Creator Talks List

List of Talks presented by Creators ( Villages, Communities, Vendors, etc)

Creator Talks Short Table



“Do not obey in advance”: Cybersecurity in the Fight Against Techno-Authoritarianism

Creator Talk Page – Online
When:  Saturday, Aug 9, 14:00 – 14:59 PDT

Creator: DEF CON Groups VR (DCGVR)

Cybersecurity protects free speech and human rights. It plays a crucial role in resisting authoritarian regimes and protecting democratic freedoms. This talk discusses how encryption, anonymity tools, and similar technologies can help activists, journalists, and citizens evade state surveillance and censorship. Discussion highlights how digital resistance strategies can be used to counter oppression.

Note: DCGVR Talks are scheduled 1 hour slots, but the actual presentations can be as short as 30 minutes. Please arrive at the start of the hour.


People:
    SpeakerBio:  Joel Panther

Joel is a cybersecurity researcher, penetration tester, and educator with over 15 years’ experience in system administration, security, and consulting. His PhD produced a framework for designing dynamically generated penetration testing laboratories, and his current research focuses on offensive security skills development.




“Robo Duck” Architecture

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Friday, Aug 8, 17:30 – 17:59 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

A walkthrough of how Theori’s Robo Duck CRS was designed and built to use LLMs to find and fix bugs in AIxCC.


People:
    SpeakerBio:  Tyler Nighswander, Theori
No BIO available



“Secure AI” is 20 years old

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Saturday, Aug 9, 16:30 – 17:15 PDT

Creator: AI Village

Machine Learning (ML) security is far older than what most people think. The first documented “vulnerability” in a ML model dates back to 2004. There are several well oiled teams that have been managing AI risk for over a decade. A new wave of “AI red teamers” who don’t know the history and the purpose are here. Some are doing brand safety work by making it harder for LLMs to say bad things. Others are doing safety assessments, like bias testing. Both of these aren’t really “red teaming” as there isn’t an adversary. The term is getting abused by many, including myself as I organized the misnamed Generative Red Team at DEFCON 31. There are new aspects to the field of ML Security, but it’s not that different. We will go over the history and how you should learn about the field to be most effective.


People:
    SpeakerBio:  Sven Cattell
No BIO available



[Virtual] National Service Panel – CTU,BIC,MCPA

Creator Talk Map Page – LVCC West-Level 3-W322-W324 (Blacks In Cyber Village)
When:  Saturday, Aug 9, 10:00 – 10:59 PDT

Creator: Blacks In Cyber Village

What does it mean to serve your country in cyberspace? This virtual panel brings together representatives from the Cyber Talent Initiative (CTU), Blacks in Cybersecurity (BIC), and the Minority Cybersecurity Professionals Association (MCPA) to discuss pathways to national service through cybersecurity. Panelists will explore career opportunities in federal agencies, public-private partnerships, and mission-driven tech, while highlighting programs that support underrepresented talent in public service roles. Join us to learn how your cybersecurity skills can make an impact at the national level.


People:
    SpeakerBio:  Nikkia Henderson

Ms. Nikkia Henderson is a Portfolio Manager in the federal government with 15+ years of experience. She’s an advocate for women in cybersecurity and enjoys tea, cooking, beaches, and aquariums.

SpeakerBio:  Ebony Grey
No BIO available
SpeakerBio:  Hugh Shepherd
No BIO available
SpeakerBio:  William (Bill) Butler, Dr
No BIO available



#ReclaimTech – A community movement

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Saturday, Aug 9, 14:30 – 14:59 PDT

Creator: Hackers.town Community

What would it take to start a movement away from the major platforms, for people to #reclaimtech for themselves from the clutches of multi-billion dollar companies and VC backed unicorns, retrieving our data, our autonomy, and our sovereignty? We are a collection of conscientious objectors to the Big Tech ecosystems building community around peer-to-peer support and connection as we exit from these extractive ecosystems. Opting out of toxic systems, we believe, is not about digital minimalism but about opting in to stronger connections, more ethical systems, and a better future. In this talk, the Founders of Tech Reclaimers introduce our approach to bringing tech sovereignty to the masses: meeting people where they are, joining them on their journey, building confidence step by step, and fostering community in the process.


People:
    SpeakerBio:  Janet Vertesi, Reclaim Tech

Janet Vertesi (she/hers) is associate professor of sociology at Princeton University, where she is well known for her ìopt out experimentsî to evade tracking by data companies and embrace alternative tech systems, as well as for her in-depth studies of NASAís teams. An expert in the nexus between technology and society, she is a mobile Linux evangelist, teaches courses in critical technical practice and design, and sits on the advisory boards of the Data & Society Institute and the Electronic Privacy Information Center. Ask her how to make sure the Internet doesnít know that youíre pregnant.

SpeakerBio:  Andy Hull, Reclaim Tech (https://www.reclaimcontrol.tech/)

Andy Hull (he/him) has been abusing computers since they came with cassettes and not enough RAM. He dabbles with recreational hacking, enjoys a spot of light homelabbing, and still dreams of being a Demoscener next year. Andy believes that computers should be tools that set us free and enshrine our rights as humans, not abusive platforms that imprison and enrage us.




0 to Infra in 100 Days: A Nix Speedrun

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Friday, Aug 8, 11:10 – 11:55 PDT

Creator: Nix Vegas Community

What if learning Nix was like a speed-run?

A few months ago, I’d never touched Nix. Then my friend’s brother told me about PlanetNix at Scale22x. I flew from Florida to California with Nix on an old laptop and only four days of flailing experience. I felt grossly under prepared, but after the talks and meeting brilliant people, I was hooked.

Today, I’m building Nix infrastructure full-time and manage every device I own declaratively with tools like Clan.

This talk maps my route from ‘what the hell is a derivation?’ to contributing to Nix projects in 100 days. I’ll share the exact learning path, struggles, and wins. As someone close enough to remember the pain but far enough to have some solutions, I’ll crash-course some tough Nix concepts with live demos showing my real usage.

For beginners and the Nix-curious, this can be a great launch point for YOUR speed-run. Nix’s learning curve is infamous, but with the right fundamentals and some problem framing, it doesn’t have to be.


People:
    SpeakerBio:  adeci

Developer, NixOS enthusiast, hardware repair tech.




1 year of GenAI JailBreaks by 0din

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Saturday, Aug 9, 14:00 – 14:59 PDT

Creator: La Villa

Tras un año explorando los límites de la inteligencia artificial generativa, el equipo detrás de 0din, el GenAI Bug Bounty Program de Mozilla, comparte hallazgos, aprendizajes y desafíos enfrentados al detectar y reportar jailbreaks en modelos de IA. Esta charla ofrece una mirada técnica y crítica sobre cómo evolucionan los vectores de ataque en sistemas generativos, qué patrones se repiten, y cómo la comunidad puede colaborar para construir modelos más seguros y confiables.


People:
    SpeakerBio:  Marco Figueroa, GenAI Bug Bounty Programs Manager @ Mozilla | 0Din

Marco Figueroa is the GenAI Bug-Bounty Programs Manager at Mozilla’s 0DIN program, the industry’s first dedicated LLM bug-bounty platform. He leads the global researcher community that dissects guardrails across ChatGPT, Claude, Gemini and open-source LLMs. Marco’s research has repeatedly shown how hex-encoded and other obfuscated prompts can coerce GPT-4o into writing working exploit code, a technique covered by The Register and Bitdefender’s Hot-for-Security column. He also uncovered the extent of OpenAI’s container file system exposure, demonstrating live upload-and-execute paths inside ChatGPT’s Debian sandbox, as reported in Dark Reading.




10 Lessons from the Frontlines of AI Vishing: From Zero to (Almost) Hero

Creator Talk Map Page – LVCC West-Level 3-W317-W319 (Social Engineering Community Village)
When:  Saturday, Aug 9, 10:00 – 10:25 PDT

Creator: Social Engineering Community Village

The path from a working demo to an AI vishing agent that can survive in the wild is littered with failed calls and bad prompts. We walked that path so you don’t have to. This talk is a rapid-fire rundown of 10 lessons learned from taking a bot into production. We’ll dive into: how to craft pretexts that don’t collapse under pressure, the dirty secrets of managing conversational latency, and the surprising challenge of handling accents and background noise. Iíll break down the trade-offs between self-hosted models and commercial API infrastructure, their inherent limitations, and the privacy considerations to address. Learn how to tune prompts for believable improvisation and avoid the uncanny valley.


People:
    SpeakerBio:  Matt Holland

Matt Holland is a startup co-founder and CISO who builds security solutions designed for the real world. His career has taken him from leading security for iconic brands like Unilever and the John Lewis Partnership to his current role as co-founder of vishr.ai, a venture tackling the threat of AI-driven social engineering. His approach is a product of that journey. He tackles every challenge by blending the strategic discipline of a global CISO, the commercial focus of an MBA, the relentless drive of a startup founder, and the adversarial mindset needed to counter modern threats.

SpeakerBio:  Enrico Faccioli

Enrico Faccioli is a London-based entrepreneur tackling AI-driven social engineering. His latest venture, vishr.ai, uses conversational AI to provide employees with realistic vishing simulations and hands-on training. Following his MSc in Finance from Warwick Business School, he moved from overseeing the tech strategy for L&G’s real assets funds (£28bn AUM), into startup leadership as COO of the geospatial AI startup Gyana, before a breach of his own fuelled a pivot into solving critical security challenges.




10 Years of IoT Village: Insights in the World of IoT

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Friday, Aug 8, 10:30 – 10:59 PDT

Creator: IOT Village

Join IoT Village co-founders Steve Bono and Ted Harrington as they discuss how the world of IoT security has evolved in the past 10 years of IoT Village. Led by panel host Rachael Tubbs, Steve and Ted will discuss with industry experts what we’ve learned in 10 years about the state of IoT security.


People:
    SpeakerBio:  Stephen Bono, CEO at Independent Security Evaluators
No BIO available
SpeakerBio:  Rachael Tubbs, IoT Village Organizer
No BIO available



12th CPV Program Committee Chitchat at the garden

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-403 (Crypto Privacy Village)
Creator: Crypto Privacy Village

People:
    SpeakerBio:  Crypto Privacy Village Program Committee 2025
No BIO available



2025 Authentication Survival Guide

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-403 (Crypto Privacy Village)
Creator: Crypto Privacy Village

People:
    SpeakerBio:  Mateusz Chrobok
No BIO available



6 Simple Rules for Building a Better SkyNet: AI-Powered War Planning

Creator Talk Map Page – LVCC West-Level 2-W234 (Policy @ DEF CON)
When:  Saturday, Aug 9, 15:30 – 16:15 PDT

Creator: Policy @ DEF CON

The Department of Defense (DoD) has publicly embraced AI and its application in strategic war planning. What could possibly go wrong? What does “war planning” really involve, anyways? And why haven’t Skynet and our AI overlords ended the need for petty human conflicts by now? The presenters (former war planning advisors for the Secretary of Defense) discuss how war plans are really developed and how AI could improve that process. They will also talk about how the use of AI in war planning makes us vulnerable–both technologically and cognitively–in unanticipated ways. The presentation will conclude with policy ideas to get ahead of potential problems with AI-powered war planning.


People:
    SpeakerBio:  Noah K

Noah K has spent the past 15 years in the U.S. government developing national security policy. He was the Director for War Plans in the Office of the Secretary of Defense. In this role, he led the team responsible for providing civilian oversight of our national war plans and managing civilian-military dialogue across a range of issues regarding the Department’s planning for major conflicts. He has previously worked on issues involving special operations, and cyber intelligence. He currently works at a Federally Funded Research and Development Center exploring how national security and artificial intelligence create both opportunities and risks.

SpeakerBio:  Clark F

Clark F has worked in the national security and defense policy space for the past decade. From 2020-2023, he served as an advisor to the Secretary of Defense on war plans, drafting national security strategic guidance and managing the Europe and space war plans portfolios. Clark currently works at a Federally Funded Research and Development Center, focusing on the intersection of defense strategy, emerging technology, and national security applications in the Indo-Pacific theater.




7 Vulns in 7 Days: Breaking Bloatware Faster Than It’s Built

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Sunday, Aug 10, 11:40 – 12:10 PDT

Creator: AppSec Village

Bloatware. We all hate it, and most of us are good at avoiding it. But some vendor tools – especially those managing critical drivers – are still necessary, often because the drivers available through Windows Update just aren’t good enough for performance-critical computing.

What started as a routine driver update took a sharp turn when I confirmed a reboot modal… from my browser. Wait, my browser shouldn’t be able to do that!? To my disappointment (and maybe some surprise), it turned out to be arbitrary code execution – right from the browser. This kicked off a week-long deep dive, uncovering seven trivial CVEs in seven days across several vendors, all exploiting a common pattern: privileged services managing software on Windows with little regard for security.

In this talk, I’ll walk through the journey of discovery and exploitation of several vulnerabilities that lead to LPE/RCE.


People:
    SpeakerBio:  Leon “leonjza” Jacobs

With over two decades in IT – 15 years focused on cybersecurity – Leon is the CTO of Orange Cyberdefense’s SensePost Team. His career has taken him from a Tier 1 ISP, a private investment bank and now into full-time consulting, giving him a broad, real-world view of security challenges across industries. Today, Leon spends his time researching and hacking everything from enterprise networks to web and mobile applications. Passionate about building and innovating, he’s a regular contributor to the InfoSec community, sharing tools, insights, and lessons learned to help push the field forward.




A Brief History of the Knox Box

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-701 (Lock Pick Village)
When:  Friday, Aug 8, 15:00 – 15:45 PDT

Creator: Lock Pick Village

An introduction to the gold standard of physical key escrow, the Knox Box (and associated products) by a former employee, including information about the new eLock. All information is from the public domain or private research, but we can all but guarantee you’ll learn something new.


People:
    SpeakerBio:  craic’d
No BIO available



A Recipe for Distrust: Regularty Failure with Ballot Marking Marking Devices – Unreadable Images and Multiple Records of Each Voter’s Choices

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Saturday, Aug 9, 10:00 – 10:30 PDT

Creator: Voting Village

The most obvious, fundamental problem with Ballot Marking Devices is encoding voters’ choices in images voters cannot read and tabulating from those images. Compounding BMD problems, these systems produce at least three distinct images of voters’ selections: the choices in QR/bar code images, a printed text list purporting to show those encoded choices, and a ballot image produced by precinct scanners. These images and printed list may be subject to different possible mistakes misperceptions, or manipulation. Regulations have not kept up with vulnerabilities—but simply adding more regulations will not suffice. This presentation reviews regulations in several states, beginning with Florida, as an example to examine when and if the printed list for voter review may be counted.

Links:
    people.miami.edu/profile/6ed46ca3db386549c93872ee58027aeb – https://people.miami.edu/profile/6ed46ca3db386549c93872ee58027aeb

People:
    SpeakerBio:  Martha Mahoney, University of Miami School of Law

Martha Mahoney is a Professor of Law and Dean’s Distinguished Scholar at the University of Miami School of Law. She has taught since 1990 in areas including Election Law, Law and Social Justice, Voting Rights, Criminal Law, and Property. She was a founding member of the Miami-Dade Election Reform Coalition. Her work with the Coalition and extensive research in public records helped expose flaws in DRE votings ystems, and she continues to research issues of voting and equality. She has made presentations on electronic voting issues at conferences and workshops, spoken on electronic voting problems to state and local governmental bodies, and submitted reports on voting and inequality to the Department of Justice. Her current research addresses inadequate regulation and fundamental flaws in ballot marking devices. A former labor and community organizer, Professor Mahoney received a B.A. from the University of the State of New York’s Regents External Degree Program, an M.A. in History from Tulane University, and a J.D. from Stanford Law School. She has published extensively in the fields of racial and economic inequality. She is co-author of an innovative legal casebook, Martha R. Mahoney, John O. Calmore & Stephanie M. Wildman, Social Justice: Professionals, Communities, and Law (2d ed. West 2013).




A Tale of Weeds and Roses: Propagating the Right Data Protection Agreements with Vendors

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Friday, Aug 8, 13:00 – 13:59 PDT

Creator: Crypto Privacy Village

When a company gives vendors access to its technical garden to process personal data, it’s the company’s responsibility to ensure vendors have adequate protections in place. Data protection/processing agreements (DPAs) are a control companies use to contractually obligate and specify what adequate protections vendors must have and to outline the consequences if vendors fail to protect the personal data. Propagating the right DPAs with vendors prevents invasive species from taking root in a company’s technical garden. Gardeners who attend this talk will walk away with a high-level understanding of: (a) how DPAs can be used to protect your company’s technical garden, (b) what information privacy/legal needs to know when negotiating a DPA, and (c) which DPA terms are roses to be cultivated or weeds to be removed.


People:
    SpeakerBio:  Irene Mo, Senior Privacy & Cybersecurity Counsel at Rivian

Irene is an attorney with experience counseling clients on United States and international privacy and data protection laws and regulations. She has helped companies of all sizes build and scale their privacy and data security compliance programs. Known as a problem solver, Irene’s clients trust her to collaborate across multiple business units within their companies to get privacy done. When there is a Hail Mary pass, her clients know she’s the one getting the ball across the goal line. In her free time, Irene is on the leadership board of several non-profits including Women in Security and Privacy (WISP), the Diversity in Privacy Section for the IAPP, the American Bar Association (ABA) Center of Innovation, and Lagniappe Law Lab.

SpeakerBio:  Alyssa Coley, Privacy & Product Counsel at Scopely

Alyssa is on the board of Women In Security and Privacy (WISP) and is Privacy & Product Counsel at an Augmented Reality (AR) mobile gaming company. As in-house counsel, she focuses on integrating privacy by design into product development and ensuring global privacy compliance. Previously, she gained experience in privacy consulting and cybersecurity incident response. She has been involved with WISP for nearly a decade where she developed her interest in locksport and continues to further WISP’s mission to advance women and underrepresented communities to lead the future of security and privacy.




A Wake-Up Call in Telecom Security: The SK Telecom Case

Creator Talk Map Page – LVCC West-Level 2-W224 (Telecom Village)
When:  Saturday, Aug 9, 15:00 – 15:15 PDT

Creator: Telecom Village
  • Overview of exploited vulnerabilities
  • Breakdown of the cyberattack
  • Analysis of the impact and consequences
  • SK Telecom’s incident response and mitigation
  • Key lessons and takeaways for cybersecurity preparedness

People:
    SpeakerBio:  Zibran Sayyed
No BIO available



Abusing the Rules: Detect and Defend Against Business Logic Attacks in APIs

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Friday, Aug 8, 12:20 – 12:50 PDT

Creator: AppSec Village

Business logic vulnerabilities in APIs are often design oversights that lead to dangerous outcomes. They occur when attackers abuse legitimate API behavior to bypass controls or exploit workflows. In this talk, we’ll share field experience developing behavioral analysis techniques that surface exploitable API behaviors at scale.

We developed a method for passively analyzing API responses – clustering similar logic flows and flagging anomalies that suggest potential abuse paths. You’ll see how business logic vulns manifest in real-world APIs, how attackers chain together valid actions to achieve unintended outcomes, and how defenders can catch these issues early. The session will conclude with practical strategies for integrating business logic awareness into threat modeling and CI/CD pipelines.


People:
    SpeakerBio:  Antoine Carossio

Former pentester for the French Intelligence Services. Former Machine Learning Research @ Apple.

SpeakerBio:  Tristan Kalos

Tristan Kalos, co-founder and CEO at Escape, draws from a background as a software engineer and Machine Learning Researcher at UC Berkeley. Motivated by firsthand experience witnessing a client’s database stolen through an API in 2018, he has since become an expert in API security, helping security engineers and developers worldwide building secure applications. He is an experienced keynote and conference speaker, presenting at Forum InCyber, bSides, APIdays, GraphQL conf, and other international software development and cyber security conferences.




Access Control Done Right the First Time

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Friday, Aug 8, 16:30 – 16:59 PDT

Creator: Physical Security Village

Are you looking to install or upgrade a physical access control system? Having installed, repaired and upgraded dozens of large and small access control systems, I have found that many vendors install a “minimum viable product” that can leave your system unreliable and trivial to bypass.

This session will give you the tools and knowledge you need to work with your vendor to implement your system using best practices in the following areas:

  • Wiring, supervision, encryption and tamper-resistance
  • Choosing clone-resistant badges and securely configuring badge readers
  • Securing controller equipment and managing issued badges
  • Maintaining the system for maximum security and uptime

People:
    SpeakerBio:  Tim Clevenger

As a low voltage hardware junkie, Tim has had the opportunity to design, expand, upgrade and repair numerous physical access control, alarm and video systems, including a stint at a security vendor where he was certified in Lenel/S2 access and video. Tim works today at SailPoint as a Cybersecurity Network Engineer.




Access Denied: How Students Can Enforce Their Disability Rights in Education

Creator Talk Map Page – LVCC West-Level 2-W219 (Hackers With Disabilities)
When:  Saturday, Aug 9, 14:00 – 14:59 PDT

Creator: Hackers With Disabilities (HDA)



Aceleradores criptográficos basados en dispositivos reconfigurables (ESP)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Sunday, Aug 10, 13:00 – 13:59 PDT

Creator: La Villa

En esta charla exploraremos cómo acelerar el cálculo de funciones hash, centrándonos especialmente en el uso de dispositivos reconfigurables como las FPGAs. Comenzaremos con una introducción a las funciones hash, su papel fundamental en criptografía y seguridad informática, y sus propiedades clave como la irreversibilidad y la resistencia a colisiones.x000D x000D A continuación, haremos un repaso comparativo de las distintas plataformas de cómputo donde se pueden implementar algoritmos hash: CPU, GPU, ASIC y FPGA, analizando sus ventajas, limitaciones y casos de uso típicos. Nos detendremos especialmente en las FPGAs (Field-Programmable Gate Arrays), explicando su arquitectura, su capacidad de paralelismo masivo y su flexibilidad para implementar lógica específica.x000D x000D Por último, veremos la implementación del algoritmo SHA-256 en una FPGA. Mostraremos cómo se traduce el algoritmo a lógica digital, qué técnicas se pueden aplicar para optimizar el rendimiento, y qué resultados se pueden obtener en términos de velocidad y eficiencia energética.


People:
    SpeakerBio:  Pablo Trujillo, Founder at ControlPaths Eng.

Pablo has been an FPGA designer for over 10 years, specializing in digital signal processing and control algorithms, with a strong focus on their implementation in FPGA-based systems. He is the founder of ControlPaths Eng., a consultancy dedicated to electronic design and FPGA development. In addition to his professional work, Pablo authors the blog controlpaths.com, where he regularly publishes articles on FPGAs, SoCs, and hardware acceleration.

Pablo es diseñador de FPGA con más de 10 años de experiencia. Está especializado en procesado digital de señal e implementación de algoritmos de control sobre FPGA. Además de su trabajo, escribe regularmente en el blog controlpaths.com, donde investiga y publica artículos sobre procesado digital de señal en FPGA, y aceleración HW. Ha sido ponente en algunas charlas en España y Europa como AsturconTech (Asturias), Vicon (Vigo) o Embedded World (Nuremberg).




Adversarial mindset, thinking like an attacker is no longer optional

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Friday, Aug 8, 15:45 – 16:30 PDT

Creator: Adversary Village

As threat actors evolve in speed, sophistication, and stealth, traditional defense strategies alone are no longer sufficient. This panel delves into the strategic importance of adopting an adversarial mindset, where defenders must think like attackers to stay ahead. Industry experts will discuss how adversary emulation and offensive cyber security techniques are being used not just to test systems, but to actively inform and strengthen defensive strategies. From red teaming to threat-informed defense, the panel will dive into how organizations are embedding adversarial thinking into their security programs to uncover blind spots, reduce response times, and build resilience against real-world threats. Whether you are defending an enterprise or building the next wave of security tools, embracing the adversarial mindset is no longer optional, it is essential. The panel will also cover a range of adversarial scenarios, including not only nation-state sponsored threat actors and targeted cyberattacks, but also the evolving warfare landscape witnessed recently, the use of technology by adversaries during conflicts, and effective countermeasures to address these challenges.


People:
    SpeakerBio:  Abhijith “Abx” B R, Founder at Adversary Village

Abhijith B R, also known by the pseudonym Abx, has more than a decade of experience in the offensive cyber security industry. Currently he is involved with multiple organizations as a consulting specialist, to help them build offensive security operations programs, improve their current security posture, assess cyber defense systems, and bridge the gap between business leadership and cyber security professionals. Abhijith’s professional exposure is stretched across multiple industries and various other sectors. As the founder of Adversary Village, Abhijith spearheads a community driven initiative exclusively focused on adversary simulation, adversary tactics, purple teaming, threat-actor/ransomware research-emulation, and offensive security-adversary tradecraft.

SpeakerBio:  Keenan Skelly

Keenan Skelly is a nationally recognized cybersecurity and emerging technology strategist with 25 years of experience across government, private sector, and entrepreneurial leadership. She, most recently served as a Senior Policy Advisor at the White House Office of the National Cyber Director (ONCD), where she guided national initiatives on cybersecurity workforce, AI policy, and strategic technology development. A former Plank Owner of NPPD at DHS of the Comprehensive Review Program (the predecessor to CISA), Keenan also led multi-agency counter-IED and critical infrastructure protection programs across the federal government. She has founded and led multiple tech startups focused on threat intelligence, cybersecurity, and gamified training; and is the Founder of the XRVillage. Named one of the Top 25 Women in Cybersecurity, she is a frequent speaker on national security, AI, and immersive technology. Her unique background blends operational expertise, policy acumen, and visionary innovation.




Adversaries at War: Tactics, technologies, and lessons from modern battlefields

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Friday, Aug 8, 15:00 – 15:45 PDT

Creator: Adversary Village

Recent conflicts have shown us that wars today aren’t just fought with traditional weapons, they are fought with code, misinformation, and influence. This panel dives into how adversaries are using a mix of traditional and unconventional tactics, from cyber attacks to psychological operations, to gain the upper hand on modern battlefields. We will look at real examples from recent wars, explore the technologies driving these shifts, and discuss what defense, security, and policy leaders need to take away from it all.


People:
    SpeakerBio:  Gregory Carpenter, Principal Partner at CW PENSEC, DrPH

Dr. Carpenter is an expert in submolecular information security, specializing in medical IoT, and DNA/nano-tech security, with extensive experience in deception, information warfare, and electronic warfare. His background includes work at the NSA and three decades in government, he has led numerous operations combatting cybercrime, adversarial activity, and counterexploitation theory. A recognized leader in counter-deception, psychological operations, and the application of advanced security techniques, Dr. Carpenter has spoken at numerous international conferences, including several DEFCON villages, Le Hack, Victoria International Privacy and Security Summit, Hack in Paris, Hacker Halted and Cyber Chess. Dr. Carpenter is a member of the Special Operations Medical Association and the Royal Society of Arts, leveraging these networks to advance the integration of security into emerging technologies. With a focus on defending the digital infrastructure at the molecular level, Dr. Carpenter’s work encompasses the intersection of cybersecurity and biological systems, ensuring that both digital and physical infrastructures remain secure against evolving threats.

SpeakerBio:  Barb Hirz, Director of Strategy and Innovation at Nebraska Defense Research Corporation

Ms. Barb Hirz is the Director of Strategy and Innovation at the Nebraska Defense Research Corporation, where she leads future capability integration and coordinates with customers and mission partners to ensure effective capability demonstrations. She is dedicated to advancing defense technology, driving mission improvements, and fostering intellectual agility in the workforce to address complex Department of Defense (DoD) challenges. Previously, Ms. Hirz served as Chief Engineer at U.S. Strategic Command, overseeing nuclear mission capability and cyber requirements, and has held positions at the Office of the Secretary of Defense and the National Security Agency. She has a background in commercial banking and IT solutions and holds numerous awards, including the Joint Meritorious Civilian Service Award. Ms. Hirz earned a B.S. in Business Administration from Creighton University, an M.S. in Military Operational Art from the Air Command and Staff College, and a Graduate Certificate in Nuclear Deterrence from Harvard University.

SpeakerBio:  Bret Fowler, Chief Executive Officer at STAG, MSGT (Ret)

Brett Fowler is a nationally recognized cybersecurity expert and the CEO of STAG, a rapidly growing cybersecurity firm with a global reach and an exponential growth rate of 230% in 2020. A lifelong technology ambassador, Brett began his journey in middle school and has since advised Congressional and Senatorial leaders, while also supporting national efforts, including securing U.S. election systems. Under his leadership, STAG is transforming advanced analytics into accessible web applications, filling critical market gaps.

A former U.S. Air Force Cyber Warfare Operator with over 3,000 hours of cyber operations experience, Brett combines deep technical expertise with agile leadership, driving innovation and resilience in both government and industry. He is a trusted voice on national advisory boards and a frequent lecturer at the University of Texas at San Antonio, where he teaches courses on cybersecurity and entrepreneurship. Brett holds an M.S. in Computer Science from Utica College and lives in San Antonio, TX, with his wife and children.

SpeakerBio:  John Johnson, CEO at Founder of Aligned Security, Dr

Dr. Johnson has over 30 years of experience leading technology and cybersecurity programs at organizations in various industry segments, from startups to large global corporations. He is the CEO and Founder of Aligned Security, providing executive cybersecurity advisory services. He also founded the nonprofit Docent Institute, which promotes career development, cybersecurity education and outreach to professionals, students and underserved communities. He is co-founder of Chicago Cyber Hub, a Midwest center of excellence for Cybersecurity. John has broad industry experience, starting at Los Alamos National Laboratory and subsequently as a security leader at large and small enterprises, including John Deere, Deloitte, and Campbell Soup Company. He has developed and taught numerous university cybersecurity courses online and in person. Dr. Johnson serves on the ISSA International Board of Directors, ISSA Education Foundation, and is an active leader within ISC2, InfraGard, and IEEE. John is concerned with the ethical use of advancing technologies and the opportunities and risks they pose to humanity.

SpeakerBio:  Michael Tassey, Managing Director at Broadmoor Consulting Inc.

Mike Tassey is a cybersecurity strategist with 27 years of experience across defense, finance, and critical infrastructure. At the Air Force Office of Special Investigation, he led red team operations and secured global investigative systems. At NASDAQ, he helped defend the exchange from nation-state cyber threats and re-architect its global security posture. A DEF CON and Black Hat speaker, Mike co-designed the Wireless Aerial Surveillance Platform—the first civilian cyber drone, now in the International Spy Museum.




Adversary Village kick-off keynote panel

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-702 (Adversary Village)-Workshop Area
When:  Friday, Aug 8, 10:00 – 10:59 PDT

Creator: Adversary Village
Links:
    adversaryvillage.org/adversary-events/DEFCON-33/ – https://adversaryvillage.org/adversary-events/DEFCON-33/

People:
    SpeakerBio:  Marcus J.carey, Principal Research Scientist at ReliaQuest

Marcus J. Carey is the creator of the best selling Tribe of Hackers cybersecurity book series. Marcus is renowned in the cybersecurity industry and has spent his more than 20-year career working in penetration testing, incident response, and digital forensics with federal agencies such as NSA, DC3, DIA, and DARPA. He started his career in cryptography in the U.S. Navy and holds a Master’s degree in Network Security from Capitol College. Marcus was previously the founder and CEO of Threatcare (acquired by ReliaQuest), a venture-backed cybersecurity and software services company based in Austin, Texas. He regularly speaks at security conferences across the country. Marcus is passionate about giving back to the community through things like mentorship, hackathons, and speaking engagements, and is a voracious reader in his spare time.

SpeakerBio:  Sanne Maasakkers, Threat intel at Mandiant (Google)

Sanne Maasakkers is working for Threat intel at Mandiant, previously at NCSC-NL. After spending some years in offensive security, she now uses this knowledge to make Dutch vital infrastructure more resilient. She is mainly interested in researching social engineering tactics and techniques of the bigger APTs and presented ‘Phish like an APT’ last year at the digital version of Adversary Village. Additionally, she likes to host CTFs for young talents, coach the European CTF team, and host awareness sessions.

SpeakerBio:  Bryson Bort, CEO and Founder at Scythe
No BIO available
SpeakerBio:  Abhijith “Abx” B R, Founder at Adversary Village

Abhijith B R, also known by the pseudonym Abx, has more than a decade of experience in the offensive cyber security industry. Currently he is involved with multiple organizations as a consulting specialist, to help them build offensive security operations programs, improve their current security posture, assess cyber defense systems, and bridge the gap between business leadership and cyber security professionals. Abhijith’s professional exposure is stretched across multiple industries and various other sectors. As the founder of Adversary Village, Abhijith spearheads a community driven initiative exclusively focused on adversary simulation, adversary tactics, purple teaming, threat-actor/ransomware research-emulation, and offensive security-adversary tradecraft.




AI in OT Should be Cheaper Than in IT

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Friday, Aug 8, 12:30 – 13:15 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

OT environments typically are very predictable, lack variation and human interaction. AI works much harder in IT environments, therefore should cost less in OT environments. Why should one pay the same for two very different technologic performances? Chat will engage audience to on premise that AI pricing models should be different in IT and OT.


People:
    SpeakerBio:  Daryl Haegley, Technical Director at Air Force & Space Force Control Systems Cyber Resiliency
No BIO available



AI Red Teaming as an Evaluation Process

Creator Talk Map Page – LVCC West-Level 3-W314-W316 (AI Village)
When:  Friday, Aug 8, 13:30 – 13:59 PDT

Creator: AI Village

This talk will focus on AI red-teaming as an evaluation process and how it might fit into a broader AI evaluation ecosystem. The first part will contextualize the current state of AI red-teaming evaluations. We will discuss feedback that CSET has received from various AI stakeholders, such as ambiguity around current best practices for AI red-teaming and how lack of transparency hinders community efforts to develop those best practices. The second part will introduce the idea of a “virtuous cycle” for AI evaluations, in which an information sharing and reporting ecosystem can create beneficial feedback loops for AI development, testing, flaw and vulnerability disclosure, and patching.

Links:
    cset.georgetown.edu/staff/colin-shea-blymyer/ – https://cset.georgetown.edu/staff/colin-shea-blymyer/

People:
    SpeakerBio:  Colin Shea-Blymyer, Faculty Research Fellow, Center for Security and Emerging Technology (CSET) at Georgetown University
No BIO available



AI Red Teaming for Everyone

Creator Talk Map Page – LVCC West-Level 3-W314-W316 (AI Village)
When:  Saturday, Aug 9, 10:00 – 10:30 PDT

Creator: AI Village

People:
    SpeakerBio:  Monica Carranza, Content Adversarial Red Team at Google
No BIO available
SpeakerBio:  Chang Mou, ML Red Team at Google
No BIO available



AI vs. the APTs: Using LLMs to discover malware and undisclosed vulnerabilities

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Saturday, Aug 9, 12:00 – 12:30 PDT

Creator: AppSec Village

In this presentation, we reveal how we used LLMs to discover 900 vulnerabilities in popular open-source tools that were never disclosed. How we caught and watched North Korean APT Lazarus debug a supply chain attack in real time and how we discovered the office Ripple (XRP) cryptocurrency SDK had been backdoored.

We started a multi-year long research project to identify how we could identify novel use cases for using LLM in supply chain security. The research fousces on two approaches

  1. using public changelogs to identify when security issues were patched and never disclosed
  2. Using LLMs to identify malware in public packages on NPM

The presentation covers both technical details of our system and how use use out-the-box frontier models as well as taking deep dives into some of the more interesting findings.


People:
    SpeakerBio:  Mackenzie

Mackenzie is a developer advocate with a passion for DevOps and code security. As the co-founder and former CTO of a health tech startup, he learnt first-hand how critical it is to build secure applications with robust developer operations. Today as the Developer Advocate at GitGuardian, Mackenzie is able to share his passion for code security with developers and works closely with research teams to show how malicious actors discover and exploit vulnerabilities in code.




Airborne WiFi – Rouge Waves in the Sky

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-803 (Radio Frequency Village)
When:  Saturday, Aug 9, 14:30 – 15:25 PDT

Creator: Radio Frequency Village

Have you traveled and used in-flight internet services on airlines? Guess what…Evil Twins have been discovered in the wild on commercial airlines. This talk covers a tale of two people, the passenger in a rush to connect to in-flight services and the SOC analyst charged with the task of unraveling the truth.

This talk will introduce the many components that comprise the on-wing infrastrucutre and how they relate to the passengers as they journey through the skies. Tasked with unraveling a tip, the SOC Analyst must understand the relationships of the pieces to the pizzle, from tying together the logged events and knowing what the infrastructure is on-wing, ultimately piecing together a bigger puzzle via other telemetry provided by ads-b, satellite or more.

The key takeaways I’ll be focusing on are what an analyst should do to prepare themselves to hunt in this arena, processing that evdence to support their hypothesis and unlock the truth behind that pesky browser portal that didn’t feel right. Joine me for a talk about Evil Twins in the sky!


People:
    SpeakerBio:  M0nkeyDrag0n, Organizer at Hard Hat Brigade

M0nkeydrag0n plays a blue teamer by day and a Hard Hat Bridage member in the after hours. Having spent a decade in IT support before shifting to his current role, m0nkeydrag0n has spent the last few years growing professionally as a cyber security engineer and endeavors to share tactics, approaches and stories with those looking to make that shift into security as well…or any pivot for that matter!

Lately, rediscovering R/C vehicles as allowed him to take flight, if only by FPV. But playing with RF is always fun, whether it’s trying to catch folks on WiGLE, designing cases for wardriving kits, earning his ham tech cert or just enjoying motorcycles for a long ride…and internet points!

Come wardrive with the Hard Hat Brigade!




Airport Security! – S01 E008 – Breaking into your baggage

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Sunday, Aug 10, 12:00 – 12:59 PDT

Creator: Physical Security Village

When we travel with valuable baggage, we rely on the security of locks, especially those that are TSA-approved. But how secure are they really? In this talk, we’ll present our research on the vulnerabilities and bypasses of these locks and their embedding into the baggage, covering the most common models as well as the newer TSA008. We’ll discuss how lock picking techniques, master keys, and bypass methods can compromise the security of all TSA-approved models, potentially putting our belongings at risk.


People:
    SpeakerBio:  Hector Cuevas Cruz, Bishop Fox

Héctor is a Senior Managing Security Consultant at Bishop Fox with over 13 years of experience in offensive security, digital forensics, threat hunting, and incident response. Hector has presented at international conferenses such as DEFCON, SummerCon, WWHF & Ekoparty. He also leads Pwntacles, a student-driven hackerspace focused on cybersecurity research and development.




All You Need Is a Fuzzing Brain: A Retrospective

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Saturday, Aug 9, 13:40 – 14:10 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

Our team will share the key lessons, discoveries, and challenges we encountered during our AIxCC journey. We’ll walk through what worked, what didn’t, and the unexpected insights we gained along the way. Beyond reflection, we’ll highlight opportunities to improve AI-powered cybersecurity systems and explore where we believe the field could and should go next.


People:
    SpeakerBio:  Jeff Huang, Professor at Texas A&M University
No BIO available
SpeakerBio:  Ze Sheng, Graduate student at Texas A&M University
No BIO available
SpeakerBio:  Qingxiao Xu, Graduate student at Texas A&M University
No BIO available
SpeakerBio:  Matthew Woodcock, Undergraduate student at Texas A&M University
No BIO available



All your keyboards are belong to us!

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Friday, Aug 8, 17:00 – 17:59 PDT

Creator: Hardware Hacking and Soldering Skills Village (HHV-SSV)

This is a live tutorial of hacking against keyboards of all forms. Attacking the keyboard is the ultimate strategy to hijack a session before it is encrypted, capturing plaintext at the source and (often) in much simpler ways than those required to attack network protocols.

In this session we explore available attack vectors against traditional keyboards, starting with plain old keyloggers. We then advance to “Van Eck Phreaking” style attacks against individual keystroke emanations as well as RF wireless connections, and we finally graduate to the new hotness: acoustic attacks by eavesdropping on the sound of you typing!

Use your newfound knowledge for good, with great power comes great responsibility!

A subset of signal leak attacks focusing on keyboards. This talk is compiled with open sources, no classified material will be discussed.


People:
    SpeakerBio:  Federico Lucifredi, Product Management Director for Ceph Storage at IBM and Red Hat
No BIO available



Alternative Entry Points

Creator Talk Map Page – LVCC West-Level 2-W204 (Noob Community)
When:  Friday, Aug 8, 15:30 – 16:30 PDT

Creator: Noob Community

Getting started in cyber from nontraditional entry points


People:
    SpeakerBio:  Alethe Denis, Red Team at Bishop Fox

DEF CON Groups Dept 2nd Lead




Amplifying Phishing Attacks with Generative AI (POR-ESP)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Friday, Aug 8, 10:30 – 11:30 PDT

Creator: La Villa

Historically, Phishing attacks require extensive manual effort involving meticulous target research, intricate scenario crafting, and technical infrastructure deployment. However, the landscape is evolving with the adoption of Artificial Intelligence, which is transforming how phishing campaigns are conducted by reducing the required skill levels and effort. This talk explores how Artificial Intelligence enables threat actors to automate the critical phases of phishing campaigns, from initial reconnaissance to creating compelling and targeted communications and standing up attack infrastructures. It covers:x000D x000D – The inherent challenges in conventional phishing operations, emphasizing the extensive manual labor required for target reconnaissance, scenario development, and infrastructure setup. Attendees will understand why these labor-intensive processes have historically constrained the scalability and customization of phishing campaigns.x000D – How to utilize various AI models to craft convincing, contextually accurate phishing messages that mimic authentic corporate communication patterns. x000D – End-to-end Automated approaches for quickly standing up credible phishing websites, significantly lowering technical entry barriers for threat actors.x000D x000D At the end, participants should understand how to deploy AI-driven phishing campaigns using different models to achieve various results and address challenges within a phishing attack workflow.x000D


People:
    SpeakerBio:  Daniel Marques, Red Team Senior Manager

As an experienced Red Team leader, Daniel applies a strong software development and networking background to help Fortune 500 companies identify and remediate vulnerabilities in various technologies, including corporate networks, applications, and smart devices. With more than 15 years of experience in Cybersecurity, prominent local and international security conferences such as HOU.SEC.CON, ISC2 Security Congress, and Black Hat Regional Summit featured his Offensive Security research. Daniel holds a B.Sc. in Computer Science and an M.Sc. in Cybersecurity. In 2019, Daniel was part of the team that won the DEF CON Biohacking Village Capture the Flag competition.

With over 15 years in offensive security, Daniel applies a strong software development and networking background to help Fortune 500 companies identify and remediate vulnerabilities in various technologies, including corporate networks, applications, and smart devices. With more than 15 years of experience in Cybersecurity, prominent local and international security conferences such as HOU.SEC.CON, ISC2 Security Congress, and Black Hat Regional Summit featured his Offensive Security research. Daniel holds a B.Sc. in Computer Science and an M.Sc. in Cybersecurity. In 2019, Daniel was part of the team that won the DEF CON Biohacking Village Capture the Flag competition.




An update from the LLM scaling laws frontier

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Friday, Aug 8, 15:45 – 16:15 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

AI models have had a ~4x YoY increase in compute for the last 70 years. In the security domain, what has 4x effective compute brought us in 2025 and what will it bring us in 2026? In this session, Jason will give us a survey of the bleeding edge of security applications, from a frontier AI lab perspective, including advanced persistent threats, and what new security threats are coming from AI and can be defended by AI in 2026 and beyond.


People:
    SpeakerBio:  Jason Clinton, CISO at Anthropic
No BIO available



Anatomy of a Crypto Scam

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Saturday, Aug 9, 17:00 – 17:59 PDT

Creator: Cryptocurrency Community

Nick and Kit team up to explain a story of fraud and scam as often reported in the news. A method of deceit with a unique financial angle is introduced, starting with a video to illustrate the problem. History of the actors involved in the analysis and security research reveals their complementary partnership, where they observe the scam to develop defense methods. A breakdown of the scam workflow follows its progress and funds are tracked as they move from the victim’s possession. Finally, advice is given how to protect from becoming a victim of similar fraud.


People:
    SpeakerBio:  Nick “c7five” Percoco, CSO at Kraken

Nick Percoco is the Chief Security Officer at Kraken, where he spearheads the frameworks and protocols that ensure a secure and seamless trading experience for clients. A recognized leader in the security and hacker community, Nick brings nearly 30 years of expertise in cybersecurity and technology, shaping the industry’s approach to threat defense and risk mitigation. A dedicated contributor to the security community, he founded THOTCON, Chicago’s premier non-profit hacking conference, and has been a contributor to secure infrastructure and network design at DEFCON, the world’s largest hacking conference, since 2017. An accomplished speaker and researcher, Nick has presented groundbreaking work on cryptocurrency security, targeted malware, mobile security (iOS & Android), and IoT vulnerabilities at leading global forums, including Black Hat, RSA Conference, DEFCON, CfC St. Moritz, and SXSW.

SpeakerBio:  Kitboga, Kraken

With more than 3M subscribers on YouTube and beyond, Kit pioneered scambaiting. “Everyday there are scammers taking advantage of people. I call them to waste their time, walk people through their “script” and lies, report info when I can, and otherwise make light of a dark situation.”




Anotomy of Telecom Malware

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Saturday, Aug 9, 10:00 – 10:45 PDT

Creator: Telecom Village

“Anatomy of Telecom Malware” is a Telecom Village talk spanning 2G, 3G, 4G/LTE and cloud-native 5G. It dissects how attackers weaponise every layer of the stack—SS7/SIGTRAN, Diameter, GTP, SMPP and SBA APIs—while adding three critical lenses:

  • Supply-chain infiltration: poisoned firmware builds and compromised eSIM-provisioning servers that let implants enter the core before day 0.
  • Transit-based backdoors: malware such as the LightBasin “GTPDoor” family that hides its C2 inside roaming GTP-C/U tunnels, crossing operator boundaries unnoticed.
  • Field-proven attacks: campaigns like SIMjacker’s SS7/S@T-browser exploitation for OTP interception and recent SS7-redirect bank-fraud cases, plus roaming-hub spyware and diameter peer-scraping seen in the wild.

Attendees leave with a telecom-specific kill-chain map, protocol-aware detection tricks, and a 10-point hardening checklist to protect both legacy and future networks.


People:
    SpeakerBio:  Akib Sayyed, Founder at Matrix Shell

Akib Sayyed is the Founder and Chief Security Consultant of Matrix-Shell Technologies, an India-based telecom-security firm he established in 2014. Recognised industry-wide as a 5G and telecom-signalling security specialist, Akib has spent more than a decade helping mobile-network operators, MVNOs and regulators uncover and remediate vulnerabilities across legacy (2G/3G/4G) and next-generation (5G Core, VoLTE/VoNR/VoWi-Fi) networks. His expertise spans protocol penetration testing (SS7, Diameter, GTP), radio-access assessments and security-automation tooling.

Under Akib’s leadership, Matrix-Shell has grown into India’s first NCCS-designated 5G Core security test lab and holds ISO/IEC 17025 accreditation for its methodology and results. A frequent conference speaker and Black Hat trainer, he also co-organises the Telecom Village community, where he shares latest threat-intel and open-source tools with the wider security ecosystem. linkedin.com

Across consulting engagements, Akib is known for delivering:

  • Policy-aligned testing mapped to 3GPP TS 33.xxx, GSMA FS-series and ITSAR frameworks.
  • Automated scanners that cut signalling-assessment time from weeks to hours.
  • Action-oriented reports complete with PCAP evidence and remediation playbooks.

Driven by a mission to “secure the core,” Akib continues to advise operators on rolling out resilient 5G infrastructure, mentors the next wave of telecom-security engineers and contributes to global standards bodies shaping the future of mobile-network defence.




Antenna Building: Make Your Own LoRa Yagi and VHF Foxhunt Loop Workshop

Creator Talk Map Page – LVCC West-Level 3-W320 (Ham Radio Village)
When:  Friday, Aug 8, 11:00 – 11:59 PDT

Creator: Ham Radio Village

Construct, test, and use a real antenna. Two kits are available: a VLF Foxhunt Loop to win your local fox hunts, and a LoRa Yagi antenna and become the alpha-ham dominating oppressive gain and narrow beam width.

Join us as we condense the sum total of humanity’s antenna knowledge into 30 gripping fun-filled minutes of building, testing, and using a built from scratch antenna. Afterwards the instructors will be around to help with assembly in the Village.

This talk will demonstrate building this year’s antenna building workshop. Our selections this year include a VHF loop for fox-hunting, suitable for use in this year’s fox-hunt. Second is a LoRa compatible Yagi. You will learn the basics of antenna construction, testing, and finally verifying with the cold cruel uncaring reality of physics that your antenna works.

We will also cover trouble-shooting antennas, common pitfalls, and unsolicited life advice.


People:
    SpeakerBio:  Nate “wants.beer” Martin

Chem Engineer, ex Navy Nuke and deep submersible pilot. Currently Director of planning for large Si wafer manufacturer.

SpeakerBio:  Danny Quist
No BIO available



Applying DevSecOps Lessons to MLSecOps

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Saturday, Aug 9, 10:30 – 11:15 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

As we have seen with AIxCC, AI brings new tools to help with cybersecurity. But developing and operating AI/ML applications introduces new dimensions of risk due to their dynamic behavior, inherent complexity, and often opaque decision-making processes. The transition from Development and Operations (DevOps) to Development, Security, and Operations (DevSecOps) revealed the need for security practices integrated into the Software Development Life Cycle (SDLC) to address critical software security gaps. Machine Learning Operations (MLOps) will now need to go through the same transition into MLSecOps. MLSecOps places a strong emphasis on integrating security practices within the ML development life cycle. It establishes security as a shared responsibility among ML developers, security practitioners, and operations teams. Embracing this methodology enables early identification and mitigation of security risks, facilitating the development of secure and trustworthy ML models.


People:
    SpeakerBio:  Christopher Robinson, Chief Security Architect at OpenSSF
No BIO available
SpeakerBio:  Sarah Evans, Security Research Program Lead at Dell Technologies
No BIO available
SpeakerBio:  Eoin Wickens, Director of Threat Intelligence at HiddenLayer
No BIO available
SpeakerBio:  Jeff Diecks, Technical Project Manager at OpenSSF
No BIO available



ARTIPHISHELL Intelligence

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Saturday, Aug 9, 13:00 – 13:30 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

Join Shellphish captains Wil Gibbs and Lukas Dresel for a candid fireside chat on building ARTIPHISHELL, the fully-autonomous cyber reasoning system (CRS) that turned large-language models into indispensable teammates. They’ll trace their journey, from integrating LLM-powered reasoning into fuzzers for finding crashes to generating patches with LLM intuition. By the end, you’ll have a blueprint for fusing LLMs with traditional bug-finding techniques, an honest look at what still breaks, and fresh ideas for your own vulnerability-research workflow.


People:
    SpeakerBio:  Wil Gibbs, Shellphish
No BIO available
SpeakerBio:  Lukas Dresel, Shellphish
No BIO available



Assembly Alchemy: From Opcodes to Exploits

Creator Talk Map Page – LVCC West-Level 2-W235 (DEF CON Academy)
When:  Saturday, Aug 9, 10:00 – 10:59 PDT

Creator: DEF CON Academy

Unlock the secrets of shellcode by learning the fundamentals of low-level payload construction. In this session, you will learn how to craft Linux shellcode from scratch, starting with nothing but opcodes and a clear understanding of the syscall interface. Through live walkthroughs and byte-level insights, you will see how small instructions can yield powerful control. This is not magic; it’s precision, intention, and raw skill. After the talk, you will have the chance to test your abilities with hands-on challenges that turn theory into practical exploitation.


People:
    SpeakerBio:  f4_u57, Arizona State University

f4_u57 is a senior undergraduate at Arizona State University and a security researcher at Research Innovations Incorporated (RII). His interests focuses on vulnerability research in embedded devices, with an emphasis on program analysis and system security. In his spare time, he is an active CTF player.




Assessing the Capabilities Gap Between Foundation Models and Cybersecurity Experts: Benchmarks, Safeguards, and Policy

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Saturday, Aug 9, 14:15 – 14:59 PDT

Creator: AI Village

Rapid advancements in AI raise important concerns about cybersecurity risks. While existing work shows AI still falls short of human expertise in cybersecurity, we aim to identify indicators of emerging capabilities and risks by studying the gap between AI and expert human performance. We compare top hackers—selected for their proven track record in security research and competitions—with AI systems attempting to exploit real and synthetic targets. This comparison helps us pinpoint where current frontier model evaluations fall short, what tacit knowledge is needed to exploit vulnerabilities effectively, and how these gaps might be addressed. By distilling the expertise, intuition, and problem-solving approaches that make human experts more effective than current foundation models, we highlight the unique skills that continue to differentiate human practitioners. Conversely, we seek to identify areas where AI’s latent capabilities may offer distinct advantages, helping experts better leverage these tools in their work. Our work aims to improve AI cybersecurity evaluations, address critical gaps in evidence-based policymaking, and better equip practitioners to adapt to shifts in the offense/defense landscape.


People:
    SpeakerBio:  Justin W. Lin
No BIO available



At the World’s End: Quantum Resource Estimation

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-206 (Quantum Village)
When:  Saturday, Aug 9, 14:15 – 14:59 PDT

Creator: Quantum Village
Topics Covered:
Clear breakdown of quantum error correction in terms of what is difficult and what it does
A look at how this relates to quantum algorithms.
How do we represent quantum algorithms in a fault tolerant world to bring the two ideas together.
Then a final look at the physical requirements in terms of qubit count and error rate in terms of meeting the algorithm’s requirements.
—> This is a talk for people who are curious by the claims of when RSA will be broken.

People:
    SpeakerBio:  Jamie Friel

I am a quantum information theorist responsible for the quantum error correction research at OQC, a superconducting quantum computer start up. I did a PhD in the optimisation of quantum sensing and worked as a software engineer at a grid infrastructure company before joining OQC.

I am a lifelong amateur enthusiast of security and cryptography and am very interested in how these two worlds impact one another.




Audit This: Breaking Down Bias in the Cyber Stack

Creator Talk Map Page – LVCC West-Level 3-W322-W324 (Blacks In Cyber Village)
When:  Saturday, Aug 9, 10:00 – 11:30 PDT

Creator: Blacks In Cyber Village

Bias doesn’t just exist in algorithms—it shows up across the entire cyber stack. This panel brings together leaders from government, defense, and industry to explore how systemic bias can creep into everything from security controls and threat modeling to hiring pipelines and data governance. We’ll unpack how biases—human and machine—undermine trust, widen attack surfaces, and perpetuate inequality in cybersecurity workflows. Whether you’re building tech, shaping policy, or defending networks, this session challenges you to audit more than just code.


People:
    SpeakerBio:  Jessica Hoffman

Dynamic and influential cybersecurity leader serving as Deputy CISO for the City of Philadelphia, host of CISO Stories, and adjunct professor at Harrisburg University and Penn State. With nearly two decades of experience, she specializes in cybersecurity audit & compliance, NIST frameworks, and safeguarding sensitive data such as PII, PHI, and FTI. Highly engaged in the cyber community—as a speaker, mentor, and advocate—she champions proactive security culture, diversity, and hands-on learning at conferences and in the classroom. Outside of work, Jessica channels her creativity into photography and networking, earning recognition as a thought leader and role model in cybersecurity.

SpeakerBio:  Kaleeque Pierce

Accomplished business and technology executive with a 19‑year track record, currently serving as Business Product Manager for Enterprise Cloud Platforms at Bank of America. A CPA candidate and MBA graduate, Kaleeque blends deep financial acumen with cloud and service delivery expertise honed at institutions like Citrix, CAI, and Deloitte. Recognized for his leadership and community involvement, he actively volunteers with Charlotte’s Alliance of Black Accountants, promoting thought leadership and innovation in both technology and finance.




Auths Gone Wild: When ‘Authenticated’ Means Anyone

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Friday, Aug 8, 12:10 – 12:30 PDT

Creator: Cloud Village

“Public access – off” should mean safe, right? Not when a wildcard principal sneaks into Terraform or a quick-start template letting any logged-in account (yours, mine, or a stranger’s) access your sensitive data.

We ran a large-scale, cross-cloud hunt for this quiet misconfiguration, testing it in AWS, Azure and GCP and measuring how often it shows up in real environments. The flaw is sneaky: anonymous requests are getting blocked, yet any authenticated account can still perform actions such as list, get, or even put objects – so a quick browser check tricks you into thinking the bucket is private. Our data shows that more than 15% of cloud environments had at least one bucket publicly exposing sensitive data. As for the remaining 85%, “not public” doesn’t always mean private. Further analysis revealed that many of these supposedly restricted buckets still exposed sensitive information unintentionally, including configuration files, code, and AI models.

In this talk we’ll outline our scan approach, present the headline numbers and walk through our methodology for detecting risky buckets.


People:
    SpeakerBio:  Danielle Aminov

Danielle Aminov is a part of Wiz’s threat research team, specializing in network-based threats and threat intelligence. She develops detection strategies for large cloud environments. With over six years in offensive security within the IDF and in the cyber department of a global consulting firm, Danielle has expertise in red team operations and penetration testing.

SpeakerBio:  Yaara Shriki

Yaara Shriki is a Threat Researcher at Wiz, specializing in cloud security and network-based attacks. She explores novel ways to integrate ML and NLP into her security work. Yaara is currently pursuing an MSc in Computer Science at Tel Aviv University. She previously worked as a security researcher at Aqua Security and Checkpoint.




Autoformatting with Nix in Neovim

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Saturday, Aug 9, 10:30 – 10:59 PDT

Creator: Nix Vegas Community

I love code autoformatters, but I jump between a lot of projects, and figuring out the rules for each project is tedious. Nix and Treefmt make this a whole lot better, but don’t provide editor integrations.

I’ll talk about how I built a format-on-save Neovim plugin that Does the Right Thing. If you aren’t a Neovim user, I hope to inspire you to build a similar integration for your preferred editor.


People:
    SpeakerBio:  Jeremy Fleischman

Programmer. Speedcuber. Formerly at Arista Networks, the World Cube Association, and Honor Technology. Currently on sabbatical, spending my time leveling up my Nix skills and contributing to the community.




Autonomous System Demo

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Friday, Aug 8, 15:25 – 15:40 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

Tune in for a demonstration of a prototype autonomous system developed as a collaboration between Microsoft Research, Microsoft Defender Research, and Microsoft Discovery & Quantum.


People:
    SpeakerBio:  Mike Walker, Senior Director at Microsoft Research
No BIO available



Autonomous Video Hunter: AI Agents for Real-Time OSINT

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Friday, Aug 8, 11:35 – 12:10 PDT

Creator: Recon Village

Imagine discovering critical intelligence hidden inside live video streams faster than any human analyst could. We’ll begin with a compelling hypothetical scenario: a breaking news livestream unintentionally captures crucial clues about a missing person’s location, but overwhelmed human investigators miss the moment. Inspired by real world challenges investigators face daily, this scenario motivated us to build Autonomous Video Hunter (AVH), a system of AI powered agents that scour video content in real time to extract actionable OSINT.x000D x000D Technical core:x000D We’ll showcase how AVH combines open source AI models for image recognition and audio transcription, orchestrated by custom Python based agents. These agents autonomously analyze video streams, detect critical visuals, logos, speech keywords, and quickly cross reference these clues against online databases and OSINT repositories.x000D x000D Live demo:x000D Experience AVH live as it identifies a target logo and relevant context (e.g., social media profiles and geolocation clues) from a random video clip in mere seconds. We’ll also address practical challenges, from reducing false positives to scaling efficiently across multiple simultaneous streams.x000D x000D By the end of this lightning talk, attendees will understand how autonomous agents transform overwhelming video data into OSINT insights rapidly and effectively. We’ll also share a lightweight open source AVH tool for the OSINT community to use and build upon.


People:
    SpeakerBio:  Kevin Dela Rosa

Kevin Dela Rosa is the CTO of Cloudglue (formerly Aviary Inc), building AI video understanding platforms that transform audiovisual content into structured data for LLM and agentic retrieval use cases. With 14+ years in multimodal AI, he previously led engineering teams at Snapchat developing billion-scale visual search systems and generative AI products. His work has been featured at technical conferences including CVPR, NeurIPS, AAAI, ISMIR, AWS re:Invent, KubeCon, and cultural and entertainment venues ranging from Cannes and Art Basel to the Super Bowl and The Late Late Show. At Cloudglue, he leads research and development of technologies enabling AI systems to comprehend complex audiovisual content, focusing on creating systems that allow AI agents to see, hear, and understand the visual world at scale




AzDevRecon – Azure DevOps Enumeration Tool

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Friday, Aug 8, 12:30 – 12:59 PDT

Creator: Cloud Village

AzDevRecon is a powerful web-based enumeration tool designed for offensive security professionals, red teamers, and penetration testers targeting Azure DevOps. It streamlines the discovery of misconfigurations, exposed secrets, and security gaps by leveraging token-based authentication, including Personal Access Tokens (PAT) and Azure DevOps Access Tokens (with aud=499b84ac-1321-427f-aa17-267ca6975798). AzDevRecon automates project and repository discovery, pipeline analysis, and user permission mapping, helping security teams uncover escalation paths and hardcoded credentials. Its intuitive web-based interface simplifies complex reconnaissance, enabling faster and more effective security assessments of Azure DevOps environments. This presentation will demonstrate how AzDevRecon enhances offensive security capabilities, providing actionable insights to strengthen DevOps security postures.

Features: – Token-Based Enumeration – Extract insights using Azure DevOps Access tokens or PAT. – Project & Repository Discovery – Identify accessible projects and repositories. – Pipeline & Build Enumeration – Analyze Azure Pipelines for security flaws. – Secrets & Credential Hunting – Detect hardcoded secrets and exposed tokens. – User & Permission Analysis – Map roles, permissions, and escalation paths. – Web-Based UI – Easy-to-use interface for efficient enumeration.


People:
    SpeakerBio:  Trouble1

Raunak Parmar works as a senior cloud security engineer at White Knight Labs. His areas of interest include web penetration testing, Azure/AWS security, source code review, scripting, and development. He has 4+ years of experience in information security. He enjoys researching new attack methodologies and creating open-source tools that can be used during cloud red team activities. He has worked extensively on Azure and AWS and is the author of Vajra, an offensive cloud security tool. He has spoken at multiple respected security conferences like Black Hat, Defcon RTV, MCTTP, HackSpaceCon, RootCon, and also at local meetups.




Back to Basics: Building Resilient Cyber Defenses

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Friday, Aug 8, 12:30 – 12:59 PDT

Creator: Crypto Privacy Village

In spite of novel cybersecurity threats, digital security advice has remained largely unchanged in recent years. In fact, much of the viral advice in response to high-profile attacks or threats doesn’t actually address the risks people are most likely to face. In this talk, we’ll analyze high-profile digital privacy and security concerns, whether the viral advice to address said concerns is effective and practical, and what steps could be taken—both before and after an issue arises.


People:
    SpeakerBio:  Yael Grauer, Program Manager of Cybersecurity Research at Consumer Reports

Yael Grauer is a program manager of cybersecurity research at Consumer Reports. She also does freelance investigative tech reporting, maintains the Big Ass Data Broker Opt-Out List, and is a proud member of the Lockdown Systems Collective.




