Schedule

Please find details for all talks here.

Two Days of Trainings (18./19. November)

Workshop 1 Workshop 2 Workshop 3 Workshop 4 Workshop 5
IPv6 Attacks and Defenses - A Hands-on Workshop
Enno Rey (ERNW GmbH)
Understanding x86-64 Assembly for Reverse Engineering and Exploits
Xeno Kovah (MITRE)
Hacking web applications – case studies of award-winning bugs in Google, Yahoo, Mozilla and more
Dawid Czagan (Silesia Security Lab / Future Processing)
Getting the most out of your Pineapple
Robin Wood, Darren Kitchen, Seb Kinne (Hak5)
XSS & PHP: A Happily Married Couple
Ashar Javed (Ruhr University Bochum)
Workshop 6 Workshop 7 Workshop 8 Workshop 9
Powershell for Penetration Testers
Nikhil Mittal (Hacker)
Mobile Application – Scan, Attack and Exploit
Hemil Shah (eSphere Security Solutions Pvt Ltd)
SAP Security In-Depth
Juan Perez-Etchegoyen (Onapsis, Inc.)
Suricata Training Event
Victor Julien (Open Information Security Foundation)

All Trainings cover two days (from 09:30 to 18:30 every day) and include Lunch and two Coffee Breaks.

Two Days of Conference (20./21. November)

Throughout the conference you will get the opportunity of meeting experts at the Hacker's Lounge to discuss security issues and see demonstrations.

Conference, day 1 - Thu, 20 Nov
Left Pirouette Right Pirouette
08:00 Registration opens
09:00  
T.B.A.
09:10   Keynote: The Measured CSO
Alexander Hutton (IANS Research, "Systemically Important Financial Institution")
10:00 On the Effectiveness of Full-ASLR on 64-bit Linux
Hector Marco (Departamento de Informática de Sistemas y Computadores - Universitat Politècnica de València)
CERT.at's Daily Business in a Nutshell
Christian Wojner (cert.at)
10:50 Coffee Break
11:10 Java's SSLSocket: How Bad APIs Compromise Security
Dr. Georg Lukas (rt-solutions.de GmbH)
Addressing the Skills Gap
Colin McLean (Abertay University, Dundee, Scotland)
12:00 A Myth or Reality – BIOS-based Hypervisor Threat
Information Security Specialist
Safer Six - IPv6 Security in a Nutshell
Johanna Ullrich (SBA Research)
12:50 Lunch
14:00 Reliable EMET Exploitation
René Freingruber (SEC Consult Unternehmensberatung GmbH)
MLD Considered Harmful - Breaking Another IPv6 Subprotocol
Enno Rey, Antonios Atlasis & Jayson Salazar (ERNW GmbH)
14:50 Trusting Your Cloud Provider. Protecting Private Virtual Machines.
Armin Simma (Vorarlberg University of Applied Sciences, FHV)
A Tale of an Unbreakable, Context-specific XSS Sanitizer
Ashar Javed (Ruhr University Bochum)
15:40 Coffee Break
16:00 An innovative and comprehensive Framework for Social Vulnerability Assessment
Enrico Frumento (CEFRIEL Center of Excellence for Innovation, Research and Education in the field of ICT)
Bending and Twisting Networks
Paul Coggin (Dynetics, Inc)
16:50 Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks
Juraj Somorovsky (3curity / Ruhr University Bochum)
Cognitive Bias and Critical Thinking in Open Source Intelligence (OSINT)
Benjamin Brown (Akamai Technologies)
17:40 Build Yourself a Risk Assessment Tool
Vlado Luknar (Orange Slovensko a.s. (France Telecom Orange Group))
Social Engineering can kill me, but it can't make me care
Gavin 'Jac0byterebel' Ewan (Alba 13)
20:00 Speaker's Dinner
Conference, day 2 - Fri, 21 Nov
Left Pirouette Right Pirouette
09:00 Mobile SSL Failures
Tony Trummer & Tushar Dalvi (Linkedin)
Cyber Security Information Sharing
Oscar Serrano (NATO Communication and Information Agency)
09:50 Social Authentication: Vulnerabilities, Mitigations, and Redesign
Marco Lancini (CEFRIEL - Politecnico di Milano)
TextSecure and RedPhone-bring them to iOS
Christine Corbett (Open WhisperSystems)
10:40 Coffee Break
11:00 Advanced Powershell Threat: Lethal Client Side Attacks using Powershell
Nikhil Mittal (Hacker)
SAP BusinessObjects Attacks: Espionage and Poisoning of Business Intelligence platforms
Juan Perez-Etchegoyen (Onapsis, Inc.)
11:50 SENTER Sandman: Using Intel TXT to Attack BIOSes
Xeno Kovah (MITRE)
Why IT Security Is Fucked Up And What We Can Do About It
Stefan Schumacher (Magdeburger Institut für Sicherheitsforschung)
12:40 Lunch
14:00 The prime Suspect is the Butler cause he holds all the “Keys”
Sergio de los Santos (Head of Labs 11Paths) & Jesús Torres (Senior Developer)
Trap a Spam-Bot for Fun and Profit
Attila Marosi (SophosLab, Senior Threat Researcher)
14:50 Hadoop - When the only tool you have is a hammer, all problems looks like nails
Michael Boman (N/A)
Cloud-based Data Validation patterns… We need a new approach!
Geoffrey Hill (Artis-Secure Ltd.)
15:40 Coffee Break
16:00 Why Antivirus Software fails
Daniel Sauder
Creating a kewl and simple Cheating Platform on Android
Milan Gabor & Danijel Grah (Viris)
16:50 Memory Forensics and Security Analytics : Detecting Unknown Malware
Fahad Ehsan (UBS AG)
Security Operations: Moving to a Narrative-Driven Model
Josh Goldfarb (FireEye)
17:40 Political Solucions to Technical Challenges
Linus Neumann (Chaos Computer Club e. V.)
Night Talk: IT Isn't Rocket Science
David Mortman (Chief Security Architect & Distinguished Enigeer at Dell Enstratius and also Contributing Analyst at Securosis)
18:20 Closing Ceremony
20:00 - Party & Networking at Metalab, Rathausstrasse 6, 1010 Wien