and how cybercriminals exploit its anonymity to their advantage. Furthermore, we will examine the inner workings of InfoStealers, analyzing their capabilities, infection vectors, and the wide-ranging consequences of their successful deployment.
We will outline effective strategies for CTI monitoring that organisations can implement to detect and mitigate Dark Web threats and InfoStealer attacks. We will explore the tools and techniques used to monitor and analyse the Dark Web.
Attendees of this presentation will gain a deeper understanding of the risks posed by the Dark Web and InfoStealers, and how CTI monitoring can play a pivotal role in mitigating those risks. Armed with this knowledge, organisations can bolster their security posture, proactively identify potential breaches, and fortify their defenses against emerging cyber threats.
Join us in this informative session as we shine a light on the dark underbelly of the internet and empower organisations to safeguard their critical data and infrastructure in an increasingly dangerous digital landscape.

Catalin Curelaru
Visma
Friday, 16.02.2024
11:45 - 12:15
About Lecturer

Don't trust, verify!

In the ever-more digital era, protecting and verifying data is increasingly challenging. The prevailing paradigm relies on trusting information based on its source. While this model works effectively within closed systems, the verification and authorization of sources become progressively more complex, if not entirely unfeasible, in open data-sharing scenarios. This presentation will delve into the most recent trends in establishing digital frameworks for trustworthy data exchange in open systems, demonstrating how such frameworks enable us to efficiently and reliably verify the source and accuracy of information.

Alen Horvat
Netis d.o.o.
Thursday, 15.02.2024
10:15 - 10:45
About Lecturer

Driver Device Risks and their Management in Enterprise Contexts

What could be more normal than inserting a device on a machine and seeing it work natively? Anyone once in his/her life should have experienced the Plug and Play (PnP) interface related to devices. Some among us remember a time where it was necessary to install a “device driver” using floppy disks or CDs. Today, everything is done automatically, meaning a device driver is magically setup but the reality behind this magic that is quite technical.
In this talk, we will first describe the mainlines of the process of device driver installation in Windows 10/11. From the moment the device is physically inserted into the machine and identified by the system, to the moment a driver is selected to interface with it, including potential download of a specific driver to interface the device natively.
Examples of famous vulnerable drivers and associated exploits will be presented. In the end, we will briefly talk about the technical solutions to manage device drivers in an enterprise environment, especially with Windows Driver Update Management in Microsoft Intune. We will also present limitations inherent to all companies when dealing with the management of drivers.

Baptiste David
ERNW
Friday, 16.02.2024
13:30 - 14:00
About Lecturer

Evil artificial intelligence and its influence

Malicious Artificial Intelligence (Evil AI) poses a significant challenge in the field of cybersecurity, bringing forth a range of potentially harmful consequences. While traditional defense methods against threats evolve with technology, MAI introduces new dimensions of danger that demand innovative approaches and solutions.
One key issue arising from malicious AI is the attacker's ability to employ advanced algorithms to deceive detection systems. Evil AI can automatically adapt its tactics, evade recognition, and easily circumvent traditional security measures. This complicates the identification and suppression of attacks, escalating the risk of unauthorized intrusions into systems.
Another challenge lies in compromising data integrity. Malicious AI can utilize sophisticated techniques to manipulate information, tracking patterns and adapting to remain unnoticed. This can lead to the spread of fake news, data theft, or even sabotage of critical systems, with serious consequences for individuals, companies, and society as a whole.
Advancements in Evil AI attacks can also have severe implications for privacy. Through the analysis of extensive datasets, Evil AI can identify and exploit sensitive information about individuals. This raises serious ethical and privacy protection questions, as defense mechanisms often struggle to keep pace with the rapid development of Evil AI.
Addressing these challenges requires collaboration between experts in artificial intelligence and cybersecurity. Implementing advanced detection systems, integrating artificial intelligence in defense mechanisms, and developing ethical guidelines for the use of artificial intelligence in the cyber sphere become imperative. Education about risks and prevention also plays a crucial role in building a more resilient society against MAI.
In conclusion, the impact of malicious artificial intelligence on cybersecurity is a serious challenge that demands comprehensive strategies and continuous evolution of defensive technologies. Only through the collective efforts of experts from various fields can we create a safer and more resilient digital environment.