Badgelife Panel: Lessons from Years of Do’s, Don’ts, and Last-Minute Saves

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Saturday, Aug 9, 15:45 – 16:45 PDT

Creator: Badgelife Community

Behind every blinking LED and clever CTF is a mountain of caffeine, chaos, and carefully disguised panic. In this panel, veteran badge creators share their hard-earned lessons from years in the trenches of Badgelife – what worked, what absolutely didn’t, and what miraculously came together 12 hours before con opened. From catastrophic PCB errors and customs nightmares to soldering in hotel bathtubs, and shipping hacks that would make a logistics manager cry – we’ll break down the real behind-the-scenes stories that never make it to the badge booth. Whether you’re a first-time builder or a seasoned badge nerd, this is your survival guide (and therapy session) in one.

Links:
    hackerware.io/badgelife-lessons – https://hackerware.io/badgelife-lessons

People:
    SpeakerBio:  Abhinav Pandagale, Founder at Hackerware.io

Abhinav’s artistry comes from the times he used to sneakily paint drawings made by his sister. His hacking career began as a toddler, disassembling his toys but never put them back together. His entrepreneurial roots come from selling snacks at a school fair and making a loss of . Having learned how not to make money, he launched Hackerware.io – a boutique badgelife lab with in-house manufacturing – which has grown over the past nine years into a global presence across 19 countries. He’s often spotted at conferences around the world – hosting hardware villages or pulling off the kind of random shenanigans that earned him the Sin CON Person of the Year 2025 award.

SpeakerBio:  MakeItHackin, Badge Maker

MakeItHackin graduated with a physics degree and served in the Army before diving into electronics in 2016, the same year as his first DEF CON! He joined the badge-making scene at DEF CON 29, fueling a passion for reverse-engineering. With a love for tearing apart tech, he tinkers as a hobbyist, and has previously spoken at Physical Security Village, HOPE Conference, and Hackaday Supercon.

SpeakerBio:  Bradán Lane, Bradán Lane Studios

Bradán graduated third grade with a degree in crayon. This, combined with his unwavering belief in “how difficult could it be”, has made him eminently qualified to wash dishes. His background in UX Designer & User Research and as a purveyor of personas demonstrates his profound talent for making stuff up with confidence. Bradán pre-dates the internet and ARPANET.




BadVR: Signals Everywhere a collaboration with XR Village

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C206 (OWASP Community)
When:  Saturday, Aug 9, 11:00 – 17:59 PDT
Friday, Aug 8, 10:00 – 17:59 PDT

Creator: OWASP Community

BadVR Data Exploration through VR visualization. See RF signals, cellular signals and step into the data with a hands-on VR experience


People:
    SpeakerBio:  Suzanne Borders, CEO + Founder at BadVR

Suzanne Borders, CEO + Founder, BadVR, Inc. Suzanne studied psychology at University of Missouri, Kansas City and previously worked as Lead UX/Product Designer for over 9 years at companies such as Remine (raised $48M) and CREXi (raised $54M) where she specialized in designing intuitive, high-performant data analytic interfaces. In 2019, Suzanne founded BadVR and was awarded a “Rising Stars” innovation award from IEEE. To date, she’s raised over $4M in non-dilutive funding for BadVR, via grants from the National Science Foundation, NOAA, Magic Leap, Qualcomm, and more. Suzanne has grown the company from 2 to 25 people and was awarded 4 patents for innovations she created while leading the BadVR team. Over the past 5 years, Suzanne emerged as a thought-leader in the immersive data visualization and analytics space. She has been a keynote speaker at over 25 national and international conferences. In her spare time, Suzanne travels for inspiration (81 countries and counting) and is proud to be a published author and former punk.  Suzanne thrives at the intersection of product design, immersive technology, and data; she’s a believer in the artistry of technology and the technicality of art and remains passionately dedicated to democratizing access to data through universally accessible products. 

SpeakerBio:  Jad Meouchy, CTO + Co-Founder at BadVR

Jad Meouchy, CTO + Co-Founder, BadVR, Inc. Jad, originally from northern Virginia, holds dual B.S. degrees in Computer Engineering and Psychology from Virginia Tech, and is a graduate of the Thomas Jefferson High School for Science and Technology. While in college, he engineered and built the data visualization components of an emergency response simulation that went on to receive 2M in public grant funding. Over his 15-year career, Jad has founded five startups and successfully exited three. His professional expertise is in software architecture and development, specifically big data analytics and visualization, and virtual and augmented reality development. Based in Los Angeles since 2010, Jad promotes the community by organizing developer meetups and events, and volunteering time for STEM initiatives.




Banxhil y la autopsia a un RAT modular en Java (ESP)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Friday, Aug 8, 16:00 – 16:30 PDT

Creator: La Villa

Bandxhil es una amenaza sofisticada que ha operado bajo el radar en Latinoamérica desde al menos 2016, especializándose en el robo de información confidencial y el control remoto de sistemas comprometidos. Este actor destaca por su Remote Access Trojan (RAT) modular desarrollado en Java, el cual está diseñado para evadir detección y adaptarse a múltiples sistemas operativos, incluidos Windows, Linux y macOS.x000D Durante esta charla, exploraremos la cadena completa de infección de Bandxhil, iniciando con su acceso inicial mediante campañas de phishing. Estos correos imitan facturas legítimas y redirigen a las víctimas hacia plataformas como OneDrive, donde se descarga un script Visual Basic altamente ofuscado. Este script despliega el payload principal, un archivo JAR modular que sirve como base de la operación de este actor.x000D A lo largo de la sesión, desglosaremos sus técnicas clave, incluyendo:x000D • Uso de LOLBins para ejecución.x000D • Ofuscación y cifrado de variables AES, Blowfish y XOR y combinado con codificación Base64.x000D • Keylogging, captura de pantalla y grabación de audio/video para la recopilación de datos.x000D • Comunicación con servidores C&C vía sockets TCP y tráfico cifrado, diseñado para evitar detección.x000D • Compilación dinámica de módulos maliciosos x000D Para cerrar, se compartirán lecciones aprendidas y estrategias de detección basadas en el framework MITRE ATT&CK y el Modelo Diamante, junto con reglas YARA y estrategias prácticas para su mitigación en entornos corporativos.x000D


People:
    SpeakerBio:  Armando Aguilar, Cyber Threat Analyst at Financial Institution

Armando Aguilar es un analista de inteligencia de ciberamenazas con más de 7 años de experiencia en la identificación, análisis y mitigación de amenazas que se encuentran afectado a México y Latinoamérica. Actualmente, es miembro del equipo de Threat Intelligence en una institución financiera mexicana_x000D_ x000D A lo largo de su trayectoria profesional, Armando se ha desempeñado como analista de Inteligencia de Ciberamenazas, especializándose en el análisis de malware, traza de campañas y creación de perfilamientos de amenazas (Threat Profile). Cuenta con amplia experiencia en OSINT Assessment, análisis de técnicas estructuradas y pruebas de penetración.x000D x000D Armando es egresado de la carrera Ingeniería en Computación de la Facultad de Estudios Superiores Aragón, donde inició su formación en Ciberseguridad en el Laboratorio de Seguridad Informática. Continuó su preparación en los Diplomados de Tecnologías de la Información y Seguridad Informática; y ha recibido capacitaciones por parte de la UNAM sobre temas de Computo Forense, Respuesta a Incidentes, Auditoria de Seguridad Informática y Pruebas de Penetración. Actualmente, cuenta con las certificaciones del Cyber Threat Intelligence (GCTI) y Certified Forensic Analyst (GCFA) emitidas por el GIAC, Certification Threat Intelligence Analyst (CTIA) y Certified Ethical Hacker (CEH) emitida por EC-Council y Certification Malware Analysis Professional emitida por Elearnsecurity.




Bare Metal Reverse Engineering

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Sunday, Aug 10, 11:30 – 11:59 PDT

Creator: Biohacking Village

This talk presents a practical methodology for reverse engineering real-time embedded firmware built on ARM Cortex platforms. Using Ghidra as the primary analysis environment to facilitate collaboration. We will demonstrate how to reconstruct the core layers of an embedded system to gain deep insight into its operation. The Board Support Package (BSP) is mapped using the SVD loader plugin to associate memory-mapped registers with hardware peripherals. The Hardware Abstraction Layer (HAL) is analyzed through custom type recovery and function pattern matching to identify initialization routines and peripheral control logic. At the RTOS level, we apply Ghidra’s BSim plugin to detect task creation, scheduler logic, and inter-process communication constructs used in FreeRTOS and similar kernels. The session equips attendees with a structured approach to reversing embedded C/C++ applications, even when symbols are stripped and source code is unavailable. The goal is to enable firmware analysts, security researchers, and engineers to confidently dissect the layered architecture of constrained, real-time embedded systems.


People:
    SpeakerBio:  SolaSec

Caleb Davis is a founding member of SolaSec, a cybersecurity consulting firm specializing in advanced penetration testing for embedded and connected systems. Based in Dallas/Fort Worth, he holds a degree in Electrical Engineering from the University of Texas at Tyler and is a patent-holding expert with vast experience in hardware and firmware security. Caleb leads deep technical assessments across a range of high-impact industries, including medical devices, automotive, industrial control systems, ATMs and financial terminals, aerospace components, and consumer electronics. His work focuses on secure design, trusted boot processes, cryptographic implementations, and threat modeling, helping organizations integrate security throughout the development lifecycle and align with industry and regulatory standards.




Behind the Badge: How We Used and Abused Hardware (again) to Create the AV Badge for DC33

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Sunday, Aug 10, 10:00 – 10:59 PDT

Creator: Aerospace Village

After DC32, we had one question for ourselves: How could we possibly build upon the work done with last year’s ADS-B badge? Building upon the work we talked about at 38C3, the badge became a mixture of ideas. We wanted new functions extend the badge, but also be accessible for everyone. That set our direction for this year: a radio SAO that would have multiple levels of connectivity. Join us for a behind-the-scenes look as we walk through how we were able to (ab)use hardware to receive out of band signals, creating a custom signal processing chain, and create an SAO that can be integrated into your own badge. Now that you’ve got your hands on this year’s Aerospace Village badge, join Adam and Robert as they discuss the challenges and successes the team faced while building this year’s village badge.


People:
    SpeakerBio:  Adam Batori, Rare Circuits
No BIO available
SpeakerBio:  Robert Pafford, Rare Circuits
No BIO available



Behind The Dashboard – (Lack Of) Automotive Privacy

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Friday, Aug 8, 12:00 – 12:59 PDT

Creator: Crypto Privacy Village

We usually view the world of cybersecurity through the lens of a malicious attacker versus a legitimate actor within a given system. This approach fails when considering the world of data privacy where there are three actors in play: the possibly-benevolent vendor, the legitimate user and the inevitable malicious actor. Using this privacy-focused lens, we survey the current regulatory landscape before turning our attention to how privacy is (not) applied to the automotive world.

Our talk focuses on the unique privacy risks the automotive industry is facing with the advent of smart, connected, cars. We present a real-world case study showing how quickly and thoroughly a bad actor could invade the privacy of a car owner, based on a privacy leak vulnerability designated CVE-2025-26313 (reserved).


People:
    SpeakerBio:  Lior ZL, Security Researcher at PlaxidityX Threat Research Labs

Lior is a security researcher in the PlaxidityX Threat Research Labs. Lior is part of a team of security researchers and data scientists who focus on innovation in the cybersecurity world, both from an offensive and a defensive perspective. Lior’s past experience is in enterprise cybersecurity and systems development. Lior holds an M.Sc in Computer Science.

SpeakerBio:  Jacob Avidar, VP R&D and CISO at PlaxidityX

Jacob Avidar is the VP R&D and CISO of PlaxidityX (formerly Argus). Jacob founded the Threat Research Labs team that focuses on exploring high-risk vulnerabilities through cyber attacks in the Automotive industry. Exposing these risks allow OEMs and Tier-1 vendors to deal with violations and thus protect cars and people’s lives from cyber attacks.




Better AppSec through better DevEx

Creator Talk Page – Online
When:  Saturday, Aug 9, 13:00 – 13:59 PDT

Creator: DEF CON Groups VR (DCGVR)

Good developer experience and cyber security, almost sounds like oxymorons together. But, is it really? How can we make both better, together?

We will explore how we can both improve our developer experience and application security together. How application security and the developer experience overlap, and practical steps that we’ve observed to have outsized impact on improving both AppSec and DevEx together, that you can take back to your teams and start doing today.

Note: DCGVR Talks are scheduled 1 hour slots, but the actual presentations can be as short as 30 minutes. Please arrive at the start of the hour.


People:
    SpeakerBio:  Dan Ting

Dan is an AppSec specialist, and has over a decade of experience in IT and cybersecurity, covering a broad range of specialist technical and leadership roles. Prior to roles, these include roles such as Head of Product, Human-centred Designer, Solutions Architect, Project Manager, Systems Administrator, an AppSec and Product Security educator, a senior security architect, a penetration tester and a data science researcher.

Today, hey leverage their diverse experiences to sherpa and help all roles in engineering teams build safer, more trustworthy, and secure products balancing business, experience, and technical needs. Their contributions to industry include presentation at various security conferences including DCG VR, BSides Melbourne, BSides Brisbane, and Christchurch Hacker Conference, on various security topics and a contributing author to an O’Reilly book on Application Security. But, they are just a nerd learning and sharing knowledge to make our community a safer place.




Beyond Assistants: Securing Agentic AI Systems and Multi-Agent Workflows in High-Stakes Environments

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Friday, Aug 8, 10:15 – 10:59 PDT

Creator: OWASP Community

AI systems are evolving from copilots to autonomous, multi-agent architectures, expanding the attack surface across tool execution, persistent memory, and inter-agent communication. This hands-on session extends copilot security methods to agentic ecosystems, covering threat modeling for multi-agent pipelines, supply-chain defenses, safeguarding sensitive workflows, and prompt injection at scale. Through real-world case studies—independent and integrated assistant deployments—you’ll learn to implement policy-as-code guardrails, fine-grained access controls, and red-team strategies for agent behavior. Whether you’re securing or penetrating AI workflows, you’ll leave equipped with actionable patterns to defend and harden end-to-end autonomous systems without stifling innovation.


People:
    SpeakerBio:  Jeremiah Edwards, Head of Sage AI at Sage

Jeremiah is the Head of the AI business unit at Sage, and focuses on delivering world class AI for Finance, Accounting, and Business Operations. He leads the expert team which has invented and deployed over 16 AI services in 8 global products, making 20 million AI predictions daily. Before joining Sage, he founded and led data science and machine learning teams at Covid Act Now, FLYR Labs, Squelch, Apteligent (VMware), and Orange Labs. His interests include data privacy, ethical AI, and building AI systems that help people in their daily lives and jobs. He holds degrees in mathematics from MIT and Pierre and Marie Curie University. When not working on machine learning and AI, he can be found trail running, climbing rocks, and doing math.

SpeakerBio:  Andra Lezza, Principal Application Security Specialist at Sage

Andra is a Principal Application Security Specialist at Sage, with over seven years of experience in the field of application security. She is responsible for implementing DevSecOps practices, conducting security assessments, and developing secure coding guidelines for software engineering and AI/ML teams. She has a strong background in software development and project management, as well as a master’s degree in information and computer sciences. She has been co-leading the OWASP London Chapter since 2019, where she organises and delivers events and workshops on various security topics. She is passionate about educating and empowering developers and stakeholders to build and deliver secure software and best practices in a fast-paced, results-driven environment.




Beyond CTFs: Evaluating AI Cyber capabilities in Real-World Environments

Creator Talk Map Page – LVCC West-Level 3-W314-W316 (AI Village)
When:  Saturday, Aug 9, 11:00 – 11:59 PDT

Creator: AI Village

People:
    SpeakerBio:  Philippos Giavridis, UK AI Security Institute
No BIO available
SpeakerBio:  Daisy Newbold-Harrop, UK AI Security Institute
No BIO available



Beyond the Stack: How External Failures Impact Payments Security

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-505 (Payment Village)
When:  Saturday, Aug 9, 15:00 – 15:30 PDT

Creator: Payment Village

Payments infrastructure is often built with strong security and reliability guarantees but those guarantees can be undermined by failures in the systems it depends on. In this talk, we examine postmortems from real-world outages where the core payments systems remained robust, yet external or supporting infrastructure such as DNS, authentication services, cloud dependencies, or third-party integrations introduced vulnerabilities during periods of instability


People:
    SpeakerBio:  Tapan Khilnani

Tapan is an engineering manager with deep experience in building and scaling payment systems. With a background that spans global enterprises and early-stage startups, he brings a well-rounded perspective to technical and organizational challenges. He holds an engineering master’s degree, which grounds his practical work in strong technical foundations




Beyond Vibe Coding: Building Reliable AI AppSec Tools

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Saturday, Aug 9, 10:00 – 10:30 PDT

Creator: AppSec Village

As organizations explore AI automation for AppSec, ensuring reliable and trustworthy output becomes critical. This talk examines practical challenges in building AI systems that can consistently interpret security requirements, process engineering documentation, and produce high quality threat models and code scanning results.

We’ll explore technical approaches to prevent hallucinations, handle conflicting documentation, normalize AI outputs, and validate assessments against established policies. Drawing from real-world implementation experience, we’ll share key patterns for building robust security automation systems that maintain high accuracy while scaling across engineering organizations.


People:
    SpeakerBio:  Emily Choi-Greene

Emily has been securing AI systems since 2018. She oversaw application security for Amazon’s Alexa AI organization and owned data security and privacy at Moveworks (an enterprise AI assistant). She’s now the CEO and co-founder of Clearly AI, a YC-backed startup automating security and privacy reviews.




Beyond Watermarks: What Security’s Past Can Teach Us About Sythetic Content’s Future

Creator Talk Map Page – LVCC West-Level 3-W314-W316 (AI Village)
When:  Saturday, Aug 9, 14:30 – 14:59 PDT

Creator: AI Village

The challenges of synthetic content identification echo many of those faced in information security. This talk explores the lessons we’ve learned from moving past single-point solutions and embracing a multi-factor, probabilistic approach. We will draw parallels between classic security challenges and the new frontier of content provenance, demonstrating that while signals like watermarks are valuable, a more comprehensive, layered strategy is essential for building a resilient framework to identify AI-generated and manipulated content.


People:
    SpeakerBio:  Emanuel Gawrieh, R&D Labs Lead at AI Village Senior Security Engineer at Google
No BIO available



Bio-Cryptography is the Game-Genie in a post quantum dystopia

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Friday, Aug 8, 16:00 – 16:30 PDT

Creator: Biohacking Village

Defcon 32 we discussed how to transfect DNA using a lighter in the privacy of your home, Defcon 33 we want to bring the next phase which is BioCypher. BioCypher is a tool that will help with plasmid design to embed cryptographic messages. As quantum computing threatens traditional encryption, it’s time to ditch silicon and embrace self-assembling biomolecular firewalls. DNA Origami Cryptography (DOC) uses viral scaffolds to create nanometer-scale encryption keys over 700 bits long—strong enough to give Shor’s algorithm an existential crisis. Beyond brute-force resistance, DOC enables protein-binding steganography and multi-part message integrity, allowing encrypted communication through braille-like molecular folds. Whether securing classified data or encoding musical notes into microscopic strands, DOC offers a biological alternative to post-quantum doom. In this talk, we’ll explore how molecular self-assembly is turning DNA into the hacker-proof cipher of the future, now introducing Biocypher! The rough demo awaits for all to use the tool and think about a bio-crypto-future!


People:
    SpeakerBio:  James Utley, PhD

Dr. James Utley, PhD, is a Johns Hopkins-trained Immunohematology expert, CABP, and AI/data science leader. As Technical Director, he led 150K+ cellular transfusions, advancing DoD and FDA-approved therapies. A bold biohacker, he pioneers CRISPR/genetic engineering, earning the moniker “the pirate.”




BIPOC of Queercon

Creator Talk Map Page – LVCC West-Level 3-W325 (Queercon Community)
When:  Friday, Aug 8, 15:00 – 15:30 PDT

Creator: Queercon Community Lounge

Bringing together diverse cultures and queer voices for an afternoon of connection. Come support our vibrant community!




Biting into the forbidden fruit: how the EU’s Digital Markets Act breaks open walled gardens

Creator Talk Map Page – LVCC West-Level 2-W234 (Policy @ DEF CON)
When:  Friday, Aug 8, 11:00 – 11:45 PDT

Creator: Policy @ DEF CON

The Digital Markets Act (DMA) is a landmark European law which aims to make digital markets fairer and open. The DMA regulates the behaviour of “gatekeepers”: large digital players whose closed platforms may limit innovation and choice for users. The DMA sets out “do’s and don’ts”, such as enabling interoperability, allowing alternative services (e.g. browsers or app stores), and treating third parties on equal footing.

In this presentation, you get to hear first-hand from the DMA enforcers about their experience, focusing on the first-ever enforcement action taken under the DMA. In March 2025, the European Commission spelled out how Apple must make iOS and iPadOS work seamlessly with third-party products and services, in particular connected devices such as smartwatches and headphones. We provide insights into how we delivered this concrete change, how the security community played a useful role, and what the benefits will be for developers and users.

We give a perspective on how the DMA preserves system integrity, security and user privacy when introducing interoperability to a previously closed platform. We also give a broader outlook on what other benefits businesses and end users can expect from the DMA, especially in terms of giving users full control and choice over their devices and data.


People:
    SpeakerBio:  Victor Le Pochat, DMA Enforcement Team at European Commission

Victor Le Pochat works in the enforcement team for the Digital Markets Act at the European Commission (DG Connect). Prior to the Commission, he was a postdoctoral researcher working on monitoring the security and privacy of large web ecosystems. He previously presented his work at Black Hat, FOSDEM, and various academic cybersecurity conferences. Victor speaks in a personal capacity and does not speak on behalf of the European Commission.




Blind Trailer Shouting (Car Hacker’s Version)

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Sunday, Aug 10, 10:00 – 10:59 PDT

Creator: Car Hacking Village

You all know that PLC4TRUCKS is unintentionally accessible wirelessly (CVEs 2020-14514 and 2022-26131). In this talk we will dig into the details of the new CVE-2024-12054 and some other results on the ECU investigated. This talk is tailored to those with an automotive cybersecurity background. We found ECUs running the KWP2000 diagnostic protocol on PLC4TRUCKS, supposedly secured with their fancy seed-key exchange. But guess what? Those seeds are way more predictable than they should be. A bit of timing trickery, a classic reset attack, and boom – we’re in, no peeking at the ECU’s responses needed. Blind, non-contact attacks on PLC4TRUCKS? Yep, we found a way. Turns out wireless unauthorized diagnostics access isn’t just limited to older equipment. These newer trailer brake controllers’ diagnostic functions can be abused too. This situation highlights the need for future tractors to deploy mitigations that protect the trailer from wireless attacks because they are all reachable and even the new ones are vulnerable.


People:
    SpeakerBio:  Ben Gardiner

Ben is a Senior Cybersecurity Research Engineer at the National Motor Freight Traffic Association, Inc. (NMFTA)™ specializing in hardware and low-level software security. He has held security assurance and reversing roles at a global corporation, as well as worked in embedded software and systems engineering roles at several organizations.

Ben has conducted workshops and presentations at numerous cybersecurity events globally, including the CyberTruck Challenge, GENIVI security sessions, Hack in Paris, HackFest, escar USA and DEF CON.

Ben holds a M.Sc. Eng. in Applied Math & Stats from Queen’s University. In addition to speaking on the main stage at DEF CON, Ben is a volunteer at the DEF CON Hardware Hacking Village (DC HHV) and Car Hacking Village (CHV). He is GIAC GPEN and GICSP certified, chair of the SAE TEVEES18A1 Cybersecurity Assurance Testing TF (published J3322), a contributor to several American Trucking Associations (ATA) Technology & Maintenance Council (TMC) task forces, ISO WG11 committees, and a voting member of the SAE Vehicle Electronic Systems Security Committee.




Blue Team Careers: Battle the Job Market and Get Hired (A BTV Interactive Panel)

Creator Talk Map Page – LVCC West-Level 2-W213-W218-(Blue Team Village) W214-W215
When:  Sunday, Aug 10, 10:00 – 11:30 PDT

Creator: Blue Team Village (BTV)

This year has posed greater challenges for job seekers, with many highly skilled Blue Teamers faced with layoffs and greater competition for fewer jobs. This panel will consist of leaders and practitioners from multiple areas of the cybersecurity field, sharing their journeys and perspectives on hiring in the industry. They’ll answer your questions on handling the job search, perspectives on hiring in a difficult job market, and advice on how to advance your career and skill up technically.


People:
    SpeakerBio:  Kirsten Sireci Renner

Best known in the community for directing BSLV HireGround & BSidesCharm Hiring Village, Kirsten also co-founded Car Hacking Village in 2015. After a decade helping run it, she left and joined ICS Village and can be found at many conferences and events throughout the year speaking and volunteering. She settled into technical recruiting after working on helpdesks over twenty years ago. She is currently serving as the VP of Talent at SilverEdge and is always open to helping those who reach out – especially transitioning service members and veterans!

SpeakerBio:  Russell Mosley




Blue Team Village Closing Remarks

Creator Talk Map Page – LVCC West-Level 2-W213-W218-(Blue Team Village) W216-W218
When:  Sunday, Aug 10, 12:00 – 12:50 PDT

Creator: Blue Team Village (BTV)

Join BTV staff as we share this year’s highlights, puzzle and Capture the Flag events stats and winners, and shout our amazing volunteers, staff, sponsors, and of course attendees. Say goodbye for now, and snag any leftover swag!


People:
    SpeakerBio:  BTV Directors
No BIO available



Blue Team Village Robs a Bank

Creator Talk Map Page – LVCC West-Level 2-W213-W218 (Blue Team Village) W213
When:  Saturday, Aug 9, 14:00 – 14:59 PDT

Creator: Blue Team Village (BTV)

And here’s how they got away with it? Or, and here’s how they got caught? The choice is yours as you join the interactive experience. Choose a team (or be assigned one!) and plot your attack or defence. Part role-playing game, part threat model, and part chaos, the attack unfurls: The attackers try desperately to get out with the cash, the bank tries to stop them, and the police pull together what little clues they have to go on. Can you get away with it? Or will you be spending your life behind bars?


People:
    SpeakerBio:  Katie “InsiderPhD” Paxton-Fear, Principal Security Researcher at Traceable by Harness

Dr Katie Paxton-Fear is an API security expert and a Security Advocate at Semgrep, in her words: she used to make applications and now she breaks them. A former API developer turned API hacker. She has found vulnerabilities in organizations ranging from the Department of Defense to Verizon, with simple API vulnerabilities. Dr Katie has been a featured expert in the Wall Street Journal, BBC News, ZDNet, The Daily Swig and more. As she shares some of the easy way hackers can exploit APIs and how they get away without a security alert! Dr Katie regularly delivers security training, security research, to some of the largest brands worldwide. She combines easy-to-understand explanations with key technical details that turn security into something everyone can get.




Blurred Lines of Cyber Threat Attribution: The Evolving Tactics of North Korean Cyber Threat Actors

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Saturday, Aug 9, 14:00 – 14:30 PDT

Creator: Adversary Village

Attributing cyber threats to a specific nation-state remains one of the most complex challenges in cybersecurity. Cyber attribution relies on analyzing digital artifacts, infrastructure patterns, and adversary tactics, none of which provide definitive proof on their own. Threat actors continuously evolve, adopting new methodologies and obfuscation techniques that make attribution increasingly difficult. Over the past decade, North Korea’s cyber operations have transformed from rudimentary attacks into highly sophisticated campaigns that rival the capabilities of established cyber powers. Initially, DPRK’s cyber program consisted of loosely organized groups with limited technical capacity, but today, these actors operate under a structured, state-controlled framework with clear strategic objectives. This research presents an in-depth analysis of how DPRK threat actors have adapted, restructured, and collaborated, shedding light on the complexities of nation-state attribution.


People:
    SpeakerBio:  Seongsu Park, APT Research team, Staff Threat Researcher at Zscaler

Seongsu Park(@unpacker) is a passionate researcher on malware research, threat intelligence, and incident response with over a decade of experience in cybersecurity. He has extensive experience in malware researching, evolving attack vectors researching, and threat intelligence with a heavy focus on response to high-skilled North Korea threat actors.

Now he is working in the Zscaler APT Research team as a Staff Threat Researcher and focuses on analyzing and tracking security threats in the APAC region.




Boarding the VSAT: Real-World Exploits, Testbed Validation, and Policy Gaps in Maritime Connectivity

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Saturday, Aug 9, 12:30 – 12:59 PDT

Creator: Maritime Hacking Village

Despite their widespread use in maritime and remote communication environments, VSAT systems have not received sufficient attention regarding their security vulnerabilities. Recent incidents, such as the Lab Dookhtegan hacker group’s attack on Iranian ship networks and the demonstration of firmware reverse engineering and remote root exploitation targeting VSAT modems (e.g., Newtec MDM2200) at DEFCON, highlight the critical security challenges associated with VSAT systems. Against this backdrop, our research team presents a detailed overview of our ongoing research since 2023, encompassing the collection and re-hosting of VSAT firmware, as well as systematic vulnerability analysis through the ACU web interface. Specifically, we provide an in-depth analysis and demonstration of recently discovered VSAT ACU web vulnerabilities (CVE-2023-44852 ~ CVE-2023-44857). Additionally, we describe the application of experimental testbed environments based on the methodology proposed in the paper “Securing Maritime Autonomous Surface Ships: Cyber Threat Scenarios and Testbed Validation.” This research aims to thoroughly analyze the security vulnerabilities and attack potentials inherent in VSAT systems, emphasizing the importance of strengthening maritime cyber security and fostering international collaboration, while providing practical recommendations for policy and technological enhancements.


People:
    SpeakerBio:  Juwon Cho, Yonsei University

Juwon Cho is currently pursuing a Master’s degree in Information Security at Yonsei University, where his research focuses on AI security, particularly jailbreak attacks on large language models. He is actively exploring methods to evaluate and strengthen the robustness of generative AI through adversarial prompting and system-level analysis. He was selected as one of the Top 30 participants in the 12th Best of Best program at KITRI, completing intensive training in security strategy and product development. He also received the Excellent Award at the Chungcheong Cybersecurity Conference in September 2023 for his team’s work on scenario-based analysis of cyber threats in critical infrastructure.




Braving the Storm-2372: The Tempest Decoded

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Sunday, Aug 10, 10:00 – 10:59 PDT

Creator: Cloud Village

Storm-2372 (Feb’25) has been virtually ignored, even though Russian threat actors demonstrated in-the-wild exploits using OAuth Device Code Phishing (Syynimaa, Oct’20) and PRT/device registration abuse (Moller, Oct’23) that fundamentally puts all Entra customers at risk via its abuse of OAuth, the device registration service, SSO and compromise of the Primary Refresh Token.

This talk starts with Moller’s original research and compares the API calls and logging for valid device registration flows against the original and other expected attack variants including non-device code OAuth, non-phishing attacks, and endpoint compromise.

We’ll then look at additional implications of the attack, look at on-the-wire payloads, then focus on the challenge of effective detection by going through published best practices with detecting off of Entra sign-in logs, what may or may not be blocked by conditional access policies, where continuous access evaluation helps or not, and what is detected by Sentinel and Cloud Defender.

We will demo the attack, show API payloads, confuse ourselves with logs, using native Microsoft functionality and try to answer what can and can’t be done effectively against this attack. Along the way we’ll rant about what makes detection (and prevention) so difficult based on the design of Entra, its logs, and native tooling.


People:
    SpeakerBio:  Jenko Hwong, WideField Security

Jenko Hwong heads threat research at WideField Security, focusing on identity-based attacks and abuse. Prior, he spent 5 years at Netskope Threat Research Labs and has spent 20 years in engineering and product roles at various security startups in vulnerability scanning, AV/AS, pen-testing/exploits, L3/4 appliances, threat intel, and Windows security.




Brazil’s aPIXcalypse – How real time payments turned Brazilian threat scenario into a nightmare

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-505 (Payment Village)
When:  Saturday, Aug 9, 16:30 – 17:30 PDT

Creator: Payment Village

Back in 2020 the Brazilian Central Bank launched PIX, a real time wire transfer and payment protocol that has been adopted by the Brazilian population, and nowadays PIX represents the most used payment method in the country. However, local cybercriminals quickly adapted and leveraged PIX for malicious activity. Since then, criminal activity in Brazil has ramped, from kidnapping, stealing of mobile phones, to money laundering “on steroids” and targeted banking trojans. Instant wire transfers made fraudulent transactions run faster than the speed of light, and were almost impossible to stop and to recover the stolen funds. A criminals’ paradise. In this presentation we will discuss the fraud schemes that were fueled by PIX and the ones that emerged since then, haunting the local population.


People:
    SpeakerBio:  Anchises Moraes, Cyber Threat intel Lead at APURA Cyber Intelligence SA

Lord Anchises Moraes Brazilborn of the house Hacker, First of His Name, Born in Computer Science, Cybersecurity Work-aholic, Lead of Threat Intel Realm, founder of Security BSides São Paulo, Supreme Chancellor of Garoa Hacker Clube, He for She volunteer at WOMCY (LATAM Women in Cybersecurity), Mente Binária NGO Counselor, Security Specialist and Protector of the Cyber Space realm.




Break Systems, Not Promises: I promised to do a keynote at DEF CON

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Friday, Aug 8, 10:00 – 10:30 PDT

Creator: Malware Village

This is the story of how Malware Village, Malmons aka Malware Monsters, and everything good that followed came into existence — all sparked by the Big BAN. In early 2024, after standing up for others, I was banned and ostracized from the local cybersecurity communities in my home country. At the time, I had never spoken at a conference outside that community — I hadn’t even attended DEF CON as an attendee. At first, it felt like the end of everything, because that local community meant the world to me back then. But then I stopped and asked myself:

“Why not create my own world — one filled with light?”
 “I shall shine bright to light the way, even in the darkest night.” The best revenge is to shine bright and live your best life. Now, let there be light — in the world of bits and bytes.


People:
    SpeakerBio:  Lena “LambdaMamba” Yu, CEO at World Cyber Health
No BIO available



Breaking In: Real Paths Into Cybersecurity from Hackers, Humans, and Hiring Pros

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Saturday, Aug 9, 17:00 – 17:59 PDT

Creator: Noob Community

Trying to break into cybersecurity? Forget the hype. This panel cuts through the noise to show you what actually works: what roles are out there, what skills and certs are worth your time, how to build a real resume, and how to find your people in the community. We’ll talk job hunting, self-study, mentorship, influencers (the good and the grifty), and how to avoid wasting time and money. Ends with an open Q&A. No gatekeeping. No fluff.


People:
    SpeakerBio:  Rosie “Lady Cyber Rosie” Anderson, Organiser at Manchester2600

Rosie Anderson is Head of Strategic Solutions for th4ts3cur1ty.company AKA Magical Genie Person. Having previously spent two decades talking to businesses to solve their hiring challenges, and helping people to break into cyber security as a recruiter, Rosie now uses those skills to help businesses solve their cybersecurity challenges. Rosie also founded BSides Lancashire, is a Director of BSides Leeds and restarted the Manchester 2600 Hacker Community, the only 2600 to be run by two women in its 40 year history. She was awarded Most Inspiring Woman in Cyber Security for 2024 and Cyber Newcomer for 2025.

Rosie has been a mentor for Capslock a cyber training programme for over two years, and is also part of the Ethical Council for Hacking Games. Giving back is important to her, and she loves the pay-it-forward mentality.

SpeakerBio:  Tib3rius, Cybersecurity Content Creator

Tib3rius is a professional penetration tester who specializes in web application hacking, though his background also includes network penetration testing. He is OSCP certified, and likes developing new tools for penetration testing, mostly in Python. He helps run an OSCP prep discord server, and enjoys passing on his knowledge to students who have a passion for information security.

SpeakerBio:  Jayson E. Street, Chief Adversarial Officer at Secure Yeti

Jayson E. Street referred to in the past as: a “notorious hacker” by FOX25 Boston, “World Class Hacker” by National Geographic Breakthrough Series, and described as a “paunchy hacker” by Rolling Stone Magazine. He however prefers if people refer to him simply as a Hacker, Helper & Human.

He is the Chief Adversarial Officer at Secure Yeti and the author of the “Dissecting the hack: Series” (which is currently required reading at 5 colleges in 3 countries that he knows of). Jayson is also the DEF CON Groups Global Ambassador. He’s spoken at DEF CON, DEF CON China, GRRCon, SAINTCON & at several other CONs & colleges on a variety of Information Security subjects. He was also a guest lecturer for the Beijing Institute of Technology for 10 years.

He loves to explore the world & networks as much as he can. He has successfully robbed banks, hotels, government facilities, Biochemical companies, etc. on five continents (Only successfully robbing the wrong bank in Lebanon once, all others he was supposed to)!

He is a highly carbonated speaker who has partaken of Pizza from Bulgaria to Brazil & China to The Canary Islands. He does not expect anybody to still be reading this far, but if they are please note he was proud to be chosen as one of Time’s persons of the year for 2006.




Breaking Secure Boot: Exploiting GRUB2’s Forgotten Attack Surface (and other bootloaders)

Creator Talk Page – Online
When:  Saturday, Aug 9, 09:00 – 09:59 PDT

Creator: DEF CON Groups VR (DCGVR)

Open-source security is facing an existential crisis. From the xz backdoor to Log4Shell and even vulnerabilities in ncurses, we are witnessing a recurring pattern: widely used but poorly scrutinized components becoming critical attack vectors. GRUB2 is no exception.

In this talk, I will present a deep dive into several vulnerabilities I discovered in GRUB2’s major filesystem drivers—exploitable flaws in one of the most privileged and security-critical pieces of software in the modern boot chain. Despite its role in Secure Boot, GRUB2 lacks fundamental OS security mechanisms (no ASLR, no modern exploit mitigations) and processes a large volume of untrusted input—violating Google’s “”Rule of 2″” security principle.

We’ll begin with an overview of UEFI and Secure Boot, demonstrating how GRUB2 fits into the ecosystem and why it remains an attractive target for attackers. I will then detail my findings, showcasing how an attacker can exploit these flaws to subvert Secure Boot entirely. Through a practical demonstration, we will explore the implications of these vulnerabilities—turning a standard bootloader attack into a full-blown compromise of system integrity.

Additionally, I will be describing my journey into discovering similar vulnerabilities other bootloaders such as U-boot and Barebox.

Finally, we will discuss the broader security implications, including the urgent need for stronger security practices in open-source bootloaders and what steps can be taken to prevent the next major supply chain disaster.

This talk will be essential for security researchers, enterprise defenders, and anyone relying on Secure Boot for protection. If you thought your bootloader was secure—think again.

Note: DCGVR Talks are scheduled 1 hour slots, but the actual presentations can be as short as 30 minutes. Please arrive at the start of the hour.


People:
    SpeakerBio:  Jonathan “JBO” Bar Or

Jonathan Bar Or (“JBO”) is an information security expert and a hacker, focusing on binary analysis, vulnerability research, application security, reverse engineering, and cryptography.

His research has uncovered critical vulnerabilities that have impacted millions of users worldwide, shaping security best practices across the industry. Frequently cited by major news outlets, his work has influenced both academia and industry, driving meaningful security improvements.

He is also a seasoned public speaker, presenting at top security conferences and sharing deep technical insights on exploitation techniques, mitigations, and emerging threats.




Breaking the Black Box: Why Testing Generative AI Is Full Spectrum

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C206 (OWASP Community)
When:  Friday, Aug 8, 17:00 – 17:45 PDT

Creator: OWASP Community

Forget the black and white world of traditional Red Teaming, where success means finding that one perfect exploit. In the age of GenAI, we’re painting with a whole new palette. When your target can think, reason, and never give the same answer twice, how do you know if you’ve really broken it? Welcome to the technicolor challenge of AI Red Teaming, where we’re not just looking for vulnerabilities – we’re evaluating personality quirks, safety boundaries, and whether an AI system has gone rogue in fascinating new ways. Join me to explore why it takes AI to test AI, how the future of Red Teaming is less binary, and even your testing tools need to think outside the (black) box.


People:
    SpeakerBio:  Jason Ross, OWASP GenAI Security Project, Red Teaming Initative at OWASP

Jason Ross is a passionate cybersecurity expert with a diverse skill set in generative AI, Penetration Testing, Cloud Security, and OSINT. As a product security principal at Salesforce, Jason performs security testing and exploit development with a specific focus on generative AI, Large Language Models, and Agentic systems.

Jason is a frequent speaker at industry conferences, and is active in the security community: participating as a core member of the OWASP Generative AI Security Project, and serving as a DEF CON NFO goon.




Breaking the Chain: Advanced Offensive Strategies in the Software Supply Chain

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Saturday, Aug 9, 13:00 – 13:59 PDT

Creator: Bug Bounty Village

Malicious packages have grown 156% YoY for supply chain security and supply chain attacks cost organizations $41 billion in 2023 (projected to reach $81 billion by 2026). This session underscores the urgent need to re-examine our defensive postures for software supply chain security by taking an offensive security perspective.

Our talk explains the offensive security methods in the software supply chain, exploring how attackers can compromise entire organizations by targeting each layer of the supply chain.

We define the attack surface, which spans the source, build, and distribution phases, and then showcase advanced techniques used to exploit these components. Drawing on our in-depth research, we demonstrate real-world exploits including supply chain hacks that backdoor hidden dependency links resulting in financial gain for attackers and harm to millions of companies.

Attendees will learn not only how these vulnerabilities are discovered and exploited but also how to apply offensive insights to reinforce their security practices.


People:
    SpeakerBio:  Roni “lupin” Carta, Lupin & Homes

Roni Carta, known as Lupin and co-founder of Lupin & Holmes, is an ethical hacker specializing in offensive cybersecurity, with a strong background in bug bounty hunting, including a $50,000 reward for hacking Google AI, red teaming at ManoMano, and significant research into software supply chain vulnerabilities, notably presenting at DEF CON 32 and recently reporting a hack of Google’s AI Gemini; his diverse technical skills range from ATO and RCE exploits to supply chain security, earning him recognition in various cybersecurity competitions.

SpeakerBio:  Adnan Khan, AWS
No BIO available



Breaking the CI/CD Chain: Security Risks in GitHub Actions

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Saturday, Aug 9, 12:40 – 13:10 PDT

Creator: AppSec Village

Think you know what your GitHub Actions are doing? Think again. This talk breaks down GitHub Actions security risks, exposes real-world exploits, and reveals hidden threats. We’ll compare existing security tools and introduce a new one to help secure workflows and detect vulnerabilities.


People:
    SpeakerBio:  Iggy

I’m Igor Stepansky, a Product Security Engineer at Axonius for more than 3 years with a background as a cybersecurity analyst. My expertise includes integrating security solutions such as SAST, IaC, SCA, secrets detection, malicious package identification, and more. I’m also responsible for penetration testing, securing cloud and Docker environments, GitHub hardening, and building cool tools to enhance security workflows. I’m passionate about sharing practical knowledge and insights gained from working with diverse security solutions in a modern enterprise environment like Axonius.

SpeakerBio:  Michael Goberman
No BIO available
SpeakerBio:  Sharon Ohayon Pshoul

I’m a security architect and team leader at Axonius, and a board member of the OWASP Israel chapter. I lead cross-functional security initiatives and support teams in building secure, scalable systems. Before stepping into architecture, I spent seven years in hands-on penetration testing, which gave me a strong foundation in understanding how real-world threats work—and how to approach them effectively. I’m passionate about bridging the gap between security and development, making security more approachable, and creating space for curiosity, collaboration, and continuous learning.




Buckle Up, Buttercup – Our Experience Competing in AIxCC

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Saturday, Aug 9, 16:00 – 16:30 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

We will tell the story of our ups and downs competing in the challenge and the lessons we learned along the way and give an overview of the competition, detail how our approach to the competition evolved as the rules and objectives changed, share our key takeaways, and outline what’s next for CRS.


People:
    SpeakerBio:  Michael D. Brown, Principal Security Engineer and Head of AI/ML Security Research at Trail of Bits
No BIO available



Bug Bounty Village CTF Walkthrough

Creator Talk Map Page – LVCC West-Level 3-W326 (Bug Bounty Village)
When:  Sunday, Aug 10, 12:00 – 12:59 PDT

Creator: Bug Bounty Village

CTF.ae will perform a CTF Walkthrough Session, where they’ll dive into some of the most interesting challenges from our inaugural Capture The Flag competition. In this session, we’ll showcase a selection of the vulnerabilities hidden in the competition’s ecosystem — spanning web, API, and LLM assets — and demonstrate how they could be discovered and exploited. Whether you participated in the CTF or are just curious to learn, this is a great chance to see real-world techniques and creative solutions in action, explained by the creators themselves.


People:
    SpeakerBio:  CTF.ae
No BIO available



Bug Bounty Workshop

Creator Talk Map Page – LVCC West-Level 2-W204 (Noob Community)
When:  Friday, Aug 8, 14:00 – 14:59 PDT

Creator: Noob Community

Everything you need to know about getting started in bug bounty


People:
    SpeakerBio:  Jason Haddix
No BIO available



Build your own OS

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C210 (Operating Systems Community)
When:  Saturday, Aug 9, 12:00 – 12:59 PDT

Creator: Operating Systems Community

People:
    SpeakerBio:  Lorenzo Faletra, ParrotSec
No BIO available



Building an accessible cyber conference

Creator Talk Page – Online
When:  Saturday, Aug 9, 16:00 – 16:59 PDT

Creator: DEF CON Groups VR (DCGVR)

COVID times really kick started the drive to make events and activities accessible from any location. Conferences such as DCGVR, PancakesCon and ComfyCon were established as purely online conferences, enabling participation from anywhere. But what else can be done to enable accessibility for events?

Join @wan0net, founder of ComfyCon, to talk about his experiences running accessible events, including topics such as location, money, and speakers

Note: DCGVR Talks are scheduled 1 hour slots, but the actual presentations can be as short as 30 minutes. Please arrive at the start of the hour.


People:
    SpeakerBio:  wan0net

LinkedIn Rage Poster and Unprofessional.




Building Local Knowledge Graphs for OSINT: Bypassing Rate Limits and Maintaining OPSEC

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Saturday, Aug 9, 15:50 – 16:35 PDT

Creator: Recon Village
Traditional OSINT collection faces two critical challenges: public APIs throttle queries to prevent abuse, and each query potentially reveals investigative interests to service providers. This talk presents a practical solution using Knowledge Graph technology combined with RDF (Resource Description Framework) to build queryable, offline OSINT repositories._x000D_
We demonstrate how to scrape multi-source OSINT data, transform it into RDF format, align it with common ontologies, and store it in local data packages. Once built, analysts can run complex SPARQL queries against their local triplestore without external dependencies or operational security concerns.

People:
    SpeakerBio:  Donald Pellegrino

Dr. Pellegrino has over 20 years of research and development experience in information science. He has researched and built systems for the Pentagon, U.S. Department of Homeland Security, U.S. Army, U.S. Navy, DuPont, Dow Chemical, Pfizer, and smaller organizations. His work has received international awards in Visual Analytics and Data Integration. He is an expert in the fields of Natural Language Processing (NLP) and Linked Data, including ontology development. Work done for the U.S. Navy has included support for the CVN 78 and other platforms. In addition, he is a computer programmer and has led Software Engineering projects within large organizations.




Building the Cross-Cloud Kill Chain: A DE’s Playbook for AWS, Azure & GCP Detections

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Saturday, Aug 9, 12:15 – 12:55 PDT

Creator: Cloud Village

Trying to trace an attacker pivoting from AWS to Azure to GCP often feels like building detections in silos while attackers exploit the seams. As detection engineers (DEs), we know the pain: scattered logic, cloud-specific alerts, and a fragmented view. We need to move beyond individual events and reconstruct the cross-cloud kill chain to see the full attack.

This DEF CON Lightning Talk is a practical DE playbook for AWS, Azure, and GCP. No fluff, just ‘how-to’ for building detections that connect the dots across clouds.

In ~15 minutes, we’ll cover: Cross-Cloud TTPs: How attackers really pivot between AWS, Azure & GCP in 2025 and the patterns they leave. Mapping Logs to Kills: Identifying essential logs (CloudTrail, Azure AD, GCP Audit, etc.) and mapping them to attack stages. Crafting Correlation Rules: Real SIEM examples (Sentinel/Chronicle/etc.) for stitching events together – think ‘Azure Risky Login’ + ‘AWS Role Use’ = P1 Alert. Actionable DE Strategies: Threat intel integration, baselining cross-cloud activity, and building high-fidelity alerts. Automation & OCSF: Streamlining ingestion and normalization so you can focus on the hunt. If you write detection rules or hunt threats in a multi-cloud mess, this is for you. You’ll leave with actionable TTPs, correlation logic examples, and a clear path to building detections that reveal the entire cross-cloud kill chain. Let’s build better traps.


People:
    SpeakerBio:  Gowthamaraj Rajendran

Gowthamaraj Rajendran is a cybersecurity professional and Threat Detection Engineer at Meta, with over 4 years of experience. For the past 2 years, he has specialized in creating precise and effective detection capabilities.




Burning, trashing, spacecraft crashing: a collection of vulnerabilities that will end your space mission

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Friday, Aug 8, 16:30 – 16:59 PDT

Creator: Aerospace Village

The frequency of space missions has been increasing in recent years, raising concerns about security breaches and satellite cyber threats. Each space mission relies on highly specialized hardware and software components that communicate through dedicated protocols and standards developed for mission-specific purposes. Numerous potential failure points exist across both the space and ground segments, any of which could compromise mission integrity. Given the critical role that space-based infrastructure plays in modern society, every component involved in space missions should be recognized as part of critical infrastructure and afforded the highest level of security consideration.

This briefing highlights a subset of vulnerabilities that we identified within last couple of years across both ground-based systems and onboard spacecraft software. We will provide an in-depth analysis of our findings, demonstrating the impact of these vulnerabilities by showing our PoC exploits in action—including their potential to grant unauthorized control over targeted spacecraft. Additionally, we will show demonstrations of the exploitation process, illustrating the real-world implications of these security flaws.


People:
    SpeakerBio:  Andrzej Olchawa, VisionSpace Technologies
No BIO available
SpeakerBio:  Milenko Starcik, VisionSpace Technologies
No BIO available
SpeakerBio:  Ayman Boulaich

Ayman Boulaich is a cybersecurity researcher specializing in vulnerabilities within aerospace systems. He has contributed to identifying critical security issues in NASA’s open-source software frameworks, such as Core Flight System (cFS) and CryptoLib.

SpeakerBio:  Ricardo Fradique, Cybersecurity Engineer at VisionSpace Technologies GmbH

Ricardo Fradique is a Cybersecurity Engineer at VisionSpace Technologies GmbH, with a focus on Offensive Security and Vulnerability Research. He has been credited in several CVEs, and a regular CTF player.




Byte-Sized Basics: A Beginner’s Guide to x86 Assembly

Creator Talk Map Page – LVCC West-Level 2-W235 (DEF CON Academy)
When:  Friday, Aug 8, 13:00 – 13:59 PDT

Creator: DEF CON Academy

Join us for a bite-sized introduction to machine code programming with x86 assembly language! In this beginner-friendly course, we’ll cover the essentials of assembly language and show you how to get started. You’ll learn about registers, operands, and instructions, as well as how to write and debug simple assembly programs. Our experienced instructors will guide you through hands-on exercises and examples, so you can practice what you’ve learned in a relaxed and supportive environment. By the end of this course, you’ll have a solid foundation in x86 assembly language and be able to tackle more advanced topics with confidence. Whether you’re new to programming or just looking for a new challenge, “Byte-Sized Basics” is the perfect place to start your journey into machine code programming.


People:
    SpeakerBio:  rh4hunnid, Arizona State University
No BIO available



Call a Vendor? How MSPs/MSSPs Do (and Don’t) Help High-Risk Communities

Creator Talk Map Page – LVCC West-Level 2-W234 (Policy @ DEF CON)
When:  Saturday, Aug 9, 13:30 – 14:15 PDT

Creator: Policy @ DEF CON

State and local governments (SLTTs), small and medium-sized businesses (SMBs), and nonprofits across the United States are routinely targeted by cyber criminals and nation-states. The societal impacts of those cyber attacks are significant—they force schools to close, hospitals to postpone patient treatment, courts to delay proceedings, and disrupt municipal services.

One way they improve their resilience is by outsourcing some of their information security responsibilities. IT managed service providers (“MSPs”), managed security service providers (“MSSPs”), and other information security service providers can provide a long-term option for high-risk communities to improve their resilience. But not all ITSSPs are created equal – how good are these organizations, really, at protecting small organizations? How affordable are they, and how good are their services?

As part of the Cyber Resilience Corps initiative, Michael Razeeq and Grace Menna interviewed around 20 organizations, including MSPs, MSSPs, IT and cybersecurity consultancies, and their clients, to identify challenges to expanding service provider support to more high-risk communities. This talk will present key findings from their research and policy recommendations to expand service provider coverage across high-risk communities we depend on.


People:
    SpeakerBio:  Grace Menna, Fellow, Public Interest Cybersecurity at UC Berkeley Center for Long-Term Cybersecurity (CLTC)

Grace Menna is a Public Interest Cybersecurity Fellow at the UC Berkeley Center for Long-Term Cybersecurity (CLTC). In this role, she leads public interest cybersecurity research and oversees the coordination of CLTC and the CyberPeace Institute’s newest initiative, the Cyber Resilience Corps, mobilizing cyber volunteering efforts across the US to defend community organizations, including nonprofits, municipalities, rural hospitals and water districts, K-12 schools, and small businesses from cyber threats.

She is an active member of the security research community and helps organize the policy track of DC-based hacker conference, DistrictCon. Previously, Grace supported global cyber capacity-building initiatives at the Atlantic Council’s Cyber Statecraft Initiative and, as a consultant, advised U.S. tech companies across policy, intelligence, trust & safety, and other security areas.

SpeakerBio:  Michael Razeeq, Non-resident Fellow, Public Interest Cybersecurity, UC Berkeley CLTC

Michael Razeeq is a cybersecurity, privacy, and technology law attorney with experience advising and supporting global companies in the media, financial services, and energy sectors, as well as a multinational law firm. Razeeq also serves as an adjunct faculty member at Brooklyn Law School. He is licensed to practice law in New York and Texas, and he holds IAPP CIPP/US, ISACA CISM, and GIAC-GLEG certifications.

Razeeq is also Non-resident Fellow, Public Interest Cybersecurity with UC Berkeley’s Center for Long-Term Cybersecurity (CLTC), where he is researching the ways that service providers can improve cyber resilience for vulnerable organizations and augment the work of civilian cyber corps.

Previously, as a #ShareTheMicInCyber Fellow, Razeeq examined the legal frameworks governing civilian cyber corps established in several U.S. states and in other jurisdictions to identify best practices. Razeeq has published articles about civilian cyber corps in Lawfare and through New America. He has also presented on civilian cyber corps in various forums, including the Rubrik Zero Labs Data Security Decoded podcast, the 2024 New America Future Security Forum, the Caveat podcast from the Cyberwire by N2K Networks, and the 2024 Cyber Civil Defense Summit hosted by the UC Berkeley Center for Long-Term Cybersecurity.




Car Hacking Village Capture the Flag (CTF) – Results Announcement

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-602 (Car Hacking Village)
When:  Sunday, Aug 10, 13:00 – 13:59 PDT

Creator: Car Hacking VillageCar Hacking Village Capture the Flag (CTF)



Carding is Dead, Long Live Carding: How MaaS is fueling NFC relay attacks

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Friday, Aug 8, 11:00 – 11:59 PDT

Creator: Payment Village

The payment fraud landscape is experiencing a resurgence of ‘carding’ through sophisticated Near Field Communication (NFC) relay attacks, which combine social engineering and custom mobile malware to bypass contactless payment security measures, enabling unauthorized transactions. A critical emerging trend is the proliferation of Malware-as-a-Service (MaaS) platforms, primarily operated by Chinese-speaking threat actors, who develop and distribute advanced NFC relay capabilities as turn-key solutions to global affiliates, facilitating complex card-present fraud schemes on an unprecedented scale and leading to arrests in the U.S. and EU. This MaaS operational model, featuring affiliate networks and advanced tools, signifies a critical evolution in financial threats, alarming global financial institutions and necessitating urgent adaptation of fraud prevention strategies. The discussion will explore MaaS operations, presenting key findings from the Supercard X analysis, including its technical capabilities, and examining the implications for the payment industry, with mitigation strategies and actionable intelligence such as actor communications and distinct Tactics, Techniques, and Procedures (TTPs) being shared. Furthermore, the talk will reveal how developers of well-known Android banking trojans are integrating NFC relay functionalities to enhance their cash-out techniques, providing attendees with a deep dive into NFC Relay MaaS, exclusive threat intelligence, and an understanding of the evolving fraud landscape, including the operational models, tools, and TTPs employed by modern NFC Relay MaaS platforms, as well as the systemic risks posed to global financial institutions and the urgent need for adaptive security postures.


People:
    SpeakerBio:  Federico Valentini, Cleafy

Federico Valentini is passionate about technologies in general and has a deep interest in cybersecurity, particularly Penetration Testing, Malware Analysis, and Social Engineering techniques. He’s currently leading the Threat Intelligence Team and Incident Response at Cleafy. He oversees all the activities related to monitoring and uncovering new threats and attack patterns that malicious actors use. He has spoken at HackInBO 2022, Botconf 2023, Cert-EU 2023, BSides Cyprus 2023, FS-ISAC 2024, Botconf 2025, and other private events managed by CertFIN in the Italian territory.

SpeakerBio:  Alessandro Strino, Senior Malware Analyst at Cleafy

Alessandro Strino has a solid background in Penetration testing and modern malware analysis. His main research topics are binaries and computer forensics. Nevertheless, he is passionate about binary exploitation, reverse engineering, and privilege escalation techniques. He now works as a senior malware analyst at Cleafy. He has spoken at Botconf 2023, Cert-EU 2023, BSides Cyprus 2023, FS-ISAC 2024, and Botconf 2025.




CARVER Vulnerability Analysis and the U.S. Voting System

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Friday, Aug 8, 17:00 – 17:30 PDT

Creator: Voting Village

During World War II, the predecessor to the CIA, the Office of Strategic Services, developed a framework for the French Resistance to identify vulnerabilities in key German defenses and infrastructure. The framework, titled “CARVER” applies the following designations to enumerated components of complex systems: Criticality, Accessibility, Recuperability, Vulnerability, Effect, Recognizability. The same framework, viewed through a security framework, will highlight a system’s strengths or weaknesses, depending on the analyst’s tasking. The panel will follow this outline: overview of election integrity issues; history of carver analysis; the ranking matrix; why we chose the items as critical; ranking of each item; discussion of the final rankings; how to secure.

Links:
    azsos.gov – https://azsos.gov

People:
    SpeakerBio:  Michael Moore, CISO, Arizona Secretary of State’s Office

Michael Moore is the CISO for the Arizona Secretary of State’s Office. Michael has worked to develop federal, state, and local government partnerships as well as collaborated with trusted vendors to protect democracy and fulfill our shared duty to the American voter. The greatest threats to elections are MDM and the resulting insider threat caused by radicalized citizens. The best protection against these threats is combatting lies with the truth, developing secure and resilient systems that prevent attacks whenever possible, allow for detections of compromise and facilitate accurate and rapid recovery. Michael has pushed forward these initiatives in his own organization as well as across the Elections community.

SpeakerBio:  Nate Young, CIO Maricopa County Elections, Arizona
No BIO available
SpeakerBio:  Will Bagget, Operation Safe Escape

Will Baggett is a Lead Investigator for Digital Forensics and Insider Threat at a Fiscal Infrastructure organization. He is also Director of Digital Forensics at Operation Safe Escape (volunteer role), a non-profit organization providing assistance to victims of domestic abuse.




Chained Exploits: The Silent Takeover

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Sunday, Aug 10, 11:00 – 11:30 PDT

Creator: AppSec Village

The Chaining of Vulnerabilities session is essential for anyone serious about understanding real-world security threats. Attackers rarely rely on a single flaw – instead, attackers combine multiple low or medium-risk issues to breach systems and exfiltrate data. This session will reveal how these chains are built, and how overlooked weaknesses can lead to full system compromise. With practical case studies, attack flow breakdowns, and defense strategies, you’ll gain critical insight into offensive thinking and how to build more resilient systems. Whether you’re a developer, security engineer, or red teamer, this session will sharpen your knowledge about how subtle flaws can be linked into powerful exploit chains.


People:
    SpeakerBio:  Monish Alur Gowdru

Monish Alur Gowdru is dedicated to securing applications end-to-end, with over 5 years of experience in application security, software development, and secure code review. His passion for finding security gaps in applications sparked a deeper interest in learning to build applications, driving him to build the skills needed to secure systems from the ground up. This journey led him to earn a Master’s degree in Computer Science with a specialization in Information Assurance, along with hands-on experience as a Software Engineer. While this is his first time speaking at a conference, he’s an active contributor to local security communities and a mentor to those starting their careers in the field.

LinkedIn: https://www.linkedin.com/in/ag-monish/ Email Address: monish.alurgowdru@gmail.com

SpeakerBio:  cybermeow

Meet Apoorwa Joshi – Security Engineer, Code Whisperer & Threat Tamer at Amazon. With over 6 years in the trenches of application and cloud security at scale, she currently brings her talents to helping teams think like attackers before the attackers do. Armed with a Master’s degree, a knack for demystifying technical complexity, Apoorwa specializes in “shifting left” Based in Austin, Texas, Apoorwa is part of a new wave of security professionals. Though this is her first time on the conference stage, she’s no stranger to leading conversations that matter from mentoring junior engineers to influencing cross-team architecture decisions. When she’s not taming threats or refactoring risk, she enjoys playing ping pong and spending time with her cat.

Ask her about: threat modeling, secure architecture, DevSecOps, or how to sneak security into sprint planning without getting side-eyes.




Challenges and Lessons from the AIxCC Journey: A Perspective from 42-b3yond-6ug

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Friday, Aug 8, 17:00 – 17:30 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

Sharing the lessons learned from 42-beyond-bug’s AIxCC journey with the open source community.


People:
    SpeakerBio:  Xinyu Xing, President at B3YOND
No BIO available



Cheat Code for Hacking on T-Mobile: From Inside the TMO BBP Perspective

Creator Talk Map Page – LVCC West-Level 3-W326 (Bug Bounty Village)
When:  Saturday, Aug 9, 17:30 – 17:59 PDT

Creator: Bug Bounty Village

Ever wondered what happens after you hit “submit” on a bug bounty report? At T-Mobile, each submission kicks off a behind-the-scenes journey that spans teams, tools, and time zones. In this talk, we’ll walk through the lifecycle of a bug bounty submission—from Bugcrowd’s triage desk to our internal security workflows—and show why not every finding is considered equal from a business risk perspective.

We’ll demystify our internal process: how we prioritize, validate, assign ownership, and resolve reports. You’ll see what makes a report fast-tracked to payout—and what gets politely declined. Backed by stats, we’ll reveal how many submissions we get, how many are duplicates or out of scope, and how we determine true impact.

Expect real war stories: from late-night calls and team escalations to reports that sent us scrambling. We’ll also lighten the mood with a few “creative” submissions that didn’t quite hit the mark.

Most importantly, we’ll share submission tips drawn from common pain points—what helps us help you, and how high-quality reports earn faster turnarounds, higher payouts, and opportunities like private programs, CVEs, and Bug Bashes.

Whether you’re a seasoned hunter or just starting out, this session will give you an honest, inside look at how BBPs work from our end—and how you can maximize your success.


People:
    SpeakerBio:  Elisa Gangemi, Senior Cybersecurity Engineer at T-Mobile

Elisa Gangemi is a Senior Cybersecurity Engineer on the OffSec Team at T-Mobile, where they manage the Penetration Testing Pipeline and contribute to the company’s Bug Bounty Program. With prior experience in offensive and product security at startups, Elisa helped launch vulnerability management programs, including bug bounty initiatives and security tooling. They began their technology career as a QA tester, then transitioned into InfoSec at Akamai Technologies, working on technical program management and security research. Elisa holds the GIAC GWAPT certification and serves on the GIAC Advisory Board. They’ve enjoyed learning hacking techniques and have participated in a U.S. team that twice placed in the top four at NorthSec’s CTF in Montreal. DEF CON 33 marks their first year attending and speaking.




Chelonia: End-to-End Encryption For Every App

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-403 (Crypto Privacy Village)
Creator: Crypto Privacy Village

Using the Internet has become synonymous with giving up privacy.

“That’s just the way it is,” people tell themselves. “Of course, the company has access to my data.”

But what if you had a choice?

What if every app you used online could be truly private-respecting — in the real sense of the term, not the “”privacy policy”” sense?

That’s what we’re here to discuss. Chelonia is the first implementation of Shelter Protocol: an end-to-end encrypted, federated protocol for building any kind of user-friendly web application.


People:
    SpeakerBio:  Greg Slepak

Greg isn’t so much a hacker as he is an engineer, quietly building fortresses for hackers to play with (or run away from in defeat). He got his start securing data at rest with an app called Espionage — user-friendly folder encryption and plausible deniability for Mac users. He moved on to securing data in motion, creating DNSChain and defining DPKI (decentralized public key infrastructure), a vision to fix the inherent security flaws in HTTPS. This is his first DEF CON, where he will be presenting a work 10 years in the making: a new protocol and way of building any web app that is end-to-end encrypted, decentralized, and user-friendly.




China’s Health Sector Ambitions and Information Needs: Implications for U.S. Health Care Cyber Defense

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Saturday, Aug 9, 16:00 – 16:30 PDT

Creator: Policy @ DEF CON

The phrase “national security impacts of offensive cyber in the healthcare sector” typically brings to mind images of destructive, obvious attacks on hospitals. It should also bring to mind the covert theft of vast troves of biological data. The PRC has a well established policy of stealing intellectual property as a path to development using tactics which have come, in recent years, to prominently feature hacking. The theft of US and allied biological data is crucial to our personal privacy, civil liberties, and national security and we must understand what data is most likely to be targeted in order to best defend it. In sectors other than biotechnology, PRC state-sponsored hacking often focuses on areas identified for development in major planning documents and areas to which the PRC party-state is already devoting significant financial resources to research. For this reason, it is useful to understand the intersection of PRC targeted areas for growth and development and areas in which stealing US sources of data is the easiest and most easily applicable to emerging biotechnology sectors. This talk identifies those sectors and discusses potential consequences.


People:
    SpeakerBio:  Amelia Shapiro

Amelia is an intelligence analyst at Margin Research where she specializing in combining science and technology and regional expertise. Before working at Margin, Amelia worked at a DC-based research shop. Amelia graduated from Brown University with the Albert A. Bennett Prize for Exceptional Accomplishment in the Mathematics Concentration as well as honors in the security studies concentration.




Classical Problems with Quantum Cryptography

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-206 (Quantum Village)
When:  Friday, Aug 8, 14:15 – 14:59 PDT

Creator: Quantum Village

We present a set of power side channel attacks against protocols from the classical phase of quantum key distribution. Cascade error correction and Toeplitz hashing based privacy amplification both prove to be vulnerable to full key recovery attacks when an attacker is assumed to the ability to monitor power consumption on the post processing device. We examine attack performance on both Cortex-M4 MCU and Artix-7 FPGA.


People:
    SpeakerBio:  Niall Canavan
No BIO available



Cloned Vishing: A case study

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Saturday, Aug 9, 15:30 – 15:59 PDT

Creator: Social Engineering Community Village

We ran a research study at Brigham Young University where we tested a novel phishing technique where AI voice cloning is used to imitate specific people. This talk will discuss the results of the study and potential safeguards to prevent these phishing scams.


People:
    SpeakerBio:  Katherine Rackliffe, Brigham Young University

Katherine recently graduated in the cybersecurity program at Brigham Young University, and an incoming PhD student for the University of Wisconsin-Madison.




Cloud Village Closing

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Sunday, Aug 10, 12:55 – 13:15 PDT

Creator: Cloud Village

People:
    SpeakerBio:  Jayesh Singh Chauhan
No BIO available



Cloud Village Opening

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Friday, Aug 8, 10:00 – 10:10 PDT

Creator: Cloud Village

People:
    SpeakerBio:  Jayesh Singh Chauhan
No BIO available



Coating your PCBs

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C204 (Badgelife Community)
When:  Saturday, Aug 9, 13:00 – 13:30 PDT

Creator: Badgelife Community

People:
    SpeakerBio:  Abhinav Pandagale, Founder at Hackerware.io

Abhinav’s artistry comes from the times he used to sneakily paint drawings made by his sister. His hacking career began as a toddler, disassembling his toys but never put them back together. His entrepreneurial roots come from selling snacks at a school fair and making a loss of . Having learned how not to make money, he launched Hackerware.io – a boutique badgelife lab with in-house manufacturing – which has grown over the past nine years into a global presence across 19 countries. He’s often spotted at conferences around the world – hosting hardware villages or pulling off the kind of random shenanigans that earned him the Sin CON Person of the Year 2025 award.




Cognito, Ergo Some Extra Permissions

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Sunday, Aug 10, 11:40 – 12:15 PDT

Creator: Cloud Village

What if I told you that until recently, sharing CloudWatch dashboards publicly could introduce an initial access vector for attackers targeting AWS accounts? And that a series of bugs rooted in Amazon Cognito resulted in dozens of dashboards being exposed on the internet?

This is the story of a vulnerability accidentally discovered in a cloud security assessment and patched by AWS in July 2024, which provided unauthenticated actors some …unexpected permissions into a target account. Our research takes a deep dive into this relatively unknown exploitation technique, showcasing once more why default configuration isn’t always secure.

Join us in this journey that starts from the peculiar discovery, covers the analysis of an undocumented web application, and leads to the eventual 4-step attack that could breach the cloud perimeter. This talk will not only investigate the impact of a bug that once was, but will also discuss the risks remaining post-remediation, providing guidance on what AWS users can do to protect their estates against abuse.


People:
    SpeakerBio:  Leo Tsaousis

Leo is a Senior Security Consultant at WithSecure where he leads the Attack Path Mapping service. His current role involves planning and conducting offensive security assessments, while building the team globally and pushing the boundaries of adversarial simulation.

When he’s not helping SOC teams or leading purple teams for WithSecure’s clients, you will find Leo presenting in security conferences around the world including DEF CON, SO-CON, DEATHcon, ROOTCON and BSides. His research output has ranged from mobile security to CVEs on IBM and Cisco products but his secret passion of cloud security can be seen from talks about AWS attack paths and Kubernetes threat detection.




Command and KubeCTL: Kubernetes Security for Pentesters and Defenders

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Friday, Aug 8, 15:20 – 15:50 PDT

Creator: Cloud Village

Kubernetes is a security challenge that many organizations need to take on, and we as pentesters, developers, security practitioners, and the technically curious need to adapt to these challenges. In this talk we will look at tactics, techniques, and tools to assess and exploit Kubernetes clusters. We will evade runtime syscall filters, exploit custom sidecars, and chain attacks that go from compromising a build environment, to exploiting production applications. We’ll cover real world attack paths, provide practical advice, and guidance using the experience of conducting hundreds of reviews of containerized environments and even building secure Kubernetes-based services.


People:
    SpeakerBio:  Mark Manning

Mark Manning (@antitree) has experience running a container security research practice as a penetration tester and working in a product security org building a Kubernetes service for thousands of customers. He has been focused on containerization and orchestration technologies like Kubernetes and performs containerization and sandboxing assessments and research. This includes running container breakouts and attack simulations on orchestration environments, performing architecture reviews of devops pipelines, and working with developers to assist with applications that leverage containerization technologies like namespace isolation, Linux kernel controls, syscall filtering, gVisor, and integration with products like Docker and Kubernetes.




Common Cause NY and The Black Insitute’s Legal Challenge to the ExpressVote XL’s use of barcodes to record votes

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Saturday, Aug 9, 10:30 – 10:59 PDT

Creator: Voting Village

Susan Lerner will provide an overview of the ongoing litigation in New York state court, Common Cause NY v. Kosinski, which challenges the legality of using the ES&S ExpressVote XL all-in-one ballot marking device and tabulator under New York law. The ExpressVote XL records votes in barcodes – unreadable to the naked eye – which, Common Cause NY asserts, violates New York law. NY statute provides that all voters must have the opportunity to verify their votes before they are cast. Notably, the federal Help America Vote Act includes the same provision. Should Common Cause NY prevail in state court, the decision could spark further action. The recording or votes in barcodes or QR has been controversial since its introduction. In 2019, Colorado Secretary of State Jenna Griswald (D) announced an initiative to end encoding votes in barcodes/QR codes in Colorado. In March, Donald Trump issued an executive order that sought to prohibit encoding votes in barcodes/QR codes in federally certified voting machines. This talk will explore the legal arguments at issue in the NY case, that could have repercussions elsewhere.

Links:
    www.commoncause.org/new-york/ – https://www.commoncause.org/new-york/

People:
    SpeakerBio:  Susan Lerner, Common Cause NY

Susan Lerner is executive director of Common Cause New York. Susan joined Common Cause in December 2007. She is responsible for setting priorities, strategy, lobbying, serving as a spokesperson, fund-raising and leading the team for the New York organization. Before joining Common Cause, Susan served from 2003-07 as executive director of the California Clean Money Campaign. As a member of the New York and California bars, she was a litigator for almost 20 years. Susan has a bachelor’s degree in psychology from the University of Chicago and a law degree from the New York University School of Law.




Common Threads

Creator Talk Map Page – LVCC West-Level 3-W325 (Queercon Community)
When:  Friday, Aug 8, 12:30 – 13:59 PDT

Creator: Queercon Community Lounge

Like any good summer camp, we should take a moment to unwind – a recess, if you will. One that’s filled with friendship (bracelets) and… dragonflies? Stop by to make your own pride flags and other crafty beaded accessories! (No experience required, while supplies last)




Common Threads

Creator Talk Map Page – LVCC West-Level 3-W325 (Queercon Community)
When:  Saturday, Aug 9, 12:30 – 13:59 PDT

Creator: Queercon Community Lounge

Like any good summer camp, we should take a moment to unwind – a recess, if you will. One that’s filled with friendship (bracelets) and… dragonflies? Stop by to make your own pride flags and other crafty beaded accessories!




Compromising Threat Actor Communications

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Saturday, Aug 9, 14:30 – 14:59 PDT

Creator: Malware Village

This talk unveils how a single OPSEC failure—a threat actor testing keylogging and infostealing malware on his own production system—exposed an cybercrime operation in real time. By intercepting Telegram-based command-and-control (C2) communications, we gained direct access to screenshots and keylogs from the threat actor’s backend infrastructure, uncovering additional campaigns he was actively running. We’ll explore how Telegram bots were used to exfiltrate stolen data, how bot tokens were embedded within malware, and how YARA rules and VirusTotal were leveraged to trace and analyse related samples. This session combines technical insight with strategic takeaways, demonstrating how attackers’ dependence on mainstream platforms like Telegram can be turned against them—and how such real-world discoveries can reshape threat intelligence and bolster defensive strategies.


People:
    SpeakerBio:  Ben “polygonben” Folland

Ben Folland is a Security Operations Analyst at Huntress, where he manages hands-on-keyboard intrusions and dismantles active threats daily. Before that, he worked at one of Accenture’s SOCs, defending UK Critical National Infrastructure, gaining deep experience in high-stakes environments. He’s all about DFIR, malware analysis, and threat hunting—and has a knack for exposing adversary tradecraft. Ben’s spoken at over 10 conferences (including six BSides), taught SOC workshops at universities, is GIAC GCFA certified, and was a finalist for the UKs national cyber team. Whether it’s CTFs or live incidents, Ben thrives on the chase and brings a hacker mindset to everything he does.




Connected Car Attack Surface Mapping: OSINT Techniques for Automotive Threat Intelligence

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Saturday, Aug 9, 13:00 – 13:35 PDT

Creator: Recon Village

Modern vehicles have evolved into sophisticated, internet-connected computing platforms with attack surfaces spanning cloud infrastructure, telematics systems, and over-the-air update mechanisms. With the automotive industry generating over $11 billion in cyberattack losses in 2023 alone, security researchers struggle to comprehensively map connected vehicle ecosystems using traditional OSINT methodologies that lack automotive-specific knowledge. This presentation introduces a systematic OSINT methodology designed for automotive threat intelligence, combining conventional reconnaissance techniques with automotive-focused discovery methods to identify exposed automotive APIs, misconfigured cloud infrastructure, vulnerable telematics endpoints, and supply chain weaknesses that standard assessments typically miss. Through live demonstrations using real automotive manufacturer targets, attendees will learn to adapt existing OSINT tools like Shodan, Censys, and certificate transparency logs with automotive-focused data sources to build complete attack surface maps of connected vehicle ecosystems. Participants will gain practical skills for discovering OTA update infrastructure, fleet management systems, and connected vehicle APIs while learning to transform raw reconnaissance data into actionable automotive threat intelligence that can be immediately applied whether entering the automotive security space or expanding traditional pentesting expertise into the rapidly growing connected vehicle market.


People:
    SpeakerBio:  Reuel Magistrado

Reuel Magistrado is an Auto Threat Researcher at VicOne, specializing in web application, web services, and mobile application penetration testing for automotive clients. He is also involved in creating CTF challenges for automotive security. With extensive experience conducting manual security assessments that go beyond automated tools, Reuel has authored technical reports and delivered security solutions to various clients in previous roles at NCC Group and iZOOlogic.x000D x000D Reuel holds multiple industry certifications including Burp Suite Certified Practitioner (BSCP), APIsec Certified Practitioner (ACP), Practical Mobile Pentest Associate (PMPA) and several specialized penetration testing certifications from The SecOps Group. He also shared his expertise through technical presentations, including his recent talk at NCC Group Philippines’ “Pwning Hall of Fame,” where he demonstrated a race condition exploit leading to price manipulation.




Context Aware Anomaly Detection in Automotive CAN Without Decoding

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Friday, Aug 8, 16:30 – 16:59 PDT

Creator: Car Hacking Village

Modern vehicles operate as real-time cyber-physical systems, where even subtle manipulations on the CAN bus can lead to catastrophic outcomes. Traditional anomaly detectors fall short when malicious actors mimic expected sensor behaviors while altering the vehicle’s state contextually. This talk explores how exploiting inter-signal correlations — rather than relying on individual identifiers or decoding — uncovers stealthy attacks. We present a deep sequence-learning approach tailored for raw CAN payloads, focusing on time-aware and context-sensitive detection. No reverse engineering of signal structures. Just patterns, timing, and trust redefined. Live demo included using real-world CAN datasets and emulated environments.


People:
    SpeakerBio:  Ravi Rajput
No BIO available



Contextualizing alerts & logs at scale without queries or LLMs (opensource)

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Saturday, Aug 9, 15:30 – 15:59 PDT

Creator: IOT Village

IoT environments generate massive, noisy streams of logs and alerts—most of which lack the context needed for meaningful detection or response. This talk introduces a novel, LLM-free approach to large-scale alert contextualization that doesn’t rely on writing complex queries or integrating heavy ML models. We’ll demonstrate how lightweight, modular correlation logic can automatically enrich logs, infer context, and group related events across sensors, devices, and cloud services. By leveraging time, topology, and behavioral attributes, this method builds causality sequences that explain what happened, where, and why—without human-crafted rules or expensive AI inference. Attendees will walk away with practical techniques and open-source tools for deploying contextualization pipelines in resource-constrained IoT environments. Whether you’re defending smart homes, industrial OT networks, or edge devices, you’ll learn how to extract insight from noise—fast.


People:
    SpeakerBio:  Ezz Tahoun

Ezz Tahoun is an award-winning cybersecurity data scientist recognized globally for his innovations in applying AI to security operations. He has presented at multiple DEFCON villages, including Blue Team, Cloud, Industrial Control Systems (ICS), Adversary, Wall of Sheep, Packet Hacking, Telecom, and Creator Stage, as well as BlackHat Sector, MEA, EU, and GISEC. His groundbreaking work earned him accolades from Yale, Princeton, Northwestern, NATO, Microsoft, and Canada’s Communications Security Establishment. At 19, Ezz began his PhD in Computer Science at the University of Waterloo, quickly gaining recognition through 20 influential papers and 15 open-source cybersecurity tools. His professional experience includes leading advanced AI-driven projects for Orange CyberDefense, Forescout, RBC, and Huawei Technologies US. Holding certifications such as aCCISO, CISM, CRISC, GCIH, GSEC, CEH, and GCP-Cloud Architect, Ezz previously served as an adjunct professor in cyber defense and warfare.




Countering Forensics Software by Baiting Them

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Saturday, Aug 9, 15:00 – 15:30 PDT

Creator: Adversary Village

There’s been remarkably little discussion about how mobile forensic tools fare against adversarially modified environments, particularly in terms of forensic reliability. Tools (and investigators) often assume that target devices function as expected, with minimal scrutiny of whether that assumption holds. Our research demonstrates otherwise – sophisticated anti-forensic techniques placed within Android devices can silently compromise evidence, placing longstanding investigative and extraction methodologies at risk.

Our research addresses a blind spot in Android logical extraction workflows – namely, an assumption that once mobile forensic software overcome the hurdle of device access, the extraction is assumed to follow correctly. While forensics software excel at getting a foot in the door, from our actual tests they offer little against stealthy, second-layer countermeasures that can silently manipulate or destroy data post-access.


People:
    SpeakerBio:  Weihan Goh, Associate Professor at the Singapore Institute of Technology (SIT)

Dr Weihan Goh is an Associate Professor at the Singapore Institute of Technology (SIT). His research interests include digital forensics, anti-forensics, security testing, as well as technologies for cybersecurity education such as cyber ranges, CTF / CDX, remote proctoring, and anti-fraud / anti-cheat systems. Beyond teaching and research, Dr Goh participates in capture-the-flag exercises, going by the CTF handler ‘icebear’.

SpeakerBio:  Joseph Lim, Final-year Information Security Student, Singapore Institute of Technology

Joseph Lim is an Information Security undergraduate at the Singapore Institute of Technology, with a diploma in Infocomm Security Management from Singapore Polytechnic. With a strong foundation in cybersecurity, he is particularly interested in mobile security and digital forensics. Joseph has also previously presented research on mobile malware at the 14th ACM Conference on Data and Application Security and Privacy (2024).

SpeakerBio:  Isaac Soon, Final-year Information Security Student, Singapore Institute of Technology

Soon Leung Isaac is currently pursuing a degree in Information and Communication Technology, specializing in Information Security, at the Singapore Institute of Technology. Previously, he served as a SOC analyst in the Singapore Armed Forces for two years, where he was responsible for safeguarding Singapore’s military network. His main areas of research include offensive security and mobile security.




Cracking Chaos: Making, Using, and Breaking PRNGs

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Saturday, Aug 9, 12:00 – 12:59 PDT

Creator: Crypto Privacy Village

Pseudo-Random Number Generators are often overlooked and core features of our computational experience. From research and processes irrelevant to security (i.e. Monte-Carlo simulations) to essential security functionality like secret generation, random number generation plays a significant part in our ability to utilize the modern internet. In turn, they have a unique history, threat model, and set of applications. We will discuss the history of pseudo-random number generation, the types of random number generators, where they are supposed to be utilized, and how to break them, when relevant. Additionally, we will discuss the future direction of random number generation in light of preparation for the advent of large-scale quantum computing.


People:
    SpeakerBio:  1nfocalypse

1nfocalypse is a software engineer with an interest in coding theory, cryptography, and numerical analysis. He is currently working on portions of libstdc++-v3 and enjoys implementing/tinkering with cryptographic primitives and standards.




Creating a Ham Radio IP Network with AREDN Software

Creator Talk Map Page – LVCC West-Level 3-W320 (Ham Radio Village)
When:  Saturday, Aug 9, 14:00 – 14:59 PDT

Creator: Ham Radio Village

Orv W6BI will discuss how to create a ham radio IP network with off the shelf hardware and open source software.

Orv W6BI will discuss how to create a ham radio IP network with off the shelf hardware and open source software from AREDN. The AREDN software supports over a hundred different devices from several different vendors. The AREDN software allows advertising services, such as web servers, cameras, VOIP phones, etc.

Usable RF links can be up to 30 miles. For those lacking a line of sight path to an AREDN node, the software supports inter-node network links via the Internet.

AREDN islands can be linked via ‘superhodes’ to allow access to remote nodes. It can be viewed at https://worldmap.arednmesh.org

Links:
    Slides – https://drive.google.com/file/d/1VmRcnx48mcsxmx_gSSLpYhf0vJfX5GJg/view?usp=drive_link

People:
    SpeakerBio:  Orv “W6BI” Beach

Orv W6BI is a retired Linux system administrator, an ARRL Santa Barbara Section

Technical Specialist and the AREDN Project Manager.

He was first licensed as WN6WEY in 1967. He’s been into digital ham radio all his life, starting with CW. He worked his way up through RTTY, PACTOR, packet radio and PSK31, and started messing around with ham radio networking in 2014. He helped deploy the initial ham radio network nodes and backbone buildout in Ventura County and western Los Angeles County.

He’s also active in coordinating the build-out and maintenance of the wider Southern California ham radio network, which now spans from Paso Robles in central Calfornia south to the Mexican border and east to Las Vegas, comprising over 550 nodes, both hilltop and ground-level, including hospitals, PDs and EOCs.

He’s given over 80 presentations about ham radio networking using AREDN software over the last ten years and mentored many hams worldwide on ham radio networking. He’s active in AREDN groups in Facebook, Slack, Telegram, and Discord, and monitors the forums on the AREDN website.




Creating a Virtual Ship Environment Optimized for Cybersecurity Use

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Saturday, Aug 9, 15:30 – 15:59 PDT

Creator: Maritime Hacking Village

Current ship simulators are designed to help masters and mates pass their STCW exams. They were never designed for cybersecurity use. So, here is the interesting question that will be considered during the presentation. What is the ideal architecture of a virtual ship environment for cybersecurity education, assessment, and research use? Recent work at UNCW suggests there is a need for a hybrid virtual environment comprised of a full mission (above and below the waterline) ship simulator coupled with sub-system device emulators and specialized software applications. Examples of required device emulators include communication devices, bridge instruments, and industrial controllers. Coupling can be accomplished through logical or physical means. Examples of specialized software applications include network traffic generation, strategically located test access points for staging exploits, cyber data analytics, and trainer control over directed simulations. Cybersecurity use cases are being used to help shape derivative functional requirements. Rather than develop a novel virtual environment from scratch, UNCW has been looking into the feasibility of augmenting an existing, commercially available ship simulator with new functionality such that it is fit for cybersecurity use. Unitest’s, Winterthur X92 marine engine simulator is an ideal candidate that will be briefly demonstrated during the presentation.


People:
    SpeakerBio:  Jeff Greer, University of North Carolina-Wilmington

Jeff Greer is an Assistant Professor of Practice in Cybersecurity at the University of North Carolina Wilmington. When not teaching he is reading, writing, and coding. The focus of his applied R&D work is the application of system-of-systems engineering practices to resolve maritime cybersecurity problems. Prior to retiring from corporate life, Jeff was an integral part of an executive team that built a mobile broadband business delivering internet services to ships at sea around the world. Jeff is a member of the USCG Sector 5 Area Maritime Security Council and the FBI Infragard program. Jeff holds an MS Degree in Cybersecurity Technology from the University of Maryland Global Campus.

SpeakerBio:  Laavanya Rachakonda, Dr. at University of North Carolina-Wilmington

Dr. Laavanya Rachakonda is an Assistant Professor in the Department of Computer Science at the University of North Carolina Wilmington, serving in this role since August 2021. She earned her Ph.D. and M.S. in Computer Science and Engineering under Dr. Saraju P. Mohanty at the University of North Texas, Denton, in 2021, and holds a B.Tech. in Electronics and Communication Engineering from VMTW, JNTUH, India.

As the Founder and Director of the Smart and Intelligent Physical Systems Laboratory (SIPS) at UNCW, Dr. Rachakonda leads a multi-disciplinary team researching cutting-edge applications of Machine Learning, Artificial Intelligence, IoT, and IoMT. Her lab’s focus spans Smart Healthcare, Agriculture, Transportation, and Smart Living, aiming to create sustainable, intelligent systems with robust security and privacy integration. SIPS is dedicated to developing low-power, fully automated systems processed at the edge, supporting stress-free and sustainable living.




Crises Precipitate Change, Tools for Success

Creator Talk Page – Online
When:  Saturday, Aug 9, 15:00 – 15:59 PDT

Creator: DEF CON Groups VR (DCGVR)

Selecting the best bits from previous talks around radio based communication, maintaining personal archives, using secure operating systems, and so on, this talk will discuss tools that may bring you success in your endeavors. Perseverance Furthers.

Note: DCGVR Talks are scheduled 1 hour slots, but the actual presentations can be as short as 30 minutes. Please arrive at the start of the hour.


People:
    SpeakerBio:  Giglio

Giglio enjoys playing with things, sharing what he finds and learning.




Critically Neglected: Cybersecurity for buildings

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Saturday, Aug 9, 10:00 – 10:30 PDT

Creator: ICS Village

Buildings are largely overlooked when it comes to cyber security. The onus is typically placed on physically securing the building and the people inside of them. What most gloss over is the fact that industrial control systems run these buildings and without them, every day functions become unavailable and downright dangerous. The dangers are growing as buildings become more “connected” and require internet access to operate (ex. sustainability and IoT). Malicious use of engineering protocols (Modbus, Fox, BACNet) and targeted attacks against BAS systems are growing (ex. KNXLock).”

Environments run the gamut from overly secure, to the point of crippling, all the way to leaving RDP exposed with no logging or MFA to critical systems. There is no easy fix, properties must invest in technology and people to create a defensible environment. This presentation will show how cyber security can be enabled which fits with the business’s operations and minimal disruption.

Building types are not constrained to only office space. Properties come in all varieties from warehouses and manufacturing spaces to data centers and shopping malls. All of this needs to be taken into account when assessing the environment and recommending tools and procedures. This talk will cover common architectures seen, typical control systems found in buildings (BMS, FLS, elevator, lighting, power…), reproducible steps to help companies/users understand their vulnerabilities and how we, as an industry, move forward.

For the most part, these are not technical problems, but a literal gap that needs to be addressed directly by budgetary and policy controls. The industry is pushing for cybersecurity budgeting, standards and visibility for properties, which are largely ignored or misunderstood by owners and operators. This is a solvable problem and I want attendees to feel empowered to ask tough questions and be prepared to have an educated conversation about the risks and not use fear mongering or scare tactics to get cybersecurity put in place.


People:
    SpeakerBio:  Thomas Pope, JIL

Thomas Pope is the Head of Property Cybersecurity at Jones Lang Lasalle (JLL). His team assists customers and internal teams with securing control systems at their properties and how to accomplish cybersecurity at scale with regards to building operations. Previous stints including leading incident response engagements at Cisco Talos as an Incident Commander, Adversary Hunter at Dragos; searching for ICS-specific adversaries and standing up multiple cybersecurity programs at Duke Energy.




Cross-Site WebSocket Hijacking in 2025: Exploitation, Evolution, and Mitigation

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Saturday, Aug 9, 10:40 – 11:10 PDT

Creator: AppSec Village

Cross-Site WebSocket Hijacking (CSWSH) is a powerful yet underexplored vulnerability in modern web applications. This talk looks at how advancements in browser security, such as SameSite cookie defaults, Total Cookie Protection, and Private Network Access, have reshaped its exploitability. Through real-world case studies from past security assessments, we’ll examine scenarios where CSWSH attacks succeeded, but would now be mitigated by contemporary browser features. Attendees will gain insights into the prerequisites for successful CSWSH exploitation, understand the implications of browser security enhancements, and learn best practices for securing WebSocket implementations against such attacks.


People:
    SpeakerBio:  hyperreality

Laurence is an application security consultant at Include Security with a broad range of interests. He is the co-founder of CryptoHack, a popular cryptography challenge platform. He got addicted to CTFs at university and has been learning as much as he can about web, cryptography, network, and infrastructure security since then. In his spare time he loves going on cycling and hiking trips.




Crossing the Line: Advanced Techniques to Breach the OT DMZ

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Friday, Aug 8, 17:30 – 17:59 PDT

Creator: ICS Village

As industrial environments become increasingly interconnected, the OT DMZ stands as a critical yet vulnerable boundary between enterprise IT networks and operational technology. In this talk, we expose the offensive strategies adversaries use to penetrate the OT DMZ and pivot into sensitive control system networks. Drawing from real-world red team operations and threat intelligence, we’ll explore how misconfigured remote access solutions, poorly segmented architectures, and legacy services create exploitable pathways into industrial environments. Attendees will gain insight into tradecraft used to move from enterprise footholds into OT networks, including techniques for identifying and abusing jump hosts, proxy services, Citrix gateways, and RDP relays. We’ll demonstrate practical TTPs for lateral movement, credential access, and evasion within the DMZ layer—highlighting how assumptions about segmentation often fall short in practice. Finally, we’ll discuss defensive takeaways to help asset owners detect and mitigate these threats before they escalate. This presentation is aimed at offensive security professionals, defenders, and industrial security leaders seeking to understand how the OT perimeter is being targeted—and how to better protect it.


People:
    SpeakerBio:  Christopher Nourrie, SCE

Christopher Nourrie is a threat hunter at Southern California Edison (SCE). He specializes in IT and OT threat hunting while supporting the Red Team program. With over 11 years of experience in offensive security, his expertise includes penetration testing, network security assessments, and adversary emulation. Before joining SCE, Chris was a Principal Penetration Tester at Dragos, Inc., concentrating on red teaming and penetration testing within industrial environments. He also served as an Exploitation Analyst at the National Security Agency (NSA) within the Tailored Access Operations (TAO) division under U.S. Cyber Command, supporting offensive cyber operations. His expertise encompasses open-source intelligence (OSINT), network reconnaissance,, and advanced attack methodologies. Chris also played a pivotal role in cybersecurity education, teaching advanced adversary tactics at the NSA’s National Cryptologic School. He is the author of Pentesting Industrial Networks and delivers an OT penetration testing course that helps security professionals strengthen their industrial cybersecurity defenses. Chris is a dedicated researcher who studies advanced threat actor tactics, techniques, and procedures (TTPs) targeting enterprise and industrial environments. He continuously integrates emerging insights into his tradecraft, refining methodologies to stay ahead of evolving cyber threats. His contributions to the field help organizations bolster their security posture against sophisticated adversaries.




Crypto Privacy Village: Closing Remarks

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-403 (Crypto Privacy Village)
When:  Sunday, Aug 10, 12:30 – 12:59 PDT

Creator: Crypto Privacy Village

People:
    SpeakerBio:  Crypto Privacy Village Staff
No BIO available



Crypto Privacy Village: Welcome

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-403 (Crypto Privacy Village)
When:  Sunday, Aug 10, 10:00 – 10:05 PDT
Friday, Aug 8, 10:00 – 10:05 PDT
Saturday, Aug 9, 10:00 – 10:05 PDT

Creator: Crypto Privacy Village

People:
    SpeakerBio:  Crypto Privacy Village Staff
No BIO available



Cryptocurrency Opening Keynote

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Friday, Aug 8, 11:00 – 11:59 PDT

Creator: Cryptocurrency Community

Join your fellow hackers managing the Cryptocurrency areas of Defcon, and get a sneak peak of what each workshop teaches as well as an overview of the showcases and programs happening in our Defcon Community, Contest, and Vendor areas. Chad and Param will report on cryptocurrency trends and perspectives from their distinguished positions in industry and academy. We will announce the teams competing in the Cryptocurrency Cyber Challenge, and give an overview of what’s available in the vending area. Meet the organizers of years of cryptocurrency content at Defcon and bring your questions to the Community Stage!


People:
    SpeakerBio:  Michael “MSvB” Schloh von Bennewitz, Chairman, Monero Devices

Michael Schloh von Bennewitz (MSvB) is a computer scientist specializing in cryptosecure electronics and embedded development. He is the founder of Monero Devices and responsible for research, development, and maintenance of Opensource software repositories. A prolific speaker in four languages, Michael presents at technical meetings every year.

SpeakerBio:  Chad Calease, Kraken

Chad Calease designs for failure—on purpose.​ At Kraken, he hovers where crypto, resilience engineering, and human behavior collide. A systems thinker with instincts that cultivate resilience, Chad champions the Kraken value of being “Productively Paranoid”—as both a design principle and a survival trait. His work challenges us to outpace risk, interrogate ease, and own our exposures before they own us—by building with the assumption that failure isn’t an if, but a when.

SpeakerBio:  Param D Pithadia, Georgia Institute of Technology

Param is an Electrical Engineering Student from Georgia Tech with a strong passion for and interest in crypto. Although he primarily got interested in cryptography and hardware security through a class at Georgia Tech, he is also working at a software company on crypto adoption and ease of use. With a unique blend of HW and SW skills, Param is truly enthusiastic about all aspects of crypto.




Cryptography is hard: Breaking the DoNex ransomware

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Friday, Aug 8, 11:20 – 11:50 PDT

Creator: Malware Village

In recent years, ransomware has been one of the most prolific forms of cybercrime with financial gain as primary motive. The problem keeps getting bigger with a new operation seeing the light almost every month. While reverse engineering ransomware is fun, it also serves a greater purpose: can we find a vulnerability that allows us to decrypt a victim’s files without interacting with the criminals? Enter the DoNex ransomware, a new operation that has entered the scene very recently. They have a leak website on the dark web where some victims have been named and shamed. Reverse engineering of a DoNex sample revealed a vulnerability that allowed us to decrypt every encrypted file for victims under a trivial condition. To help victims recover from a ransomware attack, we published a decryption tool on the NoMoreRansom platform, an initiative from a number of parties including the Dutch National Police to keep ransomware operators from extorting victims. In this talk, we will dive into the technical details of DoNex and how we exploited a vulnerability to decrypt files affected by DoNex without the need to negotiate with the cybercriminals.


People:
    SpeakerBio:  Gijs Rijnders
No BIO available



CTF 101

Creator Talk Map Page – LVCC West-Level 2-W204 (Noob Community)
When:  Saturday, Aug 9, 11:00 – 11:59 PDT

Creator: Noob Community

Everything you need to know about beating CTF challenges


People:
    SpeakerBio:  John Hammond, Cybersecurity Researcher
No BIO available



CTI-Agent: Automated battlecards from CTI reports

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Friday, Aug 8, 16:15 – 16:55 PDT

Creator: Recon Village

Threat intelligence reports from reputed parties contain a wealth of OSINT including threat actor details, campaign information, IOCs (indicators of compromise), and TTPs (Tactics, Techniques and Procedures). Such threat intelligence is predominantly consumed with a human in the loop due to several challenges posed: Threat intelligence is often in natural language and difficult to extract automatically; These reports may have incomplete information and may require synthesizing multiple reports to construct a better view of the attack; Some intelligence such as TTPs are often implicit in the report and requires language comprehension; Not all indicators in a report are malicious and further they could have different degrees of confidence on the level of maliciousness and what they define as malicious.x000D x000D The labor intensive manual process not only makes it difficult/error prone to identify actionable threat intelligence in the form of battlecards but also leave users vulnerable to mentioned attacks due to the increased time gap threat reports and manual extraction of intelligence. The problem is exacerbated by the fact that many similar threat reports with different pieces of intelligence scattered across reports especially for emerging attacks.x000D x000D We build an agentic system to automate the collection and synthesis of cyber threat intelligence from threat reports using LLM Agents and unsupervised machine learning techniques into battlecards. At a high-level, CTI-Agent first extracts threat actor, campaign, TTPs and IOCs from recently published threat reports from reputed parties using specially crafted prompts on LLMs (Large Language Models) as well as using regular expressions/known knowledge which we refer to as signature based techniques. The agent also generates concise summaries for each threat report using LLMs. After performing a round of validation, the agent uses the summaries and extracted intelligence to synthesize multiple reports together and provide a battlecard with easily digestible threat intelligence. The agent follows the proven ReAct (Reason Action) framework to plan tasks autonomously and achieve the final goal of producing accurate battlecards by reasoning and then acting (i.e. calling various tools) multiple times. We plan to share our experience and lessons learnt during the process of build the CTI-Agent.x000D x000D The outline of the presentation is as follows:x000D x000D CTI to Battlecards_x000D_ How battlecards are used to help protect networks_x000D_ Manual, time consuming, error-prone_x000D_ Multiple threat reports with inconsistent descriptions_x000D_ May contain conflicting IOCs/TTPs_x000D_ x000D Modeling CTI Reports_x000D_ Converting unstructured or semi-structured data into structured threat information_x000D_ Challenges involved_x000D_ x000D Three key LLM patterns_x000D_ Prompting LLMs (simple and CoT prompting)x000D RAG (Retrieval Augmented Generation)x000D Agents_x000D_ x000D Prompting LLMs_x000D_ How to effectively prompt LLMs to elicit best output_x000D_ Examples_x000D_ x000D RAG_x000D_ Describe a RAG system using a diagram_x000D_ x000D Agents_x000D_ Describe an magnetic system using a diagram_x000D_ x000D Evals_x000D_ Evaluating LLM/Agentic systems is a challenging task_x000D_ Show how one can incrementally build an eval dataset to evaluate_x000D_ x000D Agent Tool Calling_x000D_ Introduce Agent tool calling_x000D_ Introduce MCP protocol_x000D_ x000D Multi-Agent Systems_x000D_ Common patterns_x000D_ Introduce A2A protocol_x000D_ x000D Popular Agent Planning Techniques_x000D_ Introduce what agent planning is_x000D_ Introduce patterns like Reflection and ReAct_x000D_ x000D Guardrails_x000D_ Explain the need to have guardrails_x000D_ Provide examples_x000D_ x000D Multi-Agentic System Overview_x000D_ Monitor and collect recent threat reports from reputed parties_x000D_ Agentic System to extract Threat Actor, Campaign, TTPs and IOCs_x000D_ Extract using CoT prompted LLMs_x000D_ Extract using signature based methods x000D Validate the collected threat intelligence information via reflection and LLM-as-a-Judge_x000D_ Create threat report summaries for each threat report prompting LLMs_x000D_ Collect additional IOCs related to campaigns using in-house intelligence_x000D_ Save reports, summaries, threat intelligence data to a database_x000D_ Cluster threat reports to identify related threat reports (i.e. those reports discussing the same threat or campaign)x000D Generate language embeddings for the threat summaries for threat reports_x000D_ Generate graph embeddings by modeling threat reports and threat intelligence extracted as a graph and using unsupervised graph learning algorithm_x000D_ Combine both embeddings together and perform unsupervised learning to cluster embeddings together_x000D_ The embeddings in the same cluster correspond to threat reports discussing the same threat or campaign_x000D_ Generate battlecards that can be readily used by security operations professionals_x000D_ Note: The above steps will be visualized into multiple slides and showed how to realize them in practice.x000D x000D Agentic System Evaluation_x000D_ Dataset_x000D_ Experimental results_x000D_ x000D Lessons Learned_x000D_ Various lessons learned during the construction and evaluation of this system plus several other agentic systems that the author built_x000D_ x000D Summary_x000D_ Key take aways from the presentation_x000D_


People:
    SpeakerBio:  Mohamed Nabeel

Mohamed Nabeel, PhD, is a cyber security veteran leading the efforts on proactive detection and graph based threat intelligence research and development. He is an open-source enthusiast and a member of Apache Software Foundation. Currently, he is a principal security researcher at Palo Alto Networks. He is passionate about securing AI, and building AI powered tools and systems to help defenders stay one step ahead of Internet miscreants. During his spare time, he teaches AI/Cyber Security to graduate students and mentors cyber security research students at National University. He has authored and presented 25+ US patents and 25+ papers at top security conferences including RSAC, VirusBulletin, IEEE S&P and Usenix Security. Some of his inventions are patented by a rising cyber security firm named bfore.ai and some are successfully productized and deployed at PANW.




Cultivating the Adversarial Mindset, Offensive Cyber security and the Power of Security Communities

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-702 (Adversary Village)-Workshop Area
When:  Friday, Aug 8, 17:00 – 17:59 PDT

Creator: Adversary Village

This panel brings together offensive cyber security experts and community leaders to explore the critical role of the adversarial mindset in modern cyber security. From red teaming and threat emulation to vulnerability research, we’ll discuss how thinking like an attacker strengthens defense strategies. e will also highlight the power of grassroots security communities in sharing knowledge, advancing tradecraft, and building the next generation of defenders. Join us for a conversation that bridges offense, defense, and the culture that makes it all possible.

Links:
    adversaryvillage.org/adversary-events/DEFCON-33/ – https://adversaryvillage.org/adversary-events/DEFCON-33/

People:
    SpeakerBio:  Len Noe, Technical Evangelist and Cyborg Hacker

Len Noe is a Technical Evangelist, White Hat Hacker, and BioHacker. Noe is an international security speaker who has presented in over 50 countries and at multiple major security conferences worldwide including presenting at the World Conference at the Hague. Len is a global thought leader in the Transhuman/Human+ movement and utilizes microchip implants to advance cyber security and the human experience. Len has had his research published in multiple news outlets globally and is a regular participant on numerous security podcasts. Prior to 2001 Noe was a Black/Grey Hat Hacker and learned most of his skills by practical application. Noe has spent 29 years working in the areas of web development, system engineering/administration, architecture, and coding; for the past nine years, he has focused on information security from an attacker’s perspective. He also actively participates in the activities of the information security communities in Texas, the Autism Society, and many others.

SpeakerBio:  Chris Glanden, Indie Filmmaker| Founder and CEO at BarCode Security

Chris Glanden (AKA Pr0ph-1T) is a cybersecurity advisor, thought leader, and prolific content creator with over 25 years of industry experience. Formerly a security solutions engineer, he’s now the Founder and CEO of BarCode Security, a boutique services firm specializing in creative narrative strategy, helping organizations and individuals strengthen their brand presence and visibility. He’s also the host of the award-winning podcast “BarCode” and a founding member of the Cyber Circus Network (CCN). With a passion for storytelling that extends beyond the microphone, he also writes and directs indie films based on true stories spawned from within the cyberworld.

SpeakerBio:  Filipi Pires, Head of Identity Threat Labs and Global Product Advocate at Segura

I’ve been working as Head of Identity Threat Labs and Global Product Advocate at Segura®, Red Team Village Director, Senior Advisor Raices Cyber Academy, Founder of Red Team Community (Brazil and LATAM), AWS Community Builder, Snyk Ambassador, Application Security Specialist and Hacking is NOT a crime Advocate. International Speaker at Security and New technologies events in many countries such as US (Black Hat & Defcon), Canada, France, Spain, Germany, Poland, Black Hat MEA – Middle-East – and others, I’ve served as University Professor in Graduation and MBA courses at Brazilian colleges, in addition, I’m Creator and Instructor of the Course – Malware Attack Types with Kill Chain Methodology (PentestMagazine), PowerShell and Windows for Red Teamers(PentestMagazine) and Malware Analysis – Fundamentals (HackerSec).

SpeakerBio:  Phillip Wylie, Offensive Security Mentor

Phillip Wylie is a distinguished cybersecurity professional with over 27 years of combined IT and cybersecurity experience, including more than 21 years focused on information security. Specializing in offensive security with over a decade of hands-on experience, Phillip has extensive expertise in penetration testing, red team operations, and social engineering engagements, working both as a consultant and as an in-house pentester for enterprise organizations.

As a passionate educator, Phillip served as an Adjunct Instructor at Dallas College for over 3.5 years and has developed curricula for INE and P3F. He is the concept creator and co-author of The Pentester BluePrint: Starting a Career as an Ethical Hacker and was featured in Tribe of Hackers: Red Team. Phillip hosts two prominent cybersecurity podcasts: The Phillip Wylie Show and Simply Offensive.

Phillip is a sought-after conference speaker, hands-on workshop instructor, and dedicated mentor to cybersecurity professionals worldwide.




CVE Crisis: State of the Vulnerability Disclosure Landscape

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Friday, Aug 8, 13:00 – 13:30 PDT

Creator: AppSec Village

Our vulnerability disclosure ecosystem is strained. NVD backlogs persist, while the CVE program, after a near-critical funding crisis impacting its stability, struggles with vulnerability volume and assignment consistency under ongoing resource pressure. CISA’s role also evolves amidst these challenges. This talk dissects these US program issues and their impact on AppSec professionals, then examines rising global players like ENISA and other vulnerability databases, assessing their pros, cons, and impact on vulnerability management.


People:
    SpeakerBio:  jgamblin

Researcher. Builder. Hacker. Traveler.




Cyber 101 Talk

Creator Talk Map Page – LVCC West-Level 2-W204 (Noob Community)
When:  Friday, Aug 8, 11:00 – 11:59 PDT

Creator: Noob Community

Everything you need to know about getting started in cybersecurity


People:
    SpeakerBio:  Gerald Auger., Chief Content Creator, PhD
No BIO available



Cyber Gamechangers: Women Who Lead, Secure, and Inspire

Creator Talk Map Page – LVCC West-Level 3-W322-W324 (Blacks In Cyber Village)
When:  Friday, Aug 8, 13:00 – 13:59 PDT

Creator: Blacks In Cyber Village

Step into an empowering panel experience spotlighting accomplished women reshaping the cybersecurity landscape. Through candid conversation, our panelists—from industry leaders to public-sector defenders—share real-world stories about breaking into and thriving in cyber, building resilient networks, and advancing diversity. You’ll hear how they navigated nontraditional entry points, found mentorship, bridged the gender gap, and built careers rooted in both technical skill and community. Perfect for early-career professionals and aspiring leaders, this session offers practical advice, personal insight, and inspiration to chart your own game-changing path in cybersecurity.


People:
    SpeakerBio:  Nikkia Henderson

Ms. Nikkia Henderson is a Portfolio Manager in the federal government with 15+ years of experience. She’s an advocate for women in cybersecurity and enjoys tea, cooking, beaches, and aquariums.

SpeakerBio:  Arielle Baine, Chief of Cybersecurity for Region 3 at CISA

Ms. Arielle Baine is the Chief of Cybersecurity for Region 3 at DHS’s Cybersecurity and Infrastructure Security Agency (CISA), overseeing operations across six states and D.C. She leads a team focused on cyber preparedness, risk mitigation, and incident response through public-private partnerships. Baine brings over 13 years of federal and DoD cybersecurity experience, with previous roles at the FDA, FTC, and Hanscom Air Force Base. She holds a master’s in cybersecurity and certifications including CISSP, CCSP, and CEH.

SpeakerBio:  Zandreia Keys

Ms. Zandreia Keys is a senior intelligence and cybersecurity executive with more than 20 years of experience leading threat intelligence operations, cyber risk analysis, and national security strategy. A U.S. Navy veteran and federal leader, she has built and led high-impact intelligence teams across multiple agencies, driving modernization, mission integration, and secure information sharing across the cyber enterprise.

Ms. Keys is recognized for her ability to bridge operational intelligence with executive decision-making, strengthen public-private collaboration, and lead through change in complex environments. Outside of her professional work, she is also an entrepreneur and mentor, committed to cultivating diverse talent in the national security and cybersecurity fields.




Cyber Policy 101: Packets Hit Politics

Creator Talk Map Page – LVCC West-Level 2-W234 (Policy @ DEF CON)
When:  Friday, Aug 8, 10:00 – 10:45 PDT

Creator: Policy @ DEF CON

You know how to secure and break systems – but what about the laws and policies that govern them? Whether you like it or not, cybersecurity is now deeply entangled with law and politics. Governments are making decisions about encryption, vulnerability disclosure, surveillance, and the limits of offensive operations – decisions that shape what you can build, break, publish, or patch. What you need is a fast-paced, no-jargon-needed crash course in cyber policy, designed specifically for DEF CON attendees. We’ll start early: the crypto wars (no, not that crypto), hacking laws, and security research. From there, we’ll look at how today’s key institutions – legislatures, federal agencies, international coalitions – are approaching the future of cybersecurity. Topics include the debate over vulnerability disclosure and use, efforts to regulate encryption and mandate software security, the evolving norms of state-sponsored hacking, AI policy’s impact on cybersecurity, post-quantum encryption, and conflicts over digital sovereignty. Finally, we’ll cover how you can engage on these debates. If you’ve ever found yourself yelling at a Congressional hearing on C-SPAN or ignoring it entirely, this talk will help you understand how the levers of cyber policy work – and how you can hack them, too.


People:
    SpeakerBio:  Heather West, Venable

Heather West is a policy and tech translator, product consultant, and long-term digital strategist guiding the intersection of emerging technologies, culture, governments, and policy. Equipped with degrees in both computer and cognitive science, Heather focuses on data governance, data security, artificial intelligence (AI), and privacy in the digital age. She is a subject matter authority who has written extensively about AI and other data driven topics for over a decade. She is also a member of the Washington Post’s The Network, “a group of high-level digital security experts” selected to weigh in on pressing cybersecurity issues.




Cyber Threat Intelligence 101: From Foundations to AI‑Driven Defense

Creator Talk Map Page – LVCC West-Level 2-W213-W218-(Blue Team Village) W214-W215
When:  Saturday, Aug 9, 10:00 – 10:50 PDT

Creator: Blue Team Village (BTV)

When a system is compromised, the first questions are often: Who did this? and What were they after? But effective cybersecurity—and modern AI‑enhanced defense—goes far beyond just identifying the attacker; it’s about anticipating their next move.

Defeating cyber adversaries starts long before an alert fires. In this fast‑paced primer, we demystify the CTI intelligence lifecycle and structured models such as MITRE ATT&CK, showing how they convert raw telemetry into high‑value intelligence ready for action and fuel smarter purple‑team collaboration.

Join us for an introductory session on the fundamentals of Threat Intelligence—what it is, how it works, and how it’s used to uncover, understand, and respond to evolving cyber threats—then see how AI‑powered automation accelerates indicator extraction, suggests hunting hypotheses, stitches detections across your stack for real‑time response, and how purple‑team validation closes the loop by proving your intel‑driven controls stop the threats you care about before the next breach.


People:
    SpeakerBio:  Carlo Anez Mazurco

Carlo Anez Mazurco is a career cybersecurity consultant who designs and implements defensive strategies for organizations of every size. Holding multiple GIAC‑level credentials (GCIH) alongside Security+ and Network+, he distills 15 years of threat‑hunting and incident‑response experience into actionable guidance. Carlo coaches hands‑on labs at DEFCON’s Blue Team Village and provides year‑round training for community groups such as the Women’s Society of Cyberjutsu, local BNI chapters, and veteran‑led upskilling programs—helping the wider security community build resilient, AI‑aware defenses.




Cybersecurity Career Fireside Chat: Offensive Security

Creator Talk Map Page – LVCC West-Level 3-W322-W324 (Blacks In Cyber Village)
When:  Friday, Aug 8, 16:00 – 16:59 PDT

Creator: Blacks In Cyber Village

Thinking about a career in offensive security? Join this interactive fireside chat with professionals working on the front lines of red teaming, penetration testing, exploit development, and adversary emulation. Panelists will share their personal journeys, advice on breaking into the field, and reflections on what it takes to thrive in offensive security. Whether you’re just starting out or looking to pivot your career, bring your questions and curiosity—this is your chance to learn directly from those who’ve made hacking their day job.


People:
    SpeakerBio:  Lorenzo White
No BIO available
SpeakerBio:  Jamal Theodore
No BIO available
SpeakerBio:  Wesley Snell
No BIO available



Cybersecurity in Latin America: The Untold Stories of Resilience & Innovation

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Friday, Aug 8, 16:00 – 16:30 PDT

Creator: La Villa

Latin America faces a perfect storm of cyber threats—sophisticated criminal networks, underfunded defenses, and systemic vulnerabilities. Yet, within this chaos lies an untold narrative of adaptation, recursion, and community-driven resilience.


People:
    SpeakerBio:  Giovanni Cruz Forero, COO at 7 Way Security

Professional in Cybersecurity with 20 years of experience in the sector, seeks to share knowledge using his experience and knowledge and currently works as COO of 7 Way Security, organizer of BSides Colombia, La Villa and other spaces for building collective knowledge.

Profesional en Ciberseguridad con 17 años de experiencia en el sector, busca compartir conocimiento haciendo uso de su experiencia y conocimiento y en este momento trabaja como CEO de Be Hacker Pro donde plantea estrategias para el fortalecimiento del capital humano con talentos en ciberseguridad, es cofundador de CSIETE y 7 Way Security, organizador de BSides Colombia, HackLab Bogotá y otros espacios de construcción de conocimiento colectivo.




Cypherpunk Java with Nix

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Saturday, Aug 9, 11:15 – 11:59 PDT

Creator: Nix Vegas Community

Cypherpunks write code that is open source, privacy-oriented, decentralized, trust-minimized, verifiable/auditable, interoperable, and bundled in Linux distributions. Cypherpunks don’t use Java. But in 2025 using Java 25 and Nix — they can and should!

We will review how functional-style programming, minimalism, pattern-matching, native compilation and integration with C/C++/Rust through a new FFM mechanism are game-changers for Java developers and worthy of a second look by those who dismissed Java years ago.

In this session we will see how Nix can reliably build native and JIT-compiled tools and applications, how dependencies can be minimized and bootstrappability achieved.

We will compare Maven’s bytecode packaging to the Nix model and how the two can be integrated while also brining in native libraries.

Real-world examples will be provided. We will look at the gaps that remain and how to close them so we can live the Java-cypherpunk dream and contribute to the “Great Tree”.


People:
    SpeakerBio:  Sean Gilligan

Mr. Gilligan learned C and UNIX as an undergrad at Berkeley. In his early career he wrote device drivers and networking protocols. He reluctantly learned Java and learned the good, the bad, and the ugly. His journey has included consulting, management, and entrepreneurship. He is the co-maintainer of bitcoinj, contributes to other open source projects, and is working to better integrate secure enclaves with secp256k1 ECC and Nix.




Dark Capabilities: When Tech Companies Become Threat Actors

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Friday, Aug 8, 11:45 – 12:30 PDT

Creator: Policy @ DEF CON

Cyberpunk authors, like Neal Stephenson in Snow Crash, have long envisioned a world run by ruthless mega-corporations, with more power than governments, engaging in threat activity. We now live in such a world. Tech companies wield immense, often invisible power, far beyond what they admit to users. We’ve caught glimpses:

• A cloud provider scanning customer data for offensive content • A rideshare app tracking users after the ride ends • A robotic vacuum that builds maps of your home • A respected security company bricking systems across the globe… accidentally

These aren’t theoretical. They’re the tip of the iceberg. The real capabilities, the ones no one talks about, are far more dangerous.

Governments know it. That’s why some ban certain apps and hardware. Threat actors know it. That’s why they break in. The question is: do you know what’s really possible?

This talk explores the dark potential of modern tech platforms, the things they’re structurally able to do, whether or not they intend to. We’ll walk through scenarios where companies might be tempted to go offensive, where insiders (or outsiders) could gain and weaponize access, and how these powers could be misused at scale.

Because in security, it’s never about what a system claims to do. It’s about what it can do.


People:
    SpeakerBio:  Tom Cross

Tom Cross is an entrepreneur and technology leader with three decades of experience in the hacker community. Tom attended the first DefCon in 1993 and he ran bulletin board systems and listservs in the early 1990’s that served the hacker community in the southeastern United States. He is currently Head of Threat Research at GetReal Security, Principal at Kopidion, and creator of FeedSeer, a news reader for Mastodon. Previously he was CoFounder and CTO of Drawbridge Networks, Director of Security Research at Lancope, and Manager of the IBM Internet Security Systems X-Force Advanced Research team. He has written papers on collateral damage in cyber conflict, vulnerability disclosure ethics, security issues in internet routers, encrypting open wireless networks, and protecting Wikipedia from vandalism. He has spoken at numerous security conferences, including Black Hat Briefings, Defcon, CyCon, HOPE, Source Boston, FIRST, and Security B-Sides. He has a B.S. in Computer Engineering from the Georgia Institute of Technology. He can be found on Linkedin as https://www.linkedin.com/in/tom-cross-71455/, on Mastodon as https://ioc.exchange/@decius, and on Bluesky as https://bsky.app/profile/decius.bsky.social.

SpeakerBio:  Greg Conti, Co-Founder and Principal at Kopidion

Greg Conti is a hacker, maker, and computer scientist. He is a nine-time DEF CON speaker, a seven-time Black Hat speaker, and has been a Black Hat Trainer for 10 years. He’s taught Adversarial Thinking techniques at West Point, Stanford University bootcamps, NSA/U.S. Cyber Command, and for private clients in the financial and cybersecurity sectors. Greg is Co-Founder and Principal at Kopidion, a cyber security training and professional services firm.

Formerly he served on the West Point faculty for 16 years, where he led their cybersecurity research and education programs. During his U.S. Army and Military Intelligence career he co-created U.S. Cyber Command’s Joint Advanced Cyberwarfare Course, deployed to Iraq as Officer-in-Charge of U.S. Cyber Command’s Expeditionary Cyber Support Element, and was the first Director of the Army Cyber Institute.

Greg is co-author of On Cyber: Towards an Operational Art for Cyber Operations, and approximately 100 articles and papers covering hacking, online privacy, usable security, cyber conflict, and security visualization. Greg holds a B.S. from West Point, an M.S. from Johns Hopkins University, and a Ph.D. from the Georgia Institute of Technology, all in computer science. His work may be found at gregconti.com (https://www.gregconti.com/), kopidion.com (https://www.kopidion.com/) and LinkedIn (https://www.linkedin.com/in/greg-conti-7a8521/).




Darknet-NG: Mesh Communications with your Community

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C204 (Badgelife Community)
When:  Saturday, Aug 9, 11:00 – 11:30 PDT

Creator: Badgelife Community

People:
    SpeakerBio:  Gater_Byte
No BIO available



DCGVR Opening Statement

Creator Talk Page – Online
When:  Saturday, Aug 9, 10:00 – 10:59 PDT

Creator: DEF CON Groups VR (DCGVR)

Talk about hacking, DCG VR, other topics…

Note: DCGVR Talks are scheduled 1 hour slots, but the actual presentations can be as short as 30 minutes. Please arrive at the start of the hour.


People:
    SpeakerBio:  800xl

800xl co-founder of DCGVR




DCNext Gen Closing Ceremonies

Creator Talk Map Page – LVCC West-Level 2-W230 (DC NextGen)
When:  Sunday, Aug 10, 11:00 – 11:59 PDT

Creator: DC NextGen

(DCNextGen is for youth 8-18 attending DEF CON) And just like that, it’s a wrap! While we’re sad to see the fun end, we want to give everyone one last big thank you.

Join us for a final farewell to say goodbye to new friends and hear about all the cool plans we have for next year. We’ll also be handing out prizes for all the Capture the Flag (CTF) events—you must be present to win!


People:
    SpeakerBio:  BiaSciLab, CEO at Girls Who Hack

Bianca ‘BiaSciLab’ Lewis is an 18 year old hacker that has been working in cyber security since the age of 11. She started her journey by hacking a mock election reporting system at Defcon at the age of 12 gaining national attention leading her to attend a congressional hearing on election security. Since then Bianca has become an international speaker discussing election security, Social Media Psyops, psychological warfare, women in tech, and other various cyber security topics at DEF CON, Black Hat, Defcamp and numerous other conferences including H.O.P.E. where she was the youngest ever to speak. Seeing the lack of young girls in the cyber space, she also started Girls Who Hack, her non-profit with the mission of teaching girls the skills of hacking so that they can change the future. She provides free online and in person classes on the most important topics in cyber security and online safety. Currently BiaSciLab is a key member of The Hacking Games working as the lead of their youth advisory and influence board “C.Y.B.E.R.” that exists to support The Hacking Games mission to guide the next generation with a passion for hacking onto pathways that drive positive change in the world.




DDoS: The Next Generation

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Saturday, Aug 9, 12:00 – 12:59 PDT

Creator: DDoS Community

Future of DDoS Attacks and Prevention


People:
    SpeakerBio:  Andrew Cockburn, Netscout
No BIO available



Dead Reckoning: Hijacking Marine Autopilots

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Sunday, Aug 10, 12:30 – 12:59 PDT

Creator: Maritime Hacking Village

We demonstrate a vulnerability in a commonly-used autopilot computer that allows unsigned firmware to be pushed through trusted update channels such as SD cards and NMEA 2000 networked chart plotters without authentication or cryptographic validation. We show how a malicious ‘.swup’ file can be crafted and accepted by the system to gain persistent code execution, enabling arbitrary CAN bus injection on marine control networks. The attack chain, reminiscent of removable media-style delivery in air-gapped systems, demonstrates how firmware-level control in marine environments can be leveraged to disrupt navigation subsystems. We will walk through firmware extraction, reverse engineering of firmware and CAN subroutines, firmware repackaging, and live effects on NMEA 2000 networks. No physical access to the autopilot is needed, the attack leverages trusted firmware delivery via the chart plotter over NMEA 2000.

Links:
    maritimehackingvillage.com/dc33/talks – https://maritimehackingvillage.com/dc33/talks

People:
    SpeakerBio:  Carson Green, Colorado State University

Carson Green is a graduate research assistant in systems engineering from Colorado State University, with a bachelor’s degree in electrical engineering. He enjoys designing and debugging PCB’s, researching vulnerabilities in cyber-physical systems, and can often be found playing the banjo.

SpeakerBio:  Rik Chatterjee, Colorado State University

Rik is a PhD student at Colorado State University exploring the tangled edge of embedded systems and cybersecurity. His research focuses into real-world vulnerabilities in automotive and industrial controllers, from reverse-engineering to network protocol level vulnerabilities. He’s previously shared his work at DEF CON and NDSS. When he’s not pulling apart PCBs, you’ll find him elbow-deep in his vegetable garden, proving that both firmware and tomatoes need rooting.




Deceit by Design: Exploiting the Lies CPUs Tell During Execution

Creator Talk Map Page – LVCC West-Level 2-W235 (DEF CON Academy)
When:  Sunday, Aug 10, 13:00 – 13:59 PDT

Creator: DEF CON Academy

Modern processors are built for speed, but in doing so, they make dangerous assumptions. The very features that make processors fast can also make them untrustworthy. This talk explores how features like speculative and out-of-order execution open the door to powerful side-channel attacks like Spectre and Meltdown. You’ll learn how these vulnerabilities allow attackers to read privileged memory, bypass isolation, and leak secrets that should never be exposed. Through clear explanations and live demonstrations, we’ll show how trust in hardware can be misplaced and how those lies can be turned into exploits.


People:
    SpeakerBio:  robwaz, Arizona State University
No BIO available



Deconstructing Malware Lineage with Graph Neural Networks

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Saturday, Aug 9, 15:50 – 16:20 PDT

Creator: Malware Village

As malware continues to evolve rapidly through code reuse, obfuscation, and minor variant generation, understanding the lineage of malicious code has become a critical part of threat intelligence and incident response. In this talk, we present how machine learning, embeddings, and graph-inspired modelling can be used to automatically uncover relationships between malware samples and trace their evolutionary history at scale.