Stefan Jankovic
Friday, 16.02.2024
10:45 - 11:15
About Lecturer

Hunting the Shadows: Exploring Advanced Threats through Ethical Hacking

In this captivating presentation, 'Hunting the Shadows: Exploring Advanced Threats through Ethical Hacking,' speaker will delve into the intricate world of cybersecurity threats. Join us on a journey to uncover the sophisticated techniques employed by cyber adversaries and discover how ethical hacking serves as a powerful tool in understanding, mitigating, and defending against these advanced threats. This session promises insights into cutting-edge strategies, practical methodologies, and the ethical hacker's role in maintaining cyber resilience. Together, let's explore the shadows and emerge with a deeper understanding of the evolving cybersecurity landscape.

Seyed Hojat Hosseini
Thursday, 15.02.2024
14:30 - 15:00
About Lecturer

IP ThreatWatch: Fast-track incident investigations with OSINT and Shodan

The ever-increasing web presence of organizations with advent of remote work has attracted advanced malicious actors employing innovative and novel techniques to break in for either profit, intellectual property theft or sometimes even as a pawn for nation states. It has become increasingly difficult to keep track of exposed information, thereby increasing the attack surface for attackers. Modern vulnerability scanners are great at detecting and finding information about internet connected devices and applications owned by any business. But they fall short of keeping up with the dynamic nature of modern applications over cloud, microservices and on-prem data centers and are in most cases relegated to being mere open port identifiers.
Our project ‘IP ThreatWatch’ employs Shodan to identify internet-exposed assets and applications that are often used by attackers to find exploitable vulnerabilities which regular vulnerability scanners miss, especially related to IoT devices. We leveraged the same OSINT information that Shodan sees by streaming it using complex algorithms that keeps up with changing nature of IP addresses; to our SIEM to beef up the results of vulnerability scanners and combine the two to create a OSINT repository, which is used to enrich the alerts received by Security Operations Center with threat data associated with potential exploitability of exposed services. In addition to that, a completely automated pipeline is deployed to keep Shodan monitors updated with network identifiers for remote and work from home employees. As a result, the enriched data became an invaluable asset during incidents and forensic investigations handled by SOC to speed up incident response process.

Kumar Vikramjeet
Adobe, Inc.
Friday, 16.02.2024
16:15 - 16:45
About Lecturer
Vivek Malik
Adobe, Inc.
About Lecturer

NIS2 & CRA: Europe's Response to Cyber Shenanigans

In an era where cyber threats are getting increasingly sophisticated, Europe has stepped up its game with two pivotal regulations: the NIS2 Directive and the Cyber Resilience Act (CRA). These measures are redefining the cybersecurity landscape, offering comprehensive strategies to combat digital dangers.
In this session, we'll delve into the depths of both the NIS2 Directive and the CRA, unraveling their complexities and implications, looking at how they're changing the game, and what it means for businesses, individuals, and yes, even the humble smart devices in our homes. Walk away with insights that'll make you the star of your next virtual hangout, and have your smart toaster nodding in approval (well, metaphorically).

Tudor Damian
D3 Cyber
Thursday, 15.02.2024
13:00 - 13:30
About Lecturer

OPSEC Uncovered: Navigating the World of Operational Security

Originally developed for military organizations, OPSEC is a proactive approach to cybersecurity that helps identify and fix risks and vulnerabilities before they can be exploited by malicious actors. It helps protect sensitive information from falling into the wrong hands, thereby preventing data breaches and cyber-attacks.
In this talk, we will explore how different organizations implement OPSEC to secure their human and technical assets, using a gripping real-world scenario that underscores the severe consequences of poor OPSEC. We'll also delve into the various best practices of OPSEC and equip you with knowledge on how to implement these practices personally. Engage with us in this informative and enlightening journey.

Emaad Abbasi
National Cyber Security Auditing and Evaluation Lab (NCSAEL), National University of Sciences and Technology (NUST), Islamabad, Pakistan
Thursday, 15.02.2024
15:30 - 16:00
About Lecturer

Penetration Testing For NOT Dummies

Penetration testing is a vital part of a company's cybersecurity defense strategy. Pen testing efforts need to catch 100% of vulnerabilities but cybercriminal need to find just one way to breach your systems. How do you make sure that your pen testing methodologies are correct? In my presentation, I'll take a deep dive into complexities of penetration testing and discuss tools, techniques, limitations, scope and how to best understand what to test. We are not dummies and our pen tests need to be done with intelligence and skills to assess the true scope of system readiness to remediate the findings.

Alex Holden
Hold Security, LLC
Friday, 16.02.2024
15:45 - 16:15
About Lecturer

Pizza, Pasta and Red Teaming: insights and ideas for an efficient report

Roberto Chiodi - Head of Red Team of Yarix, suggests a point for reflection on a topic as complex as delicate as the Red Teaming reports, trying to go beyond the fight to the bitter end for the know-how, wanting instead to propose a moment of sharing and hopefully of pleasant debate.

Roberto Chiodi
Yarix srl
Friday, 16.02.2024
14:45 - 15:15
About Lecturer

Prototype Pollution

JavaScript's prototype pollution vulnerability allows attackers to add arbitrary properties to global object prototypes, potentially inherited by user-defined objects. While not always exploitable independently, it enables attackers to manipulate typically inaccessible object properties. If mishandled, this may lead to chaining with other vulnerabilities.
In client-side JavaScript, this often results in DOM XSS, compromising user security by injecting malicious scripts into the Document Object Model. On the server side, prototype pollution poses a severe threat, potentially leading to remote code execution. Exploiting this vulnerability allows attackers to execute arbitrary code on the server, jeopardizing system security.

Milan Veljković
Friday, 16.02.2024
13:00 - 13:30
About Lecturer

Securing Health: Navigating Cybersecurity in Medical Devices under the Medical Device Regulation

The presentation offers a comprehensive crash course for those keen to understand the intersection of cybersecurity and medical device regulation.
Attendees will gain insights into the specific requirements set by the Medical Device Regulation (MDR), explore the risks and opportunities associated with connected medical devices, and delve into relevant standards and guidance documents. This session is designed to equip participants with essential knowledge and best practices in safeguarding medical devices against cyber threats within the regulatory framework.

Tibor Zechmeister
SIQ
Thursday, 15.02.2024
08:45 - 09:15
About Lecturer

Teaching Cybersecurity in High School and ITS/IFTS Courses

Unfortunately, many citizens and companies still underestimate the importance of cybersecurity.
Can people's mentality be changed starting from the new generations?
Can Cybersecurity be successfully taught in high school and graduate courses?
What are the future prospects?
What are the margins for improvement?
The speaker will address these issues by reporting some experiences he has had in carrying out his work as a teacher and freelancer.

 

Riccardo Cervelli
ITIS "G. Marconi" - Pontedera (PI)
Thursday, 15.02.2024
14:00 - 14:30
About Lecturer

The rise of hybrid threats

In the early 1980s, a new warfare concept emerged, known as the Revolution in Military Affairs (RMA). This concept signified a technological revolution in the military, promising significant enhancements in the lethality and capabilities of conventional weapons. Presently, Information and Communication Technologies (ICTs) play a crucial role in RMA, integrating services, command structures, authorities, devices, and weapon-delivery systems into a cohesive "system of systems." This integration boosts situational awareness, lethality, and versatility. Hybrid warfare combines elements of conventional and irregular warfare, cyberwarfare, and information warfare tactics, including the spread of fake news, disinformation, and misinformation. It involves various modes of warfare like conventional and irregular tactics, terrorist acts, violence, coercion, and criminal activities, engaged by both states and non-state actors. In this warfare style, conventional military operations are secondary to information campaigns. Currently, the distinction between cybercrime and cyberattacks, as well as between reality and perceived reality, truth and falsehood, is increasingly ambiguous. With the growing integration of Artificial Intelligence in daily life, the eventual use of this technology in fully autonomous systems or in developing advanced malware and chatbots is inevitable.

 

Sozon A. Leventopoulos
Zonos Systems Consulting
Friday, 16.02.2024
11:15 - 11:45
About Lecturer

Threat Hunting Space and Digital Energy with Physics

In this talk we will discuss new ideas for threat hunting ICS\SCADA networks. This talk will discuss new ways to provide secure visualization and instrumentation for ICS\SCADA networks utilizing physics to identify advanced adversarial threats. This talk expands upon the traditional methods for monitoring networks and hunting threat activities as typically performed in an enterprise network. This presentation will dive into examples of how to monitor the Internet of Military Things (IoMT) and ICS\SCADA infrastructure to collect physics-based data that may provide new insights into complex threats that may be sourced from the supply-chain, an insider or external threat. Threat hunting space and the Internet of Space Things (IoST) will be discussed.

Paul Coggin
nou Systems, Inc
Friday, 16.02.2024
15:15 - 15:45
About Lecturer

What are syscalls and how they help bypass EDRs?