People:
    SpeakerBio:  David Rushmer
No BIO available



Deepfake Image and Video Detection  

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Saturday, Aug 9, 13:00 – 13:59 PDT

Creator: Packet Hacking Village

Performing analysis of fake images and videos can be challenging considering the plethora of techniques that can be used to create a deepfake. In this session, we’ll explore methods for identifying fake images and videos whether created by AI, photoshopped, or GAN-generated media. We’ll then use this for the basis of a live demonstration walking through methods of exposing signs of alteration or AI generation using more than a dozen techniques to expose these forgeries. We’ll also highlight a free GPT tool for performing your own analysis. Finally, we’ll provide additional resources and thoughts for the future of deepfake detection.    


People:
    SpeakerBio:  Mike Raggo, Security Researcher at SilentSignals

Michael T. Raggo has over 30 years of security research experience. During this time, he has uncovered and ethically disclosed vulnerabilities in products including Samsung, Checkpoint, and Netgear. Michael is the author of “Mobile Data Loss: Threats & Countermeasures” and “Data Hiding” for Syngress Book. He is also a frequent presenter at security conferences, including Black Hat, DEF CON, Gartner, RSA, DoD Cyber Crime, OWASP, SANS. He was also awarded the Pentagon’s Certificate of Appreciation.




DEF CON Groups (DCGs): Keeping the Signal Alive All Year Long

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Saturday, Aug 9, 13:00 – 13:59 PDT

Creator: DEF CON Groups (DCG)

Explores how DCGs extend the DEF CON ethos year-round. Shares practical stories of how local group POCs foster community. Encourages attendees to connect with their local group or form their own group in the absence of a DCG.

Links:
    defcongroups.org – https://defcongroups.org

People:
    SpeakerBio:  Adam915, DCG Dept

DEF CON Groups Global Coordinator

SpeakerBio:  Jayson E. Street, Chief Adversarial Officer at Secure Yeti

Jayson E. Street referred to in the past as: a “notorious hacker” by FOX25 Boston, “World Class Hacker” by National Geographic Breakthrough Series, and described as a “paunchy hacker” by Rolling Stone Magazine. He however prefers if people refer to him simply as a Hacker, Helper & Human.

He is the Chief Adversarial Officer at Secure Yeti and the author of the “Dissecting the hack: Series” (which is currently required reading at 5 colleges in 3 countries that he knows of). Jayson is also the DEF CON Groups Global Ambassador. He’s spoken at DEF CON, DEF CON China, GRRCon, SAINTCON & at several other CONs & colleges on a variety of Information Security subjects. He was also a guest lecturer for the Beijing Institute of Technology for 10 years.

He loves to explore the world & networks as much as he can. He has successfully robbed banks, hotels, government facilities, Biochemical companies, etc. on five continents (Only successfully robbing the wrong bank in Lebanon once, all others he was supposed to)!

He is a highly carbonated speaker who has partaken of Pizza from Bulgaria to Brazil & China to The Canary Islands. He does not expect anybody to still be reading this far, but if they are please note he was proud to be chosen as one of Time’s persons of the year for 2006.

SpeakerBio:  Alethe Denis, Red Team at Bishop Fox

DEF CON Groups Dept 2nd Lead




Defense Against The Dark Arcs: Teaching kids to create magic

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C204 (Badgelife Community)
When:  Friday, Aug 8, 10:00 – 10:30 PDT

Creator: Badgelife Community

People:
    SpeakerBio:  Heal
No BIO available



Deploying Deception in Depth for ICS

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Saturday, Aug 9, 13:00 – 13:30 PDT

Creator: ICS Village

This session will introduce the strategy of designing and deploying deception strategies across ICS environments, by leveraging and operationalizing the Mitre Engage adversarial framework. This presentation will discuss the complexities related to deploying deception within ICS environments, and how to design a deception strategy geared towards the adversaries targeting your environment. A real-world case study, focusing on APT44, will demonstrate how to implement a deception strategy for Critical Infrastructure organisations.


People:
    SpeakerBio:  Brent Muir, Google

Brent has over 18 years experience working in the cybersecurity industry. He spent 12 years working in the Australian government sector, including Law Enforcement agencies, leading national cyber teams. Following his government work, Brent led the global digital forensics and incident response team for a Fortune 500 bank. His expertise has led him to working directly with C-Suite and Crisis Management teams, handling large-scale cyber incidents, including APT-linked cyber espionage campaigns. In addition to government and financial sectors, Brent has extensive experience working in Operational Technology industries, including telecommunications and energy providers.




Desktop Applications: Yes, We Still Exist in the Era of AI!!!

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Saturday, Aug 9, 16:00 – 16:30 PDT

Creator: AppSec Village

While cloud-native AI dominates security discussions, desktop apps—still vital in engineering, design, and finance—are quietly evolving. No longer just “legacy,” they now embed local LLMs, predictive UIs, automation, and offline inference.

This talk reframes AI security for desktop environments. We’ll explore new risks: prompt injection in on-device models, adversarial inputs, inference abuse, and insecure plugins. These threats don’t replace traditional flaws like memory corruption or unsafe parsing—they amplify them.

We’ll demo prompt injection on a local LLM and file-format fuzzing causing legacy crashes. Then we’ll cover AI-aware threat modeling, including tampered models and insecure automation. If you think desktop app security is solved, this talk will challenge that—and offer tools to secure hybrid software at the AI + legacy intersection.


People:
    SpeakerBio:  Uday

Uday is a principal security engineer at Autodesk, where he focuses on securing applications at the intersection of traditional software and emerging AI features. His work spans offensive research, fuzzing, threat modeling, building guardrails and integrating security into the SDLC at scale. He is especially passionate about securing desktop applications in a world rapidly shifting toward AI-first development.

Outside of work, Uday enjoys playing CTF challenges, running fuzz farms, and snowboarding to unwind. He is committed to mentoring others in the security community and is excited to share lessons from the field.




Digging Deeper: Reflections on the TRBR and EVEREST Studies on behalf of the California and Ohio Secretaires of State

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Friday, Aug 8, 14:30 – 14:59 PDT

Creator: Voting Village

This panel features several researchers that were central to the TTBR as well as the similar Ohio EVEREST Study and will delve further into the conduct of those studies, and how they may inform election security research today.


People:
    SpeakerBio:  Debra Bowen, The Honorable

Debra Bowen was the elected Secretary of State of California for two terms from 2007 to 2015. Prior to that, from 1992 to 2006, she had been a member of the California Assembly and then the Senate. In 2007, at the beginning of her term as Secretary of State, she commissioned the Top to Bottom Review (TTBR) of voting systems used in California. The review involved top computer security researchers, attorneys, and accessibility experts, and provided the nation with an unprecedented view into the state of voting machines. The TTBR led to critical changes to improve California’s elections and influenced other states to move away from the most insecure voting systems. In parallel she commissioned the Post Election Audit Standards Working Group (PEASWG), a group of experts charged with outlining standards for election auditing. From their report emerged the very first formal description of what came to be known as risk-limiting audits (RLAs), now widely viewed as the “gold standard” of auditing techniques. RLAs make the notions of evidence-based elections and software independence, two of the fundamental pillars of election integrity, an achievable goal.For her “bold leadership and her steadfast resolve to protect the integrity of the vote” she was honored with a 2008 Profile in Courage Award by the John F. Kennedy Presidential Library and Museum.

SpeakerBio:  Sandy Clark, Dr
No BIO available
SpeakerBio:  Candice Hoke, Professor of Law (emeritus), Cleveland State University
No BIO available
SpeakerBio:  Matt Blaze, Georgetown University; Chairman, Election Integrity Foundation

Matt Blaze is the McDevitt Chair of Computer Science and Law at Georgetown University, where his research focuses on problems at the intersection of technology, public policy, and law. Prior to joining Georgetown, he was a professor of computer science at the University of Pennsylvania, and prior to that, a founding member of the Secure Systems Research Department at AT&T Bell Labs. He holds a PhD in computer science from Princeton, an MS from Columbia, and a BS from the City University of New York. Blaze’s scholarship and practical work in high-integrity voting and elections technology dates back more than 25 years. He led teams that examined source code for security vulnerabilities on behalf of the states of California and Ohio for the Top-to-Bottom Review and EVEREST studies. He has testified on election security and other topics before the US Congress over a dozen times, served on various federal and state advisory boards, and has published numerous scholarly research papers on elections and related subjects. He is a founding member of the DEFCON Voting Village, and currently serves as board chair of the Election Integrity Foundation.




Digital Casualties: Documenting Cyber-Induced Patient Harm in Modern Healthcare

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Friday, Aug 8, 13:45 – 14:30 PDT

Creator: Biohacking Village

As healthcare systems become increasingly digitized, cyber incidents like ransomware attacks and EHR outages are no longer just IT problems—they’re potential contributors to patient harm and mortality. This expert panel explores the groundbreaking proposal to adapt disaster-related death certification frameworks to document cyber incidents as secondary causes of death. Bringing together expertise in cybersecurity governance, healthcare economics, investigative journalism, and clinical practice, panelists will examine the policy implications, implementation challenges, and public health benefits of standardizing how we document and track cyber-induced patient harm.


People:
    SpeakerBio:  Jorge Acevedo Canabal

Dr. Jorge Acevedo Canabal is a physician and cybersecurity researcher focused on digital threats to patient safety. He helped lead Puerto Rico’s post-Maria disaster death certification training and now proposes attributing cyberattacks as a cause of death in modern healthcare.

Joseph has 30+ years of experience in security, privacy, risk, and compliance for Fortune 500 companies. As a Customer Security Officer at Microsoft, he advises US Health and Life Sciences customers on cybersecurity, data privacy, risk management, and information compliance

SpeakerBio:  Scott Shackleford
No BIO available
SpeakerBio:  Joseph Davis
No BIO available



Digital First Responders: Fixing Patient Safety Gaps with Smart Tech & AI

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Friday, Aug 8, 10:30 – 10:59 PDT

Creator: Biohacking Village

Hospitals and trauma centers face critical delays in triage, patient monitoring, and shift handoffs—leading to avoidable medical errors, increased wait times, and compromised patient safety. What if AI-powered triage, biometrics, and AI-driven simulation labs could change that? This talk explores how biometric AI, smart bedside displays, digital handoff systems, and AI physiology simulations can enhance emergency care, reduce human error, and revolutionize medical training. Key Innovations We’ll Unpack: 1. AI-Facial Recognition: Upon entry to the hospital/facility, AI-powered sensors take a real-time picture of each patient as they walk/check into the ED and sync the biometric picture with their Medical Record Number (MRN) patient chart. 2. AI-Powered Biometric Triage: AI sensors continue to scan patients in the waiting room, analyzing vital signs (HR, respiratory rate, O2 sat, temp), non-verbal distress like bleeding (trauma), pain based on facial droop (Stroke), chest pain or shortness of breath (Heart Attack), syncope, labor/delivery, and grimacing (pain), and factor all these into the Emergency Severity Index (ESI) algorithm for a real-time comprehensive display to triage staff for their review. 3. Digital Handoff Reporting: Automated shift changes summaries ensure that critical patient data like medical and surgical history, labs, vital trends, pending orders, isolation precautions, and risk factors are not lost between clinicians. It also reduces paper waste, redundancy, and inefficiencies like report duration. 4. Digital Smart Room Display (i.e. TV): Like at a nice hotel room, your patient room tv would provide you with a personalized channel with your real-time medical updates (aka tv medical chart), that are approved by your providers, that are synced to your EHR chart and secured with a personalized pin you created during registration. Upon discharge of the hospital, your channel would be deactivated. This would enhance the time from provider-to-patient communication, decrease patient wait times for results, and ensure healthcare treatment transparency. It is optional and on-demand for the patient and family if consent is given by the patient. 5. AI Physiology in Simulation Labs: AI-driven simulated patient models that replicate real-time human physiology, responses to trauma, medication interactions, and disease progression—transforming medical education. 6. Cybersecurity in AI-Driven Emergency Care: Protecting biometric patient data, preventing AI hallucinations and poisoning, and securing AI-driven training systems. By integrating AI-driven biometrics, automating bedside displays and handoff reports, and AI physiology in healthcare, we can prioritize critical patients faster, reduce handoff errors, and accelerate healthcare education. The future of emergency care isn’t just faster, it’s predictive, automated, and cybersecure.


People:
    SpeakerBio:  Jennifer Schieferle Uhlenbrock

Dr. Jennifer Schieferle Uhlenbrock has 20+ years of healthcare experience. She bridges clinical practice, business, and cybersecurity best practices. A published technical writer and speaker, she translates complex security and patient safety challenges into clear, actionable insights.




Digital Forensics 101: Investigating Compromised Machines

Creator Talk Map Page – LVCC West-Level 2-W213-W218-(Blue Team Village) W214-W215
When:  Friday, Aug 8, 11:00 – 11:50 PDT

Creator: Blue Team Village (BTV)

Computers are constantly at work—running processes, handling data, and logging everything they do. These digital breadcrumbs, known as telemetry and artifacts, not only help systems run smoothly but also become crucial clues when something goes wrong.

When a machine is compromised, those logs can tell a story: what happened, how it happened, and who (or what) was behind it.

Join us for an introductory presentation on digital forensics, where you’ll learn how cybersecurity professionals analyze these traces to investigate and understand cyber incidents. No prior experience required—just curiosity and an interest in uncovering the truth behind the breach.


People:
    SpeakerBio:  Sarthak Taneja

Sarthak Taneja is a detection engineering and threat intelligence professional who started out in the world of penetration testing, giving him a 360-degree view of attack paths—whether the is defending against them or, let’s be real, figuring out how to break in. When he is not decoding the latest threats, you’ll find him jet-setting across the globe, stirring up the security scene by organizing and volunteering at conferences everywhere.




Disclosure Encounters of a New Kind: Building the CVE Program of the Future

Creator Talk Map Page – LVCC West-Level 2-W234 (Policy @ DEF CON)
When:  Saturday, Aug 9, 12:30 – 13:15 PDT

Creator: Policy @ DEF CON

The CVE Program has been a cornerstone of cybersecurity for over two decades, but its original design was never meant to support AI-discovered vulnerabilities, real-time coordination, or global software supply chains. The CVE Program has evolved from a technical utility to become a pillar of public cybersecurity policy. As governments craft regulation around vulnerability disclosure, product security, and software liability, the CVE system is increasingly at the center of the conversation, but innovation in vulnerability discovery has outpaced innovation in vulnerability tracking, lagging behind the needs of policy, industry, and international coordination.

This panel will explore how public policy can promote innovation within the CVE Program to meet growing global expectations. Topics will include how AI and automation can modernize disclosure at scale, how CVE labelling can evolve with emerging technologies, and how solutions must address the risk of fragmentation (national vulnerability databases and duplicative disclosure systems) to be future proof.


People:
    SpeakerBio:  Elizabeth Eigner, Security Policy Strategist, Global Cybersecurity Policy team at Microsoft

Elizabeth Eigner is a Security Policy Strategist on Microsoft’s Global Cybersecurity Policy team, where she represents Microsoft on the Hacking Policy Council, where she works collaboratively with industry leaders and policymakers to advance responsible cybersecurity and strengthen the frameworks that underpin software security worldwide. Previously, she served as Microsoft’s representative on the Cloud Service Provider Advisory Board (CSP-AB), contributing to FedRAMP public policy discussions and best practices for cloud security. Elizabeth also leads Microsoft’s Advancing Regional Cybersecurity (ARC) initiative, focusing on improving incident response capabilities and cyber capacity building in the Global South.

Before joining Microsoft, Elizabeth worked at The Washington Technology Industry Association to enhance Washington State’s innovation ecosystem. At MIT Solve, she collaborated with tech-based social entrepreneurs on solutions fostering digital inclusion and equitable economic opportunity. She holds a B.S. in Political Science from Northeastern University, with a concentration in Law and International Security.

SpeakerBio:  Chandan Nandakumaraiah
No BIO available
SpeakerBio:  Madison Oliver
No BIO available
SpeakerBio:  Trey Ford, Bugcrowd

Trey Ford is a seasoned strategic advisor and security thought leader with over 25 years of experience in offensive and defensive disciplines (incident response, application, network, cloud, and platform security). Trey has held key leadership roles at Deepwatch, Vista Equity Partners, Salesforce, Black Hat, and more. He has also been a valued member of Bugcrowd’s advisory board for over a decade.

Trey is passionate about working with enterprise leaders, corporate directors, and investors to help teams strengthen their technology and execution strategy. He believes in a hands-on approach to building, breaking, and deconstructing security problems.

Trey has a Master of Science from the University of Texas at Austin and executive education at Harvard Business School. Hailing from Austin, he is a husband, father, and an instrument rated private pilot.




Discord OSINT: An Empathic Banana and a Data Scraper Walk into a Search Bar

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Friday, Aug 8, 10:50 – 11:35 PDT

Creator: Recon Village

Open-source intelligence in Discord may seem surface level. Some techniques include searching through chat history using search operators similar to Google dorking and reviewing a user’s profile to look for any linked accounts tied to their Discord account. Going beyond this and analyze the servers that a user is a part of, more assumptions and inferences can be made based on those servers. I applied what I saw and experienced with Student Hubs and applied it to cybersecurity within Discord. The information from knowing what cybersecurity servers a person is in informed me of what their experience level was, the type of field they were interested / worked in, and potentially even where they lived.x000D x000D However, you can only reach a certain point by joining servers within Discord. This type of approach can only be done at scale and this presents its own set of problems. Scaling this seemed unlikely to happen until a service known as Spy.pet was publicly disclosed in April 2024. Spy.pet was marketed as a data broker that was inadvertently a very capable OSINT tool that could be used for Discord. Knowing that it would be available for a short time before it got shut down, I was able to access Spy.pet to use and document what capabilities it had. Since then, there have been more data scrapers that have appeared with their own reasons. These include third-parties (malicious or not), academic researchers, and cybercrime groups. I will cover the capabilities and OPSEC failures from some of the data scrapers in the past year as well as how it could possibly be approached in the future. Most importantly, I will go over protections at the user and server level.


People:
    SpeakerBio:  Zach Malinich

Zach a.k.a “UberZachAttack” is a PSU alum, works within offensive security, and holds various certifications.




Do Scammers dream of electric Phish? Lessons learned from deploying AI-driven phishing ops

Creator Talk Map Page – LVCC West-Level 3-W317-W319 (Social Engineering Community Village)
When:  Saturday, Aug 9, 12:00 – 12:30 PDT

Creator: Social Engineering Community Village

Effective phishing campaigns traditionally demand extensive manual effort, involving detailed target reconnaissance, crafting believable scenarios, and setting up infrastructure. These manual processes significantly restrict scalability and customization. This talk explores a practical approach to leveraging Generative AI for automating core aspects of phishing workflows, drawing on direct experiences and real-world threat actors such as Emerald Sleet, Crimson Sandstorm, and Charcoal Typhoon.

The session thoroughly compares results from different models and platforms, including OpenAI ChatGPT, Anthropic Claude, and local alternatives, highlighting distinct strengths, weaknesses, and techniques for optimizing outcomes. Attendees will gain insights into deploying an end-to-end phishing campaign, emphasizing the models’ effectiveness in reducing the technical barrier of scaling phishing attacks. Finally, the talk underscores that while AI significantly enhances operational efficiency, it functions best when complemented by human judgment and expertise, reinforcing the critical human factor in cybersecurity practices.


People:
    SpeakerBio:  Daniel Marques, Red Team Senior Manager

As an experienced Red Team leader, Daniel applies a strong software development and networking background to help Fortune 500 companies identify and remediate vulnerabilities in various technologies, including corporate networks, applications, and smart devices. With more than 15 years of experience in Cybersecurity, prominent local and international security conferences such as HOU.SEC.CON, ISC2 Security Congress, and Black Hat Regional Summit featured his Offensive Security research. Daniel holds a B.Sc. in Computer Science and an M.Sc. in Cybersecurity. In 2019, Daniel was part of the team that won the DEF CON Biohacking Village Capture the Flag competition.

With over 15 years in offensive security, Daniel applies a strong software development and networking background to help Fortune 500 companies identify and remediate vulnerabilities in various technologies, including corporate networks, applications, and smart devices. With more than 15 years of experience in Cybersecurity, prominent local and international security conferences such as HOU.SEC.CON, ISC2 Security Congress, and Black Hat Regional Summit featured his Offensive Security research. Daniel holds a B.Sc. in Computer Science and an M.Sc. in Cybersecurity. In 2019, Daniel was part of the team that won the DEF CON Biohacking Village Capture the Flag competition.




Doing toolchains declaratively

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Saturday, Aug 9, 13:50 – 14:05 PDT

Creator: Nix Vegas Community

Systems engineers may need different toolchains, whether its a specific configuration for a unique target or something so they can cross compile. On many distros, this requires either manually building the toolchain or finding the right packages. With Nix, we can do it declaratively.

I will be going into the new toolchain attributes mechanism in nixpkgs and how my work on the Standard Environment team opens the door to many new things for embedded and systems engineering with nix.


People:
    SpeakerBio:  The Computer Guy

Low level programmer, OS/Zig/Linux dev, Nixpkgs committer (LLVM). Likes to watch 大空スバル (Subaru Oozora).




Domain Fronting in 2025: a retro analysis

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Friday, Aug 8, 16:30 – 16:59 PDT

Creator: Malware Village

Domain fronting has quickly become to go to method for stealthy data exfiltration and beacon callbacks, popularised by C2 frameworks such as Posh and Cobalt Strike. In this talk we will review cloud providers and CDNs attempts to shutdown domain fronting and just how feasible it is in 2025


People:
    SpeakerBio:  Tom Cope
No BIO available



Dominion ICX Touchscreen; Simple Hacks and Daunting Recoveries

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Saturday, Aug 9, 12:00 – 12:30 PDT

Creator: Voting Village

Using the Dominion touchscreen BMD debuted at Voting Village 2023, we will discuss and demonstrate in real-time how technically simple “hacks” to the ballot displayed on the voter’s touchscreen can directly impact the vote count, or alternatively impact the voter’s decisions. These simple “hacks” to the election definition (with no need to inject malware) include the manipulation of display of candidate choices, silent removal of candidates from the display, and using false instructions on the touchscreen to intentionally misinform voters regarding candidates or ballot questions. Furthermore, attempting to determine/recover from such hacks on the election outcomes can range from difficult to impossible. In addition to discussing the tactics and potential impacts, we will illuminate underlying system design decisions which enabled such hacks to be technically simple, feasible, and easily executable. The knowledge and tools used/discussed were obtained through public means and public websites, available to an unlimited number of people. This talk will focus on the general methodology and ease of the vote manipulation, the range of impacts, the feasibility and scalability. Immediately following the on-stage presentation, a deeper dive into the technical aspects will occur in the adjacent Voting Village lab room.

Links:
    aaspring.com – https://aaspring.com

People:
    SpeakerBio:  Drew Springall, Auburn University

Drew Springall is an Assistant Professor of Computer Science at Auburn University, and is a hacker/security researcher with a focus on the technical/concrete aspects of voting system security. Since 2013, Drew has worked to understand and demonstrate the difficulty attackers would face should they attempt to attack such systems as deployed in the real-world and given realistic resources to leverage. Most recently, Drew has worked specifically on the DVSorder ballot randomization flaw and the ”Security Analysis of Georgia’s ImageCast X Ballot Marking Devices” report published along with Prof. J. Alex Halderman.

SpeakerBio:  Philip Davis
No BIO available
SpeakerBio:  Marilyn Marks, Coalition for Good Governance
No BIO available



Don’t trust Rufus, he’s a mole – introducing KIEMPossible

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Sunday, Aug 10, 11:10 – 11:40 PDT

Creator: Cloud Village

Kubernetes has become a center of modern cloud-native applications. Its complex architecture and dynamic nature introduce new security issues regularly, and while significant strides have been made in addressing security challenges, the task of managing entities and their access rights remains daunting. This talk will explore authorization auditing, examining the challenges of identifying cluster entities and access rights vs the required privileges to perform their intended tasks. We will discuss the importance of audit logs in understanding access patterns and complexities associated with such log analysis. We will introduce KIEMPossible, an open-source tool designed to help achieve least privilege status. KIEMPossible analyzes entities’ permissions and usage through audit logs, providing insights for informed decision-making. This aims to simplify Kubernetes Infrastructure Entitlement Management (KIEM), allowing organizations to mitigate risks associated with excessive privileges.


People:
    SpeakerBio:  Golan Myers

A Security Researcher at Palo Alto Networks specializing in Cloud and Kubernetes.




Don’t Cry Wolf: Evidence-based assessments of ICS Threats

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Sunday, Aug 10, 10:30 – 10:59 PDT

Creator: ICS Village

ICS Malware is rare. Yet, ICS Malware like FrostyGoop and TRISIS, and related discoveries like COSMICENERGY, were all found on VirusTotal, so analysts still hunt for novel ICS Malware in public malware repositories. In the process, they discover all kinds of tools: research, CTFs, obfuscated nonsense code with no effects, and sometimes, malware targeting ICS/OT sites. But how do they find and filter out the benign from malicious? Or the ICS and ICS-related malware from regular IT malware?

In this talk, we will use recently discovered samples to walk through the process of hunting and analyzing potential ICS threats. We’ll show the simple queries we use to cast a net, our typical analysis process, and relevant follow-on actions like victim notification. Lastly, we’ll discuss how we decide whether a sample is ICS malware using Dragos’s ICS malware definition.


People:
    SpeakerBio:  Jimmy Wylie, Dragos

Jimmy Wylie is a malware analyst at Dragos, Inc., who searches for and analyzes threats to critical infrastructure. He was the lead analyst on PIPEDREAM, the first ICS attack “”utility belt””, and TRISIS, the first malware to target a safety instrumented system. Formerly a DoD Contractor and malware analysis instructor, he has over 14 years of experience with reverse engineering and malware analysis. In his off-time, Jimmy enjoys playing board games, solving crossword puzzles, and testing the limits of his library card. He can be found on BlueSky: @mayahustle.bsky.social

SpeakerBio:  Sam Hanson, Dragos

Sam is currently an Associate Principal Vulnerability Analyst at Dragos where he researches vulnerabilities and malware impacting OT/ICS systems. Specifically, Sam discovers 0-day vulnerabilities in industrial software and threat hunts for ICS-related malware in public data sources. Sam has analyzed notable ICS-related malware, including components of PIPEDREAM and Fuxnet. Sam has presented at several cybersecurity conferences, including Dragos’ DISC (’22 and ’23), DISC:EU ‘24, and BSides:Zurich.




Don’t Just Trust Always Verify – A Review of Post-Election Audits in Swing States in the 2024 Elections

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Saturday, Aug 9, 11:30 – 11:59 PDT

Creator: Voting Village

The presentation will be based on a new paper that examines which elements of a post-election audit are necessary to provide publicly available evidence to confirm the outcome of an election is correct. The paper and presentation will take a close look at the post-election audits conducted after the 2024 election in the seven closely contested swing states and will examine if the audits conducted after the November election meet, or don’t meet, the criteria for effective, trustworthy, meaningful, and reliable audits.

Links:
    freespeechforpeople.org/?s=Susan+Greenhalgh+ – https://freespeechforpeople.org/?s=Susan+Greenhalgh+

People:
    SpeakerBio:  Susan Greenhalgh, Free Speech For People

Susan Greenhalgh is the Senior Advisor on Election Security for Free Speech For People. Ms. Greenhalgh has previously served as vice president of programs at Verified Voting and at the National Election Defense Coalition, advocating for secure election protocols, paper ballot voting systems and post-election audits. Recognized as an expert on election security, she has been invited to testify before the U.S. Commission on Civil Rights and has been an invited speaker at meetings of the MITRE Corporation, the National Conference of State Legislatures, the Mid-West Election Officials Conference, the International Association of Government Officials, the Election Verification Network and the E-Vote-ID conference in Bregenz, Austria. She is a frequent source for reporters from TheNew York Times, The Washington Post, The Wall Street Journal, Politico, USAToday, Associated Press, National Public Radio and other leading news outlets. She has appeared on CNN and MSNBC’s The Rachel Maddow Show, and various other television news shows. She has a BA in Chemistry from the University of Vermont.




Doom and Gloom Answer Your SOC Questions

Creator Talk Map Page – LVCC West-Level 2-W213-W218-(Blue Team Village) W214-W215
When:  Friday, Aug 8, 13:30 – 14:20 PDT

Creator: Blue Team Village (BTV)

Come hear Carson and Eric discuss some of the most challenging topics in security operations today. Carson Zimmerman and Eric Lippart, “Doom” and “Gloom,” respectively, have been working in security ops for over a combined 40 years, and have seen a thing or two. They will cut the buzzword bingo and offer frank opinions about how to get SOC right, and how to get it wrong.

This year, we’ll be discussing topics like: * The constant march of incidents and assume breach has transcended cliche– what are you doing to keep yourself and your crew sane? * Where are you investing right now to detect and block with nation state adversaries– what’s working and what hyped methods are a waste of time? * Speaking of cliches, too many alerts, not enough people and time– yes, we need to tune, but what are we doing to win here? Is it sustainable? Should we give up on conventional detection? * Let’s talk about generative AI– where are you seeing SOC actually use it, and where do you think we’re still a ways off? * Return to office- we hear about it in the news, but is it realistic? Does RTO preclude world class talent?

Bring your questions, let’s go!


People:
    SpeakerBio:  Carson Zimmerman

Carson Zimmerman has been working in and around security operations centers (SOCs) for over 20 years. Carson is a Principal Security Researcher at Microsoft, working to elevate SOCs around the globe through industry-leading security capabilities. He co-authored 11 Strategies of a World-Class Cybersecurity Operations Center, available at mitre.org/11Strategies.

SpeakerBio:  Eric Lippart

Eric Lippart has spent over 20 years deeply involved in cyber operations and engineering across the national security and financial services spaces. His early career in cyber started at MITRE, where he spent well over a decade supporting cyber operations and initiatives within the DoD and Intelligence Community before ultimately moving on to support the financial industry. He is a regular presenter at various security conferences, and has enjoyed contributing to numerous books, articles, white papers, and presentations on the topic of cyber operations. Eric is currently the Global Head of Cyber Operations at Manulife/John Hancock.




Doors, Cameras, and Mantraps: OH MY!

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-701 (Lock Pick Village)
When:  Sunday, Aug 10, 11:30 – 11:59 PDT

Creator: Lock Pick Village

A quick talk about the basics around Physical Security Assessment.


People:
    SpeakerBio:  The Magician
No BIO available



Dory, Is That You? The AI Travel Agent with Short-Term Memory Loss

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Friday, Aug 8, 16:20 – 16:50 PDT

Creator: AppSec Village

What happens when your AI-powered travel agent develops a case of Finding Nemo-level forgetfulness? In this talk, we dive into a real-world attack scenario where an AI agent’s memory is subtly manipulated into believing that chartered flights are always free. By repeatedly reinforcing a false pricing rule, attackers can book luxury travel without ever swiping a card – essentially gaslighting the AI into bankrupting its own business.

We’ll explore how this kind of memory injection works, why AI systems are especially vulnerable to it, and what this means for the security of LLM-integrated applications. Expect live demos, some hilarious (and horrifying) case studies, and practical takeaways on how to prevent your AI from becoming the most generous travel agent in history.

By the end of this session, you’ll either be terrified of AI memory manipulation – or considering how to get yourself a free first-class ticket.


People:
    SpeakerBio:  Barno Kaharova

Barno is a expert specializing in data engineering, data modeling, and machine learning security. Driven by a passion for innovation, she develops cutting-edge methodologies to protect AI systems from adversarial threats, pushing the boundaries of what’s possible in AI security. With a deep commitment to building resilient and trustworthy machine learning models, she bridges the gap between rapid technological advancements and the critical need for robust defenses in an evolving digital world.




Drain and Approval Attacks

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Saturday, Aug 9, 11:30 – 11:59 PDT

Creator: Cryptocurrency Community

In this half hour overview, village residents Utvecklas and George explain the basics of how Drain and Approval Attacks work. Judging from attendance at yesterday’s workshop of the same name, we get to hear if this particular attack is easy to identify, and how likely we are to be victims. A review of lessons learned in the workshop lead to sneak previews of Georg and Utvecklas’ next generation of research and likely outcomes.




Driver Abuse: Evasión de Antivirus mediante un Driver legítimo (ESP)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Saturday, Aug 9, 13:00 – 13:30 PDT

Creator: La Villa

En esta charla mostraré los detalles de una investigación reciente del GERT de Kaspersky sobre una vulnerabilidad en un driver que permite a un atacante ejecutar código malicioso para evadir los antivirus de los sistemas. Analizaremos cómo se descubre la vulnerabilidad, la forma en que un atacante la aprovecha para desactivar soluciones de seguridad y cómo logra la evasión completa. Además, presentaremos un análisis técnico del ataque y del incidente, incluyendo el flujo de ejecución y cómo se consigue el bypass de las defensas modernas. Finalmente, discutiremos contramedidas y recomendaciones para protegerse frente a este tipo de ataques.


People:
    SpeakerBio:  Ashley Hiram Muñoz, Kaspersky – Incident Response Specialist

Actualmente me desempeño como Incident Response Specialist en el Global Emergency Response Team (GERT) de Kaspersky, cuento con 6+ años de experiencia realizando tanto forense digital, así como Análisis de Malware y Reversing, y previo a dedicarme a DFIR (Digital Forensics and Incident Response) laboré 2 años como Penetration Tester.x000D He colaborado en distintos proyectos de Threat Intelligence y Threat Hunting.x000D Actualmente soy profesor de los módulos de Análisis Forense y Análisis de Malware en un diplomado de seguridad de la información en México.x000D x000D Certificaciones: GREM, GCFA, eCTHP, CHFI.




Driving Tech Forward: A Fireside Chat with Perri Adams and Alexei Bulazel

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Friday, Aug 8, 13:30 – 13:59 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

White House National Security Council Senior Director for Cyber Alexei Bulazel will join AIxCC creator and Dartmouth Fellow Perri Adams in conversation on the AIxCC stage.


People:
    SpeakerBio:  Alexei Bulazel, Senior Director for Cyber at National Security Council
No BIO available
SpeakerBio:  Perri Adams, Fellow, Institute for Security, Technology, and Society at Dartmouth College
No BIO available



Ducking Gatekeepers, Becoming Game Changers: From Asking Permission to Full Ownership

Creator Talk Map Page – LVCC West-Level 3-W322-W324 (Blacks In Cyber Village)
When:  Sunday, Aug 10, 13:00 – 13:59 PDT

Creator: Blacks In Cyber Village

Are you an IT or cybersecurity professional tired of navigating corporate hierarchies and seeking permission to innovate? This 45-minute session is your roadmap to transforming from an employee to an entrepreneur, taking full ownership of your expertise and future. We’ll dismantle the traditional barriers to entry and empower you to become a game-changer in the Managed Service Provider (MSP) landscape.

This talk will equip you with actionable strategies and practical resources to launch and scale your own successful MSP. We will delve into the essentials of building a robust service offering, with a strong emphasis on cybersecurity. Discover proven techniques for effectively responding to security-focused Request for Proposals (RFPs) and crafting compelling Request for Quotations (RFQs) that win business. Furthermore, we’ll explore powerful models for collaboration and teaming up with fellow professionals to expand your capabilities and market reach. Finally, we will address the critical aspect of funding, outlining various avenues to secure the capital needed to fuel your venture.

Join us to learn how to duck the gatekeepers, bypass the permission slips, and step into a future of full ownership, innovation, and impactful service delivery. It’s time to become the game changer you were meant to be.


People:
    SpeakerBio:  Kevin Mitchell

Kevin Mitchell is a highly accomplished security professional with over 8 years of expertise spanning hardware embedded systems, automotive security, and application security. His deep technical skills encompass penetration testing, vulnerability research, firmware reverse engineering, and hardware analysis, evidenced by the discovery of CVE-2023-52709. 1 Kevin also brings experience in utilizing SAST/SCA tools and managing software dependencies with SBOMs, complemented by industry certifications like CISSP, CEH, and OSWP. He is a proactive and results-oriented individual dedicated to securing cutting-edge technologies.




EduQ: A DIY Self-Education Platform for Hackers to Break, Build, and Experiment with Quantum-Secured Networks

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-206 (Quantum Village)
When:  Friday, Aug 8, 12:00 – 12:59 PDT

Creator: Quantum Village

Quantum security is mysterious, expensive, and locked behind corporate and academic walls. But hackers don’t wait for permission to learn. What if you could build your own quantum hacking lab, right in your garage?


People:
    SpeakerBio:  Yann Allain

Yann is a cybersecurity researcher, hardware hacker, and quantum security enthusiast with a background in electronics. After years of working in hardware security , he transitioned into quantum technologies , focusing on DIY approaches to breaking and securing quantum networks. His work emphasizes open-source learning, hands-on hacking, and making quantum security accessible to all.




Elevators 101

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Sunday, Aug 10, 10:00 – 10:59 PDT

Creator: Physical Security Village

Elevator floor lockouts are often used as an additional, or the only, layer of security. This talk will focus on how to correctly incorporate elevators into your security design, and how badly set up elevators could be used to access restricted areas– including using special operating modes, tricking the controller into taking you there, and hoistway entry.

Links:
    www.physsec.org – https://www.physsec.org

People:
    SpeakerBio:  Bobby Graydon, Physical Security Village

Bobby is involved in the planning of Physical Security Village. He enjoys anything mechanical and is currently serving as VP R&D at GGR Security Consultants. I like trains and milk.

SpeakerBio:  Ege Feyzioglu, Physical Security Village

Ege is a security researcher specialising in access control systems and electronics. She is currently pursuing a degree in Electrical Engineering and work part-time for GGR Security as a Security Risk Assessor




Enshittification: It’s Over 9000

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Saturday, Aug 9, 13:40 – 14:15 PDT

Creator: Malware Village

Enshittification is the malware whose whole mission is to keep you powerless and paying for something that degrades your user experience in the pursuit of unending profit growth. Yes, bills have to be paid, but it’s alarmingly prevalent, and propagating at a speed only proportionate to our propensity to spend on stuff doing the enshittifying without consequence. A great man once said ”La piraterie n’est jamais finie” (piracy is never over) and if there is one place in the world where a solution can be born, it’s Defcon. Let’s talk.

We will look at many examples, ramifications and propagation methods for the Enshittification malware, and how to establish perimeter defenses to stop it. We’ll also cover the activities and examples leading the way in decontaminating the products, services and technologies we like(d).

In the end, (it doesn’t even maaatter. see what we d-…) we need each other and our biggest challenge is getting along in the context of fighting enshittification. Let’s come together and fix this.

Join Sam B.G., GITC, scsideath and Spike for an awesome panel!


People:
    SpeakerBio:  Andrew “Spike” Brandt

Andrew Brandt is a former investigative journalist who switched careers to work in information security in 2007. He is an experienced malware analyst, network forensicator, and cyberattack untangler, who seeks to prevent cybercriminals from being able to victimize others. He has served as the director of threat research or as a principal researcher at several large cybersecurity companies, and currently serves on the board of World Cyber Health, the parent organization that operates the Malware Village at Defcon and other conferences. As the executive director of Elect More Hackers, he is active in cybersecurity and technology policy, and seeks to recruit likeminded folks to run for elected office. He lives in Boulder, Colorado.

SpeakerBio:  Samuel Gasparro
No BIO available
SpeakerBio:  Daniel Ward
No BIO available
SpeakerBio:  Neumann “scsideath” Lim, COO at World Cyber Health

Neumann Lim has a strong background in cybersecurity and infrastructure management currently leading the Odlum Brown Team. He also has an extensive IR experience at previous companies such as Deloitte Canada, EY, CGI, and ISA. Currently, Neumann is serving in advisory board roles at SANS, EC-Council and other organizations. Neumann’s expertise includes digital forensics, incident response, modernizing infrastructure, infrastructure resilience, site reliability, malware research, pentesting and leadership in information security policies. Outside of corporate life, Neumann is the co-founder of Malware Village, judge and participant of various cyber CTFs. Neumann is often seen speaking or leading workshops at various conferences such as DEFCON, BlueTeamVillage, GrayhatCon, BSides, Toronto CISO Summit, CCTX, HTCIA, IACIS.




enumeraite: AI assisted web attack surface enumeration

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Saturday, Aug 9, 17:20 – 18:05 PDT

Creator: Recon Village

Remember that soul-crushing moment when you opened an 8.9 GB of burp suite file? Yeah, fun times. But here’s something even more annoying: reading a random blog post where someone casually mentions a $5,000 bug—an unauthenticated admin panel hidden on some obscure, unpredictable URL of a well known target.x000D x000D I feel you, it’s hard to deal with huge attack surfaces, endless URLs and thousands of subdomains. And it’s even harder to expand your attack surface to find pages that no one ever looked at it before. Don’t get me wrong—I still think AI sucks at pentesting (sue me). It won’t chain exploits, think creatively, or outsmart a well-configured WAF. But here we are. It’s really good at generating path/subdomains, and picking out the most important targets from a massive list. And lastly, AI can be a smart assistant that is specifically configured for the target app’s test. It handles the boring stuff, so you can focus on breaking things.x000D x000D In this talk, we’re not glorifying AI—we’re putting it to work. Smart, sharp, and right where it counts.


People:
    SpeakerBio:  Özgün Kültekin

Hey! I’m Ozgun (aka ozzy), a 25-year-old security researcher. By day, I’m trying to live as a penetration tester. By night? Well, it’s a mix—sometimes hunting web bugs, sometimes sneaking around in red team ops, and sometimes just trying not to lose all my chips at poker.x000D x000D I’ve spoken at several conferences, including Hacktivity, BsidesPrague, and DEFCON. Lately, I’ve picked up a new hobby—studying LLMs and AI. Not the hype, but the scientific magic side of things. I’ve been exploring how to blend them into cybersecurity in smarter, more effective ways.




Escaping the Privacy Sandbox with Client-Side Deanonymization Attacks

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Sunday, Aug 10, 10:00 – 10:30 PDT

Creator: Crypto Privacy Village

Google’s Privacy Sandbox initiative aims to provide privacy-preserving alternatives to third-party cookies by introducing new web APIs. This talk will examine potential client-side deanonymization attacks that can compromise user privacy by exploiting vulnerabilities and misconfigurations within these APIs.

I will explore the Attribution Reporting API, detailing how debugging reports can bypass privacy mechanisms like Referrer-Policy, potentially exposing sensitive user information. I will also explain how destination hijacking, in conjunction with a side-channel attack using storage limit oracles, can be used to reconstruct browsing history, demonstrating a more complex deanonymization technique.

Additionally, I will cover vulnerabilities in the Shared Storage API, illustrating how insecure cross-site worklet code can leak data stored within Shared Storage, despite the API being deliberately designed to prevent direct data access. Real-world examples and potential attack scenarios will be discussed to highlight the practical implications of these vulnerabilities.

The presentation will conclude by emphasizing the critical need for rigorous security and privacy research to ensure that Privacy Sandbox APIs effectively protect user data and achieve their intended privacy goals, given the complexity and potential for unintended consequences in their design and implementation.


People:
    SpeakerBio:  Eugene “spaceraccoon” Lim

Eugene Lim is a security researcher and white hat hacker. From Amazon to Zoom, he has helped secure applications from a range of vulnerabilities. His work has been featured at top conferences such as Black Hat, DEF CON, and industry publications like WIRED and The Register.




Estrategias de Ciberengaño: ¿Donde está mi honeypot? (POR)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Friday, Aug 8, 15:00 – 15:59 PDT

Creator: La Villa

El ciberengaño es un tipo de protección valiosa para detectar, interrumpir e influir en los adversarios dentro de una red. Sin embargo, definir planes de ciberengaño viables presenta desafíos importantes. Esta sesión proporciona una metodología estructurada para acotar esta brecha, permitiendo el diseño e implementación de actividades eficaces sobre entornos de producción.x000D x000D La presentación abarcará la siguiente metodología dividida en cuatro fases:x000D 1- Extracción de comportamientos: Comenzaremos examinando escenarios de ciberataques e informes de amenazas persistentes avanzadas (APT) para entender el tipo de extracción de TTP relevantes para el ciberengaño.x000D 2- Selección de criterios: Se debatirán los criterios que guiarán a la aplicación de las actividades de ciberengaño, centrándose en objetivos como la interrupción, el estímulo, la detección o la recopilación de información. Se hará hincapié en la importancia de establecer objetivos claros para aumentar la eficacia de las estrategias de engaño.x000D 3- TTP vs actividades de engaño: Aquí se explorarán distintos tipos de actividades para asignar las TTP extraídas y entender el papel de un Honeypot y sus alternativas. Se aprenderá a diseñar técnicas de engaño que se dirijan a vulnerabilidades específicas según criterios predefinidos.x000D 4- Diseño narrativo: Exploraremos el papel de la narrativa en el engaño, haciendo hincapié en la integración, la credibilidad y la interpretación. Buscaremos dejar claro el proceso para crear historias convincentes que contextualicen las actividades de engaño y respalden la estrategia general. Se compartirán ejemplos prácticos y casos reales cada una de las fases de la metodología. x000D x000D Los asistentes obtendrán información sobre los retos y las mejores prácticas de la implementación de estrategias de ciberengaño, incluyendo aplicaciones en el mundo real, errores comunes y tendencias futuras. x000D x000D Al final de la sesión, los asistentes tendrán una comprensión estructurada de una operación de ciberengaño.x000D x000D Esta presentación está basada y derivada de la experiencia obtenida sobre servicios para organizaciones, entrenamientos para comunidades (Ekoparty 2022 / 2023 / 2024), congresos académicos regionales (JAIIO 2024 / Argencon 2024)x000D x000D Además, de congresos reconocidos en ciberseguridad, entre los que se encuentran: x000D – Blackhat Arsenal USA 2024_x000D_ https://www.blackhat.com/us-24/arsenal/schedule/#dolos-t-deceptive-operations-lure-observe-and-secure-tool-38673_x000D_ x000D – RSA Conference 2025_x000D_ https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1727157670597001cJuG_x000D_ x000D – FIRST Conference 2025_x000D_ https://www.first.org/conference/2025/program#pFrom-TTPs-to-Deception-Crafting-Strategies_x000D_ x000D – Blackhat Arsenal USA 2025_x000D_ https://www.blackhat.com/us-25/arsenal/schedule/index.html#buda-behavioral-user-driven-deceptive-activities-framework-45178_x000D_ x000D Gracias por el tiempo y la oportunidad de compartir


People:
    SpeakerBio:  Diego Staino, R&D+i Manager, BASE4 Security

Cybersecurity professional with 14+ years of experience as Security and IT consultant. Certified Incident Handler (ECIH) with a degree in Information Security and Communications. Currently works as R&D+i Manager at BASE4 Security, where he leads the company’s research and development initiatives.

SpeakerBio:  Fede Pacheco, Cybersecurity Services Director, BASE4 Security

Cybersecurity professional with a background in electronic engineering and several industry-recognized certifications. 20+ years of teaching experience at the most prestigious universities in Argentina. 4 published books and +15 peer-reviewed research papers. Has worked in the public and private sectors, including regional roles in global companies.




Evidence Based Elections and Software Independence

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Friday, Aug 8, 15:00 – 15:59 PDT

Creator: Voting Village

Voting is complicated. Vendors attempt to manage this complexity with complex voting systems made of bespoke software and hardware. Testing and certification provide at best some confidence that a voting system is properly designed; they are not capable of providing confidence any particular election outcome produced with that system is correct. In 2007 John Wack and I introduced the notion of software independence to refocus attention on the evidence produced by a voting system, instead of on the correctness of the voting system itself. A voting system is software-independent if “an undetected change or error in its software cannot cause an undetectable change or error in an election outcome.” Software independence is mandated by the VVSG; all new federally-certified voting systems must now be software independent. In this talk I give some perspective on voting systems, with an emphasis on voting systems for U.S. elections, and on software independence. Some areas for future research are also discussed.

Links:
    people.csail.mit.edu/rivest/ – https://people.csail.mit.edu/rivest/

People:
    SpeakerBio:  Ron Rivest, Massachusetts Institute of Technology

Dr. Ronald Rivest is an Institute Professor at the Massachusetts Institute of Technology (MIT), and a member of MIT’s Department of Electrical Engineering and Computer Science and its Computer Science and Artificial Intelligence Laboratory. He is a cryptographer and computer scientist whose work has spanned the fields of algorithms and combinatorics, cryptography, machine learning, and election integrity. Along with Adi Shamir and Len Adleman, Rivest is one of the inventors of the RSA algorithm. He is also the inventor of the symmetric key encryption algorithms RC2, RC4, and RC5, and co-inventor of RC6. (RC stands for “Rivest Cipher”.) He also devised the MD2, MD4, MD5 and MD6 cryptographic hash functions. Rivest’s more recent research has been election security, based on the principle of software independence: that the security of elections should be founded on physical records, so that hidden changes to software used in voting systems cannot result in undetectable changes to election outcomes. His research in this area includes improving the robustness of mix networks in this application, the 2006 invention of the ThreeBallot paper ballot based end-to-end auditable voting system (which he released into public domain in the interest of promoting democracy), and the development of the Scantegrity security system for optical scan voting systems. He was a member of the Election Assistance Commission’s Technical Guidelines Development Committee. He is a Member of the National Academy of Engineering, a Fellow of the ACM, and a Member, American Academy of Arts and Sciences. In 2002, along with colleagues Shamir and Adleman, he was awarded the A. M. Turing Award.




Evolution of telecommunication attacks and future trends – a vendor perspective

Creator Talk Map Page – LVCC West-Level 2-W224 (Telecom Village)
When:  Friday, Aug 8, 12:00 – 12:59 PDT

Creator: Telecom Village
  1. Look back over the past years of attack trends.
  2. How telecom technology evolution has changed attacks.
  3. How industry collaboration and information sharing can help mitigate future threats

People:
    SpeakerBio:  Niklas Lindroos
No BIO available



Examining Access Control Vulnerabilities in GraphQL – A Feeld Case Study

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Saturday, Aug 9, 13:30 – 13:59 PDT

Creator: Mobile Hacking Community

This talk explores the importance of implementing robust access controls in GraphQL and REST APIs and the severe consequences when these controls are not properly enforced. GraphQL, a flexible data query language, allows clients to request exactly the data they need, but without proper access control mechanisms, sensitive data can be easily exposed. Using the Feeld dating app as a case study, we will dive into a critical security review of how the lack of access controls in GraphQL and REST endpoints led to the exposure of users’ personal data, including sensitive photos, videos and private messages. This session will highlight common access control vulnerabilities in GraphQL and REST implementations , real-world examples of security lapses, their impact and remediation.

        We dive into a critical security review of the Feeld dating app.

        Feeld, known for its unique features that cater to a wide range of preferences and relationships, unfortunately had serious security vulnerabilities that exposed users' private data, including sensitive photos and personal information.

        Here's what we uncovered:
        1- Profile information was accessible to non-premium users.
        2- Other people's messages could be read without proper authentication.
        3- Photos and videos from chats were exposed unauthenticated.
        4- The ability to delete, recover, and edit other people's messages.
        5- Profile information could be updated by anyone.
        6- Unauthorized likes from any profile.
        7- Messages could be sent in other users' chats.
        8- Viewing others' matches without permission.

People:
    SpeakerBio:  Bogdan Tiron, Co-founder and Senior Pentester at FORTBRIDGE

Bogdan Tiron is a seasoned security consultant with over 10 years of experience specializing in application security. He has a proven track record of enhancing security measures for leading organizations, including bet365, JPMorgan Bank, GFK, HSBC, Lloyds Bank, and WorldRemit. Throughout his career, Bogdan has held various roles, including application security consultant, pentester, security architect, and DevSecOps specialist. Four years ago, recognizing a gap in quality within the pentesting industry, he co-founded FORTBRIDGE, a cybersecurity consulting company that offers pentesting, phishing, and red-teaming services to clients seeking to enhance their security posture. Passionate about staying ahead of emerging threats, Bogdan is dedicated to fostering a culture of security within organizations and empowering teams to integrate security practices seamlessly into their workflows.




Exploitable In The Wild CVE Appears! But Should We Fix Them All?

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Sunday, Aug 10, 10:20 – 10:50 PDT

Creator: AppSec Village

A deep dive into real-world, high-profile CVEs exposes a critical pitfall in AppSec: treating every high-severity vulnerability urgently without understanding its exploitability and business impact. We’ll analyze cases where CVEs are labeled as critical but were originally exploited in different environments, and often found in widely shared kernel code that turned out to be nearly impossible to exploit on cloud containers. By dissecting CVE patches, tracing fix propagation, and attack vectors across platforms like Android, Chrome, and cloud containers, we’ll reveal how misinterpreting CVE context leads to wasted triage cycles, unnecessary fixes, and security teams chasing irrelevant threats.


People:
    SpeakerBio:  Liad Cohen

Liad Cohen is a Security Research Team Lead and a Data Scientist at OX Security. His day-to-day work involves empowering open source security and code security with AI capabilities, developing innovative data-driven AppSec detection systems from ideation to PoCs to production, and making product roadmap a reality, backed by deep pioneer security research. He started his career as a young “script kiddie”, later becoming a gifted mathematician. Liad holds a Master of Science degree in Computer Science. He is a Mentor in hackathons and CTFs, publishing academic papers and articles in security journals and presented state of the art security research at BlackHat USA, RSA Conference, OWASP Global and others.

SpeakerBio:  Moshe Siman Tov Bustan

Moshe is a Senior Security Researcher at OX Security, a company specializing in software supply chain security, and has worked in the security industry for 13 years. His work spans cloud security research, container security, memory forensics, and an in-depth understanding of programming languages. He also has extensive experience in mobile security, including iOS and Android research, deep analysis of Android malware, sandboxing, and memory forensics.

Beyond security research, Moshe has published multiple “Can It Run Doom?” projects online, and is also a professional guitarist in a progressive metal band.




Exploiting Expectations: A Beginner’s Guide to Buffer Overflows

Creator Talk Map Page – LVCC West-Level 2-W235 (DEF CON Academy)
When:  Friday, Aug 8, 15:00 – 15:59 PDT

Creator: DEF CON Academy

Get ready to blow your mind (and maybe even some stack bounds) as we explore the art of buffer overflows! In this beginner-friendly talk, we’ll take you on a journey through the basics of buffer overflows. We’ll cover what they are and why they’re a problem with hands-on examples demonstrating how to create and exploit them. You’ll learn the fundamentals of stack-based exploits, including how to write vulnerable code and how to find vulnerabilities in others’ code. We’ll cover it all in a clear and concise way, so you can get started on your path to learning about memory corruption. And don’t worry, we won’t leave you hanging, we’ll also provide you with practical tips and tricks for defending against these attacks. So, if you’re ready to learn more about security and get a solid foundation in buffer overflows, join us for “Exploiting Expectations”!


People:
    SpeakerBio:  sjzhu, Arizona State University
No BIO available



Exploiting the Off-chain ecosystem in Web 3 Bug Bounty

Creator Talk Map Page – LVCC West-Level 3-W326 (Bug Bounty Village)
When:  Friday, Aug 8, 17:30 – 17:59 PDT

Creator: Bug Bounty Village

I will demonstrate how it’s possible to approach the Web3 bug bounty ecosystem just by exploiting off-chain bugs and vulnerabilities in the JavaScript ecosystem. This talk will explore the current state of this field through real-world examples I’ve reported on bug bounty platforms, which contributed to my achieving the top 10 global rank on the HackenProof platform.

We’ll begin with bugs I discovered in a JavaScript sandbox used by a Web3 social platform and a Web3 website. The first involved a misconfiguration of DOMPurify, where developers attempted to filter links. I’ll show how I exploited this by tricking DOMPurify into treating a malicious javascript: URI as a safe link. The talk will also cover a 0-day vulnerability I found in another sanitization library used within the sandbox.

The final two bypasses involve React’s global “”is”” attribute. Although the developers had blocked this attribute due to its XSS potential, I will show how I bypassed the protection by exploiting a prototype pollution vulnerability in a library exposed inside the sandbox. This, combined with specific new gadgets inside React, allowed me to pass the is attribute and achieve XSS.

All of these issues could lead to account takeover and were classified as high severity. I will also discuss the broader impact of XSS vulnerabilities on Web3 platforms, particularly the risk posed when wallets are connected.


People:
    SpeakerBio:  Bruno “BrunoModificato” Halltari

Bruno is a security researcher with a background in Web2, specializing in client-side vulnerabilities. he has conducted extensive audits and research on topics such as popular wallets and sandbox environments. He is currently ranked in the top 10 on the HackenProof bug bounty platform worldwide and has reported vulnerabilities through HackerOne to platforms such as Zoom and MetaMask.




Exploring The Possibilities of Azure Fabric Abuses

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Saturday, Aug 9, 10:30 – 11:10 PDT

Creator: Cloud Village

Big data, big mess. Bigger and more data is in Fabric, the more messy it can be. Azure unified the data lake house, data warehouse and PowerBI services into a SaaS platform called Fabric. In this talk, we discuss the three areas in the tenant level settings to look after and not to open up Fabric to everything. Then we will discuss data exfiltration scenarios (like data pipeline or notebook etc), how is it possible to create backdoor account (i.e.: Activator).

Intro – 1min Who am I and what is Fabric.

Tenant Level Settings to Review – 4mins Selecting the top 3 tenant level areas (External Data Sharing, Admin API calls, Information Protection) to review why they can be dangerous.

Data Exfiltration via Data Pipeline, Notebook, Shortcut, SQL Endpoint, Mirrored Db – 12mins Discussing the possibilities of how data pipeline can automatically copy data from our own tenant’s source to a destination in a different tenant. SQL Endpoint is automatically created for reading purposes. Guest account in Entra ID can be added to the workspace as viewer and using SQL Server Management Studio (SSM) to open SQL analytics endpoint. Mirrored Database is automatically synchronize data between 2 database where the destination can be an external tenant. A notebook is all about executing code and handling existing data (handing out the data). Demo video about a pipeline copy to another tenant storage account.

Backdoor via Activator (Notebook, Power Automate, Scheduled Spark Job) – 13mins Discussing how the Activator can be used to create a backdoor user via executing python code via Notebook, Scheduled Spark Job or low-code Power Automate. Demo video (8mins) demonstrating how a backdoor account is created by using Activator to run a Notebook which executes Azure Python SDK code.


People:
    SpeakerBio:  Viktor Gazdag

Viktor Gazdag has worked as pentester and security consultant for 9 years, lead cloud research working group and M365 capability service. He has reported numerous vulnerabilities in products and plugins from companies such as Oracle, SAP, Atlassian, Jenkins, CloudBees Jenkins, JetBrains, Sonatype. He gave talks about CI/CD and Cloud security at DevOps World, Black Hat USA, DefCon and DoD CyberDT XSWG. He holds multiple AWS/Azure/GCP, Infra as Code, DevOps and Hacking certs and Jenkins Security MVP award.




Exposing Infosec Frauds and Foreign Agents Behind Mercenary Spyware Disinformation

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Saturday, Aug 9, 16:30 – 16:59 PDT

Creator: Malware Village

People:
    SpeakerBio:  Cthulhu
No BIO available



Families of Queercon

Creator Talk Map Page – LVCC West-Level 3-W325 (Queercon Community)
When:  Saturday, Aug 9, 10:00 – 10:59 PDT

Creator: Queercon Community Lounge

Queercon is growing up, and everyone with it! Come mingle with other parents and families in the LGBTQIA+ space. Whether you or your children identify with, or are curious about, the community – all are welcome!




Fear vs. Physics: Diagnosing Grid Chaos

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Friday, Aug 8, 10:00 – 10:30 PDT

Creator: ICS Village

Every time the lights go out, the speculation begins—was it cyber? Squirrels? Was it an attack? But often, the real story behind grid disturbances isn’t malicious code—it’s uncontrolled chaos, born from the physical behavior of a rapidly evolving power system. This session takes a deep dive into that chaos, exploring how subtle interactions in electric grids—like oscillations—can spiral into large-scale instability. These low-frequency oscillations are increasingly common in the bulk electric system, yet are explainable. They emerge from control design, network conditions, and energy physics—not adversarial action, and the lights going off is usually a sign the system has actually acted as it should in protecting itself from damage. Equipment failures are also spectacular, but common. Its tempting to tie big fires to bad cyber, but in reality – the failures are almost always in the planning for the event, or recovery.
We’ll dissect real-world events like the Iberian Peninsula blackout, where what looked like a grid failure may have actually revealed a quiet success: a functional blackstart scenario, where system operators re-energized the grid under extreme stress. But that nuance was lost in the noise, as media and analysts scrambled for cyber scapegoats. We’ll also explore the London transformer fire, a failure in planning for an outage, and technical scrutiny of Chinese-manufactured inverter components with alleged kill switches inserted, illustrating how physical system dynamics—often create the most dramatic disruptions. This talk fuses power system engineering, ICS cybersecurity, and operational storytelling to reframe how we interpret complex events. It’s a call to replace fear with facts—and to find meaning in the chaos, not just blame.


People:
    SpeakerBio:  Emma Stewart, INL

Dr. Emma M. Stewart, is a respected power systems specialist with expertise in power distribution, critical energy delivery, modeling and simulation, as well as operational cybersecurity. She holds a Ph.D. in Electrical Engineering and an M.Eng. degree in Electrical and Mechanical Engineering. Emma is Chief Scientist, Power Grid at INL currently and leads activities in supply chain consequence analysis for digital assurance in particular for energy storage and system level programs. Throughout her career, Dr. Stewart has made significant contributions to the field of power systems, receiving patents for innovations in power distribution systems and consequence analysis for cyber and physical events. Her responsibilities over her 20 year career have also included providing electric cooperatives with education, training, information sharing, incident support, technology integration, and R&D services in energy integration, resilience and grid planning and microgrid technologies.




Fighting the Digital Blockade: A View from Taiwan

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Friday, Aug 8, 15:45 – 16:30 PDT

Creator: Maritime Hacking Village

Taiwan stands on the frontlines of digital warfare under the sea. This high-profile panel, led by the Deputy Minister of Digital Affairs of Taiwan will feature a gripping discussion on the silent battles waged beneath the sea. From sabotage of undersea infrastructure to the geopolitics of cyber-resilience, panelists will recall the threats and Taiwan’s efforts to defend. Don’t miss this rare opportunity to explore the technical and political dimensions of the new global dynamic — the digital blockade.

Links:
    maritimehackingvillage.com/dc33/talks – https://maritimehackingvillage.com/dc33/talks

People:
    SpeakerBio:  Jason Vogt, USNWC

Jason Vogt is an assistant professor in the Strategic and Operational Research Department, Center for Naval Warfare Studies at the United States Naval War College. Professor Vogt is a cyber warfare and wargaming expert. He has participated in the development of multiple wargames at the United States Naval War College. He previously served on active duty as an Army officer.

SpeakerBio:  Shin-Ming Cheng, Taiwan Ministry of Digital Affairs

Prof. Shin-Ming Cheng received his B.S. and Ph.D. degrees in computer science and information engineering from National Taiwan University, Taipei, Taiwan, in 2000 and 2007, respectively. Since 2022, he serves as the Deputy Director-General in Administration of Cyber Security, Ministry of Digital Affairs. He was a Post-Doctoral Research Fellow at the Graduate Institute of Communication Engineering, National Taiwan University, from 2007 to 2012. Since 2012, he has been on the faculty of the Department of Computer Science and Information Engineering, National Taiwan University of Science and Technology, Taipei, where he is currently a professor. Since 2017 to 2022, he has been with the Research Center for Information Technology Innovation, Academia Sinica, Taipei, where he was currently a Joint Appointment Research Fellow.