In the world of antivirus and EDRs, there is a constant effort to validate the use of suspicious Windows API calls. These checks help mitigate attacks from malware and adversaries that utilize these APIs. In this talk, presenter will share insights on malware attempts to bypass these checks by utilizing direct syscalls.
Through direct syscalls, we can circumvent the Windows API and communicate directly with the kernel. By the end of this talk, you will gain additional knowledge about EDRs, the nature of syscalls, and how they are employed in malware to evade security checks from antivirus and EDR systems. You will also gain insights into how you could develop these techniques yourself.

Bob van der Staak
Grip Op Security
Thursday, 15.02.2024
13:30 - 14:00
About Lecturer

XDR Unleashed: The Next Frontier in Cybersecurity

This session will explore the transformative impact of Extended Detection and Response (XDR) on the cybersecurity landscape. We'll delve into the evolution of XDR solutions, their role in addressing modern threats, and the potential they hold for enhancing overall cybersecurity strategies. The presentation will touch upon key components and future trends, offering attendees valuable insights into the forefront of cybersecurity innovation.
We believe this topic aligns seamlessly with the conference's focus on advancements in cybersecurity technologies.
XDR is rapidly becoming a cornerstone in modern cybersecurity strategies. Attendees will gain practical insights into the capabilities and potential of XDR solutions, providing actionable takeaways for their organizations.

Saša Hudjec
Anovis IT-services and trading GmbH
Friday, 16.02.2024
14:00 - 14:30
About Lecturer
Stevan Bovan
Anovis IT-services and trading GmbH
About Lecturer
15.-16.2.2024
The conference will be held
On-Line
Price for HEK.SI
When registering for the HEK.SI 2024, you get FREE TICKET for the INFOSEK 2024!
700€

Prices do not include VAT

REGISTER NOW
Price for HEK.SI 1st day

1st CONFERENCE DAY
 
(Thursday, 15.2.2024)
FREE

0€

Prices do not include 22% VAT

Price for HEK.SI 2nd day

2nd CONFERENCE DAY
 
(Friday, 16.2.2024)
 

500 €

Prices do not include 22% VAT

Price for HEK.SI

When registering for the HEK.SI 2024, you get TICKET for the INFOSEK 2024!

700€

Prices do not include 22% VAT

Golden sponsors

In cooperation with

Media sponsors

Obveščamo vas, da so bili naši pogoji poslovanja posodobljeni.
Sprememba se nanaša na člen »Odpoved ali sprememba dogodka s strani organizatorja«. Zaradi nepredvidenih dogodkov, kot je tudi trenutna epidemija koronavirusa, si pridržujemo pravico, da posamezna izobraževanja odpovemo ali spremenimo termin oz. način izvedbe (online izvedba).

Odpoved ali sprememba dogodka s strani organizatorja
Organizator si pridržuje pravico do odpovedi posameznega izobraževanja, delavnice, dogodka, seminarja ali spremembe terminov oz. načina izvedbe (namesto osebne izvedbe dogodka, izvedba dogodka preko spleta ali na drug način, pri čemer se ključna vsebina in obseg dogodka ne spreminjata oziroma se prilagodita glede na spremembo, npr. zamenjava predavatelja, prilagoditev urnika ipd., vendar se ohrani enakovredna kakovost izvedenega dogodka). Zavezuje se k obvestilu prijavljenim najkasneje en delovni dan pred predvidenim pričetkom izobraževanja oz. takoj, ko prejme novico o morebitnih izrednih dogodkih, ki so razlog za spremembo/odpoved. V primeru odpovedi izobraževanja s strani organizatorja, organizator, morebitno že vplačano kotizacijo, brezobrestno povrne v roku štirinajstih dni od obvestila o odpovedi ali pa omogoči stranki, da kotizacijo porabi za druge izdelke ali storitve. V primeru spremembe načina izvedbe ostanejo plačila v veljavi, v primeru spremembe termina pa ima udeleženec možnost odpovedati udeležbo iz utemeljenih razlogov po določbi Odpoved s strani udeleženca ali pa se odjaviti na način v rokih, ki jih predvideva določba Odjava udeleženca. 

Celotni pogoji poslovanja so dostopni tukaj: https://poslovanje.pogoji.si/tos/29xyi0o

Ta spletna stran uporablja piškotke. Z obiskom in uporabo spletne strani soglašate s piškotki.  DOVOLIM Več informacij o piškotkih najdete in nastavitve tukaj.