Fingerprinting Maritime NMEA2000 Networks

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Saturday, Aug 9, 16:00 – 16:30 PDT

Creator: Maritime Hacking Village

Maritime vessel controls and operational technology (OT) systems are getting more complex and interconnected. With industry trends aiming to reduce crew, automate tasks, and improve efficiency, these networks are expanding in scale, intricacy, and criticality for vessel operation and maintenance. The standard controller area network (CAN) bus for maritime vessel networks, developed by the National Marine Electronics Association (NMEA), known as NMEA2000. NMEA2000 is an application layer network protocol built on the ISO11783 standard and compatible with automotive SAEJ1939, it uses unique message identifiers known as Parameter Group Number, to define the data within each communication frame. Despite its widespread use, NMEA2000 remains a relatively unexplored domain, particularly in understanding normal versus abnormal network behavior, due to the unavailability of open-source datasets. To address this gap, we constructed a NMEA2000 system consisting of five nodes: GPS/Radar, Wind Speed/Direction sensor, and Multifunction Display. Using this setup, we collected datasets to analyze system behavior and developed deterministic fingerprints for each sensor, establishing a baseline of the normal operating system. We subject the system to controlled attacks to evaluate the accuracy and effectiveness of the fingerprints. This work represents a foundational step towards enhancing security and reliability in maritime OT systems.

Links:
    maritimehackingvillage.com/dc33/talks – https://maritimehackingvillage.com/dc33/talks

People:
    SpeakerBio:  Constantine Macris (TheDini), University of Rhode Island

Constantine Macris is a Connecticut native and pursuing a PhD at the URI. Constantine is a reserve CDR in the Navy, industry expert in OT and network security and CISO at Dispel.

SpeakerBio:  Anissa Elias, University of Rhode Island
No BIO available



Fingerprinting Maritime NMEA2000 Networks

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-504 (Maritime Hacking Village)-Workshop Area
When:  Saturday, Aug 9, 15:00 – 16:30 PDT

Creator: Maritime Hacking Village

Maritime vessel controls and operational technology (OT) systems are getting more complex and interconnected. With industry trends aiming to reduce crew, automate tasks, and improve efficiency, these networks are expanding in scale, intricacy, and criticality for vessel operation and maintenance. The standard controller area network (CAN) bus for maritime vessel networks, developed by the National Marine Electronics Association (NMEA), known as NMEA2000. NMEA2000 is an application layer network protocol built on the ISO11783 standard and compatible with automotive SAEJ1939, it uses unique message identifiers known as Parameter Group Number, to define the data within each communication frame. Despite its widespread use, NMEA2000 remains a relatively unexplored domain, particularly in understanding normal versus abnormal network behavior, due to the unavailability of open-source datasets. To address this gap, we constructed a NMEA2000 system consisting of five nodes: GPS/Radar, Wind Speed/Direction sensor, and Multifunction Display. Using this setup, we collected datasets to analyze system behavior and developed deterministic fingerprints for each sensor, establishing a baseline of the normal operating system. We subject the system to controlled attacks to evaluate the accuracy and effectiveness of the fingerprints. This work represents a foundational step towards enhancing security and reliability in maritime OT systems.


People:
    SpeakerBio:  Dean “TheDini” Macris, CISO at Dispel

Dean Macris is a Connecticut native and pursuing a PhD at the URI. Constantine is a reserve CDR in the Navy, industry expert in OT and network security and CISO at Dispel.




Fireside Chat – Lessons for the younger me.

Creator Talk Page – Online
When:  Saturday, Aug 9, 17:00 – 17:59 PDT

Creator: DEF CON Groups VR (DCGVR)

An open mic session for attendees to participate impromptu to share their knowledge and experiences in under 15 minutes – knowing what you know today, what words of wisdom would you wish your younger self to know.what’s one sentence/paragraph would you like to say to your future self.

Note: DCGVR Talks are scheduled 1 hour slots, but the actual presentations can be as short as 30 minutes. Please arrive at the start of the hour.




Firmware Decryption: For, and By, the Cryptographically Illiterate

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Friday, Aug 8, 15:00 – 15:30 PDT

Creator: IOT Village

It’s no secret that embedded devices are rife with security bugs just waiting to be found. However, vendors increasingly encrypt their firmware to prevent analysis by researchers, professionals, and inquisitive minds. In this talk, we examine common encryption techniques in real-world devices and how to crack the code—with or without hardware.


People:
    SpeakerBio:  Craig Heffner, Senior Staff Enigneer at NetRise
No BIO available



Flipping Locks – Remote Badge Cloning with the Flipper Zero and More

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Friday, Aug 8, 12:00 – 12:59 PDT

Creator: Physical Security Village

Traditional RFID badge cloning methods require you to be within 3 feet of your target. So how can you conduct a physical penetration test and clone a badge without interacting with a person? Companies have increasingly adopted a hybrid work environment, allowing employees to work remotely, which has decreased the amount of foot traffic in and out of a building at any given time. This session discusses two accessible, entry-level hardware designs you can build in a day and deploy in the field, along with the tried-and-true social engineering techniques that can increase your chances of remotely cloning an RFID badge.

Langston and Dan discuss their Red Team adventures using implant devices, a Flipper Zero and an iCopy-X. As a bonus the two will explain how to perform a stealthy HID iClass SE/SEOS downgrade and legacy attack! This presentation is supplemented with files and instructions that are available for download in order to build your own standalone gooseneck reader, wall implant and clipboard cloning devices!

Links:
    Github – https://github.com/sh0cksec

People:
    SpeakerBio:  Langston Clement

Langston grew up reading stories about the 90’s hacker escapades, and after years of observing the scene, he jumped into the cybersecurity field and never looked back. With over fifteen (15) years of public and private sector experience in cybersecurity and ethical hacking, he aims to provide organizations with valuable and actionable information to help improve their security posture. Langston’s specializations focus on modern-day social engineering techniques, wireless and RFID attacks, vulnerability analysis, and physical penetration testing.

SpeakerBio:  Dan Goga

Dan Goga serves as a Principal Consultant with NRI focused on conducting penetration testing and vulnerability assessments. Dan Goga has eight years of information security experience in the public, private, and academic sectors. Dan has extensive knowledge and experience with RFID hacking, phishing techniques, social engineering techniques, and penetration testing.




Forging Strong Cyber Communities in Uncertain Times

Creator Talk Map Page – LVCC West-Level 2-W205 (The Diana Initiative Community)
When:  Saturday, Aug 9, 13:00 – 13:59 PDT

Creator: The Diana Initiative

HD Moore and Nicole Schwartz explore what it takes to create and foster robust cybersecurity communities and why we should all get involved in these important initiatives — now more than ever. HD will share insights from developing the open-source Metasploit Project, drawing parallels with the enduring principles of in-person community building that Nicole and her board members rely upon to grow and sustain The Diana Initiative.

Get strategies for initiating, nurturing, and scaling these vital networks, incorporating inclusive practices, and cultivating sustainable growth. Plus see how you can actively contribute to these communities regardless of your skillset and where you are in your career, and why doing so is critical to building collective and powerful resilience against evolving cyber threats.


People:
    SpeakerBio:  HD Moore

HD Moore is a pioneer of the cybersecurity industry who has dedicated his career to vulnerability research, network discovery, and software development since the 1990s. He is most recognized for creating Metasploit and is a passionate advocate for open-source software and vulnerability disclosure. HD serves as the CEO and founder of runZero, a provider of cutting-edge attack surface management and exposure management software. Prior to founding runZero, he held leadership positions at Atredis Partners, Rapid7, and BreakingPoint. HD’s professional journey began with exploring telephone networks, developing exploits for the Department of Defense, and breaking into financial institutions. When he’s not working, he enjoys hacking on weird Go projects, building janky electronics, running in circles, and playing single-player RPGs.

SpeakerBio:  Nicole “CircuitSwan” Schwartz

Nicole Schwartz (a.k.a. CircuitSwan) speaks about Information Security, DevSecOps, Software Supply Chain Security, Agile, Diversity & Inclusion, and Women in Technology. She is the Senior Security Product Manager at ActiveState, the Chair of the Board for the Diana Initiative 501(c)3, Director of BSides Edmonton Information Security Foundation, and an organizer of SkyTalks village at BSidesLV.




Format Fu: The Way of the Percent Sign

Creator Talk Map Page – LVCC West-Level 2-W235 (DEF CON Academy)
When:  Sunday, Aug 10, 10:00 – 10:59 PDT

Creator: DEF CON Academy

In the discipline of Format Fu, silence is strength and syntax is sharp. This session explores the art of exploiting format string vulnerabilities, where crafted output can be used to leak memory, overwrite values, and seize control. A single percent x can expose stack addresses. A carefully placed percent n can rewrite memory. You will learn to recognize these subtle flaws, manipulate them with precision, and turn seemingly harmless input into a powerful exploit.


People:
    SpeakerBio:  tedan_vosin, Arizona State University
No BIO available



From adversarial to aligned, redefining purple teaming for maximum impact

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Friday, Aug 8, 11:00 – 11:45 PDT

Creator: Adversary Village

Purple teaming is no longer just about red meets blue, it is about shared intelligence, continuous collaboration, and realistic adversary emulation. In this panel, we explore how modern security teams are moving from siloed operations to unified strategies that reflect how real attackers operate. By rethinking purple teaming as a proactive, intelligence-driven discipline, organizations can uncover detection gaps, improve response times, and drive measurable improvements in their defenses. Join us as we unpack how aligning offensive and defensive teams unlocks the full potential of purple teaming and leads to lasting security impact.


People:
    SpeakerBio:  Adam Pennington, ATT&CK Lead at The MITRE Corporation

Adam Pennington leads ATT&CK at The MITRE Corporation and collected much of the intelligence leveraged in creating ATT&CK’s initial techniques. He has spent much of his 15 years with MITRE studying and preaching the use of deception for intelligence gathering. Prior to joining MITRE, Adam was a researcher at Carnegie Mellon’s Parallel Data Lab and earned his BS and MS degrees in Computer Science and Electrical and Computer Engineering from Carnegie Mellon University. Adam has presented and published in several venues including FIRST CTI, USENIX Security, DEF CON, and ACM Transactions on Information and System Security.

SpeakerBio:  Sydney Marrone, Threat hunter at Splunk

Sydney is a threat hunter, co-author of the PEAK Threat Hunting Framework, and co-founder of THOR Collective. A proud thrunter, she is dedicated to advancing the craft of threat hunting through hands-on research, open-source collaboration, and community-driven initiatives like HEARTH (Hunting Exchange And Research Threat Hub). When not hunting threats, she’s crafting content for THOR Collective Dispatch, lifting weights, and keeping the hacker spirit alive.

SpeakerBio:  Lauren Proehl, Global Head of Detection and Response at Marsh McLennan, Co-Founder at THOR Collective

Lauren Proehl is the Global Head of Detection and Response at Marsh McLennan. She is an experienced incident responder and threat hunter who has helped identify and mitigate cyber adversaries in Fortune 500 networks. After leading investigations ranging from data breaches to targeted attacks, she now works to define some part of the limitless unknowns in cyberspace and make cybersecurity less abstract, and more tangible. Lauren sits on the CFP board for BSides Kansas City, heads up SecKC parties, and tries to escape computers by running long distances in the woods.

SpeakerBio:  Nikhil, Founder at Altered Security

Nikhil’s areas of interest include red teaming, Azure and active directory security, attack research, defense strategies and post exploitation research. He has 15+ years of experience in red teaming.

He specializes in assessing security risks in secure environments that require novel attack vectors and “out of the box” approach. He has worked extensively on Azure, Active Directory attacks, defense and bypassing detection mechanisms. Nikhil has held trainings and bootcamps for various corporate clients (in US, Europe and SE Asia), and at the world’s top information security conferences.

He has spoken/trained at conferences like DEF CON, BlackHat, BruCON and more.

Nikhil is the founder of Altered Security – a company focusing on hands-on enterprise security learning – https://www.alteredsecurity.com/




From Cheat Engine to GPT: AI Hacks So Good, You’ll Get Banned IRL

Creator Talk Page – Online
When:  Saturday, Aug 9, 11:00 – 11:59 PDT

Creator: DEF CON Groups VR (DCGVR)

Why grind when you can hack? In this walkthrough, we explore how modern LLMs and AI tooling can vibe-code game hacks faster than your buddy speedrunning with Cheat Engine. We’ll break down Windows internals—threads, processes, virtual memory—and show how single-player games expose juicy variables ripe for memory editing. Then we crank it up: for online games, we move beyond static memory shenanigans to modifying protocol handlers, intercepting function calls, and fuzzing inputs to uncover server-side bugs like infinite gold, integer overflows, and teleportation exploits. Who needs skills when your AI sidekick can boost you through memory space and into dev-only zones?

Note: DCGVR Talks are scheduled 1 hour slots, but the actual presentations can be as short as 30 minutes. Please arrive at the start of the hour.


People:
    SpeakerBio:  Manfred

Manfred (@_EBFE) has spent the past 20 years reverse engineering and exploiting MMORPGs. He’s dissected the communication protocols of more than 22 well-known online games, bypassed anti-tampering systems, and slipped past software and hardware fingerprinting like it was part of the tutorial. These days, he explores the intersection of security and virtual economies as a security engineer and researcher at [redacted], channeling the same energy he once used to undermine game servers—now powered by CI pipelines and compliance checklists.




From Dare to Discovery: How OSINT and Modern Recon Techniques Uncovered a Global VPN Infrastructure

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Friday, Aug 8, 13:25 – 14:10 PDT

Creator: Recon Village

What started as a weekend gaming session and a friendly dare evolved into discovering critical vulnerabilities affecting OpenVPN endpoints on a global scale.x000D This talk demonstrates a comprehensive reconnaissance methodology that combines traditional OSINT techniques with modern cloud-based intelligence gathering to map and exploit critical infrastructure at scale.x000D x000D The presentation follows a complete attack chain that showcases advanced reconnaissance techniques:x000D x000D Phase 1: Intelligence Discovery & Infrastructure Mapping_x000D_ 1. VirusTotal RetroHunt OSINT: Writing custom YARA signatures to discover 50+ vulnerable drivers across the internet, demonstrating how one vulnerability discovery can reveal widespread systemic issues_x000D_ 2. Supply Chain Intelligence: OSINT techniques to identify that OpenVPN (the world’s most popular open-source VPN) was the common denominator, affecting thousands of companies and numerous endpoints_x000D_ 3. Target Profiling: Understanding OpenVPN’s multi-process architecture, plugin mechanisms, and Windows internals through open-source research_x000D_ x000D Phase 2: Remote Reconnaissance & Credential Harvesting_x000D_ 1. Network Enumeration: SMB enumeration, null session exploitation, and remote named pipe discovery_x000D_ 2. Credential Intelligence: Capturing NTLMv2 hashes through network reconnaissance and social engineering techniques_x000D_ 3. Cloud-Powered Cracking: Leveraging cloud GPU infrastructure (VAST.AI + Hashcat) to crack enterprise credentials at scale, demonstrating how modern attackers use accessible cloud resources_x000D_ x000D Phase 3: Remote-to-Local Attack Chain_x000D_ 1. Remote Code Execution: Using UNC paths and OpenVPN’s plugin mechanism to execute code remotely_x000D_ 2. Local Privilege Escalation: “Open Potato” attack – exploiting named pipe hijacking and Windows impersonation for LPE_x000D_ 3. Security Product Bypass: Bring Your Own Vulnerable Driver (BYOVD) techniques to achieve kernel code execution and bypass security solutions_x000D_ x000D Reconnaissance Applications:x000D The methodologies demonstrated can be repurposed for legitimate security activities:x000D 1. Red Team Operations: Comprehensive target profiling and credential harvesting techniques_x000D_ 2. Bug Bounty Research: Systematic vulnerability discovery across software ecosystems x000D 3. Threat Intelligence: Understanding how threat actors chain reconnaissance techniques_x000D_ 4. Infrastructure Assessment: Mapping organizational VPN deployments and security postures_x000D_ x000D The talk includes live demonstrations of:x000D – Custom YARA signature development for vulnerability hunting_x000D_ – Cloud-based credential cracking workflows x000D – Remote service enumeration and exploitation_x000D_ – Building comprehensive target profiles through passive reconnaissance_x000D_ – Security product evasion techniques applicable to red team scenarios_x000D_ x000D Attendees will learn practical reconnaissance methodologies that can be immediately applied to their own security research, with emphasis on the intelligence gathering processes that enable sophisticated attack chains.


People:
    SpeakerBio:  Vladimir Tokarev

Vladimir Tokarev is a seasoned senior security researcher, specializing in IoT/OT, Windows, and Linux vulnerabilities research. With extensive experience in cybersecurity, Vladimir has demonstrated a keen ability to identify and address critical security issues in various systems.x000D In 2023, Vladimir presented his research titled “CoDe16: 16 Zero-Day Vulnerabilities Affecting CODESYS Framework, Leading to Remote Code Execution on Millions of Industrial Devices Across Industries” at Black Hat. This comprehensive study focused on vulnerabilities within the widely used CODESYS framework, revealing potential risks to industrial devices across different sectors. Vladimir’s meticulous analysis uncovered a total of 31 new vulnerabilities, highlighting the importance of proactive security measures in OT environments.x000D In addition to his research on CODESYS, Vladimir has contributed to enhancing security in other critical systems. He discovered two new vulnerabilities in the Windows Driver of Foxboro DCS Control Core Services and one new vulnerability in SFPMONITOR.SYS, a component used by SonicWall products. Furthermore, Vladimir has identified vulnerabilities in TP-Link products.x000D twitter: @G1ND1L4




From Data Security to Discovery: How ARPA-H is Using AI to Transform Health Care in America

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Friday, Aug 8, 14:40 – 15:20 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

Leaders and program managers from the Advanced Research Projects Agency for Health (ARPA-H) discuss how the agency’s programs are using AI to advance better health outcomes, from securing patient data to discovering new cures and improving health care access.


People:
    SpeakerBio:  Jennifer Roberts, Resilient Systems Mission Office Director at ARPA-H, Ph.D.
No BIO available
SpeakerBio:  Andy Kilianski, Program Manager and acting Deputy Director at ARPA-H’s Health Science Futures Mission Office, Ph.D.
No BIO available
SpeakerBio:  Ross Uhrich, Program Manager at ARPA-H
No BIO available
SpeakerBio:  Andrew Carney, Program Manager at DARPA & ARPA-H AIxCC

Andrew Carney, Program Manager, AI Cyber Challenge, DARPA and Program Manager, Resilient Systems, Advanced Research Projects Agency – Health (ARPA-H)

Andrew Carney is program manager for the DARPA AI Cyber Challenge (AIxCC) and a program manager at the Advanced Research Projects Agency for Health (ARPA-H) where he leads programs and projects to improve health cybersecurity.

Carney was previously a technical advisor and contractor for the Defense Advanced Research Projects Agency (DARPA). At DARPA, he supported research efforts focused on reverse engineering, program analysis, human-machine teaming, and automated program repair. Carney has over 15 years of experience in software and hardware vulnerability research, technical education and training, and Capture the Flag (CTF) competitions. He holds a master’s degree in computer science from The Johns Hopkins University.




From One-Shot Red Teams to Continuous AI Security: Building Scalable Evaluation with Inspect Cyber

Creator Talk Map Page – LVCC West-Level 3-W314-W316 (AI Village)
When:  Friday, Aug 8, 14:30 – 15:30 PDT

Creator: AI Village

People:
    SpeakerBio:  Vy Hong, UK AI Security Institute
No BIO available



From Prompt to Pwn: Un viaje por el OWASP Top 10 para LLMs (ESP)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Sunday, Aug 10, 11:00 – 11:59 PDT

Creator: La Villa

Los modelos de lenguaje han revolucionado la productividad… y también han abierto nuevas superficies de ataque. Esta charla presenta un recorrido práctico por el OWASP Top 10 para LLMs, destacando vulnerabilidades como prompt injection, data leakage, model denial y más.x000D x000D A través de demostraciones reales, analizaremos cómo estas fallas pueden ser explotadas en entornos empresariales y cómo mitigarlas desde la perspectiva de la seguridad ofensiva y defensiva.x000D x000D Si te interesa el hacking de IA, el análisis de riesgos emergentes o simplemente quieres ver cómo se puede pwn un modelo con unas líneas de texto, esta charla es para vos.x000D


People:
    SpeakerBio:  Randy Varela, Senior Security Consultant – Akamai

x000D Randy Varela @𝙃𝙖𝙘𝙠𝙞𝙣𝙜𝙢𝙚𝙨𝙨 is a cybersecurity professional with a solid decade immersed in cybersecurity from Costa Rica 🇨🇷 My role as a cybersecurity leader has led me to work on multiple projects from Red Teaming, Risk and Compliance, SOC engineering, Cloud Architect, and Pentesting.




From Pwn to Plan: Turning Physical Exploits Into Upgrades

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Saturday, Aug 9, 12:00 – 12:59 PDT

Creator: Physical Security Village

Everyone loves breaking in—but that’s just step 7 out of 10. This session explores what it really takes to run a physical pen test that’s not just exciting, but also safe, smart, and worth the money for your company or client. We’ll follow the full journey – from breach-focused OSINT and recon, to delivering findings that teams act on. Expect war stories, dumb mistakes, and smart takeaways as you learn how to turn a good break-in into a lasting impact.


People:
    SpeakerBio:  Shawn

Too many security programs bring a clipboard to a gunfight. Shawn helps companies match and defend against the adversary’s tactics – no firearms required. As an adversary for hire, Shawn leads physical red teams that test Fortune 100s, government agencies, and critical infrastructure. He started the largest physical red team in Silicone Valley and teaches security risk management and red teaming to cybersecurity graduate students. From fake badges to forged businesses, kidnapping executives to smuggling weapons, he runs ops that find the gaps in physical security before the bad guys do.




From Solo Nix to Team Infrastructure: Deploying NixOS with Clan

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Saturday, Aug 9, 13:00 – 13:30 PDT

Creator: Nix Vegas Community
Most people discover NixOS as a solo pursuit: taming their laptop, configuring dotfiles, or spinning up a homelab. But what happens when you want to bring others along? How do you scale your reproducible setup across a team, startup, or organization?

In this talk, I’ll share my path from managing a personal NixOS homelab to architecting infrastructure and developer environments for a growing startup. After many false starts and tangled configurations, I found Clan—a powerful framework that transformed how I manage machines, roles, and secrets. With Clan, I’ve replaced fragmented manual processes with a single source of truth for all my deployments, cutting through the clutter and reclaiming hours of maintenance time.

We’ll look at how Clan makes it easy to keep your infrastructure organized, share reusable configuration modules, handle secrets securely with Clan Vars, and scale NixOS across teams without having to start from scratch each time.


People:
    SpeakerBio:  Britton Robitzsch

I’m a senior software engineer focusing on ETL tooling and Infrastructure. I’ve been nix-pilled for around three years, and slowly infecting all my friends and coworkers. Temporarily based in NYC, more permanently based in Colorado. I’m either on the computer or out in nature, sometimes both at once.




From Tests to Targets: Expanding DAST with Selenium & ZAProxy

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Friday, Aug 8, 11:40 – 12:10 PDT

Creator: AppSec Village

This talk presents a streamlined approach to Dynamic Application Security Testing (DAST) in the Secure Software Development Life Cycle (SSDLC). By integrating DAST directly into existing Selenium-based web tests and using ZAProxy, the traditional complex setup – such as URL parsing and authentication – is avoided. The proposed method leverages functional test coverage to better isolate vulnerabilities and simplifies setup by configuring the proxy in browser features. This integration provides earlier security feedback and increases the efficiency of vulnerability detection compared to traditional spider-based testing, proving it to be a more practical and effective alternative.


People:
    SpeakerBio:  Sara Martinez Giner

Sara has enjoyed testing and automation for more than 10 years, ensuring high quality products in industries such as Telecommunications, Geolocation, Big Data, and Power Electronics. In 2019, she shifted her focus to cybersecurity testing, applying her knowledge of quality assurance to testing security software products. Since then, Sara has continued to hone her skills and integrate cybersecurity into every aspect of her work and research.




From the Other Side: Bug Bounty Platforms on Triage Challenges and Solutions

Creator Talk Map Page – LVCC West-Level 3-W326 (Bug Bounty Village)
When:  Saturday, Aug 9, 15:00 – 16:30 PDT

Creator: Bug Bounty Village

Triage sits at the heart of every successful bug bounty and vulnerability disclosure program, yet it remains one of the most misunderstood and friction-heavy processes in our industry. As platforms scale to handle thousands of reports while maintaining quality and researcher satisfaction, the challenge isn’t just operational—it’s fundamentally human.

This talk pulls back the curtain on modern triage operations, exploring how leading platforms structure their workflows, train their teams, and balance the competing demands of speed, accuracy, and community trust. We’ll dive into the operational realities of scaling triage across diverse programs, the tools and processes that enable consistency, and the communication strategies that turn potential conflicts into collaborative dialogues.

Drawing from real-world experiences, we’ll examine how platforms are evolving their approach to handle disagreements constructively, implement fair appeals processes, and gather meaningful feedback from researcher communities. We’ll also look ahead to emerging technologies and cultural shifts that promise to reshape how triage operates.

Whether you’re building a triage team, managing researcher relationships, or simply trying to understand why that report was closed, this session offers practical insights into creating triage processes that serve both security outcomes and human needs. Because great triage isn’t just about finding the right answer—it’s about building the trust and transparency that makes our entire ecosystem stronger.


People:
    SpeakerBio:  Michelle Lopez, Lead Triager at HackerOne

Hey there hackers! I am a Lead Triager at HackerOne based in Denver. I started my security journey by sending out download links to trojans to unsuspecting users on ICQ. Years later I began poking around internal systems at the companies I worked at. This led to a deeper interest in how easily users can be compromised. Shortly after I went all in on learning all things appsec related. Today I get to see, recreate, assess, and triage your bug bounty reports which range from open redirects to PII disclosure of thousands of customers to novel LLM hacks. I’ve triaged over 10,000 reports. My advice is to validate your input! Feel free to reach out over LinkedIn.

SpeakerBio:  Michael “codingo_” Skelton, Bugcrowd
No BIO available
SpeakerBio:  Inti “intidc” De Ceukelaire, Chief Hacker Officer at Intigriti

Inti De Ceukelaire is a Belgian ethical hacker and cybercrime investigator. He currently works as the Chief Hacker Officer at Europe’s largest vulnerability disclosure platform Intigriti, a founding member of the Hacker Policy Council. In 2018, Inti won the “Most Valuable Hacker” award at the largest live hacking event in Las Vegas.

With extensive experience in the field of security and ethical hacking, Inti has earned a reputation as a thought leader in the industry. His work and expertise have been featured in a variety of international publications, including the BBC, Wired, The Verge, CNET, Mashable, and New York Magazine. Inti has made global headlines through his security awareness pranks, which have included manipulating the Vatican’s website, creating fake news on Donald Trump’s Twitter account, and hacking Metallica. Through these high-profile stunts, Inti has drawn attention to the importance of cybersecurity and the need for individuals and organisations to be vigilant about potential threats. As an experienced and engaging speaker, Inti is able to make complex topics accessible to a wide audience. He has spoken at a variety of conferences and events, sharing insights on the latest trends in cybersecurity and offering practical tips to help individuals and organisations protect themselves from potential threats.

He is also a trusted source for media outlets seeking expert commentary on topics related to cybersecurity, hacking and technology.

SpeakerBio:  Eddie Rios, Synack

Born and raised in TX, been hacking or breaking things since I was Kid. Got my start in Phreaking because computers were too expensive back then! Been working in the Information Security field since 2013 and have been working for Synack since 2016. I’ve seen over 15k reports in that time and have been pretty active with researchers from all over the world. Before security I worked as a technician for various companies including Geek Squad. Before my time on in IT I did body piercings or worked in various fields included retail and fast food. All of which helped me understand the importance of helping people to the best of my abilities.

SpeakerBio:  Anthony Silva, Customer Success Manager at YesWeHack

Anthony Silva is a Customer Success Manager at YesWeHack, where he manages a diverse portfolio of clients — from startups to international enterprises — across multiple industries and countries.

He supports organizations in designing, launching, and optimizing their bug bounty, vulnerability disclosure (VDP), and pentest programs, guiding them from initial onboarding through the full lifecycle of their engagements.

Anthony works closely with cross-functional teams, including sales, product, technical experts, triage analysts, and the hacker community, to ensure customer satisfaction and program effectiveness.

Before joining YesWeHack, he gained valuable experience in various technology and consulting companies, where he developed a strong foundation in cybersecurity, project management, and client relations. As an active registered hunter on several platforms, he also brings hands-on insight into offensive security practices.

Based in Paris and originally from Toulouse, Anthony has French, Spanish, and Portuguese roots. He is passionate about technology, geopolitics, science, and video games.

SpeakerBio:  Jasmin “JR0ch17” Landry

Jasmin Landry is a seasoned ethical hacker and full-time bug bounty hunter who has reported hundreds of security vulnerabilities to some of the world’s largest tech companies. After years leading cybersecurity efforts as Senior Director of Information Security at Nasdaq, Jasmin returned to his roots in hacking — now focusing exclusively on uncovering critical bugs through bug bounty platforms. Recognized at multiple live hacking events for top findings, he brings a sharp eye for unexpected issues and a deep understanding of modern attack surfaces. He’s also a co-leader of OWASP Montréal and an active voice in the security research community.




From Wake Island to the War Room: A Black Cyber Leader’s Path to Purpose

Creator Talk Map Page – LVCC West-Level 3-W322-W324 (Blacks In Cyber Village)
When:  Saturday, Aug 9, 11:30 – 11:59 PDT

Creator: Blacks In Cyber Village

This talk highlights the untold journey of a Black cybersecurity leader navigating the most secure corners of tech—military communications, national defense, and federal compliance. Nykolas Muldrow takes the audience through his lived experiences on Wake Island and Guantanamo Bay, sharing how isolation, racial identity, and high-stakes missions shaped his technical approach and leadership philosophy. Attendees will leave with lessons on building resilience, mastering risk, and leveraging identity to break into rooms not built for us, but needed by us.


People:
    SpeakerBio:  Nykolas Muldrow

Nykolas Muldrow is a Cyber Solutions Architect, U.S. Air Force Cybersecurity Instructor, and CEO of CI Solutions Global Inc. With 15+ years in federal contracting and critical infrastructure defense, he specializes in compliance, cybersecurity operations, and leadership development. A doctoral candidate and national speaker, Nykolas is committed to elevating the Black voice in cybersecurity and building resilient pathways to executive tech leadership. His work fuses real-world defense strategy with culturally informed mentorship and innovation.




Full Court Press: How Basketball Officiating Shaped a Cybersecurity Career

Creator Talk Map Page – LVCC West-Level 3-W322-W324 (Blacks In Cyber Village)
When:  Sunday, Aug 10, 10:00 – 10:30 PDT

Creator: Blacks In Cyber Village

What do elite basketball teams and top-tier cybersecurity professionals have in common? More than you might think. In this talk, I’ll share how my journey as a basketball player and official provided a unique foundation for a thriving career in cybersecurity. From the hardwood to the SOC, the skills of teamwork, rapid decision-making, communication, and strategic thinking are not just transferable—they’re essential. Drawing on real-world examples, I’ll demonstrate how the lessons learned from the court directly translate to defending against digital threats, building resilient teams, and navigating high-pressure incidents. Whether you’re a sports enthusiast, a cybersecurity pro, or just curious about unconventional career paths, this session will show you how to leverage your own unique experiences for success in the cyber arena.


People:
    SpeakerBio:  Jason Brooks

Jason Brooks is a cybersecurity professional with a unique blend of military discipline and Silicon Valley roots. A proud Bay Area native and U.S. Navy veteran, Jason brings over a decade of experience in threat intelligence, SOC operations, and cyber defense strategy. With a passion for both technology and community, he identifies as a “nerdlete”—a lifelong learner and athlete—dedicated to protecting digital infrastructure while mentoring the next generation of cyber talent. Grounded in the birthplace of modern tech, Jason represents the second generation of innovators committed to making cybersecurity more diverse, effective, and equitable.




Full Disclosure, Full Color: Badge-making story of this year’s BBV badge

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Sunday, Aug 10, 11:00 – 11:30 PDT

Creator: Bug Bounty Village

This talk pulls the curtain on the behind-the-scenes badge-making story of the second official Bug Bounty Village badge. A fascinating and intricate blend of interactive electronics, layered PCB prints, and Matrix-style LED effects, all wrapped around an engaging CTF.


People:
    SpeakerBio:  Abhinav Pandagale, Founder at Hackerware.io

Abhinav’s artistry comes from the times he used to sneakily paint drawings made by his sister. His hacking career began as a toddler, disassembling his toys but never put them back together. His entrepreneurial roots come from selling snacks at a school fair and making a loss of . Having learned how not to make money, he launched Hackerware.io – a boutique badgelife lab with in-house manufacturing – which has grown over the past nine years into a global presence across 19 countries. He’s often spotted at conferences around the world – hosting hardware villages or pulling off the kind of random shenanigans that earned him the Sin CON Person of the Year 2025 award.




Fundamentals of Election Technology Security

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Friday, Aug 8, 10:15 – 10:59 PDT

Creator: Voting Village

This talk is an overview of the role of technology in modern US elections, how that technology can fail, and the various safeguards and countermeasures against compromise that can (or should) be employed to keep elections secure.

Links:
    www.law.georgetown.edu/faculty/matt-blaze/ – https://www.law.georgetown.edu/faculty/matt-blaze/

People:
    SpeakerBio:  Matt Blaze, Georgetown University; Chairman, Election Integrity Foundation

Matt Blaze is the McDevitt Chair of Computer Science and Law at Georgetown University, where his research focuses on problems at the intersection of technology, public policy, and law. Prior to joining Georgetown, he was a professor of computer science at the University of Pennsylvania, and prior to that, a founding member of the Secure Systems Research Department at AT&T Bell Labs. He holds a PhD in computer science from Princeton, an MS from Columbia, and a BS from the City University of New York. Blaze’s scholarship and practical work in high-integrity voting and elections technology dates back more than 25 years. He led teams that examined source code for security vulnerabilities on behalf of the states of California and Ohio for the Top-to-Bottom Review and EVEREST studies. He has testified on election security and other topics before the US Congress over a dozen times, served on various federal and state advisory boards, and has published numerous scholarly research papers on elections and related subjects. He is a founding member of the DEFCON Voting Village, and currently serves as board chair of the Election Integrity Foundation.




Game Hacking 101

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Friday, Aug 8, 14:00 – 14:45 PDT

Creator: GameHacking.GG

Intro basics about concepts in game hacking and security principles within video games.


People:
    SpeakerBio:  Julian “Julez” Dunning, Security Founder & Leader

Julian has a storied career in cybersecurity, initially focusing on offensive security. He has developed several popular open-source security tools, including statistics-based password-cracking methods. Julian also co-founded Truffle Security, creators of the widely used open-source tool TruffleHog. Recently, he established a new DEFCON village called GameHacking.GG promotes interest and awareness in-game security.




Geopolitical Cyber Topic Survey Results Panel

Creator Talk Map Page – LVCC West-Level 2-W234 (Policy @ DEF CON)
When:  Friday, Aug 8, 16:30 – 17:50 PDT

Creator: Policy @ DEF CON

A panel of cyber policy and other experts will discuss the results of the inaugural Policy @ DEF CON Cyber Contingencies Survey.

The moderator will ask a series of questions based on the results of the survey to facilitate a discussion on current and emerging threats, their likelihood, and potential impacts.


People:
    SpeakerBio:  Christopher Painter

Christopher Painter is a globally recognized leader on cyber policy, cyber diplomacy, cybersecurity and combatting cybercrime. He has been at the vanguard of cyber issues for over 30 years, first as a federal prosecutor handling some of the most high-profile cyber cases in the U.S., then as a senior official at the U.S. Department of Justice, the FBI, the White House National Security Council and, finally, as the world’s first cyber diplomat at the U.S. Department of State. Among many other things, Chris is a founder of The Cyber Policy Group, has served as the President of the Global Forum on Cyber Expertise Foundation, serves on the board of the Center for Internet Security and the Public Sector Advisory Board for Palo Alto Networks and was a commissioner on the Global Commission for the Stability of Cyberspace. He is a frequent speaker on cyber issues, frequently is interviewed and quoted in the media and has testified on numerous occasions to U.S. Congressional committees. He has received a number of awards and honors including Japan’s Order of the Rising Sun, Estonia’s Order of Terra Mariana, RSA Security Conference’s Public Policy Award, the Attorney General’s Award for Exceptional Service and was named the Bartles World Affairs Fellow at Cornell University. He received his B.A. from Cornell University and J.D. from Stanford Law School.

SpeakerBio:  Matt Blaze, Georgetown University; Chairman, Election Integrity Foundation

Matt Blaze is the McDevitt Chair of Computer Science and Law at Georgetown University, where his research focuses on problems at the intersection of technology, public policy, and law. Prior to joining Georgetown, he was a professor of computer science at the University of Pennsylvania, and prior to that, a founding member of the Secure Systems Research Department at AT&T Bell Labs. He holds a PhD in computer science from Princeton, an MS from Columbia, and a BS from the City University of New York. Blaze’s scholarship and practical work in high-integrity voting and elections technology dates back more than 25 years. He led teams that examined source code for security vulnerabilities on behalf of the states of California and Ohio for the Top-to-Bottom Review and EVEREST studies. He has testified on election security and other topics before the US Congress over a dozen times, served on various federal and state advisory boards, and has published numerous scholarly research papers on elections and related subjects. He is a founding member of the DEFCON Voting Village, and currently serves as board chair of the Election Integrity Foundation.

SpeakerBio:  Matt Wein, Founder at Wein Strategy Lab

Matthew Wein is the founder of Wein Strategy Lab, an independent consulting firm focused on cybersecurity and homeland security issues. He previously served as a Professional Staff Member for the U.S. House Committee on Homeland Security, as an official at the Department of Homeland Security, and in Deloitte’s Cyber Risk practice. He also writes the Secure Stakes newsletter that focuses on sports gambling’s impact on Homeland Security.

SpeakerBio:  Winnona DeSombre Bernsen

Winnona DeSombre Bernsen is founder of the offensive security conference DistrictCon, held in Washington DC, and nonresident fellow at the Atlantic council. She was formerly a security engineer at Google’s Threat Analysis Group, tracking targeted threats against Google users. Her most recent paper, Crash (exploit) and burn, focuses on comparing the supply and acquisition pipelines of zero day exploits for the US and China.




Getting Caught in Offensive Security

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-405 (Red Team Village)-RTV Track 2
When:  Saturday, Aug 9, 12:00 – 12:50 PDT

Creator: Red Team Village

War stories and bad moves from those in the field.


People:
    SpeakerBio:  Graham Helton

Graham Helton is currently a Red Team Specialist at Google specializing in Linux exploitation. Graham posts frequently on his website grahamhelton.com with deep dives on various security related topics. In his free time he likes to pretend like he knows what he’s doing, coffee, and cooking.

SpeakerBio:  Kevin Clark, Red Team Instructor at BC Security

Kevin Clark is a Security Consultant with TrustedSec and a Red Team Instructor with BC Security, with a diverse background in software development, penetration testing, and offensive security operations. Kevin specializes in initial access techniques and Active Directory exploitation. He has contributed to open-source projects such as PowerShell Empire and developed custom security toolkits, including Badrats and Ek47. A skilled trainer and speaker, Kevin has delivered talks and conducted training sessions all over the country at cybersecurity conferences, including Black Hat and DEF CON, and authors a cybersecurity blog at https://henpeebin.com/kevin/blog.

SpeakerBio:  Red Team Village Staff
No BIO available
SpeakerBio:  Skyler Knecht

Skyler is a Senior Security consultant at SpecterOps, where he performs security assessments for Fortune 500 organizations. With over six years of experience, he focuses on initial access research and contributes to the security community through open-source development and conference presentations. Skyler has presented at DEF CON and BSides and actively collaborates on open-source projects such as Messenger, Ek47, Connect, and Metasploit. He also conducts vulnerability research, having discovered multiple zero-day vulnerabilities in enterprise software.




Getting into CTF

Creator Talk Map Page – LVCC West-Level 2-W235 (DEF CON Academy)
When:  Friday, Aug 8, 17:00 – 17:59 PDT

Creator: DEF CON Academy

Capture the Flag competitions offer one of the fastest, most practical ways to break into cybersecurity. These puzzle-style challenges teach real-world skills like reverse engineering, exploitation, and digital forensics through hands-on experience. This talk introduces the structure of CTFs, how to get started, and why they are valuable for both beginners and seasoned professionals. Students, developers, and tech enthusiasts alike can use CTFs to build skills and demonstrate talent. No experience is necessary, just curiosity and a desire to learn by doing.


People:
    SpeakerBio:  x3ero0, Arizona State University
No BIO available



Getting to Top 250 on HtB with Nix and LLMs

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Saturday, Aug 9, 15:30 – 16:30 PDT

Creator: Nix Vegas Community

In this talk, the speaker walks through how they used Nix to declare several AI models with full access to their computer in order to climb the Hack The Box (HtB) leaderboard—after being previously hardstuck at the “Hacker” rank while juggling the responsibilities of being a busy dad.

They demonstrate a semi-autonomous workflow where they are (not) automating themselves out of a job. The talk explores the challenge of tackling numerous CTF problems with limited time and shows how the combination of Nix and AI offers a powerful workflow for solving CTFs that often require multiple, isolated testing environments.

Finally, this custom Nix-based setup is compared to more traditional security-focused distros like Kali and AthenaOS. The talk ends by exploring how this approach transfers to real-world offensive security scenarios—pen testing, red teaming, and bug bounty hunting—and how much of it can be practically applied.


People:
    SpeakerBio:  cooldadhacking

Rambo has been doing offensive security for almost a decade now. He’s okay at it, and has gotten by largely on vibes and personality. In spite of his mediocrity, his current company lets him work side projects that are related to AI and red teaming.




Global DCGs: Chaos, Connection, and Community – The 2025 State of the Hack

Creator Talk Map Page – LVCC West-Level 2-W237 (DEF CON Groups)
When:  Friday, Aug 8, 11:00 – 11:59 PDT

Creator: DEF CON Groups (DCG)

Join Jayson E. Street for his annual whirlwind tour through the global DEF CON Groups (DCGs) ecosystem. From Beirut basements to Bogotá rooftops, discover how hackers worldwide are building community, sharing knowledge, and causing good trouble. This kickoff tradition blends heartfelt stories, global updates, and a rallying cry for connection—because DEF CON isn’t just a conference, it’s a movement.


People:
    SpeakerBio:  Jayson E. Street, Chief Adversarial Officer at Secure Yeti

Jayson E. Street referred to in the past as: a “notorious hacker” by FOX25 Boston, “World Class Hacker” by National Geographic Breakthrough Series, and described as a “paunchy hacker” by Rolling Stone Magazine. He however prefers if people refer to him simply as a Hacker, Helper & Human.

He is the Chief Adversarial Officer at Secure Yeti and the author of the “Dissecting the hack: Series” (which is currently required reading at 5 colleges in 3 countries that he knows of). Jayson is also the DEF CON Groups Global Ambassador. He’s spoken at DEF CON, DEF CON China, GRRCon, SAINTCON & at several other CONs & colleges on a variety of Information Security subjects. He was also a guest lecturer for the Beijing Institute of Technology for 10 years.

He loves to explore the world & networks as much as he can. He has successfully robbed banks, hotels, government facilities, Biochemical companies, etc. on five continents (Only successfully robbing the wrong bank in Lebanon once, all others he was supposed to)!

He is a highly carbonated speaker who has partaken of Pizza from Bulgaria to Brazil & China to The Canary Islands. He does not expect anybody to still be reading this far, but if they are please note he was proud to be chosen as one of Time’s persons of the year for 2006.




Go Malware Meets IoT: Challenges, Blind Spots, and Botnets

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Friday, Aug 8, 11:00 – 11:59 PDT

Creator: IOT Village

AGo malware is showing up more often, especially in IoT environments. Its flexibility and ease of cross-compilation make it attractive to attackers, but it also makes life harder for analysts and defenders. Go binaries are large, statically compiled, and structured in ways that traditional tools are not designed to handle. The runtime is unfamiliar, and things like string extraction, function identification, and behavior analysis can quickly become frustrating. This talk looks at why Go malware is hard to analyze and why some detection tools struggle to keep up. We will walk through practical tips and tools to make reversing Go malware more manageable, including how to recover types, strings, and function information. To tie everything together, we will look at a recent real-world example: Pumabot, a Go-based botnet targeting IoT surveillance devices. We will dig into how it works, what it targets, and what artifacts it leaves behind. By the end of the session, you will have a better understanding of how attackers are using Go in the wild and how to be better prepared for the next time it shows up in your analysis queue.


People:
    SpeakerBio:  Asher Davila, Vulnerability Researcher at Palo Alto Networks

Passionate about binary analysis, binary exploitation, reverse engineering, hardware hacking, retro computing, and music.

SpeakerBio:  Chris Navarrete, Senior Principal Security Researcher – CDSS Advanced Threat Prevention (ATP) at Palo Alto Networks

Chris Navarrete is a Senior Principal Security Researcher within the Advanced Threat Prevention team at Palo Alto Networks. His work centers on cutting-edge research in cybersecurity, particularly in threat detection and malware analysis. Previously, he served as an adjunct professor of computer science at San Jose State University, teaching Software Security Technologies. He holds a Master of Science in software engineering with a specialization in cybersecurity from San Jose State University. Chris has presented at major industry conferences, including Black Hat Asia, the Computer Antivirus Research Organization (CARO), the Cyber Threat Alliance’s Threat Intelligence Practitioners (TIPS) conference, and Black Hat Arsenal, where he introduced and released BLACKPHENIX — a framework designed to automate malware analysis workflows.




Going from Breadboard to PCB with KiCAD

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C204 (Badgelife Community)
When:  Saturday, Aug 9, 12:00 – 12:30 PDT

Creator: Badgelife Community

People:
    SpeakerBio:  Blenster
No BIO available



Gold Bug: Puzzle Panel with Friends

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Saturday, Aug 9, 10:00 – 10:59 PDT

Creator: Crypto Privacy Village

People:
    SpeakerBio:  The Gold Bug Team 2025, Psychoholics

Psychoholics is a group of nerds that love solving puzzles, drinking drinks, and doing escape rooms. We love competing in contests and CTFs, and we also run TFH, Crash&Compile and Dungeons@Defcon. Oh, and we have a Krux. 110001011100001111101 100011100110001101101




Gold Bug: Welcome

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-403 (Crypto Privacy Village)
Creator: Crypto Privacy Village

People:
    SpeakerBio:  The Gold Bug Team 2025
No BIO available



Grandoreiro & friends: brazilian banking trojans tour outside Latin America

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Friday, Aug 8, 12:40 – 13:10 PDT

Creator: Malware Village

Banking Trojans targeting Windows systems have been affecting users in Latin America for many years, with their peculiarities in the tactics, techniques and procedures used by the criminals responsible for their development. However, it was not until the early 2020s that massive campaigns began to be detected with targets outside their usual region of operation, with special emphasis on Spain and Portugal. Since then, these campaigns have not ceased and several malware families have evolved to try to be more effective, with several different criminal groups collaborating in several of these campaigns and sharing their infrastructure. Through all this years many researchers at both sides of the Atlantic ocean have worked together to gather intel that could help to take down these cybercriminal organizations with some important achievements. The goal for this presentation is to analyze the reasons why the criminals behind these threats have been successful despite the increase in online banking security measures, while revealing the latest results obtained after analyzing the most recent campaigns of these threats. We will provide several examples of campaigns used by these malware families and how they are trying to adapt to keep being successful in obtaining new victims.


People:
    SpeakerBio:  Josep Albors
No BIO available



Growing Red Team Village: What We’ve Learned Building an Offensive Security Community

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-405 (Red Team Village)-RTV Track 2
When:  Saturday, Aug 9, 10:00 – 10:55 PDT

Creator: Red Team Village

Join the founding members of Red Team Village as they share what they’ve learned building a community focused on offensive security education and discuss their evolution from hands-on leaders to mentors and advisors. From starting as a DEF CON village to growing into a 20,000+ member community, the founders will explore the complexities of building a successful community as well as the transition to letting others lead day-to-day operations.

This session covers the practical realities of community building and leadership evolution – managing volunteers, scaling membership, balancing content for different skill levels, and maintaining community culture during growth. The founders will share what worked in running the village operations, handling logistics at scale, and responding to community feedback to continuously improve the experience.

The discussion will address key questions about running and transitioning technical communities: How do you manage village operations effectively? What have you learned about scaling community management? How do you handle criticism and feedback constructively? How do you identify and develop new leaders? When and how do you step back without losing community culture? The founders will also cover practical aspects like managing large-scale events and evolving with community needs.

The session wraps up with Q&A where you can explore specific challenges around building technical communities, leadership transitions, and maintaining founding vision while empowering new voices.

Whether you’re involved in community building, thinking about starting something new, or wondering about sustainable leadership models, this panel offers honest perspectives from founders navigating the transition from builders to advisors.


People:
    SpeakerBio:  Barrett Darnell
No BIO available
SpeakerBio:  Mike Lisi

Mike Lisi is the founder of Maltek Solutions, a consulting and solutions company as well as a seasoned professional in the field of cybersecurity. Mike is known for his expertise in network, web application, and API penetration testing, his contributions toward Capture The Flag (CTF) events, and support for college cybersecurity competitions. As the founder of Maltek Solutions, Michael has carved a path of excellence, establishing a dynamic and innovative cybersecurity company. His leadership and technical expertise drive Maltek Solutions to deliver top-notch security solutions to customers and partners throughout the country.

SpeakerBio:  Omar Santos

Omar Santos is an active member of the security community, where he leads several industry-wide initiatives and standard bodies. Omar is a Distinguished Engineer at Cisco focusing on artificial intelligence (AI) security, cybersecurity research, incident response, and vulnerability disclosure. He is a board member of the OASIS Open standards organization and the founder of OpenEoX. Omar is the co-chair of the Coalition of Secure AI (CoSAI). Omar’s collaborative efforts extend to numerous organizations, including the Forum of Incident Response and Security Teams (FIRST) and the Industry Consortium for Advancement of Security on the Internet (ICASI). Omar is the co-chair of the FIRST PSIRT Special Interest Group (SIG). Omar is the co-founder of the DEF CON Red Team Village and the chair of the Common Security Advisory Framework (CSAF) technical committee.

Omar is the author of over 25 books, 21 video courses, and over 50 academic research papers. Omar is a renowned expert in ethical hacking, vulnerability research, incident response, and AI security. He employs his deep understanding of these disciplines to help organizations stay ahead of emerging threats. His dedication to cybersecurity has made a significant impact on technology standards, businesses, academic institutions, government agencies, and other entities striving to improve their cybersecurity programs. Prior to Cisco, Omar served in the United States Marines focusing on the deployment, testing, and maintenance of Command, Control, Communications, Computer and Intelligence (C4I) systems.

SpeakerBio:  Savannah Lazzara

Savannah Lazzara is a Security Engineer specializing in red teaming at a tech company. Savannah has multiple years of experience in security consulting working with many Fortune 500 corporations and has experience in carrying out security assessments, which include network assessments, social engineering exercises, physical facility penetration tests, and wireless assessments. Savannah also has experience in performing adversary simulation assessments, which include remote red team simulations, insider threat assessments, and onsite red team assessments. Savannahs area of expertise is focused on social engineering and physical security.

Savannah is a member of the Advisory Board for Red Team Village and co-authored ‘Redefining Hacking: A Comprehensive Guide to Red Teaming and Bug Bounty Hunting in an AI-Driven World’. She has spoken at several cybersecurity conferences, including Source Zero Con, BSides, and more. Savannah has also appeared on multiple podcasts, including The Hacker Factor and Hackerz and Haecksen.

SpeakerBio:  Wes Thurner
No BIO available



Hack Our Shirt

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C208 (WISP Community)
When:  Saturday, Aug 9, 16:00 – 16:59 PDT

Creator: Women in Security and Privacy (WISP)

There’s an easter egg on our shirts! Have you been racking your brain trying to solve it? Whether you’re on the right track, hitting a wall, or just have no clue where to begin, this is the talk for you! Come hang out and discover the secrets behind our shirt’s design.


People:
    SpeakerBio:  Corwin Stout, Simulation Software Engineer at Rivian Volkswagen Group Technologies

Corwin is a simulation software engineer at Rivian Volkswagen Group Technologies with over a decade of experience in the electrified vehicle industry. Drawing on his deep background in controls and robotics, coupled with professional expertise in mapping & localization, vehicle controls, and autonomous driving, he designs and implements cutting-edge simulation software for both the automotive world and beyond. When he’s not busy advancing the automotive world, Corwin loves tackling side projects that push him to learn something entirely new. That’s exactly how he ventured into coding in the privacy and security space, and he’s excited to share those first experiences with you today!




Hack the Code (of Practice): Protecting Responsible Hackers

Creator Talk Map Page – LVCC West-Level 2-W234 (Policy @ DEF CON)
When:  Friday, Aug 8, 14:00 – 15:20 PDT

Creator: Policy @ DEF CON

The Pall Mall Process is a multilateral initiative led by the UK and France to address the proliferation and misuse of commercial cyber intrusion capabilities (CCICs) – but what that means in practice is that they’re writing rules for hackers, security researchers, and the companies that employ them. The process recently concluded a Code of Practice for States, and is turning to the question of: what responsibility does the hacking and cybersecurity industry bear?

Join the Hacking Policy Council (a coalition of offensive security practitioners, platforms, and vendors) and representatives of governments convening the Pall Mall Process to discuss what a Code of Practice for Industry could look like, and how to ensure that it protects good faith hackers and researchers. We’re tackling big questions: Should companies share zero-days with governments, and when? What makes a bug bounty “good faith”? How do we keep research ethical without strangling it with red tape?

We will give hackers a behind-the-scenes look at the policy debates shaping global cybersecurity norms, share our thinking, and invite critique, chaos, or consensus from the DEF CON community. Whether you’re a red teamer, researcher, builder, or breaker – join the policy hackers to share how you think we should make (or break) this code.


People:
    SpeakerBio:  Heather West, Venable

Heather West is a policy and tech translator, product consultant, and long-term digital strategist guiding the intersection of emerging technologies, culture, governments, and policy. Equipped with degrees in both computer and cognitive science, Heather focuses on data governance, data security, artificial intelligence (AI), and privacy in the digital age. She is a subject matter authority who has written extensively about AI and other data driven topics for over a decade. She is also a member of the Washington Post’s The Network, “a group of high-level digital security experts” selected to weigh in on pressing cybersecurity issues.

SpeakerBio:  Annie Plews

Annie is currently based at British Embassy Washington, heading up the cyber policy team on behalf of the Foreign, Commonwealth and Development Office of the UK Government. In this role she represents UK Government policy priorities on cyber and telecoms to the US Government and wider DC-based industry and academic communities. Prior to this role, Annie has worked for close to a decade in other UK Government departments focused on cyber and national security. She has covered a wide variety of operational national security topics.

SpeakerBio:  Philippe Ribiere

Attaché for Science and Technology, Emerging Technology, French Embassy

SpeakerBio:  Trey Ford, Bugcrowd

Trey Ford is a seasoned strategic advisor and security thought leader with over 25 years of experience in offensive and defensive disciplines (incident response, application, network, cloud, and platform security). Trey has held key leadership roles at Deepwatch, Vista Equity Partners, Salesforce, Black Hat, and more. He has also been a valued member of Bugcrowd’s advisory board for over a decade.

Trey is passionate about working with enterprise leaders, corporate directors, and investors to help teams strengthen their technology and execution strategy. He believes in a hands-on approach to building, breaking, and deconstructing security problems.

Trey has a Master of Science from the University of Texas at Austin and executive education at Harvard Business School. Hailing from Austin, he is a husband, father, and an instrument rated private pilot.

SpeakerBio:  Alexei Bulazel, Senior Director for Cyber at National Security Council
No BIO available



Hacker vs. Triage: Inside the Bug Bounty Battleground

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Sunday, Aug 10, 11:00 – 11:59 PDT

Creator: Bug Bounty Village

Bug bounty programs often resemble battlegrounds, where security researchers (“”hackers””) and vulnerability triagers collide over validity, severity, and bounty rewards. Although this friction can strain relationships, it also represents a powerful opportunity for collaboration and community-building. In this session, experienced bug bounty hacker Richard Hyunho Im (@richeeta) and seasoned triage expert Denis Smajlović (@deni) team up to dissect these challenging interactions, share real-world stories from high-stakes bounty scenarios, and propose practical solutions for improved hacker-triager relationships.

Drawing directly from their experiences on both the researcher and company sides, Richard and Denis cover common scenarios including severity debates (e.g., Gmail aliasing vulnerabilities), unclear bug submissions, controversial gray-area issues (such as Apple’s BAC vulnerability rejection), and respectful escalation of bounty disputes (e.g., CVE-2025-24198). Attendees will gain insights into how effective communication, clear business impact framing, and mutual respect can bridge the divide between researchers and triagers.

Beyond monetary rewards, this presentation emphasizes how researchers can strategically leverage bug bounty work to enhance personal branding, build professional networks, and advance career opportunities. With empathy, humor, and candor, Richard and Denis demonstrate that the “”bounty battleground”” doesn’t need to be hostile; it can instead become a place for growth, trust, and professional success.

Key takeaways include actionable strategies for clearer reporting, effectively communicating severity, navigating gray-area cases, and respectfully challenging triage decisions. Ultimately, this talk equips attendees with tools and mindsets to positively shape the bug bounty ecosystem and foster genuine collaboration within the community.


People:
    SpeakerBio:  Richard “richeeta” Hyunho Im

Richard Hyunho Im (@richeeta) is a senior security engineer and independent vulnerability researcher at Route Zero Security. Currently ranked among the top 25 researchers in OpenAI’s bug bounty program, Richard has also received security acknowledgements from Apple (CVE-2025-24198, CVE-2025-24225, CVE-2025-30468, and CVE-2024-44235), Microsoft, Google, and the BBC. His research highlights overlooked attack surfaces, focusing on practical exploitation that challenges assumptions about everyday software security.

SpeakerBio:  Denis Smajlović, Nova Information Security

Denis Smajlović (@deni) is an OSCP-certified security engineer and Principal Security Consultant at Nova Information Security. Denis brings extensive experience managing high-profile bug bounty programs and collaborating closely with Fortune 500 companies, global tech firms, and major financial institutions. His specialty lies in bridging gaps between external researchers and internal security teams, clearly translating vulnerabilities into tangible business impacts, and fostering constructive, trust-based relationships between hackers and corporate triagers.




Hackers Welcome: How One Government Agency Got It Right

Creator Talk Map Page – LVCC West-Level 2-W234 (Policy @ DEF CON)
When:  Saturday, Aug 9, 10:00 – 11:20 PDT

Creator: Policy @ DEF CON

In his first-ever public appearance, elite hacker ZwinK joins Casey Ellis (CEO of BugCrowd) and Keith Busby (Acting CISO of the Centers for Medicare & Medicaid Services (CMS)) for a rare, unscripted look inside one of the largest, and most consequential bug bounties in the federal government. CMS touches the lives of 150M+ Americans and secures data that must not go offline — which made its decision to invite hackers inside both radical and risky.

This talk will cover how the program worked, what CMS learned, and how ZwinK uncovered critical vulnerabilities in public-facing federal systems. ZwinK will share his surprising favorite tactics, tools, and recon strategies — including how he hunts for high-value bugs in complex, regulated environments. Keith will explore how CMS weighed the risks of shining a light on its attack surface and how they battled the naysayers and managed federal red tape. Casey will discuss how BugCrowd is helping agencies shift from fear to resilience by operationalizing collaboration with hackers.

Expect real lessons, live banter, and a sharp edge — especially if your agency (or client) is still on the fence about bug bounties. No knowledge of healthcare is needed to enjoy this panel, just come curious!


People:
    SpeakerBio:  ZwinK, Hacker at Bugcrowd

ZwinK is a renowned ethical hacker and cybersecurity expert with decades of experience in identifying critical vulnerabilities in web mobile applications. Specializing in broken access control (BAC) bugs and often known as “the IDOR guy”, he has established a formidable reputation through meticulous manual penetration testing of digital services and platforms worldwide.

With an impressive track record, ZwinK has logged over 1,300 bugs on the Bugcrowd platform in only four years, showcasing his ability to uncover vulnerabilities. This expertise has earned him the #1 rank in the United States and 9th place globally on the Bugcrowd platform for high/critical impact bugs, a testament to his skill and dedication in the field of ethical hacking. He also holds the first place position on programs hosted by industry giants such as T-Mobile and State Farm.

His work has significantly bolstered the security posture of these organizations, protecting sensitive data and ensuring robust defenses against cyber threats. ZwinK continues to push the boundaries of ethical hacking, and has recently taken to working on federal government programs, such as CMS (“Centers for Medicare & Medicaid Services”). He also loves educating and inspiring the next generation of cybersecurity professionals.

SpeakerBio:  Casey Ellis, Founder and Chairperson at Bugcrowd

Casey is a serial entrepreneur and executive, best known as the founder of Bugcrowd and co-founder of The disclose.io Project. He is a 25+ year veteran of information security who grew up inventing things and generally getting technology to do things it isn’t supposed to do. Casey pioneered the crowdsourced security as-a-service model, launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the disclose.io vulnerability disclosure standardization project in 2014 prior to its launch in 2018. He’s an active member of a variety of policy and threat intelligence working groups and think tanks such as the Cyber Threat Intelligence League, w00w00, Hacking Policy Council, and the Election Security Research Forum. He has personally advised the US White House, DoD, Department of Justice, Department of Homeland Security/CISA, the Australian and UK intelligence communities, and various US House and Senate legislative cybersecurity initiatives, including preemptive cyberspace protection ahead of the 2020 Presidential Elections, the US National Cyber Strategy, and a variety of policies and EO’s relating to security research, anti-hacking law, and artificial intelligence. Casey, a native of Sydney, Australia, is based in the San Francisco Bay Area.

SpeakerBio:  Keith Busby, CISO at Centers for Medicare and Medicaid Services

Keith Busby is the Acting Chief Information Security Officer at the Centers for Medicare and Medicaid Services (CMS), where he leads enterprise cybersecurity, compliance, privacy, policy, and counterintelligence efforts. With over 20 years in IT and security; including leadership roles in cyber threat operations and compliance, he brings a mission-driven approach to modernizing and securing federal systems at scale. Keith’s roots in security run deep: from his time as a U.S. Army veteran to his work securing one of the nation’s largest school districts. He holds a B.S. in Computing and Security Technologies from Drexel University and a M.S. in Cybersecurity and Information Security from Capitol Technology University. Outside of work, Keith is a self-declared participation trophy-winning backyard BBQ pitmaster and a dedicated youth baseball coach. He thrives at the intersection of public service, technical leadership, and dad jokes.

SpeakerBio:  Leah Siskind, Center on Cyber and Technology Innovation

Leah Siskind is an AI artificial intelligence (AI) research fellow at the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies. At CCTI, her research focuses on the adversarial use of AI by state and non-state actors — including Iran, China, Russia, North Korea — targeting the United States and its allies. Previously Leah served as the deputy director of the AI Corps at the U.S. Department of Homeland Security. She previously spent four years with the U.S. Digital Service in the White House, where she led efforts to modernize government technology. Her private sector experience includes roles at data and analytics companies such as Palantir and Uptake. Earlier in her career, she worked in diplomacy as a representative of Israel’s Foreign Ministry, leading government affairs at the consulate in the Pacific Northwest.




Hacking a head unit with malicious PNG

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Friday, Aug 8, 16:00 – 16:30 PDT

Creator: Car Hacking Village

In this talk, I reveal the discovery of a novel RTOS running on automotive head units, uncovered through hardware hacking and reverse engineering. This RTOS, found in thousands of vehicles, exhibits numerous bugs and intriguing functionalities. I demonstrate how a crafted PNG file was used as a backdoor to compromise the system, highlighting both the innovative features and critical vulnerabilities present in current automotive technologies.


People:
    SpeakerBio:  Danilo Erazo
No BIO available



Hacking Back to School: How states, hackers, and civil society can support K-12 cybersecurity when federal support wavers

Creator Talk Map Page – LVCC West-Level 2-W234 (Policy @ DEF CON)
When:  Saturday, Aug 9, 16:30 – 17:50 PDT

Creator: Policy @ DEF CON

What happens to K-12 cybersecurity when federal leadership steps back? This session explores state-led cyber defense models for schools and how the hacker community can play a vital role in this ecosystem.

Our panel brings diverse perspectives on cyber policy and practice currently protecting America’s schools:

  • Federal Transition & Filling the Gap: Despite shifting federal priorities, nonprofits and educational leaders continue the critical work of developing policy solutions across all levels of government to improve K-12 cyber defense.
  • North Carolina’s Whole-of-State Approach: Combining robust shared services, mandatory incident reporting, and real-time incident response from the Joint Cybersecurity Task Force in support of K–12 schools.
  • South Dakota’s Voluntary Model: Free managed AD and Microsoft services with SOC monitoring for any school district
  • Hacker Community Integration: How the hacker community can effectively contribute to K-12 security including through victim notification

This discussion will be accessible to policy-focused attendees while providing technical participants with concrete examples of state-level cyber defense efforts. Participants will leave with insights about how to:

  • Support K-12 cyber in your state
  • Contribute your skills to protecting vulnerable schools
  • Models for public-private-hacker collaboration

People:
    SpeakerBio:  Michael Klein, Senior Director for Preparedness and Response at Institute for Security and Technology

Michael Klein is Senior Director for Preparedness and Response at the Institute for Security and Technology (IST), where he focuses on improving the resilience of “target rich, cyber poor” critical infrastructure sectors. He comes to the role with nearly 20 years of experience across K-12 education as a teacher, coach, consultant, and school district leader as well as federal cyber policy.

Most recently, as the US Department of Education’s (ED) Senior Advisor for Cybersecurity, Michael led ED’s K-12 cybersecurity work with the National Security Council, Office of the National Cyber Director, CISA, FBI, the Intelligence Community, as well as State, Local, Tribal, and Territorial (SLTT) partners, and the private sector. In his 2 years at ED, he had the honor of briefing senior leaders in the Situation Room during the largest K-12 cyber incident, organizing 3 White House events, including the “Back to School Safely” K-12 Cyber Summit hosted by the First Lady, leading the implementation of National Security Memorandum 22, and establishing a Government Coordinating Council (GCC) that engages key stakeholders around K-12 cybersecurity, ransomware, and critical infrastructure resilience.

SpeakerBio:  Vanessa Wrenn, Chief Information Officer at North Carolina Department of Public Instruction

Dr. Vanessa Wrenn serves as the Chief Information Officer (CIO) for the North Carolina Department of Public Instruction (NCDPI), where she leads the strategic direction and oversight of cybersecurity, infrastructure, system modernization, and digital learning across the state’s public schools. With a strong focus on protecting sensitive student and education data, Vanessa champions statewide cybersecurity initiatives, ensuring that North Carolina’s K–12 systems are resilient, secure, and future-ready.

In her role, she coordinates with state agencies, school districts, and technology partners to deliver innovative solutions and critical cyber resources, building a safer digital learning environment for more than 1.5 million students and educators. Vanessa is a trusted voice in educational technology and a passionate advocate for cybersecurity awareness and readiness across all levels of public education, leading the advocacy for successful prohibition of payment of ransom laws in North Carolina for state and local government entities and a strong advocate for sustainable cybersecurity funding, including efforts to expand the use of the federal E-rate program to support K–12 cyber defense needs.

SpeakerBio:  Johnathan Hampe, Chief Information Security Officer at South Dakota Bureau of Information and Telecommunications

Johnathan is the Chief Information Security Officer (CISO) for the State of South Dakota. He is responsible for the state’s cybersecurity program, security strategy, security policy, and general security operations. Prior to this role, Johnathan was an Agency & Application Support Director for the state. In that role, he oversaw the software portfolios for five state agencies and advised their leadership on a number of different IT topics, including security and compliance. Johnathan first joined the state in late 2023 as the deputy CISO. Before that, he spent over 12 years in IT leadership roles with the federal government.

SpeakerBio:  Silas Cutler, Principal Security Researcher at Censys

Silas Cutler is a Principal Security Researcher at Censys, where he brings over a decade of specialized experience in tracking organized cyber threat groups and developing advanced pursuit methodologies. Throughout his distinguished career, Silas has held leadership positions at premier cybersecurity organizations, including roles as Resident Hacker for Stairwell, Reverse Engineering Lead for Google Chronicle, and Senior Security Researcher on CrowdStrike’s Intelligence team.

Since 2021, he has played an instrumental role in advancing the Ransomware Task Force’s initiatives and as an adjunct supporting the Institute of Technology, fostering critical collaboration between public and private sectors in combating ransomware threats.

Silas is also the founder and lead developer of MalShare, a pioneering public malware repository that has supported the global security research community since 2013.




Hacking Context for Auto Root Cause and Attack Flow Discovery

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Saturday, Aug 9, 17:00 – 17:59 PDT

Creator: Packet Hacking Village

Modern SOCs are flooded with alerts yet blind to what matters. This talk shows how to auto-discover attack flows and root causes by hacking context across telemetry, logs, and threat signals. Using open-source tools and correlation logic, we’ll walk through real-world detection pipelines that stitch together events across cloud, endpoint, and network environments. You’ll learn lightweight, vendor-agnostic approaches to enrich data, group alerts by incident, and make sense of security chaos — fast.


People:
    SpeakerBio:  Ezz Tahoun

Ezz Tahoun is an award-winning cybersecurity data scientist recognized globally for his innovations in applying AI to security operations. He has presented at multiple DEFCON villages, including Blue Team, Cloud, Industrial Control Systems (ICS), Adversary, Wall of Sheep, Packet Hacking, Telecom, and Creator Stage, as well as BlackHat Sector, MEA, EU, and GISEC. His groundbreaking work earned him accolades from Yale, Princeton, Northwestern, NATO, Microsoft, and Canada’s Communications Security Establishment. At 19, Ezz began his PhD in Computer Science at the University of Waterloo, quickly gaining recognition through 20 influential papers and 15 open-source cybersecurity tools. His professional experience includes leading advanced AI-driven projects for Orange CyberDefense, Forescout, RBC, and Huawei Technologies US. Holding certifications such as aCCISO, CISM, CRISC, GCIH, GSEC, CEH, and GCP-Cloud Architect, Ezz previously served as an adjunct professor in cyber defense and warfare.




Hacking Hotel Locks; The Saflok Vulnerabilities Expanded

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Friday, Aug 8, 14:00 – 14:59 PDT

Creator: Physical Security Village

Saflok locks are present in many hotels and apartments across North America. These locks rely on poorly-secured offline authentication mechanisms, leaving them vulnerable to attackers with basic knowledge about how the system operates. Following up on the initial “Unsaflok” presentation at DEF CON 32 by Lennert Wouters and Ian Carroll, this talk will touch on areas of the system not discussed in the original presentation, such as the handheld programmer, lock programming interface, clarity about the bit fields and unencrypted data in credentials, for yet another example of why you don’t rely on security-through-obscurity for security products.


People:
    SpeakerBio:  Noah Holland, Michigan Technological University (Student)

Noah Holland is a Cybersecurity Undergraduate at Michigan Tech. He is the president of the MTU Linux User’s Group and MTU RedTeam, specializing in Access Control & Physical Security.

SpeakerBio:  Josh Stiebel

Josh Stiebel recently graduated with a CS degree from Michigan Tech. He helps run the access control village at various conventions. He is currently walking from Mexico to Canada on the PCT.




Hacking phones for Linux: Introduction to postmarketOS

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C210 (Operating Systems Community)
When:  Saturday, Aug 9, 10:00 – 10:59 PDT

Creator: Operating Systems Community

People:
    SpeakerBio:  Ranny Bergamotte, PostmarketOS
No BIO available



Hacking Reality: HoloConnect AI and the Rise of Offline Holograms in Medical Devices

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Sunday, Aug 10, 11:30 – 11:59 PDT

Creator: Biohacking Village

Imagine a hologram that talks, thinks, and operates offline—no cloud, no internet, no mercy. Born on the ISS and battle-tested in zero-gravity, HoloConnect AI is now aiming at Earth’s most vulnerable systems: medical devices.

This talk reveals how we’re embedding vision- and voice-aware AI inside air-gapped holographic agents that run locally, assist in surgery, and diagnose without ever phoning home. We’ll unpack how we cracked the interface between hardware, holography, and healthcare, and why offline is the new secure. Expect deep insights on sandboxed AI logic, secure embedded stacks, voice spoofing defense, and real-world risks when you give a glowing face to machine intelligence. Bonus: live demo of a medical-grade hologram running without Wi-Fi—because in space and in surgery, there is no Ctrl+Z.


People:
    SpeakerBio:  Fernando De La Peña Llaca, Dr

Dr. Fernando De La Peña Llaca reverse-engineered the impossible: beaming a real-time hologram into orbit using consumer devices and custom AI. As CEO of Aexa Aerospace, he led the first off-planet holoportation and is now bringing that tech back to Earth to disrupt how we interact with machines. NASA award-winner, space technologist, and long-time builder, Dr. De La Peña fuses aerospace-grade security with street-smart AI. His current mission? Build a hologram smart enough to help—and locked down enough not to kill. DEF CON is the perfect place to stress-test that logic.




Hacking Space to Defend It: Generating IoBs with SPARTA

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Sunday, Aug 10, 11:00 – 11:30 PDT

Creator: Aerospace Village

As we know, spacecraft will become prime targets in the modern cyber threat landscape, as they perform critical functions like communication, navigation, and Earth observation. While the launch of the SPARTA framework in October 2022 gave the community insight into potential threats, it didn’t address how to detect them in practical scenarios. In 2025, our research took a different approach as we didn’t just theorize about threats, we actively exploited space systems using SPARTA techniques to figure out what Indicators of Behavior (IoBs) would look like in a real-world attack scenario.

By leveraging offensive cyber techniques from SPARTA, we identified the specific patterns and behaviors that adversaries might exhibit when targeting spacecraft. These insights allowed us to systematically develop IoBs tailored to the operational constraints and unique environments of space systems. As a result, we demonstrated how Intrusion Detection Systems (IDS) for spacecraft can be designed with realistic, data-driven threat profiles.

This presentation will walk through our methodology, from exploiting space systems to crafting practical IoBs, and how these insights can directly translate to building robust IDS solutions. We’ll show how a threat-informed, hands-on approach to cybersecurity can transform theoretical knowledge into practical defenses for space infrastructure.


People:
    SpeakerBio:  Brandon Bailey, The Aerospace Corporation
No BIO available



Hacking the Edge: Real-World ESI Injection Exploits

Creator Talk Map Page – LVCC West-Level 3-W326 (Bug Bounty Village)
When:  Friday, Aug 8, 16:30 – 16:59 PDT

Creator: Bug Bounty Village

This talk provides a deep dive into Edge Side Includes (ESI) Injection, focusing on real-world findings and advanced exploitation techniques discovered during extensive testing on a private bug bounty program. While often associated with caching servers, ESI can become a potent vulnerability when user input is improperly handled. I will begin by demonstrating how to identify and confirm ESI injection points, even when standard ESI tags are initially blocked by Web Application Firewalls (WAFs). Attendees will learn how leveraging ESI can allow attackers to bypass the httponly cookie flag. I will detail how this leads directly to high-impact account takeover scenarios that are typically impossible with client-side Cross-Site Scripting (XSS) alone.

The presentation will reveal advanced techniques to overcome challenging scenarios. This includes exploiting ESI in endpoints with a Content-Type of application/json. I will also cover a unique case of exploiting ESI via a proxy endpoint by chaining it with an XSS vulnerability found on a whitelisted third-party domain.

Finally, I will share insights into navigating the realities of bug bounty hunting, including identifying and exploiting re-introduced vulnerabilities, developing persistent bypasses against evolving WAF rules, and the critical role of collaboration in uncovering complex attack vectors.

This is a highly technical talk aimed at attendees familiar with web vulnerabilities (like XSS) and concepts related to caching or CDNs. Basic knowledge of ESI syntax is helpful but not strictly required.


People:
    SpeakerBio:  Robert “nytr0gen” Vulpe, Senior Security Engineer at UiPath

Robert Vulpe, also known as nytr0gen, is a Senior Security Engineer at UiPath. He is renowned for his expertise in cybersecurity, particularly in assessing product security through various penetration testing methodologies. With over 300 pentest assessments under his belt, Robert has identified and reported over 1500 security vulnerabilities in high-profile companies such as Amazon, PayPal, Goldman Sachs, and Epic Games.

His meticulous approach to security is evident in his detailed and professional reports. He is listed among PayPal’s Top 10 Hackers and was selected for the prestigious Forbes 30 under 30 list for his outstanding achievements in cybersecurity. With more than 8 years of experience in source-code review, he possesses a keen eye for identifying code-level security flaws.




Hacking the Final Frontier: Offensive Security in Aerospace and Satellite Systems (ESP)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Saturday, Aug 9, 15:30 – 16:30 PDT

Creator: La Villa

Las tecnologías satelitales son el backbone silencioso de nuestra infraestructura digital moderna: desde comunicaciones y navegación, hasta monitoreo climático y operaciones militares. Sin embargo, estos sistemas operan bajo arquitecturas altamente específicas, frecuentemente con tecnologías legacy, protocolos propietarios, y requisitos físicos y orbitales que los hacen difíciles de probar y asegurar. Esta combinación crea un terreno fértil para actores avanzados y amenazas persistentes que pueden explotar la seguridad insuficiente del sector espacial.x000D x000D Esta charla explora técnicas ofensivas enfocadas en vulnerabilidades reales y escenarios tácticos simulados en sistemas satelitales. El contenido está respaldado por investigaciones realizadas en entornos virtuales que emulan estaciones terrestres, elnlaces de comunicación satelital, y enlaces de control y telemetría. Profundizaremos en:x000D x000D – Introducción técnica detallada a la tecnología, protocolos, infraestructura y comunicaciones satelitales_x000D_ – Técnicas para explotacion y atque a los enlaces de comunicación de satélites con estaciones terrestres_x000D_ – Emulación de estaciones terrestres, emuladores de satélites y ataques en ambientes controlados.x000D – Pruebas de penetración simuladas contra satélites virtuales por ejemplo, sniffing, replay, spoofing, y takeover, entre otros.x000D – Modelado de amenazas y TTPs inspirados en grupos APT que han apuntado a infraestructuras aeroespaciales.x000D x000D Lo que aprenderá la audiencia_x000D_ x000D – Cómo iniciar en el área y como construir un entorno de pruebas realista para realizar pentesting ofensivo en sistemas satelitales.x000D – Vectores de ataque RF, spoofing y explotación de protocolos espaciales.x000D – Cómo modelar amenazas ofensivas en el contexto aeroespacial_x000D_ – Limitaciones actuales de la ciberseguridad en el dominio espacial y oportunidades de investigación ofensiva.x000D


People:
    SpeakerBio:  Romel Marin, X-Force Red, Pentester

Romel Marín es un pentester senior en el equipo de ciberseguridad ofensiva IBM X-Force Red, con una carrera de 10 años. Destaca por su especialización en pruebas de penetración en diferentes tipos de infraestructuras de redes internas y externas, aplicaciones, redes OT, Cloud, dispositivos iot, tecnología aeroespacial, entre otros. Su enfoque reciente ha sido la investigación en ciberseguridad ofensiva y defensiva en tecnologías aeroespaciales e inteligencia artificial. x000D Posee certificaciones destacadas como OSCE, OSCP, OSEP, OSWA, CRTO, CRTP, DSOC, entre otras. Además, es coautor de un libro centrado en ciberseguridad ofensiva con Parrot Security y miembro fundador del grupo Defcon de Costa Rica (DC11506), habiendo sido ponente en múltiples conferencias internacionales.




Hacking the First Amendment: A press photographer’s perspective on Red Teaming scenarios

Creator Talk Map Page – LVCC West-Level 3-W317-W319 (Social Engineering Community Village)
When:  Saturday, Aug 9, 10:30 – 10:55 PDT

Creator: Social Engineering Community Village

Drawing from personal experience as a press photographer, this talk highlights the underexplored attack surface created by media access at high profile events like concerts, sporting events and political rallies. We explore how the press badge can become a powerful tool in the hands of a red teamer. By taking into account elements of OSINT, social engineering, and physical and network security, we focus on how lessons learned as a press photographer can directly be applied by red teamers (or threat actors!) to gain a foothold. Once that is achieved, individuals can embed themselves directly within high-visibility individuals and high-value, sensitive devices associated with professional sports teams, musicians and bands, and political leaders and lawmakers. The talk also discusses the importance of looking at the ‚Äòbigger picture‚Äô, and being aware of threats where people may not consider them to come from. Inspired by the spirit of Johnny Long‚Äôs No Tech Hacking, this talk examines how low-tech, high-ingenuity approaches continue to be in a hacker’s arsenal. It makes the case that media impersonation is a serious but overlooked threat vector, and one that allows attackers to bypass traditional perimeters.


People:
    SpeakerBio:  Mansoor Ahmad

Mansoor Ahmad is an offensive security practitioner who has always had a curiosity about how things worked. He studied information technology and worked as a news photographer in college. A quiet kid growing up in a foreign country, he would always accompany his father on errands and observe people’s reactions to different things and the psychology behind it. This started an itch which he has been scratching since then, that has led to a career in information security. When he’s not working, eating or sleeping, Mansoor likes to practice photography and taking naps.

SpeakerBio:  Brad Ammerman

Brad Ammerman, a leading figure in security testing, currently serves as the Senior Director at Prescient Security. His background includes influential roles at companies like Foresite, Optiv Security, Lockheed Martin, DIA, DoD, and Supreme Court of Nevada, where he developed his expertise in offensive security and team management. A skilled hacker himself, Brad is also a recognized speaker, educator, mentor, and disabled veteran, dedicated to teaching and protecting others. He takes great pride in his roles as a devoted husband and father.




Hacking the Nautical Rules of the Road: Turn Left for Global Pwnage

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Friday, Aug 8, 17:30 – 17:59 PDT

Creator: Maritime Hacking Village

As part of their training and certifications, most professional mariners memorize the ‘nautical rules of the road’. The International Regulations for Preventing Collisions at Sea (COLREGs), form the foundation of maritime safety by establishing predictable behaviors and shared responsibilities between vessels. This a system with built-in protection and fall-back plans, tried and tested over a long history. But for hackers or cyber defenders—who might not know starboard from Starbucks— understanding these norms may mean the difference between big effect or no effect. Our talk focuses on one memorable guideline that ship drivers often fall back on: Don’t Turn To Port (unless you’re absolutely sure it’s safe). There is plenty of good research out there about how cyber-physical systems such as rudder angle controllers can be manipulated on manned and unmanned systems. There is good writing on the threats unique to maritime choke points. But agnostic to the location, why would cyber manipulation of a rudder to induce a port turn be worse than a starboard one? Our talk will touch briefly on how the rules influence legal liability for collisions at sea, and conclude with encouragement for people to learn the rules of the road and further their own journey in understanding the maritime profession.

Links:
    maritimehackingvillage.com/dc33/talks – https://maritimehackingvillage.com/dc33/talks

People:
    SpeakerBio:  Amp, Co-Host of The Material Condition Podcast

AMP spent 10 years driving ships around the globe—now captains a CTF team instead. With an undergrad in electrical engineering and working on a master’s in info systems engineering, AMP made the jump from maritime grit to digital ops, bringing salty sea stories and a screwdriver to every hacking challenge. They’ve co-hosted episodes of Sea Control (CIMSEC) and The Yoke Report, poking at the strange edges of maritime security, cyber policy, and why everything breaks at 2 AM. Into hardware hacking, retro gaming, and running text-based RPGs.

SpeakerBio:  Data, Director of Cyber & Technology

data is a retired Air Force Cyber Warfare Officer with over 20 years of operational experience. He’s a CNODP and RIOT grad with a Comp Sci BS from the USAF Academy and a Master’s in Cyber Ops from the Air Force Institute of Technology. He’s been certified in all 3 NSA Red Team work roles, all 3 offensive SIGINT work roles, qualified in all 6 Cybercom offensive work roles and personally engaged real-world, nation-state-level actors, malware and targets in air, land, sea, space & cyberspace both offensively and defensively. And he’s done so with the US, UK, Canada, Australia and New Zealand. He also helped make those cool starship badges you’ve seen around DEFCON.




HAM RADIO VS. OPPRESSION – HOW THE AIRWAVES DEFY CENSORSHIP

Creator Talk Map Page – LVCC West-Level 3-W320 (Ham Radio Village)
When:  Saturday, Aug 9, 11:00 – 11:45 PDT

Creator: Ham Radio Village

In this talk, we’ll explore how Ham radio can help facilitate open and uncensored communications in situations where traditional communications strictly controlled or even blacked out.

With risks presented by the current global political landscape, Ham radio (amateur radio) has been a powerful tool for communication, especially where governments impose strict control over traditional and digital communication channels.


People:
    SpeakerBio:  Nate “N8MOR” Moore

Nate Moore, call sign N8MOR, is an active member of the Ham Radio Village. He serves on the club’s board and has contributed to various club activities.

Professionally, Nate has over 25 years of experience in the Information Security field and holds multiple certifications. He has shared his expertise with the amateur radio community through presentations on cybersecurity as well as the amateur radio hobby.




Handcuffs for beginners

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-701 (Lock Pick Village)
When:  Saturday, Aug 9, 11:30 – 11:50 PDT

Creator: Lock Pick Village

Want to learn how to pick handcuffs? This talk is for you!


People:
    SpeakerBio:  Steven
No BIO available



Hard Hat Brigade Creations Q&A

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Friday, Aug 8, 13:15 – 13:59 PDT

Creator: Hard Hat Brigade

HHB goes over hard hats, construction, and all the hackery things people have done with them


People:
    SpeakerBio:  MrBill, Founder at Hard Hat Brigade

MrBill started Wardriving in 2003 after attending DC11 and started contributing to Wigle in 2007. He took a break for about a decade (kids) and started up again in 2017 in earnest, and later founded the HardHatBrigade WiGLE group. He passed D4rkM4tter in the global rankings around 2022 and continues to trail @CoD_Segfault in their race to 1 Million WiGLE points. He is often seen at security conferences with a hard hat, mostly with some sort of wardriving functionality. Join him and the rest of the HHB crew in the 24 Hour wardriving event in October.

SpeakerBio:  M0nkeyDrag0n, Organizer at Hard Hat Brigade

M0nkeydrag0n plays a blue teamer by day and a Hard Hat Bridage member in the after hours. Having spent a decade in IT support before shifting to his current role, m0nkeydrag0n has spent the last few years growing professionally as a cyber security engineer and endeavors to share tactics, approaches and stories with those looking to make that shift into security as well…or any pivot for that matter!

Lately, rediscovering R/C vehicles as allowed him to take flight, if only by FPV. But playing with RF is always fun, whether it’s trying to catch folks on WiGLE, designing cases for wardriving kits, earning his ham tech cert or just enjoying motorcycles for a long ride…and internet points!

Come wardrive with the Hard Hat Brigade!

SpeakerBio:  Hydrox, Organizer at Hard Hat Brigade
No BIO available
SpeakerBio:  CoD_Segfault, Organizer at Hard Hat Brigade

CoD_Segfault first went wardriving around 2004, but really kicked up the game in 2021 when joining HardHatBrigade on WiGLE. By 2023, his focus shifted to smaller and more portable wardriving solutions suitable for walking and bike riding. Notable works include ultra small ESP32 wardrivers based on the wardriver.uk project and creation of the BW16-Open-AT project to improve network identification and remove reliance on the closed-source AT firmware.




Hard Hat Brigade Organizer Panel

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Saturday, Aug 9, 15:00 – 15:45 PDT

Creator: Hard Hat Brigade

Origins of Hard Hat Brigade (why), the who / what / how


People:
    SpeakerBio:  MrBill, Founder at Hard Hat Brigade

MrBill started Wardriving in 2003 after attending DC11 and started contributing to Wigle in 2007. He took a break for about a decade (kids) and started up again in 2017 in earnest, and later founded the HardHatBrigade WiGLE group. He passed D4rkM4tter in the global rankings around 2022 and continues to trail @CoD_Segfault in their race to 1 Million WiGLE points. He is often seen at security conferences with a hard hat, mostly with some sort of wardriving functionality. Join him and the rest of the HHB crew in the 24 Hour wardriving event in October.

SpeakerBio:  M0nkeyDrag0n, Organizer at Hard Hat Brigade

M0nkeydrag0n plays a blue teamer by day and a Hard Hat Bridage member in the after hours. Having spent a decade in IT support before shifting to his current role, m0nkeydrag0n has spent the last few years growing professionally as a cyber security engineer and endeavors to share tactics, approaches and stories with those looking to make that shift into security as well…or any pivot for that matter!

Lately, rediscovering R/C vehicles as allowed him to take flight, if only by FPV. But playing with RF is always fun, whether it’s trying to catch folks on WiGLE, designing cases for wardriving kits, earning his ham tech cert or just enjoying motorcycles for a long ride…and internet points!

Come wardrive with the Hard Hat Brigade!

SpeakerBio:  Hydrox, Organizer at Hard Hat Brigade
No BIO available
SpeakerBio:  CoD_Segfault, Organizer at Hard Hat Brigade

CoD_Segfault first went wardriving around 2004, but really kicked up the game in 2021 when joining HardHatBrigade on WiGLE. By 2023, his focus shifted to smaller and more portable wardriving solutions suitable for walking and bike riding. Notable works include ultra small ESP32 wardrivers based on the wardriver.uk project and creation of the BW16-Open-AT project to improve network identification and remove reliance on the closed-source AT firmware.




Here and Now: Exploiting the Human Layer at the Right Moment

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Saturday, Aug 9, 12:30 – 12:59 PDT

Creator: Adversary Village

Gaining access isn’t always about having the perfect pretext. Sometimes, it’s about recognizing subtle shifts in the environment, reading behavioral cues, and adapting on the fly. The best social engineers, like master photographers, don’t just plan—they wait for the decisive moment and take action when the time is right.

This session unpacks a real-world infiltration where success wasn’t about meticulous scripting, but about understanding when and how to pivot in real time. By integrating principles from photography, literature, theater, and deception, we explore how presence, timing, and perception shape the art of infiltration.


People:
    SpeakerBio:  Daniel Isler, Awareness & Social Engineering Consultant – Team Leader – Dreamlab Technologies

Bachelor in Arts of Representation. With certifications in Social Engineering, Red Team & OSINT. Team Leader of Fr1endly RATs, the Social Engineering unit at Dreamlab Technologies Chile. Specializing and developing techniques and methodologies for simulations of Phishing attacks, Vishing, Pretexting, Physical Intrusions and Red Team.




Hijacking AI Agents with ChatML Role Injection

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Saturday, Aug 9, 14:40 – 15:10 PDT

Creator: AppSec Village

Large-language-model wrappers increasingly rely on the “ChatML” format to segregate system, assistant, and user roles, yet those delimiters introduce a critical appsec flaw: there is a role hierarchy but no ChatML/server-side RBAC or parameter-level trust boundary built in to ChatML or its chat-completions JSON wrapper. Any client that can speak ChatML can also impersonate privilege, similar to the logical flaws of early-2000s webapps. To make it worse: everybody and their mother forked this thing with roles/privileges but no built-in RBAC pioneered by leading model providers.

In twenty minutes we will walk through the anatomy of that oversight and unveil three vendor-agnostic role-injection techniques that bypass guardrails, trigger unbounded consumption, and hijack function calls in under 50 tokens. We then pivot to parameter pollution, showing how key overrides (temperature, system, tools) can be further used to abuse agents.

OWASP AAI001: Agent Authorization and Control Hijacking


People:
    SpeakerBio:  Anit Hajdari

Hi, I’m Anit Hajdari, a Security Consultant at Sentry with nearly two years of hands-on experience in the cybersecurity field. Throughout my career, I’ve been involved in a wide range of security assessments, including internal and external network penetration testing, as well as web and mobile application security evaluations. More recently, I’ve expanded my expertise into the emerging area of Large Language Model (LLM) penetration testing, staying ahead of the curve as AI technologies evolve. My work focuses on identifying vulnerabilities, delivering actionable insights, and helping organizations strengthen their overall security posture.

SpeakerBio:  Armend Gashi

Armend Gashi is Managing Security Consultant at Sentry. With over 5 years in the industry, he specialized in application security and AWS cloud assessments. Armend also performed AI red teaming engagements and developed multi-agent systems to perform security-focused tasks such as code auditing and exploit development.

SpeakerBio:  zizkill

Robert Shala is co-founder of Sentry, where he leads 50 security consultants and has delivered 2000-plus red-team and appsec engagements for some of the world largest organizatons. He also contributes as a AI Red Teamer for a major AI model developer, probing frontier models for safety and security flaws.

Robert holds an M.S. in Security Studies from Georgetown, a B.S. from RIT, and has a passion for wargaming.




History and Significance of the Top to Bottom Review (TTBR) and the Post Election Audit Standars Working Group (PEASWG)

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Friday, Aug 8, 13:30 – 14:30 PDT

Creator: Voting Village

This presentation will describe the history and significance of the California Top to Bottom Review (TTBR), the landmark study of voting systems whose report disclosed many serious security vulnerabilities in the systems used in California and led to changes in the systems certified for use in that state. The talk will also cover that study’s lesser-known but equally important cousin, the Post Election Audit standards Working Group, whose report gave rise to the fundamental concept of risk limiting audits (RLAs).

Links:
    en.wikipedia.org/wiki/Debra_Bowen – https://en.wikipedia.org/wiki/Debra_Bowen

People:
    SpeakerBio:  Debra Bowen, The Honorable

Debra Bowen was the elected Secretary of State of California for two terms from 2007 to 2015. Prior to that, from 1992 to 2006, she had been a member of the California Assembly and then the Senate. In 2007, at the beginning of her term as Secretary of State, she commissioned the Top to Bottom Review (TTBR) of voting systems used in California. The review involved top computer security researchers, attorneys, and accessibility experts, and provided the nation with an unprecedented view into the state of voting machines. The TTBR led to critical changes to improve California’s elections and influenced other states to move away from the most insecure voting systems. In parallel she commissioned the Post Election Audit Standards Working Group (PEASWG), a group of experts charged with outlining standards for election auditing. From their report emerged the very first formal description of what came to be known as risk-limiting audits (RLAs), now widely viewed as the “gold standard” of auditing techniques. RLAs make the notions of evidence-based elections and software independence, two of the fundamental pillars of election integrity, an achievable goal.For her “bold leadership and her steadfast resolve to protect the integrity of the vote” she was honored with a 2008 Profile in Courage Award by the John F. Kennedy Presidential Library and Museum.




Hooks and Hooks: How AI Is Revolutionizing Both Phishing Attacks and Our Defenses

Creator Talk Map Page – LVCC West-Level 3-W322-W324 (Blacks In Cyber Village)
When:  Friday, Aug 8, 10:00 – 10:59 PDT

Creator: Blacks In Cyber Village

This thought-provoking session dives into the dual-edged role of artificial intelligence in the phishing ecosystem. On one side, AI is enabling attackers to craft more convincing and scalable phishing campaigns, making detection increasingly difficult. On the other, it’s empowering defenders with smarter tools for real-time detection, adaptive filtering, and behavioral analysis. Attendees will gain insight into how AI is transforming both offensive and defensive strategies—and what that means for the future of cybersecurity.


People:
    SpeakerBio:  Levone Campbell

Levone is a recognized cybersecurity expert specializing in the intersection of artificial intelligence and social engineering attacks. With over 18 years of experience in threat intelligence and defensive strategy development, Levone has advised Fortune 500 companies and government agencies.




How AI + Hardware can Transforming Point-of-Care Workflows

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Saturday, Aug 9, 15:00 – 15:30 PDT

Creator: Biohacking Village

The Bio / medical industry creates huge amounts of data—vital-sign streams, imaging, clinician notes— Knowledge base requirements are very heavy, so a little help from a specialized llm can boost the productivity alot. Our new layered technology, accomplishes just this

Hardware layer: A customized CM5 board, an RP2040 co-processor, and a sunlight-readable E-ink display strike the sweet spot LLM entirely on-device + many other transcription models + TTS models.

Software layer – Our “MCP Hub” turns plain-language requests like “track heart rate every five minutes” into a reliable data log, even when Wi-Fi is down. With the help of AI coding, any sensor can start to work within 5min.


People:
    SpeakerBio:  PamirAI

Kevin & Tianqi are veteran engineers from Microsoft Surface devices and Qualcomm’s efficient-AI—that is miniaturizing enterprise-grade inference into badge-sized hardware, they designed the hardware + software of distiller, and enclosure to squeeze 3-billion-parameter language models into a 10-Watt, pocket-safe form factor, giving clinicians instant, private access to AI reasoning right at the bedside.




How API flaws led to admin access to over 1,000 USA dealers and control over your car

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Friday, Aug 8, 12:30 – 12:59 PDT

Creator: Car Hacking Village

Many automotive dealers in the USA utilize centralized platforms for everything from sales to service to marketing. The interconnectivity of various systems makes things easy to manage, but also exposes certain risks should any of these systems have a vulnerability. API flaws were discovered in a top automaker’s dealer platform that enabled the creation of a national admin account. With that level of access, being able to remotely take over your car was only the tip of the iceberg…


People:
    SpeakerBio:  Eaton Zveare, Senior Security Research Engineer at Traceable by Harness

Eaton is a senior security research engineer at Traceable by Harness. As a member of the ASPEN Labs team, he has contributed to the security of some of the world’s largest organizations by finding and responsibly disclosing many critical vulnerabilities. He is best known for his high-profile security disclosures in the automotive space: 1, 2, 3.




How Computers Kill People: Marine Systems

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Saturday, Aug 9, 10:30 – 10:59 PDT

Creator: Maritime Hacking Village

As digital systems increasingly control the world’s most powerful machines, software failures have become a silent but deadly threat—sometimes with fatal consequences. This DEFCON presentation dives deep into maritime and military incidents where software errors, automation missteps, and human-computer interface flaws have led to catastrophic outcomes. Reviewing the USS Yorktown’s infamous “Smart Ship” crash and the USS Vincennes’ tragic misidentification of a civilian airliner, we dissect how code, configuration, and design choices can escalate into life-or-death situations at sea. We’ll also draw parallels to high-profile aviation incidents like the Boeing 737 Max and F-35, illustrating common threads in software assurance failures across domains. We’ll walk through how a subtle software flaw could be exploited to disrupt critical vessel operations, and what this means for the future of maritime cybersecurity. Attendees will gain insight into the technical, organizational, and ethical challenges of securing mission-critical systems, and leave with practical takeaways for hackers, engineers, and policymakers seeking to prevent the next digital disaster on the high seas.

Links:
    maritimehackingvillage.com/dc33/talks – https://maritimehackingvillage.com/dc33/talks

People:
    SpeakerBio:  Michael DeVolld, ABS Group

With 25 years of experience in the maritime sector, Michael is dedicated to ensuring the safety and security of the global Maritime Transportation System (MTS). A retired US Coast Guard Officer, he has conducted numerous safety and compliance inspections, investigated high-profile marine casualties, and established a cybersecurity program at USCG Cyber Command. Previously, as a Business Information Security Officer for Royal Caribbean Group, Michael developed strategies to maintain the cybersecurity and regulatory compliance of the company’s global cruise fleet. Holding a B.S. in Computer Science and an M.S. in Telecommunications, he currently serves as ABS Consulting’s Maritime Cybersecurity Director. In this role, he specializes in managing cyber risks, implementing technical solutions, shaping policy and governance, providing expert advisory services, and designing custom solutions to meet maritime regulatory requirements and best practices.

SpeakerBio:  Austin Reid, ABS Group

Austin Reid is a senior consultant at ABS Consulting specializing in securing maritime operational technology with 10 years experience in the Maritime sector from breakbulk, automated container terminal ops, and securing critical vessel systems for all types of ships. He is also a hacker, and security researcher specializing in maritime navigation control systems.




How Extra Features In Contactless Payments Break Security And What We Can Do About it.

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Friday, Aug 8, 11:00 – 11:59 PDT

Creator: Payment Village

In this talk I’ll describe our investigation of ad-hoc, proprietary EMV features from Apple, Google, Samsung and Square and show that companies independently retrofitting and over-loading the core EMV specification has led to a range of security problems. Along the way I’ll show how we managed to do unauthenticated, over-the-limit, offline payments for Mastercard and ultimately take 25000 from an EMV terminal with no payment card at all.  On the defense side I’ll discuss how formal modeling can make EMV payments safer and I’ll describe our distance bounding amendment to the ISO 14443 standard that could make all EMV payments safer.


People:
    SpeakerBio:  Tom Chothia, Professor in Cyber Security at School of Computer Science, University of Birmingham

Tom Chothia is a Professor of Cyber Security at the University of Birmingham, UK. His research involves the development of new mathematical analysis techniques, and the application of these techniques to real world cyber security problems. His past work on the security of EMV, ApplePay, banking apps, pacemakers and video game cheats have all received widespread media coverage.




How Ham Radio supported 911 25 years

Creator Talk Map Page – LVCC West-Level 3-W320 (Ham Radio Village)
When:  Friday, Aug 8, 13:00 – 13:30 PDT

Creator: Ham Radio Village

in this talk we review how amateur radio were used in the relief effort in NYC Sept 11.

What do you do when major Communications are disrupted and how amateur radio came to the rescue. We will talk about all the technology that was user to support the relief effort. Staffing requirements and jobs that Ham Radio operators did, challenges and solution for working a Major disaster will be covered. Lessons learned and opportunities for you to become involved in emergency communications.




How Not to IoT: Lessons in Security Failures

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Saturday, Aug 9, 10:00 – 10:59 PDT

Creator: Embedded Systems Village

Welcome to the “fun” world of IoT, where security is often an afterthought and vulnerabilities lurk around every corner. This presentation is a guide for vendors on what not to do when designing IoT devices and a survival manual for users to spot insecure gadgets. Ever wondered if your IoT device is spilling your home WiFi secrets to the cloud over HTTP? Spoiler alert: maybe 🙂 Pairing your device over open WiFi and HTTP while providing your home WiFi credentials? Just to vacuum clean your home?
How about IoT devices lying about their Android version? But don’t worry, it already comes with malware pre-infected. Wouldn’t it be nice to access the clear-text admin passwords before authentication? How about multiple different ways to do that? Would you like to see reverse engineering an N-day command injection vulnerability in the login form of a popular NAS device? What could be the easiest way to figure out the (static) AES encryption key for a home security alarm solution? Just RTFM! Why bother with memory corruption when command injection is still the king of IoT threats? I’ll break it down for you, with an analysis of challenges with scalable IoT memory corruption exploits, and the challenges with blind ROP. Last but not least, let’s discuss why Busybox is “not the best” choice for IoT development.


People:
    SpeakerBio:  Zoltan “zh4ck” Balazs, Principal Vulnerability Researcher at CUJO AI

Zoltan (@zh4ck) is a Principal Vulnerability Researcher at CUJO AI, a company focusing on smart home security. Previously he worked as a CTO for an AV Tester company, as an IT Security expert in the financial industry, and as a senior IT security consultant. He is also the developer of the Hardware Firewall Bypass Kernel Driver (HWFWBypass), the Encrypted Browser Exploit Delivery tool (#IRONSQUIRREL) and the Sandbox tester tool to test Malware Analysis Sandboxes, and is partially “responsible” for an IoT botnet infecting 600K devices.

I am a big fan of offsec certs, currently holding OSEP, OSED, OSCE, OSCP, and OSWP.




How NOT to Perform Covert Entry Assessments by WeHackPeople.com

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Saturday, Aug 9, 12:00 – 12:59 PDT

Creator: Physical Security Village

“How NOT to Perform a Covert Entry Assessment” is a no B.S. discussion that covers what not to do during covert entry engagements–highlighting real-world mistakes, busted Hollywood myths, and missteps that compromise success. We’ll walk through effective techniques for physical site surveys, face-to-face social engineering, and real-time troubleshooting when things go sideways. Attendees will be encouraged to share experiences and lessons learned in an open, interactive format. We’ll also demo our covert entry tools, and discuss how to deliver reliable results to both commercial and high-security government clients.

Links:
    wehackpeople.wordpress.com/2025/06/20/def-con-33-how-not-to-perform-covert-entry-assessments/ – https://wehackpeople.wordpress.com/2025/06/20/def-con-33-how-not-to-perform-covert-entry-assessments/

People:
    SpeakerBio:  Brent White, WeHackPeople.com / Dark Wolf Solutions

Brent is a Sr. Principal Security Consultant / Covert Entry Specialist with Dark Wolf Solutions, specializing in social engineering and Red Team-style security assessments for both commercial and Department of Defense clients, as well as his contributions towards the development the drone hacking methodology for the Defense Innovation Unit’s “Blue sUAS” initiative. He also served as a trusted adviser for the TN Dept of Safety and Homeland Security on the topic of physical and cyber security and has held the role of Web/Project Manager and IT Security Director for a global franchise company as well as Web Manager and information security positions for multiple TV personalities.

He has also been interviewed on the popular web series, “Hak5” with Darren Kitchen, Security Weekly, BBC News, featured with Tim Roberts on the popular series “ProfilingEvil” by Mike King, and on Microsoft’s “Roadtrip Nation” television series. His experience includes Internal/External Penetration, Network evasion, Wireless, Web Application, Drone and Physical Security assessments, and Social Engineering.

Brent has also spoken at numerous security conferences, including ISSA International, DEF CON, Black Hat, DerbyCon, multiple “B-Sides” conference events, Appalachian Institute of Digital Evidence conference at Marshall University, and many more.

SpeakerBio:  Tim Roberts, WeHackPeople.com / Dark Wolf Solutions

Tim is a Covert Entry Specialist with Dark Wolf Solutions and Sr. Principal Penetration Tester. He is the founding member of the Lexington DEF CON group (DC859). He has been interviewed on the subject of “White hat hacking” for Microsoft’s “Roadtrip Nation” television series, was featured on IDG Enterprise’s CSO Online publication by Ryan Francis on social engineering, and was interviewed at Black Hat by HelpNetSecurity on security awareness and “Know Your Adversary”. He and Brent White have also been featured a couple of times on the true crime series Profiling Evil with Mike King.

Tim has over fifteen years of professional security experience and has held management, IT, and physical security roles across multiple industries, including healthcare, finance, and government. His experience includes Red Team, Internal/External Network, Wireless, Application, Physical Security, Social Engineering, and more.

Tim has spoken and conducted training at numerous security and hacker conferences, including ISSA International, DEF CON, DerbyCon, NolaCon, various B-Sides, CircleCityCon, Techno Security Con, SaintCon, Appalachian Institute of Digital Evidence at Marshall University, Who’s Your Hacker, was keynote for the S&H Law – FBI/Hacker Panel, and more. By continuing to share these experiences, he hopes to further contribute to the InfoSec community and security awareness as a whole.




How the DMCA Security Research Exemption Affects Election Security Research

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Saturday, Aug 9, 13:30 – 14:30 PDT

Creator: Voting Village

The US Digital Millennium Copyright Act (DMCA) broadly prohibits defeating technical measures used to protect copyrighted material, including software. Unfortunately, this can encompass ordinary reverse-engineering and other techniques routinely employed by researchers to examine software-based systems for security vulnerabilities. In 2017, the US Copyright Office enacted a temporary exemption permitting “good faith security research” under some circumstances. This talk will explore what conduct the exemption does and doesn’t cover, and how the exemption helps protect the ability for election security researchers to do their work. The talk will include generous time for questions.

Links:
    www.eff.org – https://www.eff.org

People:
    SpeakerBio:  Tori Noble, Electronic Frontier Foundation

Tori Noble is a Staff Attorney at the Electronic Frontier Foundation. She works on a wide array of intellectual property and civil liberties issues arising from the use of emerging technologies. Tori came to EFF from Dentons US LLP, where she maintained an active litigation and counseling practice centered on First Amendment, privacy, and intellectual property issues. Prior to joining Dentons, Tori worked as a First Amendment fellow at First Look Institute, where she represented The Intercept and its reporters in public records cases and counseled journalists, editors, and filmmakers on a wide range of newsgathering, libel, privacy, and intellectual property issues. During law school, Tori interned at EFF and served as a Google Policy Fellow at the Reporters Committee for Freedom of the Press. Tori holds a J.D. from Stanford Law School and a B.A. from the University of Michigan Gerald R. Ford School of Public Policy.




How to Become One of Them: Deep Cover Operations in Cybercriminal Communities

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Saturday, Aug 9, 16:35 – 17:20 PDT

Creator: Recon Village

HUMINT is one of the most powerful, yet least understood tools in cyber threat intelligence. This talk will walk through the full lifecycle of a deep cover HUMINT operation—from identifying high-value sources, to crafting believable personas, navigating forum dynamics, and extracting intelligence through direct engagement with threat actors. We’ll explore how these operations provide early warning of attacks, insights into actor motivations, and access to tools before they’re deployed. But going undercover isn’t without risk. We’ll cover the technical and psychological challenges, OPSEC fundamentals, and ethical dilemmas that define this high-stakes work. Attendees will learn how to map underground communities, build credibility, and collect actionable intelligence without blowing cover. With real-world examples and field-tested strategies, this session offers a rare look inside the human side of CTI—where trust, deception, and tradecraft matter more than tooling. For anyone serious about adversary engagement, this is where the automation ends—and infiltration begins.


People:
    SpeakerBio:  Sean Jones

Sean Thomas Jones is an accomplished Senior Information Security Professional with decades of experience in successfully stopping hackers, securing networks and applications by using best practices, tools and technologies. He currently works as a Sr Manager with a Threat Intelligence Analyst team to protect the cyber and physical assets of governmental, corporate and high profile individuals.

SpeakerBio:  Kaloyan Ivanov
No BIO available



How We Protect Cat Memes from DDoS

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Friday, Aug 8, 15:30 – 15:59 PDT

Creator: DDoS Community

Join us to explore Reddit’s defense strategy to handle massive traffic and sophisticated abuse. We’ll delve into how Reddit tackles this challenge, from traffic analysis to innovative resiliency techniques, all while understanding why a tailored, in-house approach is vital for such a high-scale platform.


People:
    SpeakerBio:  Spencer “securimancer” Koch
No BIO available
SpeakerBio:  Pratik Lotia, Reddit
No BIO available



How zkVMS and zkTLS Transform Exploit Markets

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-403 (Crypto Privacy Village)
Creator: Crypto Privacy Village

The current bug bounty ecosystem thrives on collaboration between security researchers and organizations, yet it fundamentally hinges on mutual trust. Researchers are required to disclose detailed information about vulnerabilities, often exposing sensitive exploit data, while organizations must trust the accuracy and integrity of these disclosures. This trust-dependent model poses significant risks, including potential misuse of exploit information and uncertainties in reward allocations.

This presentation introduces innovative applications of zero-knowledge proofs through zkVMS (Zero-Knowledge Virtual Machines) and zkTLS (Zero-Knowledge Transport Layer Security) to revolutionize bug bounty programs. With zkVMS, researchers can cryptographically prove the existence of software vulnerabilities without revealing the exploit code or any sensitive details. Similarly, zkTLS enables the cryptographic verification of network interactions—such as HTTP requests leading to SQL injections—without disclosing the actual payloads involved.

We will delve into how these technologies eliminate the need for trust by allowing proof of vulnerabilities in a manner that protects both the researchers’ methods and the organizations’ assets. The session includes a live demonstration showcasing the practical implementation of trustless bug bounties using zkVMS and zkTLS. Attendees will gain insights into the technical mechanisms underpinning these tools and their profound implications for the future of secure, trustless collaboration in cybersecurity.

Join us to explore how zero-knowledge technologies are paving the way towards a new paradigm in vulnerability disclosure—one that enhances security while preserving confidentiality and integrity for all parties involved.


People:
    SpeakerBio:  Anto Joseph, Principal Security Engineer at Eigen Labs

Anto Joseph works as a Principal Security Engineer at Eigen Labs. He enjoys researching distributed systems,DeFi protocols,Android and ML systems.He is involved in developing and advocating security in blockchains & DeFi. Previously, he has worked at Coinbase, Tinder, Intel, Citrix and E&Y in multiple information security roles.He has been a presenter and trainer at various security conferences including BH USA, Defcon, BruCon, HackInParis, HITB Amsterdam, HackLu, Hacktivity, PHdays, X33fCon, NullCon, c0c0n and more. He is an active contributor to many open-source projects and some of his work is available at https://github.com/antojoseph




Hull Integrity: Applying MOSAICS to Naval Mission Systems

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Friday, Aug 8, 10:30 – 10:59 PDT

Creator: ICS Village

As the lines between IT and operational technology continue to blur, our Naval fleet faces a growing attack surface from propulsion and power to weapons and control systems. Enter MOSAICS Block 1, a Department of Defense framework for operational technology security to ensure real-time monitoring, safe active asset discovery, and behavioral threat detection tailored for mission-critical ICS. In this session, we will walk through how MOSAICS is being applied to Naval mission systems, highlighting Department of the Navy use cases. We will break down the reference architecture and offer candid insights on adapting this framework to protect legacy systems at sea without compromising lethality. This talk is for ICS defenders, red teamers, and cyber policy leaders who want a front-row view into how the Department of the Navy is operationalizing OT security at scale.


People:
    SpeakerBio:  Michael Frank

Mr. Michael Frank is currently serving as the Deputy Chief Technology Officer for the Department of the Navy, responsible for identifying and assessing emerging technology. Prior to this role, Mr. Frank was a Principal with the Boston Consulting Group, helping public and private organizations solve technology related problems. Mr. Frank is also an Officer in the Marine Reserves, currently leading the Cybersecurity portfolio for the Marine Innovation Unit. He has served as the Red Cell lead for Exercise Cyber Yankee for the last five years. Mr. Frank holds an MS in Information Security from Carnegie Mellon University, an MBA from the Darden School of Business, and a BA in Accounting from Washington and Jefferson College.




Human factors and safety critical aspects of man-machine interfaces

Creator Talk Map Page – LVCC West-Level 2-W234 (Policy @ DEF CON)
When:  Friday, Aug 8, 15:30 – 16:15 PDT

Creator: Policy @ DEF CON

Zero Trust is a powerful concept—but when applied to certified avionics, it can become a safety hazard masquerading as a security control. This talk confronts the policy disconnect between modern cybersecurity mandates and the engineering realities of aircraft systems. We’ll explore how compliance-driven frameworks like NIST SP 800-207, when misapplied, introduce latency, complexity, and certification friction into environments where failure modes are measured in lives, not log files. Through real-world case studies, including GPS spoofing incidents and the F-35B ejection, we’ll examine how policies intended to improve resilience can degrade mission assurance. Attendees will leave with a better understanding of where Zero Trust principles can improve aerospace security and where policy must adapt to the constraints of safety-critical design. If your compliance checklist doesn’t include cognitive load, deterministic timing, or the cost of recertification, this talk is your turbulence warning.


People:
    SpeakerBio:  Michael Crouse, Aircraft Embedded Systems Cybersecurity Expert

Michael Crouse is a CFII-rated instructor pilot, avionics tinkerer, and cybersecurity strategist specializing in safety-critical systems. With nearly two decades of experience securing U.S. Air Force aircraft, he’s designed, assessed, and defended everything from bomber avionics to anti-tamper and ground systems. He’s served as a lead embedded engineer, ISSM, systems integrator, and unwilling participant in far too many working groups that could’ve been emails. He’s built homebrew avionics, run RF threat detection from a hangar, and developed cyber controls that fail gracefully—even when the rest of the mission doesn’t. His certifications include CISSP, CEH, CFI, and Amateur Radio General Class (because some “wireless” attack surfaces still ride HF). He holds an M.S. in Cybersecurity (completed in just three weeks, because why not). He brings the mindset of a pilot, the discipline of a systems engineer, and the deep disappointment of someone who’s watched Zero Trust get bolted onto safety-critical systems with all the subtlety of a cargo door falling off at cruise.




Hung out to dry: Airing the dirty laundry of stored value washing cards

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-803 (Radio Frequency Village)
When:  Friday, Aug 8, 17:00 – 17:55 PDT

Creator: Radio Frequency Village

This talk details a comprehensive reverse engineering analysis of stored-value laundry cards, prevalent in facilities worldwide. The widespread adoption of localised contactless payment solutions, attributed to their convenience, necessitates understanding their internal operations. This analysis explores the mechanisms behind value storage and modification within these cards. During this investigation, a data structure was identified that presented a significant vulnerability. The implications of this vulnerability raise serious concerns, which extend beyond laundry facilities, potentially impacting the security of similar contactless systems globally.


People:
    SpeakerBio:  Aidan Nakache

Aidan is a 16-year-old cybersecurity researcher and hardware hacker with a focus on RFID, reverse-engineering, and access-control systems. He developed the Metroflip app for the Flipper Zero, enabling metro-card interaction, and has also cloned AirTags onto microcontroller boards using BLE and reverse-engineering techniques. Aidan competes in CTFs, earning second place at Bsides Las Vegas, and shares his open-source work on GitHub (luu176) to connect with like-minded peers.

SpeakerBio:  Equip

Equip is an access control researcher based in Britain, with a focus on RFID systems. Known for his hands-on approach, he’s often found experimenting with RF tech and spreading the good word. Equip is an active contributor in RFID-focused Discord communities, where he regularly helps others troubleshoot and learn. He shares his RFID projects and discoveries on GitHub & Gists, making his work accessible for others in the field.




Hunting Advanced Mobile Vulnerabilities with AI

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C106 (Mobile Hacking Community)
When:  Saturday, Aug 9, 11:30 – 12:30 PDT

Creator: Mobile Hacking Community

What if AI could perform autonomous vulnerability research? In this talk, we explore how close we are to that future and what it takes to get there.

We demonstrate how AI agents, powered by LLMs and custom tooling, can analyze Android applications, uncover advanced vulnerabilities, and assist in exploit development. Starting with our open-source JADX MCP plugin (https://github.com/mobilehackinglab/jadx-mcp-plugin) for static analysis, we show how AI can reason about app structure and already find real-world vulnerabilities.

This presentation walks through lessons learned, and what’s possible when you stop treating AI as just a chatbot.


People:
    SpeakerBio:  Umit Aksu, Mobile Hacking Lab

Umit Aksu is the founder of Mobile Hacking Lab, the leading platform for hands-on offensive mobile security training. With over a decade of experience in offensive security, reverse engineering, and vulnerability research, Umit has led red teams, built security programs at companies like Microsoft and ING Bank, and trained hundreds of professionals through Black Hat USA, Black Hat Asia, and his own platform.

He is also the creator of Djini AI, a cutting-edge platform that automates vulnerability discovery in closed-source mobile apps and firmware using agentic AI. His current research focuses on mobile fuzzing, exploitation and building automated AI systems to scale deep vulnerability discovery.




Hypervisor Hangover: Persistence Mechanisms on ESXi

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Friday, Aug 8, 11:30 – 12:10 PDT

Creator: Cloud Village
Abstract:
As FIN groups continue to execute fast-impact ransomware campaigns, Nation-State APT’s prefer long-term infrastructure control, and in both instances: hypervisors have become the new high ground. This talk will explore a set of stealthy and reliable persistence techniques targeting VMware ESXi, developed and refined through our hands-on research and real-world incident analysis.

I’ll break down five practical persistence mechanisms that allow adversaries to remain resident in virtualized environments (even through reboots, patching cycles, and partial remediation efforts). These include:

• Payload injection via local.sh and profile.local • Malicious services in /etc/init.d • Symlink hijacking of trusted binaries (like esxcli) • Custom VIB (vSphere Installation Bundle) creation and implantation

While some of these techniques have been observed in malware families like BadVIBes, VIRTUALPITA, and VIRTUALPIE, a couple others represent novel techniques we’ve weaponized in our lab environments but remain largely unobserved in the wild. Every approach is designed to leverage Living-off-the-Land (LOTL) native binaries and config paths, turning ESXi’s minimalism into an attacker’s advantage.

This talk will walk through each method with technical depth, LOTL payload examples, and visual demonstrations. I’ll also explore follow-on actions post-compromise such as ESXi firewall manipulation/DNS reconfiguration to facilitate stable C2 channels. If you’re responsible for red team ops, adversary emulation, or just curious how attackers achieve deep infrastructure persistence, this session will show you a few different ways to persist beneath the hypervisor.


People:
    SpeakerBio:  JC (Crashwire)

JC is a Cyber Threat Analyst at a cybersecurity startup and a former U.S. Air Force Special Warfare operator. He focuses in studying and modeling adversary tradecraft, internal network and hypervisor exploitation, and researching stealthy persistence techniques. A regular CTF competitor and recent contributor to the MITRE ATT&CK v17 framework, he brings a mission-focused approach to red team research and offensive security

SpeakerBio:  Nathan
No BIO available



I Can’t RE (and You Can Too!)

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Saturday, Aug 9, 12:00 – 12:59 PDT

Creator: Malware Village

A Great Talk for Aspiring Security Professionals! Discover how a hobbyist hacker —armed only with curiosity and spare time — took on an active supply-chain attack against the popular FOSS communication tool, Pidgin. In this talk, you’ll learn all about the step-by-step incident response process: from spotting red flags in the code to countering advanced social engineering ploys orchestrated by a crafty threat actor across multiple platforms. It’s a real-world example that shows how anyone — even with zero professional security background — can become an effective defender and give back to the community. If you’ve ever found yourself stuck in the frustrating loop of “How can I get a job if I have no experience because I can’t get a job?”, this session is for you.


People:
    SpeakerBio:  Johnny Xmas
No BIO available



Identity Crisis: The Unmanaged World of Azure Managed Identities

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Friday, Aug 8, 14:40 – 15:20 PDT

Creator: Cloud Village

Last year, both of us (Eliraz and Alon) participated DEF CON, and the Cloud Village was our favorite. One of the topics that was well covered in last’s year conference was the threat of Azure Managed Identities abuse. While many offensive aspects related to it were covered as part of DEFCON, and different articles and talks over the past year, the defensive aspects of it remained uncovered. This year we want to visit the cloud village again, this time sharing our research of the last 4 months, in which we will fill in this significant defensive gap to complement last year’s talks, by focusing on proactive threat-hunting techniques to identify and address Azure MI abuse. By examining common attack vectors and presenting advanced detection strategies, we aim to bridge the visibility gap and equip security teams with practical tools for forensic investigation and real-time monitoring using diverse Microsoft log sources.

We aim to empower participants with advanced strategies for leveraging Microsoft log sources, providing practical knowledge and detailed examples that span both real-time monitoring and forensic investigation. This talk is grounded in comprehensive research we’ve conducted over the past few months, during which we simulated various MI abuse scenarios and analyzed relevant logs and detection opportunities across dozens of enterprise environments. We’ve already released the first 2 parts of our research series, the first part in which we explore the blast radius of a compromised Managed Identity and the significance of NHIs (Non-Human Identities) in the broader cloud threat landscape, and the second one in which we covered threat hunting, investigation techniques, and forensic analysis of such incidents. In this talk, we will cover this and more! Attendees will leave this session equipped with key takeaways that will help them immediately recognize and respond to incidents involving compromised Managed Identities. They’ll learn how to quickly determine if an MI was involved, assess its blast radius, correlate activity across five or more Azure log sources, and use Azure-specific forensic artifacts to speed up containment and remediation. And this isn’t just for incident response teams – SOC analysts and detection engineers will gain tools and techniques for building targeted detections that bring MI-based threats into visibility. Offensive security professionals will benefit too, gaining a clearer understanding of how MIs can be abused to move laterally across Azure subscriptions, Entra ID, Microsoft 365, and even hybrid environments.

Links to our published research docs: 1. Part 1 – Azure Managed Identities internals and blast radius – https://www.hunters.security/en/blog/abusing-azure-managed-identities-nhi-attack-paths 2. Part 2 – Azure Defense – detection, hunting, and DFIR – https://www.hunters.security/en/blog/azure-managed-identity-threat-hunting-detection-methods


People:
    SpeakerBio:  Alon Klayman

Alon is a seasoned Security Researcher with nearly a decade of expertise in cybersecurity and IT, specializing in cloud security, threat research, incident response, and threat hunting. With a strong focus on Azure attacks, he authored The Human-Friendly Guide: Incident Response & Threat Hunting in Azure Cloud. Currently serving as the Security Research Tech Lead at Hunters’ Team AXON, Alon has also held key roles as a DFIR Team Leader, pentester, and cybersecurity consultant. His extensive credentials include certifications such as GCFA, GNFA, CARTP, CESP, and CRTP

SpeakerBio:  Eliraz Levi

Eliraz is a Security researcher, with 16 years of experience. Eliraz’s core expertise includes detection engineering, IR, and forensics. He’s worked on large-scale incidents, including ransom, data theft, and financial frauds. Furthermore, he’s collaborated with global enterprises on reinforcing security infrastructure, tuning hunting operations, and mentoring SOC analysts.




Illuminating the Dark Corners of AI: Extracting Private Data from AI Models and Vector Embeddings

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Saturday, Aug 9, 11:00 – 11:59 PDT

Creator: Crypto Privacy Village

This talk explores the hidden risks in apps leveraging modern AI systems—especially those using large language models (LLMs) and retrieval-augmented generation (RAG) workflows. We demonstrate how sensitive data, such as personally identifiable information (PII) and social security numbers, can be extracted through real-world attacks. We’ll demonstrate model inversion attacks targeting fine-tuned models, and embedding inversion attacks on vector databases among others. The point is to show how PII scanning tools fail to recognize the rich data that lives in these systems and how much of privacy disaster these AI ecosystems really are.


People:
    SpeakerBio:  Patrick Walsh

Patrick Walsh has an over 20 year history of running threat research and engineering teams overseeing products ranging from anti-virus and intrusion prevention to enterprise cloud software. He is a long-time advocate for privacy and security and holds multiple patents in that space. Patrick now leads IronCore Labs, an application data protection platform that uses encryption to protect data stored in the cloud while keeping it searchable and usable. Outside of work, he enjoys the outdoors, photography, hacking, lock picking, biking, swimming, and magic.




Implementing AI in Security Teams: Lessons from the Trenches

Creator Talk Map Page – LVCC West-Level 2-W213-W218-(Blue Team Village) W214-W215
When:  Saturday, Aug 9, 13:15 – 14:05 PDT

Creator: Blue Team Village (BTV)

This BTV panel brings together industry practitioners to share real-world experiences for successfully implementing strategic technologies within organizations. Through a structured 50-minute discussion, panelists provide actionable insights across the complete implementation lifecycle. The session covers implementation case studies, securing organizational buy-in, strategic roadmaps, and technical deployment challenges. Key focus areas include team development, psychological factors, ROI measurement frameworks, and common failure patterns to avoid. Interactive audience engagement ensures relevant discussion of current implementation challenges facing the cybersecurity community. Attendees will gain concrete strategies for driving technology adoption, success measurement frameworks, and connections with experienced practitioners. Ideal for security leaders, architects, and practitioners responsible for implementing new technologies, processes, or strategic initiatives within their organizations.


People:
    SpeakerBio:  Betta Lyon-Delsordo

Betta Lyon Delsordo began her cyber journey at the age of 13 when she started teaching herself to code. This grew into freelance web development work for small businesses in Montana, where she soon realized she needed to know more about application security to keep her clients safe. She began learning more about secure coding and interned with a hacking firm, and realized she was pretty good at it. After completing a Master’s in Cybersecurity at Georgia Tech, obtaining certifications such as the GPEN, and working her way up through pentesting, Betta is now working as a Lead Application Penetration Tester at OnDefend. Her areas of expertise include application security, secure code review, cloud security, and AI hacking. Betta is very involved in the cybersecurity community and with organizations that support women in technology. She has been a mentor for 9 years with Technovation (an international girls coding program), and is an organizer and speaker for organizations promoting diversity in technology including RTC, WiCyS, WISP, and WSC.

SpeakerBio:  Emily Soward

Emily Soward has over 15 years of experience in AI R&D with specializations in governance, operations, and security. She is a serial innovator, inventor, founder, and leader in AI incident response, ecological and edge AI research, and AI security research. She is notable for her courses and teaching in AI governance, risk management, operations, and security, as well as her work on AI and ML frameworks for Amazon Web Services. Her contributions to the HITRUST Alliance AI Working Group supported the launch of the first cybersecurity certification for deployed AI systems. In 2024, she cofounded the AI Incident Response & Control (AIRCTL), an open-source project making top AI security skills accessible for small and under-resourced organizations.

SpeakerBio:  Todd Fletcher

Todd Fletcher is a cybersecurity consultant and PhD student with over 25 years of experience in IT leadership, network, application, public government IT leadership, and security engineering. He currently works as a Professional Services Principal Consultant at CrowdStrike, a leading provider of cloud-native endpoint and workload protection solutions.

As a consultant, he assists information security teams from various sectors to assess their security posture, and develop plans to close security gaps while achieving technical and executive success. He is skilled in agile project management, systems automation, SIEM, SOAR, penetration tools, and security program development based on the NIST framework. He also conducts cloud security and automation with Azure DevSecOps.

In addition to his consulting role, he is pursuing a PhD in cyberpsychology, where he explores the psychological aspects of cybersecurity, such as user behavior, motivation, trust, and risk perception. He is passionate about pushing the boundaries of how to drive successful security initiatives from both a technical and psychological perspective with organizations across many industries.




Impossible Until It Isn’t: DARPA, Disruption, and the Future of Cyber

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Saturday, Aug 9, 11:30 – 11:59 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

DARPA’s Information Innovation Office (I2O) creates groundbreaking science and delivers future capabilities in the informational and computational domains to surprise adversaries and maintain enduring advantage for national security. Current research and development focuses on related areas including transformative AI, and offensive and defensive cyber.

Learn how the agency is leveraging advances in state-of-the-art AI to produce trustworthy cyber capabilities that operate beyond human capacity and speed – and anticipate adversary countermeasures to create enduring capabilities.


People:
    SpeakerBio:  Stephen Winchell, Director at DARPA

Stephen Winchell joined DARPA as its 24th Director in May 2025. Prior to this appointment, he led the artificial intelligence and autonomy portfolio for the Defense Department’s Strategic Capabilities Office. Previously, he was chief engineer for the Pentagon’s Algorithmic Warfare Cross-Functional Team, commonly known as Project Maven. He is a graduate of the U.S. Naval Academy, where he later taught as a faculty member in the electrical and computer engineering department. He also served as a submarine officer in the U.S. Navy and continues to serve as an officer in the U.S. Navy Reserve. He has been a Presidential Innovation Fellow at the Intelligence Advanced Research Projects Activity and worked with a venture-backed start-up focused on AI security. He received a master’s in business administration from the University of Virginia, a master’s degree in systems engineering from the Johns Hopkins University, and a master’s degree in applied physics from the U.S. Naval Postgraduate School.

SpeakerBio:  Dr. Kathleen Fisher, Director at DARPA’s Information Innovations Office
No BIO available
SpeakerBio:  Allison Kline, Program Manager at DARPA’s Information Innovations Office
No BIO available



Incident Response 101: What Happens After the Hack?

Creator Talk Map Page – LVCC West-Level 2-W213-W218-(Blue Team Village) W214-W215
When:  Friday, Aug 8, 10:00 – 10:50 PDT

Creator: Blue Team Village (BTV)

Ever wonder what happens behind the scenes when a company gets hacked? Restoring systems, containing the damage, and keeping attackers out for good doesn’t happen by magic — it takes skilled professionals to guide the process.

Enter the Incident Responder: part digital detective, part crisis manager. Their job is to figure out what went wrong, kick out the bad actors, and make sure it doesn’t happen again.

Join us for a beginner-friendly presentation on the essential role of Incident Responders in cybersecurity.


People:
    SpeakerBio:  Joshua Morgan

Joshua Morgan is an information security enthusiast and practitioner in the Blue Team realm who enjoys mentoring newcomers to the industry, collaborating with others in the industry, and teaching the importance of securing all aspects of life through his work as an instructor at a local university for a Masters-level information security course.

Joshua has presented at DEF CON and BSides events and is active in the security community, working with the both Packet Hacking Village and Blue Team Village at DEF CON.




InfoSecMap: El nexo global de eventos y comunidades de InfoSec

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Saturday, Aug 9, 13:30 – 13:59 PDT

Creator: La Villa

Las oportunidades en InfoSec están por todos lados, pero generalmente quedan enterradas entre diversos sitios web, publicaciones en redes sociales, o incluso en algún canal de la última app de mensajería que está de moda. Ya sea una meetup local, un CFP, una actividad de voluntariado, o la posibilidad de patrocinar una iniciativa, muchas personas y organizaciones pierden oportunidades simplemente porque no saben dónde buscar.

InfoSecMap nació para solucionar este problema. Es una plataforma gratuita, impulsada por la comunidad, que reúne todo el ecosistema global de InfoSec en un solo lugar. Destaca eventos, grupos y convocatorias de participación. Desde conferencias importantes hasta CTFs y encuentros pequeños en el bar de la esquina, InfoSecMap te ayuda a explorar qué está pasando por región geográfica o temática, y a descubrir dónde podés conectar y contribuir.

Si te importa la colaboración abierta, el conocimiento compartido y hacer crecer InfoSec en cada rincón del mundo, InfoSecMap es para vos.


People:
    SpeakerBio:  Walter Martin Villalba, Principal Product Security Consultant at C13 Security LLC

Experienced Software & Security Engineer with a demonstrated history of working in the Health Care & Security industry. Skilled in cybersecurity, penetration testing, cryptography, networking, videoconferencing, VoIP. Proficient in C++, with some exposure to Objective-C, Python, and Bash scripting.




Inside the Shadows: Tracking RaaS Groups and Evolving Cyber Threats

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Saturday, Aug 9, 15:05 – 15:50 PDT

Creator: Recon Village

This comprehensive talk will provide an in-depth exploration of advanced threat hunting strategies, showcasing the methodologies employed in our recent reporting on the Decline of Black Basta. Attendees will learn how we tracked threat actor activity on the dark web, specifically focusing on Black Basta, to uncover emerging tactics, affiliations, and operational insights through analysis of illicit forums and marketplaces.x000D x000D The presentation will delve into techniques for monitoring the activities of ransomware-as-a-service (RaaS) groups, including how shifts in membership and operational practices occur after disbandment. Further, we will discuss how to harness investigation telemetry to detect and analyze evolving tactics, techniques, and procedures (TTPs). These approaches enable organizations to anticipate sophisticated cyber campaigns and proactively bolster their defensive strategies.x000D x000D By the end of this session, attendees will have actionable insights and practical methodologies to strengthen their threat detection capabilities, ensuring they stay ahead in the rapidly evolving cybersecurity landscape.x000D


People:
    SpeakerBio:  John Dilgen

John Dilgen is a Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he previously served as an Incident Response Analyst and Trainer at ReliaQuest.




Intro to Common Industrial Protocol Exploitation

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Sunday, Aug 10, 11:30 – 11:59 PDT

Creator: ICS Village

Explore the basics of what CIP is, how it is used in industry, and how to get started hacking it.


People:
    SpeakerBio:  Trevor Flynn

Industrial Controls Engineer and ICS security specialist




Intro to Lockpicking

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-701 (Lock Pick Village)
When:  Sunday, Aug 10, 10:15 – 10:45 PDT
Friday, Aug 8, 10:15 – 10:45 PDT
Friday, Aug 8, 13:00 – 13:30 PDT
Friday, Aug 8, 16:00 – 16:30 PDT
Saturday, Aug 9, 10:15 – 10:45 PDT
Saturday, Aug 9, 15:00 – 15:30 PDT
Sunday, Aug 10, 13:00 – 13:30 PDT

Creator: Lock Pick Village

New to lock picking? Haven’t picked in a year and need a refresher? Don’t know a half-diamond from a turner? This talk is for you! Join one of our knowledgeable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.


People:
    SpeakerBio:  TOOOL
No BIO available



Intro to Physical Security Bypass

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Sunday, Aug 10, 10:00 – 10:59 PDT

Creator: Physical Security Village

Physical security is an important consideration when designing a comprehensive security solution. There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Learn how these attacks work as well as how to defend against these attacks in this talk!

Links:
    www.physsec.org – https://www.physsec.org

People:
    SpeakerBio:  Karen Ng, Physical Security Village

Karen is a Risk Analyst at GGR Security, and is one of GGR’s entry team for physical penetration tests. She has a strong interest in physical security, delivering trainings on physical security vulnerabilities to a wide range of audiences. Karen comes from a background in engineering and has extensive experience in major event logistics. She is one of the Village Leads at the Physical Security Village, and works with the rest of the PSV team to teach how to recognize and fix security exploits to the community. Graphic design is her passion.

SpeakerBio:  Matthew Cancilla, Physical Security Village
No BIO available



Intro to Quantum Sensing

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-206 (Quantum Village)
When:  Saturday, Aug 9, 13:45 – 14:15 PDT

Creator: Quantum Village

People:
    SpeakerBio:  Adonai Cruz

I am a theoretical and computational physicist with interest in spin-dependent phenomena in solid-state systems. I also have experience designing devices and creating computational simulations for quantum sensing applications. As a principal investigator (PI) I have written SBIR grants and managed projects involving multidisciplinary teams from both industry and academia in projects funded by NASA and DARPA.




Intro to village

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-505 (Payment Village)
When:  Friday, Aug 8, 10:15 – 10:30 PDT
Saturday, Aug 9, 10:15 – 10:30 PDT

Creator: Payment Village

People:
    SpeakerBio:  Leigh-Anne Galloway
No BIO available



Introduction of Loong Community & Financial Identity crime (deepfake) regulation of diferetn jurisdictions

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Friday, Aug 8, 14:45 – 15:30 PDT

Creator: Loong Community

The rapid advancement of deepfake technology, powered by generative adversarial networks (GANs), has revolutionized creative industries but poses significant challenges to global financial security through identity fraud. This study examines the legal and regulatory frameworks addressing deepfake-enabled financial crimes in the UK, EU, and Asia, highlighting the growing sophistication of such fraud, exemplified by a 2024 case in Hong Kong where cybercriminals used deepfake video conferencing to defraud a multinational company of $25 million. Employing a comparative legal analysis and case study approach, this research evaluates the effectiveness of existing regulations, identifies enforcement challenges, and analyzes real-world cases to expose legal gaps. Findings reveal that while China has implemented specific deepfake regulations, the UK, EU, and Hong Kong rely on broader fraud and data protection laws, lacking targeted provisions. These inconsistencies hinder prosecution and cross-jurisdictional cooperation. The study proposes balanced regulatory strategies to combat deepfake-enabled financial fraud while fostering AI innovation, offering critical insights for policymakers, legal practitioners, and financial institutions navigating this evolving threat landscape.


People:
    SpeakerBio:  Noel Wong

Noel is a Postgardute student of Master Degree in UCL, major in CyberCrime

SpeakerBio:  KC Wong, Hardware Ninja

hardware.ninja is an independent security researcher. He focuses on hardware security researches, penetration test, incidents response and digital forensics analysis. He was the first and the only Asian leading a group of white-hat hackers to hold an in-depth, hands-on hardware hacking village in BLACK HAT and DEFCON. He is also a frequent speaker and trainer in different top-notch security and forensics conferences including SANS, HTCIA, DFRWS, GCC, CodeBlue, HITB, SINCON, AVTokyo and HITCON.




Investigating Foreign Tech from Online Retailers

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Saturday, Aug 9, 13:35 – 14:20 PDT

Creator: Recon Village

We live in a time where we can buy practically anything online. It’s very tempting to buy cheap products online, including electronics. While saving money can be great, what are we really getting here? Where did it really come from, is it safe to use, and what is really going on behind the scenes? Let’s find out!x000D In this talk, we’ll track the supply chain of a foreign smartwatch on Amazon using various OSINT techniques. After going down the rabbit hole, we’ll perform a hardware/software breakdown with automated and manual analyses (and further OSINT based on our findings). By the end of the talk, you will have a better understanding of some of the tools and processes you can use for performing your own due diligence.


People:
    SpeakerBio:  Michael Portera

Michael Portera is the Vice President of Cyber Solutions at Sequoia, Inc. In this role, Michael contributes heavily to Sequoia’s cybersecurity initiatives and serves as a key advocate for the company’s cutting-edge cloud solutions across the national security sector. Michael spent eight years in Big Four consulting (KPMG and Deloitte), where he delivered IT and cybersecurity services to both public and private sector clients. He later worked as a Red Team Operator and, in 2020, founded a cybersecurity firm that was acquired in 2023. In 2020, he founded a cybersecurity company, which he sold in 2023. He has presented at major conferences and contributes to open-source projects when time allows. Outside of work, he’s a proud girl dad (x2), enjoys video games, vacations with his family, and board games with friends.




Is End-to-End-Verifiability an Internet Voting Magic Bullet? A Perspective for Policymakers

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Saturday, Aug 9, 16:30 – 16:59 PDT

Creator: Voting Village

End-to-End-Verifiability (E2E-V) is a cryptographic paradigm that, as applied to voting systems, allows voters to independently verify that their votes were cast as intended, guaranteeing that votes were recorded as cast, and tallied as recorded. As such, it is being promoted to public officers and elected officials at the county and state levels as the “magic bullet” allowing for secure voting over the internet. This talk will argue, in a relatively low-tech way, that E2E-V is irrelevant to some attacks – both to servers outside the cryptographic “loop,” and particularly to client-side systems. E2E-V-equipped voting systems are primarily vulnerable to client-side malware, which would still be free to alter or sabotage voting applications and devices. The talk will present opinions from technical experts on E2E-V. These perspectives are juxtaposed against opinions and rhetoric from the commercial promoters of internet voting systems.

Links:
    www.montpelier-vt.org/162/City-Clerk – https://www.montpelier-vt.org/162/City-Clerk

People:
    SpeakerBio:  John Odum, City Clerk, Montpelier Vermont

John Odum is the elected City Clerk of Montpelier, Vermont, and his primary responsibility is the administration of elections. John holds a Certified Municipal Clerk certification from the International Institute of Municipal Clerks and holds a certificate in Election Administration from the University of Minnesota Humphrey School of Public Affairs. In the past, he has worked as a political organizer, including as the statewide Field Director for the Clavelle for Governor Campaign. He has worked in IT capacities as a Network Administrator and the Clinic Systems Application Administrator for the Vermont Democratic Party and Planned Parenthood of Northern New England respectively. John is a hobbyist hacker in his spare time and holds Certified Ethical Hacker and Certified Network Defense Architect certifications from EC-Council. His first hack was a Prime 400 PRIMOS computer system. John has been active in election issues in the Vermont legislature for years, lobbying for election-day registration and automatic voter registration. As a 2022 candidate for Vermont Secretary of State, John championed election cybersecurity, ranked choice voting, and universal vote-by-mail.




Is it Safe Yet? A Discussion on the Fundamental Security Profile of Internet Voting and its Use Today

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Saturday, Aug 9, 15:15 – 15:59 PDT

Creator: Voting Village

The prospect of voting over the Internet has long attracted voters, election officials and civil rights advocates, but casting ballots online includes unique security challenges and requirements that first must be satisfied before online voting will be secure. This panel discussion will delve into the specific challenges inherent with Internet voting, review the security research that’s been conducted, and discuss the current state of online voting in the U.S.


People:
    SpeakerBio:  Matt Blaze, Georgetown University; Chairman, Election Integrity Foundation

Matt Blaze is the McDevitt Chair of Computer Science and Law at Georgetown University, where his research focuses on problems at the intersection of technology, public policy, and law. Prior to joining Georgetown, he was a professor of computer science at the University of Pennsylvania, and prior to that, a founding member of the Secure Systems Research Department at AT&T Bell Labs. He holds a PhD in computer science from Princeton, an MS from Columbia, and a BS from the City University of New York. Blaze’s scholarship and practical work in high-integrity voting and elections technology dates back more than 25 years. He led teams that examined source code for security vulnerabilities on behalf of the states of California and Ohio for the Top-to-Bottom Review and EVEREST studies. He has testified on election security and other topics before the US Congress over a dozen times, served on various federal and state advisory boards, and has published numerous scholarly research papers on elections and related subjects. He is a founding member of the DEFCON Voting Village, and currently serves as board chair of the Election Integrity Foundation.

SpeakerBio:  Susan Greenhalgh, Free Speech For People

Susan Greenhalgh is the Senior Advisor on Election Security for Free Speech For People. Ms. Greenhalgh has previously served as vice president of programs at Verified Voting and at the National Election Defense Coalition, advocating for secure election protocols, paper ballot voting systems and post-election audits. Recognized as an expert on election security, she has been invited to testify before the U.S. Commission on Civil Rights and has been an invited speaker at meetings of the MITRE Corporation, the National Conference of State Legislatures, the Mid-West Election Officials Conference, the International Association of Government Officials, the Election Verification Network and the E-Vote-ID conference in Bregenz, Austria. She is a frequent source for reporters from TheNew York Times, The Washington Post, The Wall Street Journal, Politico, USAToday, Associated Press, National Public Radio and other leading news outlets. She has appeared on CNN and MSNBC’s The Rachel Maddow Show, and various other television news shows. She has a BA in Chemistry from the University of Vermont.

SpeakerBio:  David Jefferson, Lawrence Livermore National Laboratory (retired), Election Integrity Foundation, Dr
No BIO available
SpeakerBio:  Michael Specter, Georgia Tech

Dr. Michael specter is an Assistant Professor, Computer Science and in Cybersecurity & Privacy at Georgia Tech. His research focuses on systems security and applied cryptography, particularly in areas relevant to public policy. Topics of interest include surveillance, cryptographic accountability, content moderation, misinformation, and elections security. He is well-known in the election security community for his study and critiques of both the Voatz and Democracy Live Internet voting systems.




It Came From Space

Creator Talk Map Page – LVCC West-Level 3-W320 (Ham Radio Village)
When:  Sunday, Aug 10, 11:00 – 11:30 PDT

Creator: Ham Radio Village

Satellites are constantly orbiting the planet and beaming information back to us. Some of the most interesting information is weather images. As it turns out, it is very easy and cheap to pick up those signals and get a real-time view of your current location. In this talk I will go over what is out there, what you need to get, and the open source software stack to generate amazing images.

Some of the earliest weather satellites were launched in the 50’s. Since that time, technology has come a long ways from simple images of clouds, with new payloads that can see through the clouds and give information like ocean wave heights, ground temperatures, wind speed and direction, and other interesting information.

The even better part of this is that all this information is being sent in the clear, continuously, meaning if you can receive it and decode it, you can view and use the data. Be your own weather forecaster! Hardware needed to accomplish this is as simple as a dipole antenna on a tripod and a $30 SDR dongle.

On the software side, there are many different programs you can use to collect the signal. Some, like SatDump, even do everything all in one place: tune, decode, and assemble the output all in a single click. It’s even possible to setup a schedule and fully automate collecting imagery.

Moving beyond the simple APT data, you can get even higher resolution data if you build a simple dish antenna. While it is entirely possible to just hand-hold the antenna with a cell phone strapped to the back to show you where to point, it’s just as easy to buy a cheap used dish rotator and have the same software automatically track it for you.

Once you get into decoding weather data, it’s just a simple hop, skip and a jump to learning how to send signals to amateur radio satellites or even the ISS. And all you need is a Technician license!


People:
    SpeakerBio:  Steve “hamster” Ball

I’m Steve Ball, KD5WGW. I love building antennas and being frustrated when they don’t work. Ham radio has tons of fun rabbit holes to jump into and I am always finding something exciting to play with.




It’s Not Safe Yet

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Saturday, Aug 9, 16:00 – 16:30 PDT

Creator: Voting Village

Mike Specter has examined both the Voatz and Democracy Live online voting systems. This presentation will discuss those findings, how this research was received, and its lasting impact on online voting.

Links:
    mikespecter.com – https://mikespecter.com

People:
    SpeakerBio:  Michael Specter, Georgia Tech

Dr. Michael specter is an Assistant Professor, Computer Science and in Cybersecurity & Privacy at Georgia Tech. His research focuses on systems security and applied cryptography, particularly in areas relevant to public policy. Topics of interest include surveillance, cryptographic accountability, content moderation, misinformation, and elections security. He is well-known in the election security community for his study and critiques of both the Voatz and Democracy Live Internet voting systems.




KeePass, weaponized

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Friday, Aug 8, 12:00 – 12:30 PDT

Creator: Malware Village

This talk presents a deep dive into a real-world case where KeePass — a widely trusted open-source password manager — was weaponized and used as part of a malware delivery campaign. The attackers distributed a trojanized version of KeePass through Bing malicious advertisements, leveraging fake download pages to lure unsuspecting victims searching for the software. The modified binary retained full KeePass functionality, making it nearly indistinguishable from the legitimate version. Behind the scenes, it acted as a stealthy loader, ultimately deploying a Cobalt Strike BEACON to establish persistent access.


People:
    SpeakerBio:  Juho Jauhiainen
No BIO available



KEYNOTE: Attack Surface in Motion: Why Today’s Threats Don’t Knock First

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Friday, Aug 8, 10:00 – 10:50 PDT

Creator: Recon Village

Over the past decade and a half, the tactics of threat actors have quietly but fundamentally transformed. What began as slow, targeted intelligence gathering has evolved into automated, scalable exploitation of exposed assets—often before defenders even notice. In this keynote, we’ll trace the journey of threat actor innovation, highlighting shifts in recon methods, asset targeting, and speed of attack. We’ll dissect common attack surface mistakes that open the door for breaches, especially in the last couple of years, and challenge assumptions around visibility and control. The attack surface is always in motion—are you keeping up?


People:
    SpeakerBio:  Muslim Koser

Muslim has over 25 years of Information Security Experience with a core focus on Cyber Threat Intelligence, Cyber Risk Management, and Cybersecurity consulting. Before Volon & Fortinet, he worked at FireEye Inc. where he headed one of their Cyber Threat Intelligence Research team. Muslim set up the Cyber Threat Research team for iSIGHT Partners in India, which was one of the first teams to work in this domain.x000D x000D Muslim has also been a member of the Honeynet Project as well as the Indian Honeynet Chapter and involved in Detux Sandbox, which was one of the first online Linux sandbox services. As part of the Honeynet project, Muslim was also involved in the design of the open-source spam Honeypot SHIVA.x000D x000D Previously, Muslim was based in Malaysia, where he led the information security consulting practice for Network Security Solutions. Muslim is also credited with involvement in establishing national-level CERTs and consulting for various corporate CSIRTs.




Keynote: Attacking AI

Creator Talk Map Page – LVCC West-Level 3-W326 (Bug Bounty Village)
When:  Friday, Aug 8, 11:00 – 11:59 PDT

Creator: Bug Bounty Village

Attacking AI is a one of a kind session releasing case studies, tactics, and methodology from Arcanum’s AI assessments in 2024 and 2025. While most AI assessment material focuses on academic AI red team content, “Attacking AI” is focused on the task of assessing AI enabled systems. Join Jason as he discusses his seven point methodology to assessing these systems and releases Arcanum’s prompt injection taxonomy and other resources for aspiring testers.


People:
    SpeakerBio:  Jason “jhaddix” Haddix, Field CISO at flare.io

Jason has had a distinguished 20-year career in cybersecurity, previously serving as CISO of Buddobot, CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin.

He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis.

Jason is a hacker, bug hunter, and is currently ranked 57th all-time on Bugcrowd’s bug bounty leaderboards. Currently, he specializes in recon, web application analysis, and emerging technologies.

Jason has also authored many talks for world-renowned conferences like DEF CON, Bsides, Black Hat, RSA, OWASP, Nullcon, SANS, IANS, BruCon, ToorCon, and many more.


Jason Haddix AKA jhaddix is the CEO and “Hacker in Charge” at Arcanum Information Security. Arcanum is a world class assessment and training company.Jason has had a distinguished 20-year career in cybersecurity previously serving as CISO of Buddobot, CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker, bug hunter and currently ranked 57st all-time on Bugcrowd’s bug bounty leaderboards. Currently, he specializes in recon, web application analysis, and emerging technologies. Jason has also authored many talks on offensive security methodology, including speaking at cons such as DEFCON, Besides, BlackHat, RSA, OWASP, Nullcon, SANS, IANS, BruCon, Toorcon and many more.




La Villa – Opening Seremony 0din Presentation

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Friday, Aug 8, 10:00 – 10:30 PDT

Creator: La Villa

Damos inicio a La Villa con una charla especial sobre 0din, el GenAI Bug Bounty Program de Mozilla.


People:
    SpeakerBio:  Marco Figueroa, GenAI Bug Bounty Programs Manager @ Mozilla | 0Din

Marco Figueroa is the GenAI Bug-Bounty Programs Manager at Mozilla’s 0DIN program, the industry’s first dedicated LLM bug-bounty platform. He leads the global researcher community that dissects guardrails across ChatGPT, Claude, Gemini and open-source LLMs. Marco’s research has repeatedly shown how hex-encoded and other obfuscated prompts can coerce GPT-4o into writing working exploit code, a technique covered by The Register and Bitdefender’s Hot-for-Security column. He also uncovered the extent of OpenAI’s container file system exposure, demonstrating live upload-and-execute paths inside ChatGPT’s Debian sandbox, as reported in Dark Reading.




Laser Fault Injection

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-401 (Embedded Systems Village)
When:  Friday, Aug 8, 15:00 – 15:30 PDT
Saturday, Aug 9, 15:00 – 15:30 PDT

Creator: Embedded Systems Village

This demo will showcase a budget-friendly DIY laser fault injection rig, originally designed for the RP2350 Hacking Challenge. We will cover the mechanical preparation of QFN-packaged ICs, infrared die imaging, and the driving of high-power laser diodes to induce faults.


People:
    SpeakerBio:  Kévin Courdesses
No BIO available



Latin America: The perfect ransomware playground (ESP)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Friday, Aug 8, 12:30 – 12:59 PDT

Creator: La Villa

Latin America has a distinct cyber threat landscape, presenting a fragmented and heterogeneous IT infrastructure with often outdated systems, limited cyber maturity, and budget constraints converge, making it an ideal playground for cyberattacks.x000D x000D While ransomware is a global concern, in LATAM, threat actors enjoy extended dwell times, silently navigating networks, studying victim environments, and maximizing damage before encryption is deployed. This not only increases the success rate of the attacks but also enables operators to maintain persistence or monetize access by reselling it. The monetization of unauthorized access has become a growing market in Latin America, often just as profitable as ransomware deployment itself.x000D x000D The ransomware ecosystem has expanded significantly with business models like Ransomware-as-a-Service (RaaS). From Latin America, a region where the primary motivation for cyberattacks is financial, it’s possible to see a different perspective on this ecosystem.x000D x000D This talk dives deep into the evolving ransomware threat landscape across LATAM, where attackers benefit from its unique landscape. We’ll explore the TTPs of the most active ransomware families in the region, RaaS operations, prolonged Intrusions, and regional adaptations. Through technical analysis and regional case studies, we’ll highlight how ransomware operators are adapting to exploit legacy infrastructure, regional geopolitics, and socioeconomic realities.x000D x000D The topics covered will include:x000D *Brief overview of the LATAM ransomware threat landscape.x000D *Most active ransomware and RaaS families targeting LATAM, interesting and relevant case studies.x000D *Analysis of common TTPs and attacker behavior in LATAM ransomware intrusions.x000D *Socio Economic and geopolitical factors that influence attacker operations in the region.x000D *Monetization strategies beyond encryption: access resale, data exfiltration, and extortion trends.


People:
    SpeakerBio:  Isabel Manjarrez, Threat Researcher

[EN] With more than seven years of experience in the cybersecurity field, Isabel currently works as a security researcher for Kaspersky’s Global Research and Analysis Team (GReAT). Based in Mexico, Isabel is responsible for investigating the most active threat actors in Latin America, tracking their movements and analysing the new techniques they implement. Isabel is also a speaker at international conferences and meetups. Her interests include threat intelligence, malware analysis, satellite communications, electronics and music.x000Dx000D [ES] Con más de 7 años de experiencia en ciberseguridad, Isabel trabaja actualmente como investigadora de seguridad en el Equipo Global de Investigación y Análisis (GReAT) de Kaspersky.x000D Basada en México, Isabel se encarga de investigar a los actores de amenazas más activos en Latinoamérica, rastrear sus movimientos y analizar las nuevas técnicas que implementan. También participa como ponente en conferencias y reuniones internacionales.x000D Sus intereses incluyen la inteligencia de amenazas, el análisis de malware, las comunicaciones satelitales, la electrónica y la música.x000D




Latinas en Cyber

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Friday, Aug 8, 16:30 – 17:30 PDT

Creator: La Villa

Este panel celebra y visibiliza el talento, las trayectorias y los desafíos de mujeres latinoamericanas en el mundo de la ciberseguridad. A través de experiencias personales y profesionales, las panelistas compartirán cómo han construido su camino en la industria, los retos que han enfrentado y las oportunidades para fomentar una comunidad más diversa, inclusiva y representativa en el ámbito de la seguridad digital.


People:
    SpeakerBio:  Cybelle Oliveira, Cyber Threat Intelligence Researcher at Malwarelandia

Cybelle Oliveira is a Cyber Threat Intelligence researcher and a Master’s student in Cyber Intelligence. She teaches in a postgraduate CTI specialization program in Brazil and is the co-founder of La Villa Hacker — the first DEF CON village dedicated to the Portuguese and Spanish-speaking community.

Cybelle has spoken at some of the world’s leading security conferences, including DEF CON, BSides Las Vegas/São Paulo/Rio de Janeiro, 8.8 Chile, Cryptorave, Radical Networks, Mozilla Festival, and many others. Her work often explores the intersection of cyber threats, geopolitics, and underreported regions, with a particular interest in the strange, obscure, and catastrophically messy corners of cybersecurity.

Cybelle Oliveira es Consultora de Ciberseguridad, postgraduada en Cyber Threat Intelligence y estudiante de Máster en Ciberinteligencia en el Campus Internacional de Ciberseguridad de la Universidad de Murcia, España. Ha estado involucrada en activismo de privacidad y seguridad durante más de 10 años y ha presentado charlas en eventos por todo el mundo, como BSides LV, BSides SP, Girls Hack Village (DefCon), 8.8 Chile, Internet Freedom Festival, Radical Networks, Mozilla Festival, Roadsec, Cryptorave, entre otros. Cybelle forma parte de la comunidad Mozilla y es directora de la organización Casa Hacker.

SpeakerBio:  Christiane Borges
No BIO available
SpeakerBio:  Isabel Manjarrez, Threat Researcher

[EN] With more than seven years of experience in the cybersecurity field, Isabel currently works as a security researcher for Kaspersky’s Global Research and Analysis Team (GReAT). Based in Mexico, Isabel is responsible for investigating the most active threat actors in Latin America, tracking their movements and analysing the new techniques they implement. Isabel is also a speaker at international conferences and meetups. Her interests include threat intelligence, malware analysis, satellite communications, electronics and music.x000Dx000D [ES] Con más de 7 años de experiencia en ciberseguridad, Isabel trabaja actualmente como investigadora de seguridad en el Equipo Global de Investigación y Análisis (GReAT) de Kaspersky.x000D Basada en México, Isabel se encarga de investigar a los actores de amenazas más activos en Latinoamérica, rastrear sus movimientos y analizar las nuevas técnicas que implementan. También participa como ponente en conferencias y reuniones internacionales.x000D Sus intereses incluyen la inteligencia de amenazas, el análisis de malware, las comunicaciones satelitales, la electrónica y la música.x000D




Layer-2 Liberation: Weird & Wonderful Things Your AP Never Dreamed Of

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-803 (Radio Frequency Village)
When:  Friday, Aug 8, 13:00 – 13:25 PDT

Creator: Radio Frequency Village

What if you bypass SSIDs, association handshakes, IP, and every “normal” layer of Wi-Fi, and just sling raw 802.11 frames? With Scapy and two USB WiFi adapters, I’ll demonstrate four bite-sized hacks that treat Wi-Fi as a blank RF pipe. No access point required.

Raw 802.11 File Drop: A wink to the fruit company’s file-beam trick. Hurl a PDF into the airwaves and catch it on a friend’s laptop. No pairing or IP required.

Walkie-talkie: Embed a PCM audio stream in raw broadcast frames. No association needed.

Meshtastic-over-Wi-Fi: Repackage the popular LoRa mesh-chat protocol into 802.11 frames for hop-to-hop messaging at Wi-Fi speeds.

WiFiFS: A FUSE filesystem mapping RF traffic to files. You can cat, cp, or grep packets as they fly by.

Each script is short enough to skim while your espresso shot pulls, light on dependencies, and leaves ordinary clients blissfully unaware of the mischief on channel 6. You’ll walk away with working code, a new mental model of 802.11 as raw clay, and plenty of inspiration to craft your own oddball protocols. No access points, just DIY frame-level fun.


People:
    SpeakerBio:  Allan Riordan Boll

Allan wrangles cloud infrastructure by day, and radio waves by night. An early SDR devotee from the sub-$20 RTL-SDR era, he can often be found between a hex editor and an FFT waterfall, tinkering with the invisible.




Learn Nix the Fun Way

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Friday, Aug 8, 10:30 – 10:59 PDT

Creator: Nix Vegas Community

Learning Nix can be off-putting, as many introductions dive into complex terminology and academic concepts, missing the chance to simplify Nix’s advantages. Having given talks both internally and externally, I’ve shifted to showcasing fun, practical examples first, leaving the nuances for later. Join me to see some straightforward examples of what Nix can offer and why it might be worth adopting.


People:
    SpeakerBio:  Farid Zakaria, Principal Engineer at Confluent

I am a software engineer, father, and wishful surfer. I currently work at Confluent on developer productivity and recently defended a Ph.D. in computer science at the University of California Santa Cruz. More relevant to Nix, I am a NixOS enthusiast, which has led me to rethink basic Linux primitives.




Legal Entity-Driven Reconnaissance with OWASP Amass: Enhancing Bottom-Up Discovery Using RDAP

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Friday, Aug 8, 17:30 – 18:10 PDT

Creator: Recon Village

The OWASP Amass Project has long been a staple in the open-source reconnaissance ecosystem, enabling security researchers, red teamers, and defenders to map attack surfaces through passive and active discovery techniques. Traditionally, tools like Amass have relied on DNS, certificate transparency logs, web scraping, and other data sources to infer the digital footprint of an organization. However, this approach often begins with known domains and struggles to comprehensively uncover the broader infrastructure—especially when initial input is minimal or obfuscated.x000D x000D This talk introduces a major advancement in the Amass discovery model: leveraging legal entity information as a pivot point for infrastructure enumeration. By incorporating corporate legal names, the project now enables users to query the Registration Data Access Protocol (RDAP) for associated IP address ranges directly linked to specific organizations. This evolution allows for a powerful “outside-in” discovery strategy—one that begins with an organization’s registered presence in global ICANN records and regional internet registries (RIRs).x000D x000D We will walk through how this process functions end-to-end within Amass, including:x000D x000D How legal entity names are normalized, enriched, and used to perform RDAP queries across multiple registries.x000D x000D How this approach facilitates infrastructure discovery even when no initial domain names or IPs are known.x000D x000D Ways in which the newly discovered CIDRs and netblocks are fed into the broader Amass enumeration engine for DNS sweeps, and passive data correlation.x000D x000D Importantly, this capability allows researchers to identify internet-connected assets that might otherwise be missed through traditional means—especially helpful for uncovering legacy infrastructure, misconfigured services, and shadow IT. It also helps bypass the inefficiency of wide-scale internet scanning by using authoritative registry data as a precise targeting mechanism.x000D x000D This talk will include practical demonstrations of the feature in action, guidance on using it effectively in both red and blue team workflows, and a look at where the project is heading next—including potential integrations with open corporate registries, LEI databases, and expanded RDAP coverage.x000D x000D Takeaways for Recon Village Attendees:x000D x000D Learn how legal entity metadata can be leveraged to scale reconnaissance beyond domains and WHOIS lookups.x000D x000D Gain an understanding of how RDAP reveals registered network ownership and how Amass now uses this for bottom-up discovery.x000D x000D See live examples of uncovering unknown IP ranges and infrastructure linked to an organization—without scanning the full IPv4 space.x000D x000D Understand the implications of this technique for external asset management, third-party risk analysis, and adversarial recon.x000D x000D By advancing outside-in discovery with deeper legal and registration context, Amass continues to push the boundaries of OSINT tooling—bridging the gap between traditional internet reconnaissance and more strategic, organizationally-aware approaches to mapping the modern attack surface.


People:
    SpeakerBio:  Jeff “caffix” Foley, Founder & Project Leader, OWASP AMASS at OWASP

Jeff Foley has over 20 years of experience in information security, focusing on research & development, security assessment, and attack surface management. During the last eight years, Jeff identified a lack of situational awareness in traditional information security programs and shifted his attention to this vital function. He is now the Project Leader for Amass, an OWASP Foundation Flagship Project that provides the community with guidance and tooling for in-depth attack surface mapping and asset discovery. Jeff has assisted various companies with attack surface management and has been invited to speak at conferences. In past lives, Jeff was the Vice President of Research at ZeroFox, focused on proactive cybersecurity outside the traditional corporate perimeter. He also served as the Global Head of Attack Surface Management at Citi, one of the largest global banks, and started their first program addressing exposure management. Jeff began his career serving the United States Air Force Research Laboratory as a contractor specializing in cyber warfare research and development. He concluded his government contracting at Northrop Grumman Corporation, where he performed the roles of Subject Matter Expert for Offensive Cyber Warfare Research & Development and Director of Penetration Testing. In these roles, he also developed a penetration testing training curriculum for the Northrop Grumman Cyber Academy and taught trainers to utilize the material across this international organization. During his time in this profession, Jeff has taught at various academic institutions on offensive security, cloud security, and attack surface management.




Let AI Auto-Generate Neural-ASR Rules for OT-specific Attacks via NLP Approach

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Saturday, Aug 9, 15:00 – 15:30 PDT

Creator: ICS Village

For those ambitious threat actors targeting on OT/ICS field, their actions invariably are highly intensity planed to produce successful hacking. By abusing multiple misconfigurations and benign OT-specific nature infrastructure to evade multiple layers of protection, they can stealthily control the factory’s essential assets from IT to OT fields. For example, according to Mandiant’s report, the Russian hacker group, Sandworm, abused OT-level LoTL (Living Off the Land) to disrupt power in Ukraine. The key to success is abusing those OT-specific protocols, techniques, and LOLBins which are difficult to detect as malicious by modern AV/EDR.

In this research, instead of detecting MALICIOUS, we propose a novel multimodal AI detection, Suspicious2Vec, which archives contextual comprehension on process integrity and suspicious behaviors of OT/ICS benign operation. We use the AI model on large-scale real-world factories, to create a baseline of universal nature OT-specific operating into numerical vectors and success filter in-the-wild anonymous abuse for attacks into malicious.

From July 2023 to July 2024, our experiment whole year to received 2,000,000 data which were detected as unique suspicious techniques by 562+ human-written expert rules. We use the AI model to project those suspicious actions into numerical vectors by well-known word embedding methods, and also model all the suspicious behaviors from the OT + IT malware family from VirusTotal to generate a set of malware templates as neural ASR (Attack Surface Reduction) rules for detection, and success capture 12+ variant OT malware from 52,438 factory program files.


People:
    SpeakerBio:  Mars Cheng, Head of Cyber Threat & Product Defense Center at TXOne Networks Inc.

Mars Cheng is the Head of Cyber Threat & Product Defense Center at TXOne Networks Inc., responsible for leading three subgroups within the center: PSIRT, Advanced Threat Research Group, and Threat Operation Group. Additionally, he serves as the Executive Director of the Association of Hackers in Taiwan (HIT/HITCON) and General Coordinator of HITCON CISO Summit 2025; he plays a pivotal role in fostering collaboration between enterprises and government entities to strengthen cybersecurity. His expertise encompasses ICS/SCADA systems, malware analysis, threat intelligence and hunting, blue team, and enterprise security. A seasoned speaker, Mars has delivered over 60 presentations at international cybersecurity conferences, including Black Hat USA, Europe, and MEA, RSA Conference, DEF CON, CODE BLUE, FIRST, HITB, HITCON, Troopers, NOHAT, SecTor, S4, SINCON, and ROOTCON, among others. He has successfully organized several notable HITCON events, including the HITCON CISO Summit in 2023 and 2024, HITCON PEACE 2022, and HITCON 2021 and 2020.

SpeakerBio:  Jr-Wei Huang, Senior Threat Researcher of Cyber Threat & Product Defense Center at TXOne Networks Inc

Jr-Wei Huang is a Senior Threat Researcher of Cyber Threat & Product Defense Center at TXOne Networks Inc., specializing in threat hunting, detection engineering, and malware analysis. He has 3 years hands-on experience in developing EDR product features and designing effective detection strategies. Jr-Wei Huang has spoken at conferences such as HITCON, JASEC, and CYBERSEC Taiwan, covering topics including Windows and macOS security, blue team operations, and detection engineering. He has also delivered lectures and training sessions for universities and private companies across Taiwan.




Letthemin: Facilitating High-Value Purple Teams Using an Assumed Compromise Approach

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Sunday, Aug 10, 12:00 – 12:30 PDT

Creator: Adversary Village

Purple Teaming has become a critical component of modern cybersecurity programs, but its definition and application vary widely across organizations. This presentation introduces a refined, regimented, and repeatable methodology for running Purple Team engagements, developed and battle-tested for over a decade. As the term ‘Purple Team’ means different things to different people— a methodology, a team of people, a program, an assessment, or even a state of mind—and as Purple Team engagements themselves come in all shapes and sizes, the speaker will begin by aligning recommended definitions and applications of common Purple Team terminology. The presentation will explain how to apply an Assumed Compromise approach to Purple Teams. Any organization can be vulnerable at any point in time. This style of Purple Team testing follows the adversary through the entire life cycle of an attack, from Initial Access to Impact, assuming vulnerabilities exist to instead focus on the visibility of security tools. This is a powerful method of identifying ways to improve detection and prevention capabilities at each layer of an organization’s defense in depth. The speaker will include real world examples and specific instructions. The presentation will conclude with broader applications of this style of Purple Team. This will include how to collect and analyze the engagement results and apply these results to drive improvement to an organization’s resilience to common threats. This talk is ideal for security professionals, both Red and Blue Team, who are looking to elevate the way they perform Purple Team engagements.


People:
    SpeakerBio:  Sarah Hume, Purple Team Service Lead at Security Risk Advisors

Sarah leads the Purple Team service at Security Risk Advisors (SRA). She has led hundreds of Threat Intelligence-based Purple Team exercises for organizations in the Fortune 500 and Global 1000 over the past 7 years. Her background is in offensive security, primarily internal network, OT/ICS, and physical security penetration testing. Sarah also has experience in external network penetration testing, web application assessments, OSINT, phishing/vishing campaigns, vulnerability management, and cloud assessments. Sarah graduated Summa Cum Laude from Penn State with a B.S. in Cybersecurity. She is a Certified Red Team Operator (CRTO), Certified Information Systems Security Professional (CISSP), Google Digital Cloud Leader, AWS Certified Cloud Practitioner, and Advanced Infrastructure Hacking Certified. She lives in Philadelphia with her dog, Paxton.




Lightning Talks and Unconference

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Saturday, Aug 9, 16:40 – 17:59 PDT

Creator: Nix Vegas Community

Give a talk about whatever you want, as long as it’s less than 10 minutes! Or just come and chill in the Nix Vegas space for the Unconference.




Lightning Talks and Unconference

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Friday, Aug 8, 16:15 – 17:59 PDT

Creator: Nix Vegas Community

Give a talk about whatever you want, as long as it’s less than 10 minutes! Or just come and chill in the Nix Vegas space for the Unconference.




Living off the Graph: Module-less Azure Recon & Exploitation via PowerShell

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Saturday, Aug 9, 16:35 – 17:05 PDT

Creator: Cloud Village

As orgs lean harder on Entra and Azure for critical IdP and infra, attackers are shifting too. This talk introduces a PowerShell-based post-exploitation toolkit that uses only native Windows features and the Microsoft Graph API — no external modules, agents, or DLLs required. Designed to “live off the Graph,” it enables stealthy recon, escalation, persistence, and exfil using just REST calls and default PowerShell, evading top EDRs with ease (as of April 2025, at least).

We’ll walk through real-world kill chains using Microsoft’s own APIs, abusing OAuth flows, consent, and service principal escalation to move laterally, assign roles, drop loot, and stay hidden. Attendees will learn how attackers can inject secrets into app registrations, enumerate high-privilege service principals, assign Entra + Azure roles via Graph/ARM, and exfiltrate via tenant-native blob storage – all without touching the Azure portal or importing a single module.

No implants. No imports. No sketchy domains. Just what’s already there.

To ground the talk, I’ll give a short crash course on Azure OAuth, app types, API endpoints, and how attackers bypass common controls like MFA, CAP, and Token Policies.

A full lab demo will show how access is gained via spear-phishing, followed by escalation and persistence using only built-in PowerShell. Blue teamers will walk away with concrete detection ideas. Red teamers will leave with a framework—or inspiration to build their own.

Toolkit Breakdown

Requirements: – PowerShell execution – Internet access to Azure APIs – A juicy Azure target

Auth: – Spear-phish via Microsoft’s Device Code Auth (popularized by Russian APTs this year) – Store tokens in a native JSON-based keyring – Tag tokens by role for scope tracking

Recon: – Enumerate Service Principals + Graph scopes (regex filtering) – Enumerate ARM role assignments (regex filtering) – Enumerate Key Vaults – Identify attack paths from collected data

Persistence: – Create malicious apps – Inject secrets into any apps – Add remediation tasks – Spawn containers/functions

Escalation: – Use keyring + recon to select injection targets – Pivot via apps to bypass CAP/MFA/token policies – Dump Key Vaults – Rotate identities mid-chain – Assign permissions to any app

Exfil: – Recon modules write loot as .csv – Create public Azure blob storage – Upload loot directly

Stealth: – No compiled code—just .ps1, .json, .csv – Built-in PowerShell + REST only – Avoids PowerShell and module-based detections – No alerts from CrowdStrike, Defender, or SEP in testing

Automation: – Spear-phish module auto-generates lures and captures tokens – One-shot persistence module sets up a cron-style enumerate+dump pipeline in cloud containers – One-shot exfil module creates resources, publishes open loot container – Operator just selects targets/IDs

This tool is actively developed by me. Nobody’s seen it in action yet—except my girlfriend and my cats. Been saving it for DEFCON 🙂


People:
    SpeakerBio:  Trevor

I’m a lifelong hacker and technology enjoyer, with a passion for automation and expanding my knowledge of new systems. I got started with “security” as a preteen, hacking with BackTrack and taking advantage of the relatively insecure implementations that were pervasive in the early 2000s. After finishing school, I started working in IT and eventually moved into cybersecurity professionally.

Fast forward to 2025: I’m currently a Lead Security Engineer at Wells Fargo, focusing on adversary emulation and offensive security research. In this role, I create PoCs and tools to exploit the latest vulns and bypass EDR, and I train junior engineers and analysts on complex techniques and topics. The tooling and training I provide typically illustrate full kill chains, empowering them to hunt and respond with speed and precision.

Prior to my current role, I worked as a Senior Cloud Security Engineer at Wells Fargo, focusing heavily on blue team–oriented Azure operations. Much of the inspiration for this tool and demo comes from the experience I gained working in the Bank’s highly restricted, federally regulated environment. Before Wells Fargo, I was at Sony (PlayStation—the cool one :P) as an L3 Sysadmin, and at Kudelski Security (an MSSP) as a Security Engineer supporting dozens of massive clients around the globe. Thanks to that prior experience, I’ve had the privilege of being exposed to a wide variety of environments and tooling, which I’m grateful for.

Outside of work, I’m either studying (GXPN currently) or in the lab developing my own projects, researching, building, breaking, etc.

Unrelated, but I’ve also been DJing at DEFCON for the last few years, so I’m especially hyped to level up my participation and submit a talk/demo for my favorite village. DEFCON pushed me further down this path early on, and I’m ready to give back. Besides computers, I’m also very into fast cars and massive sound systems.

When it comes to offensive ops: living off the land is the motto, exploitation is the mission, automation is the lifestyle.




Locked Down, Not Locked Out: How I Escaped Your Secure Operator Workstation

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Friday, Aug 8, 15:30 – 15:59 PDT

Creator: ICS Village

Organizations across industries rely on “locked down” operator workstations to protect critical systems, but how secure are they really? As a penetration tester, I’ve put these defenses to the test across multiple verticals, using only the tools and permissions available to a standard operator account and on that local machine. Time and time again, despite variations in vendor solutions and industry-specific constraints, I found common weaknesses that allowed me to break out, escalate privileges, and compromise the system—often without triggering alerts.

This talk dives into the recurring security flaws that make these workstations vulnerable, from misconfigurations and weak application controls to a commonly overlooked “living off the land” technique. I’ll walk through real-world breakout scenarios, demonstrating how attackers exploit these weaknesses. But it’s not just about breaking out—I’ll also cover practical, vendor-agnostic defenses to harden operator workstations against these attacks. Whether you’re a defender, engineer, or just curious, you’ll leave with a better understanding of the risks and how to make the attackers job that much harder.


People:
    SpeakerBio:  Aaron Boyd

Aaron Boyd is an experienced OT Cybersecurity Generalist with over 10 years experience in conducting penetration testing, vulnerability assessments, and threat hunting within complex OT/ICS infrastructures and applications in many different verticals. He is passionate about ensuring robust protection for critical infrastructure and firmly believes in focusing on real security improvements rather than just checking compliance boxes.




Magical Hacks

Creator Talk Map Page – LVCC West-Level 3-W326 (Bug Bounty Village)
When:  Saturday, Aug 9, 11:00 – 11:59 PDT

Creator: Bug Bounty Village

In his final boss form “Houdinti”, @intidc delivers an interactive magic show in which every trick is an actual live hack. During this spectacle, we’re hacking several locks, biometrics, passwords, PIN codes & more! The show is suited for both beginners and pro’s, who’ll get the opportunity to take a guess on how the tricks work prior to them being revealed. Live hacking demonstrations will never be the same again.


People:
    SpeakerBio:  Inti “intidc” De Ceukelaire, Chief Hacker Officer at Intigriti

Inti De Ceukelaire is a Belgian ethical hacker and cybercrime investigator. He currently works as the Chief Hacker Officer at Europe’s largest vulnerability disclosure platform Intigriti, a founding member of the Hacker Policy Council. In 2018, Inti won the “Most Valuable Hacker” award at the largest live hacking event in Las Vegas.

With extensive experience in the field of security and ethical hacking, Inti has earned a reputation as a thought leader in the industry. His work and expertise have been featured in a variety of international publications, including the BBC, Wired, The Verge, CNET, Mashable, and New York Magazine. Inti has made global headlines through his security awareness pranks, which have included manipulating the Vatican’s website, creating fake news on Donald Trump’s Twitter account, and hacking Metallica. Through these high-profile stunts, Inti has drawn attention to the importance of cybersecurity and the need for individuals and organisations to be vigilant about potential threats. As an experienced and engaging speaker, Inti is able to make complex topics accessible to a wide audience. He has spoken at a variety of conferences and events, sharing insights on the latest trends in cybersecurity and offering practical tips to help individuals and organisations protect themselves from potential threats.

He is also a trusted source for media outlets seeking expert commentary on topics related to cybersecurity, hacking and technology.




Magnets, how do they work?

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-701 (Lock Pick Village)
When:  Friday, Aug 8, 14:00 – 14:45 PDT

Creator: Lock Pick Village

Magnetic locks have been around for decades but receive relatively little attention from the lock-sport community when compared to other locking mechanisms. This talk will cover the different types of magnetic locking elements, the tools and theory needed to pick them, and how decoding attacks can and have been applied to defeat these locks “in the wild”.


People:
    SpeakerBio:  James Williams
No BIO available



Making Dirty Pictures – The Issue with DICOM

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Saturday, Aug 9, 10:00 – 10:30 PDT

Creator: Malware Village

The DICOM image format, used globally in healthcare to store and transmit medical images, contains a rarely discussed flaw in its header structure that can be exploited to hide malicious payloads. In this talk, we explore how attackers can embed code into DICOM files that still open and display normally in medical imaging software. You’ll learn how this permissive header allows for the creation of polyglot files—valid DICOM images that double as malware droppers. Because most static antivirus engines treat DICOM files as benign or ignore them altogether, these hybrid files can often bypass traditional detection mechanisms entirely. We’ll demonstrate how this works in practice, walking through the process of crafting DICOM-based payloads and showing how they behave on a target system. Attendees will also gain insight into why these files evade static scans and what this means for healthcare security at large.This talk is aimed at both red teamers and defenders. Offensive security professionals will gain a novel method for payload delivery in highly regulated environments, while defenders will leave with practical strategies for detecting and mitigating this class of threat. This presentation highlights how blind trust in industry-standard formats can create dangerous blind spots in security. The DICOM format’s flexibility—originally designed for compatibility—now serves as a potential attack vector, and it’s time the infosec community pays attention.


People:
    SpeakerBio:  Michael “v3ga” Aguilar, Principal Consultant at Sophos Red Team

Michael Aguilar (v3ga) is a Principal Consultant for Sophos Red Team. He leads efforts in Medical Device testing, Adversarial Simulations, Physical Security assessments, Network testing and more. Currently, he has 8 CVE vulnerabilities aligned with security issues located during testing at DEF CON’s Biohacking Village Device Lab. He has also led the winning team of the DEF CON Biohacking Village CTF for two consecutive years.




Making Of The Arcanum Gospel Book Badge

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C204 (Badgelife Community)
When:  Friday, Aug 8, 13:30 – 13:59 PDT

Creator: Badgelife Community

People:
    SpeakerBio:  Panda
No BIO available



Making SAOs for Fun and No Profit

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C204 (Badgelife Community)
When:  Saturday, Aug 9, 14:00 – 14:30 PDT

Creator: Badgelife Community

People:
    SpeakerBio:  GhostGlitch
No BIO available



Malware In 5G Core

Creator Talk Map Page – LVCC West-Level 2-W224 (Telecom Village)
When:  Friday, Aug 8, 10:20 – 11:59 PDT

Creator: Telecom Village

The Talk shall focus on possible ways malware and C2C can work in 5G Core, such as credential harvestor node sitting on Cloud/Routers, traffic redirectors,DOS on network etc


People:
    SpeakerBio:  Akib Sayyed, Founder at Matrix Shell

Akib Sayyed is the Founder and Chief Security Consultant of Matrix-Shell Technologies, an India-based telecom-security firm he established in 2014. Recognised industry-wide as a 5G and telecom-signalling security specialist, Akib has spent more than a decade helping mobile-network operators, MVNOs and regulators uncover and remediate vulnerabilities across legacy (2G/3G/4G) and next-generation (5G Core, VoLTE/VoNR/VoWi-Fi) networks. His expertise spans protocol penetration testing (SS7, Diameter, GTP), radio-access assessments and security-automation tooling.

Under Akib’s leadership, Matrix-Shell has grown into India’s first NCCS-designated 5G Core security test lab and holds ISO/IEC 17025 accreditation for its methodology and results. A frequent conference speaker and Black Hat trainer, he also co-organises the Telecom Village community, where he shares latest threat-intel and open-source tools with the wider security ecosystem. linkedin.com

Across consulting engagements, Akib is known for delivering:

  • Policy-aligned testing mapped to 3GPP TS 33.xxx, GSMA FS-series and ITSAR frameworks.
  • Automated scanners that cut signalling-assessment time from weeks to hours.
  • Action-oriented reports complete with PCAP evidence and remediation playbooks.

Driven by a mission to “secure the core,” Akib continues to advise operators on rolling out resilient 5G infrastructure, mentors the next wave of telecom-security engineers and contributes to global standards bodies shaping the future of mobile-network defence.




Malware in the gist: How malicious packages on npm bypass existing security tools

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Saturday, Aug 9, 11:00 – 11:30 PDT

Creator: Adversary Village

npm is owned by Microsoft and is the world’s largest software registry. It hosts nearly 5 million packages and 4.5 trillion requests for packages were made to npm in 2024. The open and accessible nature of npm is one of its main features, but its also one of the reasons that threat actors are attracted to it. A recent study by Sonatype found that 98.5% of malicious software packages are hosted and delivered via npm.

This technical deep-dive will explain why npm is so good at delivering malware; expose how threat actors are using npm; and why existing security tools like SCA, SAST, EDR and anti-virus solutions will not protect you from npm based malware.

Key Topics:

  • Technical analysis of how attackers leverage npm’s unique characteristics (namespace claiming, pre/post install scripts, package name recycling) to deliver successful malware
  • Why existing security solutions like SCA, SAST, EDR and anti-virus won’t find npm based malware
  • Comparative analysis of attack patterns across different threat actors (researchers, crypto thieves, criminal APTs, nation-states)
  • Introduction to OSV, GHSA and other resources to help your teams stay informed about new malcious packages

People:
    SpeakerBio:  Paul “6mile” McCarty, Head of Research at Safety

Paul is the Head of Research at Safety (safetycli.com) and a DevSecOps OG. He loves software supply chain research and delivering supply chain offensive security training and engagements. He’s spent the last two years deep-diving into npm and has made several discoveries about the ecosystem. Paul founded multiple startups starting in the ’90s, with UtahConnect, SecureStack in 2017, and SourceCodeRED in 2023. Paul has worked for NASA, Boeing, Blue Cross/Blue Shield, John Deere, the US military, the Australian government and several startups over the last 30 years.  Paul is a frequent open-source contributor and author of several DevSecOps, software supply chain and threat modelling projects. He’s currently writing a book entitled “Hacking NPM”, and when he’s not doing that, he’s snowboarding with his wife and 3 amazing kids.




Malware Matryoshka: Nested Obfuscation Techniques

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Friday, Aug 8, 10:40 – 11:10 PDT

Creator: Malware Village

As part of an infostealer campaign we analyzed malware with ever increasing stages of obfuscation, each with varying techniques and languages. I’ll dissect how this malware layered compiled Python, Nuitka, Node.js, WebAssembly, and Rust into a single infection chain for a simple Python-based infostealer. I’ll show the techniques I used at each stage to get quick answers to its capabilities.


People:
    SpeakerBio:  Brian Baskin
No BIO available



Mapping the Shadow War – From Estonia to Ukraine

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Saturday, Aug 9, 10:00 – 10:45 PDT

Creator: Recon Village

Since 2007, Russia has increasingly blurred the lines between cyber operations and conventional warfare. From the takedown of Estonian infrastructure to the full-scale invasion of Ukraine, state-sponsored threat groups have played a central role in shaping modern conflict. This talk explores the evolution of Russian hybrid warfare through an OSINT lens – identifying cyber-military units, understanding their affiliations, and tracking their operations across conflicts.x000D Using publicly available sources, leaked documents, social media, and infrastructure metadata, this session walks through the investigative workflows used to map Russian cyber-military entities, analyze their digital footprint, and connect the dots between cybercrime and geopolitical objectives. We’ll also examine how the war in Ukraine has reshaped the cybercrime ecosystem and offer predictions about future state-actor behavior in conflict zones.x000D This talk blends technical OSINT techniques with geopolitical analysis, providing practical frameworks and tools for analysts, threat hunters, and researchers focused on adversary attribution and long-term strategic tracking.x000D Key Topics Covered:x000D • Evolution of Russian hybrid warfare: Estonia (2007) to Ukraine (2022–2025)x000D • OSINT methods to identify Russian cyber-military units and affiliations_x000D_ • Social media and metadata exploitation of military and GRU-linked personnel_x000D_ • Infrastructure recon: domains, TLS certificates, passive DNS, and comms patterns_x000D_ • War’s impact on the cybercrime underground and ransomware ecosystem_x000D_ • Predictive indicators for future state-linked cyber operations


People:
    SpeakerBio:  Evgueni Erchov

Since 2007, Russia has increasingly blurred the lines between cyber operations and conventional warfare. From the takedown of Estonian infrastructure to the full-scale invasion of Ukraine, state-sponsored threat groups have played a central role in shaping modern conflict. This talk explores the evolution of Russian hybrid warfare through an OSINT lens – identifying cyber-military units, understanding their affiliations, and tracking their operations across conflicts.x000D Using publicly available sources, leaked documents, social media, and infrastructure metadata, this session walks through the investigative workflows used to map Russian cyber-military entities, analyze their digital footprint, and connect the dots between cybercrime and geopolitical objectives. We’ll also examine how the war in Ukraine has reshaped the cybercrime ecosystem and offer predictions about future state-actor behavior in conflict zones.x000D This talk blends technical OSINT techniques with geopolitical analysis, providing practical frameworks and tools for analysts, threat hunters, and researchers focused on adversary attribution and long-term strategic tracking.x000D Key Topics Covered:x000D • Evolution of Russian hybrid warfare: Estonia (2007) to Ukraine (2022–2025)x000D • OSINT methods to identify Russian cyber-military units and affiliations_x000D_ • Social media and metadata exploitation of military and GRU-linked personnel_x000D_ • Infrastructure recon: domains, TLS certificates, passive DNS, and comms patterns_x000D_ • War’s impact on the cybercrime underground and ransomware ecosystem_x000D_ • Predictive indicators for future state-linked cyber operations_x000D_




MassLogger: The Infostealer That Knows Your Passwords Better Than You Do (ESP)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Friday, Aug 8, 13:00 – 13:30 PDT

Creator: La Villa

En esta platica, abordare en profundidad el funcionamiento de MassLogger, un malware especializado en el robo de credenciales que ha sido utilizado en campañas dirigidas contra instituciones financieras. Mediante el análisis basado en ciberinteligencia desglosaremos su cadena de infección completa: desde el correo de phishing y los archivos comprimidos maliciosos, hasta la ejecución del payload y la exfiltración de información.x000D Se revisarán las tácticas, técnicas y procedimientos (TTPs) empleados, así como los artefactos clave utilizados en las campañas que hemos observado recientemente. Los asistentes aprenderán a identificar estos patrones, realizar el análisis de los artefactos, mapear los ataques con el framework MITRE ATT&CK y como generar estrategias de detección, respuesta y mitigación. Esta sesión brindará herramientas prácticas para enfrentar campañas emergentes como las de MassLogger, que comienzan a expandirse en Latinoamérica.


People:
    SpeakerBio:  Jesika Juarez, Cyber Threat Intelligence at Financial Institution

Jesika Juarez es una analista con más de cinco años de experiencia en el campo de inteligencia de amenazas, actualmente fungiendo como líder de Cyber Threat Intelligence en una intitución Financiera. Especializada en análisis de malware, investigación forense y técnicas de OSINT (Open Source Intelligence), ha desempeñado un papel crucial en la identificación, análisis y mitigación de amenazas cibernéticas avanzadas. Jesika es egresada de la Facultad de Estudios Superiores Aragón de la carrera de Ingeniería en Computación, la cual cuenta con una certificación de Malware Analysis y Digital Forensics impartidas por Elearnsecurity.




Master Keying: privilege escalation on your key ring

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-701 (Lock Pick Village)
When:  Friday, Aug 8, 11:30 – 11:59 PDT

Creator: Lock Pick Village

If you’re familiar with lockpicking you’ve probably heard of master wafers, but have you ever heard of master keying by removing entire pin stacks?

This talk will cover master keying on pin-tumbler, disc detainer, and dimple locks. How they’re designed, how to reverse master keys from leaked keys (or locks), and the tricks that manufacturers use to make this harder.


People:
    SpeakerBio:  Max
No BIO available



Matrioska: A User-Centric Defense Against Virtualization-Based Repackaging Malware on Android

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C106 (Mobile Hacking Community)
When:  Friday, Aug 8, 11:30 – 12:30 PDT

Creator: Mobile Hacking Community

The Android virtualization technique allows an app to create independent virtual environments running on top of the Android native one, where multiple apps can be executed simultaneously. While the technique has legitimate uses, attackers have identified ways to exploit it. According to the state-of-art, virtualization-based malware is a significant threat: researchers have found 71,303 malicious samples. Defence mechanisms have already been developed to find virtualization-based malware and to detect or prevent virtualization-based repackaging attacks.In this paper, we offer three key contributions. First, we experimentally evaluate the existing defence mechanisms by identifying their limitations and demonstrating how they can be bypassed. Second, we design and develop a new defence mechanism, called Matrioska, that overcomes the limitations of the state-of-art by detecting the intrinsic features of the virtualization technique. Third, we evaluate the effectiveness of Matrioska with respect to the state-of-art against two datasets of apps. Overall, Matrioska achieves a higher accuracy (99% vs. 71%) when searching for virtualization usage and a lower false positive (10 vs. 23) and false negative rate (14 vs. 39) when detecting a virtualization-based repackaging attack.


People:
    SpeakerBio:  Samuele Doria, Università degli Studi di Padova

Samuele Doria is a PhD student at the University of Padua. He holds a Master’s Degree in Cybersecurity and a Bachelor’s in Computer Engineering.

His research focuses on Android Security, specializing in developing engineering solutions to enhance mobile device security. His work includes the development of tools and methodologies, leveraging static and dynamic analysis techniques. Passionate about technology, security and a CTF player.




May the Least Privilege Be With You: Exposing the Dark Side of Azure Service Principal Permissions

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Friday, Aug 8, 15:50 – 16:30 PDT

Creator: Cloud Village

In every modern Azure environment, Service Principals drive automation and integration. Yet, to support enterprise solutions in identity governance, cloud security, and DevOps automation, these principals are often endowed with broad Microsoft Graph API permissions—such as RoleManagement.ReadWrite.Directory, Application.ReadWrite.All, AppRoleAssignment.ReadWrite.All, and ServicePrincipalEndpoint.ReadWrite.All. Even Entra ID roles that are not typically classified as “privileged” can be exploited, enabling attackers to modify Service Principal configurations and escalate privileges in unexpected ways. This session reveals groundbreaking research that uncovers how excessive Graph API permissions and the abuse of non‑privileged Entra ID roles create new exploitation pathways in Azure. We will detail common misconfigurations that, when left unmonitored, allow attackers to seize control of Service Principals and manipulate application configurations. In doing so, we introduce Azure AppHunter—a novel open‑source tool that scans Azure environments for Service Principals with dangerous permissions and maps out potential attack vectors. Attendees will gain practical techniques for detecting and mitigating these vulnerabilities, enforce least privilege, and integrate continuous auditing into their security workflows—all essential for securing Azure deployments against emerging threats.


People:
    SpeakerBio:  Marios Gyftos

Marios has been working on the Cyber Security field since 2017, started his career focusing on web application penetration testing but then continued on focusing more on cloud penetration testing including AWS, GCP and Azure. On his free times he enjoys playing basketball and chess.

SpeakerBio:  Nikos Vourdas

Nikos Vourdas, also known as nickvourd or NCV, is a Senior Offensive Security Consultant based in the US. With over four years of professional experience, he has actively participated in various global Tiber-EU and iCAST Red Teaming engagements. Regardless of his young age, Nikos has conducted full Red Teaming operations to major clients across retail, banking, shipping, construction industries. He holds OSWE, OSEP, OSCP, OSWP, CRTL and CRTO certifications. Nikos loves contributing to open-source projects and always starts his day at 05:00 AM with a refreshing jog while listening to Chinese rap music.




Maybe A Few Hydra Failures

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Friday, Aug 8, 12:00 – 12:50 PDT

Creator: Nix Vegas Community

In this audience participation-heavy session, you can get your PRs to nixpkgs reviewed and maybe even merged… if the build on one of our Threadripper Pro or Ampere systems passes.

Come with PRs in hand and call them out, and we’ll review, build, and maybe even merge them on stage.

Rejected name: Whose PR Is It Anyway




Maybe A Few Hydra Failures

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Saturday, Aug 9, 12:00 – 12:55 PDT

Creator: Nix Vegas Community

In this audience participation-heavy session, you can get your PRs to nixpkgs reviewed and maybe even merged… if the build on one of our Threadripper Pro or Ampere systems passes.

Come with PRs in hand and call them out, and we’ll review, build, and maybe even merge them on stage.

Rejected name: Whose PR Is It Anyway




McJump Box: Leveraging Free Corporate WiFi and 802.11AH for Unattributable Fun and Profit

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-803 (Radio Frequency Village)
When:  Saturday, Aug 9, 15:30 – 16:25 PDT

Creator: Radio Frequency Village

In this talk we’ll explore the capabilities of several of the new 802.11AH radios/chipsets that have come onto the market and examine what is needed to develop an ultra low cost/power minimum viable point-to-point wifi repeater using 802.11AH as the backhaul connection. We’ll consider and review the constraints of the various AH modules and their associated software libraries, as well as hardware and software considerations for the 802.11a/b/n wifi side as well. We’ll review my initial stumblings and failed attempts and then examine some COTS hardware. We’ll review both COTS modules as well as a purpose built finished product that largely does what we’re trying to replicate — we’ll reverse engineer their schematics and firmware and ultimately design our own purpose-built custom battery/solar powered PCB and firmware running OpenWRT and supporting 900Mhz, 2.4Ghz, and 5Ghz wifi. We’ll then cover deployment and operational characteristics/performance of pairs of these devices when connected to the internet via the free corporate wifi provided at retail and dining establishments.


People:
    SpeakerBio:  Lozaning

Lozaning (they/them) is present on various spectrums and resonate at multiple frequencies. They’re particularly interested in the security of embedded rf systems, and especially particularly interested in the Espressif line of of wireless capable microcontrollers. They previously created and talked about the International Wigle Space Balloon, RF Field Cams, Toothbrush botnets, and The Wifydra. They’re currently ranked as the 55th best wardriver in the world, and to the best of their knowledge dont presently have any federal warrants out for their arrest.




Memory Attacks in a Stateless World

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Saturday, Aug 9, 14:00 – 14:30 PDT

Creator: AppSec Village

This talk explores how modern applications running in serverless (e.g., AWS Lambda, Azure Functions) and containerized (e.g., Docker, Kubernetes) environments expose secrets, credentials, and runtime data through memory-based attack techniques. We’ll showcase how attackers exploit poor memory hygiene, insecure environment variable handling, and intra-container leaks to gain access to sensitive data — even when traditional endpoint protection and file-based forensics are rendered useless.


People:
    SpeakerBio:  Om Narayan

Experienced cybersecurity professional with a proven track record in securing critical cloud services, including DynamoDB, Keyspaces, Finspace, Amazon Managed Bitcoin, and Amazon Managed Airflow. Skilled in implementing robust security measures for GenAI capabilities within these platforms, serving a diverse range of industries such as healthcare, government, finance, entertainment, education, and fitness. Committed to protecting data integrity and ensuring compliance for global customers

SpeakerBio:  Rashmi

Rashmi is a cybersecurity engineer focused in application security. Alongside her expertise in safeguarding applications from cyber threats, she leverages her solid background in software development to build secure and resilient solutions. Rashmi has worked in organizations such as AWS and Electronic Arts, where she honed her skills and contributed to the security of critical applications. Outside of work, Rashmi enjoys exploring comedy clubs, playing badminton, and reading books, combining a love for both mental and physical activities.




Mesh Network Sidecars for NixOS Services

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Friday, Aug 8, 14:15 – 14:45 PDT

Creator: Nix Vegas Community

Inspired by the popular container sidecar pattern, this talk demonstrates a generic, open source NixOS module that brings the same security and isolation to bare metal services. We’ll explore how to declaratively wrap any systemd service, placing it in an isolated network namespace with its own mesh network client (e.g., Tailscale or Netbird). This approach makes services securely accessible on your mesh, fully firewalled from the host—no application changes required. Good fit for folks exploring declarative infrastructure and looking for practical ways to apply modern security patterns to their own servers.


People:
    SpeakerBio:  Wes Payne

Seattlite, Podcaster with Jupiter Broadcasting, Software Developer, and Linux Enthusiast.




Meshtastic Command & Control

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-803 (Radio Frequency Village)
When:  Friday, Aug 8, 13:30 – 14:25 PDT

Creator: Radio Frequency Village

This presentation will detail the design and implementation of a Meshtastic-based command and control infrastructure. By leveraging the Meshtastic network for out-of-band communications, operators can achieve secure, decentralized monitoring and management of Linux hosts in hard-to-reach environments. Whether supporting a remote dropbox deployment or a distant ham shack, this solution enables encrypted shell access and configuration changes using a low-cost ($25) LoRa radio over extended ranges. Although not intended for high-bandwidth tasks, it provides an efficient platform for debugging, troubleshooting, and command execution in constrained network conditions. Furthermore, by utilizing the existing Meshtastic mesh, users can often avoid the complexity of building a dedicated network.


People:
    SpeakerBio:  Eric Escobar, Security Principal Consultant at Sophos

Eric Escobar is a seasoned pentester and a Security Principal Consultant at Sophos. On a daily basis he attempts to compromise large enterprise networks to test their physical, human, network and wireless security. He has successfully compromised companies from all sectors of business including: Healthcare, Pharmaceutical, Entertainment, Amusement Parks, Banking, Finance, Technology, Insurance, Retail, Food Distribution, Government, Education, Transportation, Energy and Industrial Manufacturing.




Meshtastic Command & Control

Creator Talk Map Page – LVCC West-Level 3-W320 (Ham Radio Village)
When:  Friday, Aug 8, 16:00 – 16:30 PDT

Creator: Ham Radio Village

This presentation will detail the design and implementation of a Meshtastic-based command and control infrastructure. By leveraging the Meshtastic network for out-of-band communications, operators can achieve secure, decentralized monitoring and management of Linux hosts in hard-to-reach environments. Whether supporting a remote dropbox deployment or a distant ham shack, this solution enables encrypted shell access and configuration changes using a low-cost ($25) LoRa radio over extended ranges. Although not intended for high-bandwidth tasks, it provides an efficient platform for debugging, troubleshooting, and command execution in constrained network conditions. Furthermore, by utilizing the existing Meshtastic mesh, users can often avoid the complexity of building a dedicated network.

Command and control infrastructure using fully encrypted meshtastic networks.


People:
    SpeakerBio:  Eric Escobar, Security Principal Consultant at Sophos

Eric Escobar is a seasoned pentester and a Security Principal Consultant at Sophos. On a daily basis he attempts to compromise large enterprise networks to test their physical, human, network and wireless security. He has successfully compromised companies from all sectors of business including: Healthcare, Pharmaceutical, Entertainment, Amusement Parks, Banking, Finance, Technology, Insurance, Retail, Food Distribution, Government, Education, Transportation, Energy and Industrial Manufacturing.




Meshtastic Under the Microscope: From Chirps to Chat

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-803 (Radio Frequency Village)
When:  Saturday, Aug 9, 13:30 – 13:55 PDT

Creator: Radio Frequency Village

Meshtastic has exploded in popularity as the go-to off-grid, multi-mile, low-power LoRa mesh for hikers, hackers, and preppers, though most users never peek beneath its phone app. This talk rips the protocol open from the radio chirp visible in inspectrum all the way to lines in Wireshark, showing exactly how every byte travels from a solar-powered node on a mountaintop to your screen.

Using an SDR, a GNU Radio flowgraph, and a sprinkle of Python, we peel back each layer: how the radio forms its chirps, how the mesh hops frames across nodes, and what exactly is tucked inside the Protobuf envelope and its AES-256-sealed core.

The exploration does not end with passive listening. Short, standalone snippets demonstrate how to craft and transmit valid frames, proving that a few lines of code are enough to speak Meshtastic. No mobile app or heavyweight firmware required.

Attendees will leave with a repeatable SDR and GNU Radio workflow for decoding any Meshtastic channel, copy-ready Python examples for both receiving and sending traffic, and a clear mental model of the entire stack from physical layer to application payloads. Whether you are RF-curious with a forty-dollar RTL-SDR dongle or a seasoned signals wrangler hunting for a new playground, this talk equips you to see and speak the language of Meshtastic.


People:
    SpeakerBio:  Allan Riordan Boll

Allan wrangles cloud infrastructure by day, and radio waves by night. An early SDR devotee from the sub-$20 RTL-SDR era, he can often be found between a hex editor and an FFT waterfall, tinkering with the invisible.




Meshtastic: Mesh Networking Made Easy with LoRa and ESP32

Creator Talk Map Page – LVCC West-Level 3-W320 (Ham Radio Village)
When:  Friday, Aug 8, 14:00 – 14:59 PDT

Creator: Ham Radio Village

Meshtastic is an innovative open-source project leveraging LoRa technology to create affordable, robust, off-grid mesh communication networks. This presentation offers an approachable introduction to Meshtastic and LoRa, covering essential concepts and practical applications. Participants will gain foundational knowledge of mesh networking technology, along with a hands-on demonstration of setting up a Meshtastic network using a readily available ESP32 device and a smartphone. Ideal for both amateur radio enthusiasts and newcomers to mesh networking, this session will highlight how Meshtastic empowers users with resilient communication in remote and emergency scenarios.

This session provides participants with an accessible introduction to Meshtastic, a powerful yet simple-to-use mesh networking solution built upon LoRa’s long-range radio technology. We will start by exploring core mesh networking principles and LoRa’s capabilities, emphasizing how these technologies complement amateur radio practices and enhance emergency communications. Following a concise overview, attendees will experience a practical demonstration of setting up a Meshtastic network using an inexpensive ESP32-based kit, readily available through online retailers. The demonstration includes installing smartphone apps, flashing firmware, and establishing communication between devices. Attendees will leave equipped with the foundational knowledge required to deploy their own resilient mesh networks for various communication needs.


People:
    SpeakerBio:  Jon “K4CHN” Marler

Jon is the Cybersecurity Evangelist at VikingCloud with a true passion for information security. Jon is an amateur radio operator, lockpicker, phreaker, repairer of all things, and maker. As a result of his long-standing commitment to open source software, Jon has offered his expertise as a package manager for the Debian GNU/Linux OS distribution since 1998.




MFT2: More Fungible Threats

Creator Talk Map Page – LVCC West-Level 2-W225 (Data Duplication Village)
When:  Saturday, Aug 9, 15:00 – 15:59 PDT
Friday, Aug 8, 15:00 – 15:59 PDT

Creator: Data Duplication Village

Distributed data replication systems are more than just tools for redundancy—they’re fertile ground for creative abuse. In this talk, we explore how technologies like NFTs, IPFS, Codex, and Cloudflare R2 can become resilient C2 infrastructures, payload delivery systems, and phishing hosting that challenge takedown efforts. Welcome to the next phase of decentralized threats.

This sequel to “MFT: Malicious Fungible Tokens” explores how distributed data replication systems can be used for malicious purposes. We’ll demonstrate how technologies like Codex, WhenFS, IPFS, and Cloudflare R2 buckets can store and distribute C2 commands, payloads, and even phishing campaigns such as templates or client-side drainers. These systems enable infrastructures that are resistant to takedowns and, in some cases, nearly unstoppable. Through practical examples and live demonstrations, we’ll uncover the risks these systems pose and discuss their implications for security teams.

This talk is a continuation of “Everything is a C2 if you’re brave enough” from Red Team Village and “MFT: Malicious Fungible Tokens” from Adversary Village, which explains how to turn NFTs into immortal C2 Servers. It is not needed to have attended these talks as a short recap will be featured.


People:
    SpeakerBio:  Mauro Eldritch
No BIO available
SpeakerBio:  Nelson Colón
No BIO available



MHV CTF – Closing and Awards

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-504 (Maritime Hacking Village)-Workshop Area
When:  Sunday, Aug 10, 13:00 – 13:30 PDT

Creator: Maritime Hacking Village

Join us for the closing ceremonies and awards to the winners and top 3 teams ranked in the MHV CTF.


People:
    SpeakerBio:  Duncan Woodbury, Maritime Hacking Village
No BIO available



MHV CTF 101

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-504 (Maritime Hacking Village)-Workshop Area
When:  Saturday, Aug 9, 10:30 – 10:59 PDT
Friday, Aug 8, 10:30 – 10:59 PDT

Creator: Maritime Hacking Village

This is MHV’s premier year at DEFCON, and we’re bringing the heat of the South China Sea to DEF CON. Are you ready to fight and compete to lift the digital blockade on Isla Hexa?

We’re bringing tech so advanced that nothing like it has ever hit the DEF CON floor: AI-controlled unmanned watercraft, a narcotics smuggling vessel, real crane control systems from the largest ports in the western hemisphere — and so much more.

This will be an incredibly challenging and engaging cross-functional CTF contest where teams will get exposed to the little-known tools and technologies that our global maritime economy depends upon — and will demonstrate their strength in both defending and weaponizing these to liberate the friendly nation of Isla Hexa.


People:
    SpeakerBio:  Duncan Woodbury, Maritime Hacking Village
No BIO available



MHV CTF Recap – Daily

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-504 (Maritime Hacking Village)-Workshop Area
When:  Saturday, Aug 9, 17:30 – 17:59 PDT
Friday, Aug 8, 17:00 – 17:59 PDT

Creator: Maritime Hacking Village

Let’s see where the teams and contestants of the MHV CTF drop anchor at the end of the day! A review of the current leaderboard and players still in the race to liberate Isla Hexa.


People:
    SpeakerBio:  KennethSalt
No BIO available



MHV Overview 101

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-504 (Maritime Hacking Village)-Workshop Area
When:  Friday, Aug 8, 10:00 – 10:30 PDT
Saturday, Aug 9, 10:00 – 10:30 PDT

Creator: Maritime Hacking Village

YO HO! The Maritime Hacking Village (MHV) has set sail for LVCC to deliver the first and only immersive maritime hacking experience for you to learn what it takes to exploit and defend real-world maritime systems. Experience a weekend of immersive hacking experiences at MHV full of hands-on training and education on the depths of maritime technology and security. We’ve scoured the earth and seas to bring you “swarm AI”-enabled unmanned watercraft, autonomous deep-sea robots, the murky insides of ports, cranes, container ships, maritime traffic control, and more. You’ll be hard-pressed to find maritime systems anywhere on earth with comparable badassery – and we dare to say that these will be the most advanced cyberphysical systems available at DEF CON.

Join us to learn about what MHV has to offer, so we can help you get oriented and engaged in a weekend of unprecedented maritime hacking experiences and real life cyber pirate shenanigans.


People:
    SpeakerBio:  Kitty Hegemon
No BIO available



Mind vs. Machine: Finding the Sweet Spot in Modern Red Teaming

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-405 (Red Team Village)-RTV Track 1
When:  Friday, Aug 8, 11:00 – 11:50 PDT

Creator: Red Team Village

This panel discusses at how teams use both automated tools and human thinking in red team operations. We’ll talk about when automated tools work best, when human skills matter most, and how best to combine both approaches. Our panelists will share examples from their work showing the strengths and weaknesses of these approaches. Join us to learn practical ways to combine technology with human expertise for better red team engagements.


People:
    SpeakerBio:  Ben “nahamsec” Sadeghipour, Co-Founder & CEO at HackingHub

Ben Sadeghipour, better known as NahamSec, is an ethical hacker, content creator, and keynote speaker. Over his career, Ben has uncovered thousands of security vulnerabilities for major organizations, including Amazon, Apple, Zoom, Meta, Google, and the U.S. Department of Defense. As a top-ranked bug bounty hunter, he is deeply passionate about cybersecurity education, regularly sharing his knowledge through his popular YouTube channel and speaking at major conferences like DEFCON and BSides. Beyond his personal achievements, Ben is committed to building the security community, organizing events that foster collaboration, innovation, and the next generation of offensive security professionals.

SpeakerBio:  Ryan “0day” Montgomery
No BIO available
SpeakerBio:  Tyler Ramsbey
No BIO available
SpeakerBio:  William Giles

William (Billy) Giles is an Offensive Security leader and practitioner who specializes in red/purple teaming, adversary emulation, and network penetration testing. With a deep passion for understanding and simulating adversary behaviors, he helps organizations across a multitude of industries assess their security postures, identify and remediate vulnerabilities, and build stronger defenses by thinking like an attacker.




Misaligned: AI Jailbreaking Panel

Creator Talk Map Page – LVCC West-Level 3-W326 (Bug Bounty Village)
When:  Sunday, Aug 10, 10:00 – 11:30 PDT

Creator: Bug Bounty Village

Join Jason haddix as he hosts a panel with the Basi group, the notorious Ai model jailbreak group led by Pliny the prompter. No model is safe, and usually jailbroken with hours, not days. Join us as we discuss war stories, techniques, and opportunities to get into AI hacking for profit.


People:
    SpeakerBio:  Jason “jhaddix” Haddix, Field CISO at flare.io

Jason has had a distinguished 20-year career in cybersecurity, previously serving as CISO of Buddobot, CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin.

He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis.

Jason is a hacker, bug hunter, and is currently ranked 57th all-time on Bugcrowd’s bug bounty leaderboards. Currently, he specializes in recon, web application analysis, and emerging technologies.

Jason has also authored many talks for world-renowned conferences like DEF CON, Bsides, Black Hat, RSA, OWASP, Nullcon, SANS, IANS, BruCon, ToorCon, and many more.


Jason Haddix AKA jhaddix is the CEO and “Hacker in Charge” at Arcanum Information Security. Arcanum is a world class assessment and training company.Jason has had a distinguished 20-year career in cybersecurity previously serving as CISO of Buddobot, CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker, bug hunter and currently ranked 57st all-time on Bugcrowd’s bug bounty leaderboards. Currently, he specializes in recon, web application analysis, and emerging technologies. Jason has also authored many talks on offensive security methodology, including speaking at cons such as DEFCON, Besides, BlackHat, RSA, OWASP, Nullcon, SANS, IANS, BruCon, Toorcon and many more.

SpeakerBio:  Basi Team Six (BT6)
No BIO available



MITRE eCTF: 10 Years of the Embedded Capture the Flag

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-401 (Embedded Systems Village)
When:  Friday, Aug 8, 16:00 – 16:30 PDT
Saturday, Aug 9, 16:00 – 16:30 PDT

Creator: Embedded Systems Village

Explore the field of embedded systems security with an introduction to MITRE’s Embedded Capture the Flag (eCTF) competition, an annual competition for students in high school through grad school.

Participants will be introduced to the structure of the competition and will gain experience working with microcontrollers by building, flashing, and interacting with the reference design of the 2025 eCTF. They will then explore some basic techniques for attacking the unsecured design.

After, participants can dive deeper by attacking real designs submitted by students.

Participants must have a computer (Windows/Mac/Linux) with internet access and Python 3.12+ and Docker Desktop.


People:
    SpeakerBio:  Kyle Skey, Chief Engineer, Electronic Systems Security at MITRE
No BIO available



Mobile Pentest Survival Guide Reloaded (ESP)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Saturday, Aug 9, 11:30 – 12:30 PDT

Creator: La Villa

En un panorama donde las aplicaciones Android están cada vez más protegidas, realizar una auditoría efectiva requiere más que solo conocimientos básicos. La implementación de mecanismos como detección de root, validación de integridad mediante SafetyNet o Play Integrity, SSL pinning y almacenamiento seguro se ha vuelto común, pero muchas veces están mal configurados o pueden ser evadidos con las herramientas adecuadas. En esta charla presento una guía de supervivencia actualizada para pentesters móviles, enfocada exclusivamente en Android, basada en casos reales de auditorías y experiencias en campo.x000D x000D Durante la sesión se explicarán a fondo los mecanismos de seguridad más frecuentes en Android y cómo pueden ser evadidos. Mostraremos bypasses de root detection, device integrity y strong integrity utilizando herramientas como Frida, Objection y módulos como PlayIntegrityFix y TrickyStore. También veremos cómo interceptar tráfico cifrado mediante técnicas de SSL unpinning, incluso cuando las apps usan mecanismos avanzados como certificate pinning o validaciones a nivel de TEE. Para ilustrar todo esto, se utilizará una app vulnerable especialmente creada para la charla, donde se explotarán fallas reales como almacenamiento inseguro, content providers mal configurados y flujos de autenticación débiles.x000D x000D Además, se compartirá una metodología práctica para montar un entorno de pruebas profesional con emuladores y dispositivos físicos rooteados, configurando herramientas como Burp Suite, mitmproxy y adb para análisis dinámico. Se explicará cómo combinar análisis estático y dinámico para maximizar la cobertura, identificar vectores de ataque y entender el comportamiento interno de las aplicaciones. Esta charla está diseñada para profesionales de seguridad ofensiva, pentesters y desarrolladores interesados en conocer cómo se atacan realmente las apps Android hoy en día. Al finalizar, los asistentes tendrán técnicas listas para aplicar, un conjunto de herramientas funcionales, y una perspectiva práctica para enfrentar cualquier auditoría móvil de forma más efectiva y estructurada.x000D


People:
    SpeakerBio:  Luis De la Rosa, Security Consultant at Bishop Fox

Consultor de seguridad en Bishop Fox , he trabajado en múltiples proyectos de auditoría de aplicaciones Android, identificando y remediando vulnerabilidades críticas. Mis investigaciones relacionadas a Mobile pentest han sido presentadas en conferencias anteriores en mexico como lo son : “Congreso Internacional de Seguridad de la Informacion (CISI) organizado por la Universidad Autonoma de Nuevo Leon” , Meetups de Hack the Box tanto en Guadalajara como en Monterrey , HackGDL y en la EkoParty en Argentina. Además, en la empresa donde actualmente trabajo he creado herramientas para poder automatizar ciertos procesos durante las pruebas de mobile pentest.




Modern defenses, ancient problems! Why adversaries can still break cyber defenses

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-702 (Adversary Village)-Workshop Area
When:  Saturday, Aug 9, 12:00 – 12:59 PDT

Creator: Adversary Village

With all the modern security tools at our fingertips, you would think attackers would have a harder time. But year after year, they keep getting in, often using the same techniques they have used for decades. This panel takes a real-world look at why high-tech defenses still fall to low-tech tactics. We will talk about where things break down, why the basics still matter, and how defenders can rethink their approach to stay ahead of persistent threats.

Links:
    adversaryvillage.org/adversary-events/DEFCON-33/ – https://adversaryvillage.org/adversary-events/DEFCON-33/

People:
    SpeakerBio:  Niru Ragupathy, Senior Staff Security Engineer and Manager at Google

Niru is a Senior Staff Security Engineer and Manager at Google. She leads the Offensive security team, where she supports the program and works on red team exercises. In her free time she doodles corgis and writes CTF challenges.

SpeakerBio:  Charlie Waterhouse, Technical Security Analyst at Synack Inc.

Charles Waterhouse is a cybersecurity strategist with a unique background – after two decades in the airline industry, he transitioned into offensive security, helping manage over 2,400 engagements with teams of 1,000+ researchers across commercial and government sectors. He advises Global 500 executives on red team strategy, AI/LLM testing, and emerging threats. A contributor to OWASP and frequent speaker at security conferences, Charles blends hands-on technical skill with a business-first mindset to defend some of the world’s most critical systems.

SpeakerBio:  Tay Sze Ying, Head of Cyber Threat Intel & Hunting Advanced Cyber Capabilities at Home Team Science & Technology Agency (HTX)

Sze Ying is the Head of Cyber Threat Intelligence and Hunting with Home Team Science and Technology Agency. Sze Ying started off as a system engineer managing the public key infrastructure for certificates before pivoting into red and blue teaming. With 12 years of ICT security experience under her belt in both private and public sector, her areas of expertise include digital forensics and incident response, threat hunting and threat intelligence.

SpeakerBio:  Michael “r00tkillah”, Red Team Lead at Oracle Cloud

Michael (@r00tkillah) has done hard-time in real-time. An old-school computer engineer by education, he spends his days co-leading the Red Team at Oracle CLoud. Previously, he developed and tested embedded hardware and software, fooled around with boot roms, mobile apps, office suites, and written some secure software. On nights and weekends, he hacks on electronics, writes CFPs, and builds ridiculous rockets. He enjoys long walks through other people’s computers.

SpeakerBio:  Drinor Selmanaj, Founder and CTO at Sentry

Drinor Selmanaj is a cybersecurity frontier with over a decade of paramount experience in penetration testing, cyberterrorism combat, and global privacy amidst NATO representatives, multinational corporations, tech giants, and heads of state. Moreover, he is a prolific investor in the tech scene with several cybersecurity-related companies and initiatives under his name.At Sentry, Drinor leads a global team of cybersecurity researchers while providing cutting-edge penetration testing and other cybersecurity services to unicorn corporations, including some of the Big Four.Likewise, Selmanaj is well-known for his efforts in security education, having trained thousands of students while continuously responding to the chronic cybersecurity talent shortage. His students are renowned professionals employed in leading application security firms and have received multiple recognitions from numerous organizations, including the U.S. Department of Defense.

At Cyber Academy, he has developed state-of-the-art courses covering a variety of topics, ranging from the foundations of cybersecurity to red teaming and adversary emulations. Additionally, Drinor has developed cyber ranges equipped with the latest offensive and defensive scenarios for training the new cybersecurity workforce.As a consultant, he has assessed vulnerabilities, opportunities, and mitigation pathways for critical information infrastructures on a national level, the finance/health sector, and electoral systems. As a result, Drinor found success in providing a clear sight of national cybersecurity while delivering a comprehensive and concrete action plan.Drinor Selmanaj is an award-winning cybersecurity professional, lecturer, public speaker, and executive aspiring to boost innovation, all the while perpetually pursuing excellence and standing one step ahead of cyber threats




Modern Odometer Manipulation

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Friday, Aug 8, 14:30 – 14:59 PDT

Creator: Car Hacking Village

while reading some automotive forums online, i stumbled upon an odometer manipulation device which claims to support 53 different car brands. curious, i purchase this tool with the sole intent of reverse engineering it. i tear down the hardware involved, explain how it is designed to be installed between the instrument panel cluster and the rest of the vehicle and use an open source exploit to extract the internal flash from the locked STM32. next, i explain the process of reverse engineering the extracted binary to find how the device is rewriting can messages to manipulate the odometer value. finally, i explain why odometer manipulation is an issue and share an example of how use of this device can potentially be detected after removal.


People:
    SpeakerBio:  collin
No BIO available
SpeakerBio:  oblivion
No BIO available



Modern warfare and nation state sponsored cyber threat actors

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-702 (Adversary Village)-Workshop Area
When:  Sunday, Aug 10, 10:00 – 10:59 PDT

Creator: Adversary Village

Cyber attacks have become a powerful extension of modern warfare and some of the most sophisticated threat actors out there are backed by nation-states. This panel dives into how attackers are using cyberspace to conduct espionage, disrupt critical systems, and wage silent wars. the panel will explore who these actors are, what motivates them, and how their operations are changing the global threat landscape. Whether you’re defending networks or just curious about how cyber attacks fits into modern conflict, this discussion will unpack the realities behind the headlines.

Links:
    adversaryvillage.org/adversary-events/DEFCON-33/ – https://adversaryvillage.org/adversary-events/DEFCON-33/

People:
    SpeakerBio:  Gordon “Fizzle” Boom, Lieutenant Colonel, United States Air Force | Deputy Commander, 567th Cyberspace Operations Group

Lt Col Gordon Boom helps run the 567th Cyberspace Operations Group out of Joint Base San Antonio-Lackland, where he leads over 500 cyber operators across four squadrons conducting full-spectrum defensive cyber operations. His teams protect critical Air Force and DoD infrastructure, support combat-ready forces, and defend U.S. interests across four Combatant Commands. Fizzle is a cyber warfare officer who commissioned in 2009 after earning a Computer Science degree from the Air Force Academy. In 2022, he completed a fellowship at MIT Lincoln Laboratory. He’s also a graduate of the USAF School of Advanced Air and Space Studies and of the USAF Weapons School. Fizzle has served in key leadership roles with the Cyber National Mission Force, AFCENT, USCYBERCOM, and NSA. He’s got extensive operations experience that spans the full range of computer network exploitation, information warfare, offensive and defensive cyberspace operations – including defending the 2018 U.S. midterm elections from foreign interference and Command of the 833d Cyberspace Operations Squadron which deploys National Cyber Protection Teams worldwide to execute Hunt Forward Operations.

SpeakerBio:  Bret Fowler, Chief Executive Officer at STAG, MSGT (Ret)

Brett Fowler is a nationally recognized cybersecurity expert and the CEO of STAG, a rapidly growing cybersecurity firm with a global reach and an exponential growth rate of 230% in 2020. A lifelong technology ambassador, Brett began his journey in middle school and has since advised Congressional and Senatorial leaders, while also supporting national efforts, including securing U.S. election systems. Under his leadership, STAG is transforming advanced analytics into accessible web applications, filling critical market gaps.

A former U.S. Air Force Cyber Warfare Operator with over 3,000 hours of cyber operations experience, Brett combines deep technical expertise with agile leadership, driving innovation and resilience in both government and industry. He is a trusted voice on national advisory boards and a frequent lecturer at the University of Texas at San Antonio, where he teaches courses on cybersecurity and entrepreneurship. Brett holds an M.S. in Computer Science from Utica College and lives in San Antonio, TX, with his wife and children.

SpeakerBio:  Rob Mendoza, Co-Chair at Canadian Association of Professional Intelligence Analysts (CAPIA)

Rob Mendoza is the Co-Chair of the Canadian Association of Professional Intelligence Analysts (CAPIA), a position that he has held for four years. CAPIA is a Government of Canada association formed in 2003 to set the standard for professional development in the intelligence analysis community in Canada. Its membership represents 34 departments and agencies in Canada’s Security & Intelligence community (S&I community). Rob is responsible for hosting monthly meetings based out of the Prime Minister’s Office with lead Representatives of Canada’s S&I community where he also hosts professional development sessions for intelligence practitioners. Rob is the lead organizer for two major national security workshops per year based out of the Canadian Security and Intelligence Service headquarters. Rob has been heavily involved with raising awareness for the professionalization and standardization of intelligence analysis. He has led efforts to enhance awareness and remove barriers between policy, operational and analytical practitioners in Canada’s S&I community. He has also led efforts to bring together practitioners from Canada’s intelligence community with academia, in order to foster and improve debate on critical national security issues facing Canada and Canadian interests. Rob is also a Senior Advisor with the Government of Canada at the Department of National Defence and sits on the Board of Directors for the Canadian Intelligence Network (CIN). Over the last 14 years, Rob has worked throughout the S&I community and was part of a Special Advisory group on national security to the Chief of Defence Staff and to the Deputy Minister of National Defence; he was the Chief of Staff to the Deputy Commissioner of the Canadian Coast Guard; Senior Policy Advisor to the Director General of National Strategies at the Canadian Coast Guard; Intelligence Policy Advisor at Public Safety Canada; Legal Officer at the Office of the Assistant Deputy Attorney General of Canada; and Rob is also a former Federal Investigator.

SpeakerBio:  Joe Head, CTO at Intrusion Inc.

Over 40 years in network security. Joe’s expertise has focused on understanding flow and communicants to discern between normal and abnormal traffic – and to use detailed traffic analysis to uncover previously unseeable compromises. Joe has found a number of major compromises, but never announced any of them publicly, ever. Security professionals that leak customer issues can’t be trusted. The goal of analysis is learning how to automatically prevent and defeat compromises automatically. Several patents and patents pending related to innovations in wire speed traffic analysis, endpoint protection, detection and prevention of East-West internal propagation of compromises (inside lateral spread) at both the detection and prevention levels. Work now has expanded to defending OT as well as IT. Degree in Electrical Engineering from Texas A&M University. Expertise in both offensive and defensive information operations. Created and run the largest continual inventory of the Internet since 2001 – which is one of the inputs to Shield Threat Intelligence. Cofounder of Optical Data Systems in 1983 (first fiber optic and TEMPEST networking hardware) which went public and became Intrusion Inc. (network security products and services). Worked on EMP hardened fiber optic components and communications gear beginning in 1981. Currently support wide range of projects: producing monthly Internet inventory, specialty databases for Cyber community, specialized investigations. Serves as CTO at the company he cofounded in 1983. Joe has been a licensed pilot since high school (solo at 16 and licensed at 17) and is instrument rated, enjoys sailing, scuba diving and skiing. Summer vacations with the family are often in Ouray Colorado where the family enjoys hiking and Jeeping the abundant 4 wheel drive only mountain passes. Sponsor of Bible translations and enjoys study. Has a bride of 35 years and 3 kids 27, 24 & 21.

SpeakerBio:  Gregory Carpenter, Principal Partner at CW PENSEC, DrPH

Dr. Carpenter is an expert in submolecular information security, specializing in medical IoT, and DNA/nano-tech security, with extensive experience in deception, information warfare, and electronic warfare. His background includes work at the NSA and three decades in government, he has led numerous operations combatting cybercrime, adversarial activity, and counterexploitation theory. A recognized leader in counter-deception, psychological operations, and the application of advanced security techniques, Dr. Carpenter has spoken at numerous international conferences, including several DEFCON villages, Le Hack, Victoria International Privacy and Security Summit, Hack in Paris, Hacker Halted and Cyber Chess. Dr. Carpenter is a member of the Special Operations Medical Association and the Royal Society of Arts, leveraging these networks to advance the integration of security into emerging technologies. With a focus on defending the digital infrastructure at the molecular level, Dr. Carpenter’s work encompasses the intersection of cybersecurity and biological systems, ensuring that both digital and physical infrastructures remain secure against evolving threats.




Money for Nothing: Med Tech SBIR Grants are Easier than You Thought

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C204 (Badgelife Community)
When:  Saturday, Aug 9, 17:00 – 17:30 PDT

Creator: Badgelife Community

People:
    SpeakerBio:  Beans
No BIO available
SpeakerBio:  Kiwi
No BIO available



Moonlight Defender – Purple Teaming in Space!

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Friday, Aug 8, 17:00 – 17:30 PDT

Creator: Aerospace Village

The Moonlight Defender purple team exercise series provides a low-cost, modular, and scalable exercise framework for realistic space-cyber training—even in environments with restricted access, limited visibility, and contested information flows.

Designed and run by The Aerospace Corporation, MITRE, and AFRL, these exercises integrate purple teaming methodologies, enabling offensive and defensive cyber operators to refine their Tactics, Techniques, and Procedures (TTPs) in a high-fidelity, live-fire setting.

Moonlight Defender 1 (MD1) leveraged the Moonlighter satellite and Aerospace’s Dark Sky cyber range to train operators in adversarial emulation, space asset defense, and real-world cyber ops under extreme constraints. Building on this, Moonlight Defender 2 (MD2) introduced virtual satellite simulators, ICS/OT systems, and enterprise environments, pushing the limits of how we access and test cyber defenses in space-based systems.

These exercises broke down traditional silos and operationalized space hacking, proving that security through obscurity fails in space just as it does on Earth. Attendees will get a behind-the-scenes look at real-world space-cyber exercises, from attack chain development to defense strategy refinement, all within the context of operating under limited access and denied environments. Expect insights into methodologies, tools, lessons learned, and how the hacker community can shape the future of space-cyber operations.


People:
    SpeakerBio:  Ben Hawkins, The Aerospace Corporation
No BIO available



Naomi Brockwell Saves Us From the Internet Again!

Creator Talk Map Page – LVCC West-Level 2-W219 (Hackers With Disabilities)
When:  Friday, Aug 8, 12:00 – 12:59 PDT

Creator: Hackers With Disabilities (HDA)

People:
    SpeakerBio:  Naomi Brockwell

Naomi Brockwell is a privacy advocate, journalist, and founder of the Ludlow Institute, a research and media organization focused on digital rights and surveillance. She has been educating the public on decentralized technology and online privacy for over a decade, producing investigative reports, in-depth explainers, and practical guides on reclaiming digital autonomy.

Naomi is also the host of NBTV, one of the largest privacy advocacy channels, reaching millions across platforms. Her work has been featured by major media outlets, and she collaborates with leading think tanks to drive policy change. At DEF CON, she aims to equip attendees with the tools and knowledge to fight back against mass surveillance and accelerate privacy innovation.




Navigating the Invisible

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Saturday, Aug 9, 16:30 – 16:59 PDT

Creator: Maritime Hacking Village

The maritime domain’s vastness often masks hidden threats. This talk explores leveraging Open-Source Intelligence (OSINT) to enhance maritime security. We’ll demonstrate practical, low-cost methods to gather and analyze publicly available data – including vessel tracking, port data, and social media – for identifying anomalous behaviors and predicting potential cyber-physical risks. Attendees will learn actionable techniques to build a proactive threat intelligence picture without specialized tools, providing crucial insights for defenders in this critical sector

Links:
    maritimehackingvillage.com/dc33/talks – https://maritimehackingvillage.com/dc33/talks

People:
    SpeakerBio:  Mehmet Önder Key, Self

Önder Key is a cybersecurity consultant specializing in critical infrastructure security, zero-day vulnerability analysis, and offensive security. He has advised organizations in high-security sectors such as defense, aerospace, and finance, with hands-on experience in both red teaming and strategic security engineering. His work has been featured across numerous countries and platforms, contributing to the discovery of systemic vulnerabilities. Currently, he provides consultancy to Burkut, Ogrit, Ravenailabs and continues to advance the global offensive security ecosystem by challenging traditional approaches to cybersecurity.

SpeakerBio:  Furkan Aydogan, UNCW

Dr. Aydogan is an Assistant Professor of Computer Science at UNCW and a researcher in cybersecurity, digital forensics, and brainwave-based encryption systems. His Ph.D. focused on using EEG signals to secure IoT devices—blending neuroscience with cryptography. He’s a two-time award winner for research in VANET security and cognitive encryption.

SpeakerBio:  Samet Can Tasci, BurkutSec

Samet Can Tasci is a Red Hat Certified Linux System Administrator with over six years of experience in securing and automating enterprise infrastructure. He specializes in system hardening, containerization, and secrets management with HashiCorp Vault, and has a strong focus on DevOps workflows using Ansible and GitLab CI.




Network tokens

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-505 (Payment Village)
When:  Friday, Aug 8, 16:00 – 16:30 PDT

Creator: Payment Village

Why network tokens are more secure than PAN


People:
    SpeakerBio:  Sanjeev Sharma
No BIO available



Networking 101

Creator Talk Map Page – LVCC West-Level 2-W230 (DC NextGen)
When:  Saturday, Aug 9, 13:00 – 13:30 PDT

Creator: DC NextGen

(DCNextGen is for youth 8-18 attending DEF CON) A quick introduction to the giant network that is the internet, the parts that work together, and how data moved across (OSI model).


People:
    SpeakerBio:  N3rd H3Rder, GOON at DCNextGen

Child of God, Wife, and Mother | N3rd H3Rder | Cybersecurity Connector & Communicator. Enthusiastic about midday naps, dormant trees, and Oxford commas




Never enough about cameras – The firmware encryption keys hidden under the rug

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Friday, Aug 8, 11:45 – 12:30 PDT

Creator: IOT Village

This talk covers RCEs on multiple popular Dahua perimeter cameras with a potential resounding impact on retail, banking, traffic and other infrastructure


People:
    SpeakerBio:  Alexandru Lazar, Security Researcher at Bitdefender
No BIO available



Nix Vegas Opening Ceremony

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Friday, Aug 8, 10:00 – 10:20 PDT

Creator: Nix Vegas Community

Kickoff and opening of the Nix Vegas space.


People:
    SpeakerBio:  Daniel Baker, Software Engineer at Anduril

I am an engineer, mathematician, developer, and Linux enjoyer. I primarly support the NixOS project as part of the Marketing Team. I believe that the future of software development and software deployment needs foundations in formal methods and functional programming to be successful.

SpeakerBio:  Morgan Jones, Embedded Security Engineer at Viasat

I am an embedded security engineer for Viasat, member of the SoCal NixOS User Group, and one of the organizers of Nix Vegas. After mostly using my compilers classes in college for learning reverse engineering and finding remote code execution in mobile AR game anti-cheat systems, I now work on embedded security with Nix for a living, and may have read Ken Thompson’s Reflections on Trusting Trust one too many times.

SpeakerBio:  The Computer Guy

Low level programmer, OS/Zig/Linux dev, Nixpkgs committer (LLVM). Likes to watch 大空スバル (Subaru Oozora).




Nix Vegas Unconference

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Sunday, Aug 10, 10:00 – 12:59 PDT

Creator: Nix Vegas Community

Pick a topic, talk about whatever you want, or just come and chill in the Nix Vegas space for the Unconference.




No Brain No Gain

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Saturday, Aug 9, 11:00 – 11:59 PDT

Creator: IOT Village

Traditional digital security often falls short when applied to IoT environments, where devices are limited in processing power and exposed to a wider range of threats. Human vulnerabilities—especially against deepfake-style attacks—further weaken current systems. Static biometrics like fingerprints or facial scans are no longer enough. This work proposes a new direction: using the brain’s unique electrical activity (EEG signals) as a security layer. These dynamic, hard-to-replicate patterns offer a way to authenticate users without storing sensitive data or relying on heavy computation. By grounding trust in the user’s own biological signals, this approach offers a lightweight, resilient solution tailored to the constraints of modern IoT devices.


People:
    SpeakerBio:  Mehmet Önder Key, Self

Önder Key is a cybersecurity consultant specializing in critical infrastructure security, zero-day vulnerability analysis, and offensive security. He has advised organizations in high-security sectors such as defense, aerospace, and finance, with hands-on experience in both red teaming and strategic security engineering. His work has been featured across numerous countries and platforms, contributing to the discovery of systemic vulnerabilities. Currently, he provides consultancy to Burkut, Ogrit, Ravenailabs and continues to advance the global offensive security ecosystem by challenging traditional approaches to cybersecurity.

SpeakerBio:  Temel Demir, Cybersecurity Lead at KPMG
No BIO available
SpeakerBio:  Ahmet Furkan Aydogan., Assistant Professor of Computer Science at UNCW, Dr
No BIO available



No IP, No Problem: Exfiltrating Data Behind IAP

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Friday, Aug 8, 13:35 – 14:10 PDT

Creator: Cloud Village
Abstract:
==========
Google Cloud’s Identity-Aware Proxy (IAP) is often seen as the final gatekeeper for internal GCP services – but what happens when that gate quietly swings open? This session uncovers how subtle misconfigurations in IAP can lead to serious data exposure, even in environments with no public IPs, strict VPC Service Controls, and hardened perimeters. We’ll introduce a new vulnerability in IAP that enables data exfiltration, allowing attackers to bypass traditional network controls entirely, without ever sending traffic to the public internet. In addition, we’ll walk through real-world examples of overly permissive IAM bindings, misplaced trust in user-supplied headers, and overlooked endpoints that quietly expand the attack surface. Attendees will gain a deeper understanding of IAP’s internal workings, practical detection strategies, and a critical perspective on trust boundaries in GCP.

Description:

This talk delivers a technical dive into Google Cloud’s IAP, a service widely used to enforce access controls on internal applications – and often assumed to be foolproof. We begin with a concise overview of how IAP works behind the scenes, including its identity enforcement model and how it integrates with IAM and backend services.

The core focus is on teaching defenders how these misconfigurations manifest in logs once an attacker begins to exploit them, equipping them to build effective detections and stop breaches before they escalate. Whether it’s during the initial configuration tampering or while actively bypassing controls, I’ll walk through what those activities actually look like in GCP logs. For each misconfiguration, I’ll present real log snippets, unpack the most revealing details, and show how to correlate signals, even those outside of IAP-specific logs, to detect and investigate IAP abuse effectively.

The highlight of the session is a new research technique we’ve developed: exploiting IAP’s CORS behavior to exfiltrate sensitive data using preflight OPTIONS requests, effectively bypassing traditional network egress controls. This method can succeed even in highly restricted environments with no internet access, no public IPs, and VPC Service Controls fully enforced. The issue has been responsibly disclosed to Google and is currently under review, with an expected review timeline of 30 days.

We’re sharing this research to highlight just how fragile IAP configurations can be, where even a minor misstep or overlooked setting can unintentionally expose internal resources to the internet. Alongside the technique, we’ll provide practical detection strategies to help defenders identify this specific attack vector through GCP’s logging infrastructure.

We’ll wrap up with detection strategies using GCP logs to identify abuse patterns, surface subtle signs of exploitation, and improve monitoring around one of GCP’s most sensitive gateways.


People:
    SpeakerBio:  Ariel Kalman

Ariel Kalman is a cloud security researcher based in Israel, actively engaged in cloud-related security research at Mitiga. With a specialization in application security, Ariel excels in discovering new attack vectors associated to cloud environment




No Radios, No Problem: Hacking WiFi in a Virtual World

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-803 (Radio Frequency Village)
When:  Friday, Aug 8, 14:30 – 15:55 PDT

Creator: Radio Frequency Village

In this 80-minute workshop, attendees will learn how to set up and utilize local virtual WiFi labs to practice WiFi hacking techniques without the need for physical hardware. Leveraging tools like mac80211_hwsim and smart scripting, participants will explore methods to emulate multi-network, multi-device environments including IP level connectivity and webapp/app access. The session will cover the creation and configuration of virtual WiFi interfaces, scripting for automation, and the deployment of various attack scenarios including WPA2-PSK/Enterprise cracking, Evil Twin attacks, and rogue access point setups. By the end of the workshop, attendees will have a functional virtual lab environment to continue their exploration and practice of WiFi security assessments.


People:
    SpeakerBio:  Nishant Sharma

Nishant Sharma is a seasoned cybersecurity professional with deep expertise in cloud security, DevSecOps, and hands-on technical training. He is currently working as Head of Cybersecurity Research at SquareX (sqrx.com). He was in Cybersecurity education for 10+ years during which he served as VP Labs R&D at INE.com, headed R&D at Pentester Academy, developing thousands of host, networking and cloud security labs on AWS, GCP and Azure infrastructure. These labs were used by learners in 125+ countries. A frequent presenter at DEF CON, Black Hat, and OWASP events, and trainer/speaker/author to 10+ trainings, 15+ talks and 9+ open source tools.




No Server, No Cry: the Ups and Downs of Building a Scalable Security Serverless Platform

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Friday, Aug 8, 13:00 – 13:35 PDT

Creator: Cloud Village

In this engaging talk, we will embark on a journey through the trials and triumphs of constructing a 100% serverless, scalable security platform. Starting about 2 years ago when we bootstrapped Jit, we will share all the lessons we have learned along the way to build our platform – both in terms of people and technology. 

As we venture into the land of serverless architecture, we will discuss its power but also confront the myth that less hardware equates to fewer headaches. Spoiler alert: it doesn’t, but the lessons learned are invaluable. Takeaways: Serverless has become an excellent way to ramp up infrastructure operations for cloud first companies. However, this comes with its own set of security challenges, including the popular OWASP Top 10. In this talk, we will dive into what it takes to build a real world secure and scalable serverless platform for your engineering.


People:
    SpeakerBio:  David Melamed

Currently CTO and Co-Founder of Jit, the Continuous Security platform for Developers. David has a PhD in Bioinformatics and for the past 20 years has been a full-stack developer, CTO & technical evangelist, mostly in the cloud, and specifically in cloud security, working for leading organizations such as MyHeritage, CloudLock (acquired by Cisco) and leading the ‘advanced development team’ for the CTO of Cisco’s cloud security (a $500M ARR BU). David is also the co-chair for the OWASP Serverless Security Top 10, and an AWS Community Builder.




No Spook Leaves Randomness to Chance

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Friday, Aug 8, 10:00 – 10:59 PDT

Creator: Crypto Privacy Village

Cryptographic random number generators are a critical part of many deployed cryptosystems. When they fail, so does the cryptography. So why leave their security to chance?

Yet, over the past two decades, researchers have discovered vulnerabilities in numerous widely deployed algorithms and implementations designed to produce secure random numbers–all derived from supposedly vetted standards!

If you’re more conspiratorially minded, you suspect some foul play.

This talk draws on Shaanan’s work discovering many of the CVEs and vulns to find that behind each one is the hint of an under-discussed flavour of adversary: one who subtly threads flaws into our standards.


People:
    SpeakerBio:  Shaanan Cohney

Dr. Shaanan Cohney is the Deputy Head of the School of Computing and Information Systems at the University of Melbourne. Coming from the security community, his research attempts to use a wide variety of traditional computer science research techniques to address problems in public policy.

His work has won a variety of awards, including a 2016 Pwnie for Best Cryptographic Attack and multiple best/distinguished papers at top security conferences. He is also the winner of six teaching awards including a national level award for his intro to algorithms course.

Past work has included a fellowship with Senator Ron Wyden and a summer stint at the FTC working on public policy. His academic bio won’t say this, but he has a history of getting into (only the right sorts of) trouble.




NO-HAVOC today, NO-HAVOC tomorrow

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Saturday, Aug 9, 17:50 – 18:20 PDT

Creator: Malware Village

Ransomware and cybercrime assaults are both pervasive and profoundly distressing, NO-HAVOC (Networked Online Helpline for All Victims of Cybercrime) pioneers a holistic approach to victim support by fusing technical support with genuine empathy. Drawing on Daniel Ward’s CONVERSA AI; originally crafted for mental-health support; and Lena Yu’s deep ties within the Malware Village research community, this session reveals how NO-HAVOC delivers real-time, location-aware guidance alongside emotional reassurance to individuals, charities, healthcare providers and businesses alike.


People:
    SpeakerBio:  Samuel Gasparro
No BIO available
SpeakerBio:  Daniel Ward
No BIO available



Non-Binary at Queercon

Creator Talk Map Page – LVCC West-Level 3-W325 (Queercon Community)
When:  Saturday, Aug 9, 14:00 – 14:30 PDT

Creator: Queercon Community Lounge

Come mingle with the glamorous, the genuine: the genderfluid, genderqueer, and genderless people of Queercon!




North Korea’s Fur Shop: Poaching for Otters, Beavers, Ferrets and Capybaras

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Saturday, Aug 9, 17:10 – 17:40 PDT

Creator: Malware Village

North Korean threat actors are back, using fake job interviews to deliver BeaverTail, InvisibleFerret, OtterCookie and ChaoticCapybara, advanced malwares with unique implementations. This talk analyses their techniques, reverse-engineers their tools, and modifies them to reveal the secrets hidden within their C2 infrastructures, offering insights into defending against persistent, adaptive threats.


People:
    SpeakerBio:  Mauro Eldritch
No BIO available
SpeakerBio:  José Gómez
No BIO available



NOVA: The Prompt Pattern Matching

Creator Talk Map Page – LVCC West-Level 2-W213-W218-(Blue Team Village) W214-W215
When:  Friday, Aug 8, 12:15 – 13:05 PDT

Creator: Blue Team Village (BTV)

With the global adoption of LLMs and Generative AI, individuals and organizations use these technologies daily, for customer support, code generation, and business automation. But increased adoption brings new security risks. The attack surface is growing, and security teams still lack clear strategies to detect malicious GenAI activity.

In this presentation, I will introduce NOVA, my open-source framework for prompt hunting. NOVA is a prompt pattern matching system, tailored for AI systems. I will walk through the framework and show how to use it for prompt hunting. NOVA is a Python-based rule engine inspired by YARA, but designed specifically for LLM security.


People:
    SpeakerBio:  Thomas “fr0gger_” Roccia, Senior Security Researcher at Microsoft

Thomas Roccia is a Senior Security Researcher at Microsoft with over 15 years of experience in the cybersecurity industry. His work focuses on threat intelligence and malware analysis.

Throughout his career, he has investigated major cyberattacks, managed critical outbreaks, and collaborated with law enforcement while tracking cybercrime and nation-state campaigns. He has traveled globally to respond to threats and share his expertise.

Thomas is a regular speaker at leading security conferences and an active contributor to the open-source community. Since 2015, he has maintained the Unprotect Project, an open database of malware evasion techniques. In 2023, he published Visual Threat Intelligence: An Illustrated Guide for Threat Researchers, which became a bestseller and won the Bronze Foreword INDIES Award in the Science & Technology category.




O2 Case Study

Creator Talk Map Page – LVCC West-Level 2-W224 (Telecom Village)
When:  Saturday, Aug 9, 15:15 – 15:25 PDT

Creator: Telecom Village

uncovered a mis-routed SIP policy on O2’s IMS core that let any device on the data network bypass the P-CSCF firewall and inject raw SIP traffic directly into the S-CSCF. A proof-of-concept “silent dialer” malware exploited the gap to auto-REGISTER rogue identities, issue INVITEs that redirected live VoLTE calls, and siphon RTP audio—while every packet looked like normal internal signaling. No internet, VPN or root exploits were needed; the flaw lived entirely in the operator’s own trust model, proving how a single IMS rule slip can open the door to full-scale voice and data surveillance.


People:
    SpeakerBio:  Vinod Shrimali
No BIO available



Oblivious computation, from theory to practice

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Saturday, Aug 9, 11:00 – 11:30 PDT

Creator: Cryptocurrency Community

Traditional encrypted databases encrypt only the data contents but do not hide accesses to the data. Such accesses can leak highly sensitive information in practical applications like contact discovery, blockchains, and large language models. In this talk, Elaine Shi will describe what is oblivious computation, and how to construct simple and provably secure algorithms for oblivious computation. She will also cover the broad applications of oblivious computation including in Signal and Ethereum’s (intended) use cases.


People:
    SpeakerBio:  Chelsea Button, Cryptocurrency Education Initiative

Chelsea is a lawyer specializing in consumer finance, data and technology. She advises clients on updates in the law and defends them in litigation. She is a cryptocurrency advocate, with multiple professional publications.

SpeakerBio:  Elaine Shi, Professor at Carnegie Mellon University

Elaine Shi is a professor in Carnegie Mellon University. Her research interests include cryptography, security, mechanism design, algorithms, foundations of blockchains, and programming languages. She is a co-founder of Oblivious Labs, Inc. Her research on Oblivious RAM and differentially private algorithms have been adopted by Signal, Meta, and Google. She is a Packard Fellow, a Sloan Fellow, an ACM Fellow, and an IACR Fellow.

SpeakerBio:  Afonso Tinoco

Afonso Tinoco is a PhD candidate currently on leave from Carnegie Mellon University and University of Lisbon. His research interests include Applied Cryptography and Distributed System Verification. He is a Co-Founder and a Research Engineer at Oblivious Labs, Inc. (https://obliviouslabs.com). Oblivious Lab’s mission is to develop open-source toolchains for Oblivious Computation (https://github.com/obliviouslabs/), with the goal of accelerating the wide deployment of Oblivious Computations. He is also a co-captain of STT (https://sectt.github.io/) , the CTF team of University of Lisbon.




Of Stochastic Parrots and Deterministic Predators: Decision-Making in Adversarial Automation

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Friday, Aug 8, 17:00 – 17:30 PDT

Creator: Adversary Village

In an era where AI systems oscillate between mimicking human-like randomness and executing precise, predatory strategies, understanding decision-making in adversarial automation is critical. This talk explores the tension between “stochastic parrots”; generative models that produce probabilistic outputs, and “deterministic predators,” systems designed to behave in a predictable pattern in adversarial settings. We will delve into the mechanics of decision-making under uncertainty, examining how these systems navigate competitive environments, from game-playing AIs to cybersecurity defenses. Attendees will gain insights into the algorithms driving these dynamics, and where the technology is heading. We will be releasing tooling around our deterministic TTP selection engine.


People:
    SpeakerBio:  Bobby Kuzma, Director – Offensive Cyber Operations at ProCircular

Bobby Kuzma is a seasoned offensive security researcher with a long running interest in computational decision making. He currently runs the Offensive Cyber Operations team at ProCircular.

SpeakerBio:  Michael Odell, Cyber Security Consultant

A nerd who likes playing with computers




Off-Grid Datarunning in Oppresive Regimes: Sneakernet and Pirate Box

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Friday, Aug 8, 14:00 – 14:30 PDT

Creator: Hackers.town Community

Robert is a hacker and longtime Linux user and sysadmin who knows the importance of education and information sharing, and is passionate to his core about human rights issues and community outreach. He has spoken at length about Linux distros from oppressive regimes, including North Korea’s Red Star OS, and understands how these regimes wish to stifle the flow of information. He is also an unashamed sharer of information, old school punk, and loves to make a good meal for his friends.


People:
    SpeakerBio:  Robert “LambdaCalculus” Menes

Robert is a hacker and longtime Linux user and sysadmin who knows the importance of education and information sharing, and is passionate to his core about human rights issues and community outreach. He has spoken at length about Linux distros from oppressive regimes, including North Korea’s Red Star OS, and understands how these regimes wish to stifle the flow of information. He is also an unashamed sharer of information, old school punk, and loves to make a good meal for his friends.




Old SOC, new tricks: An immersive AI/ML workshop for effective tool adoption

Creator Talk Map Page – LVCC West-Level 2-W213-W218-(Blue Team Village) W214-W215
When:  Saturday, Aug 9, 12:00 – 12:50 PDT

Creator: Blue Team Village (BTV)

This walk-in workshop is a choose-your-own-adventure with modules that takes you on a journey from “I have no idea what this CSV is telling me” to “I just built an AI model that actually solved my problem.” Through hands-on exercises that mirror real-world security mayhem, you’ll discover when a simple pivot table beats a neural network, and when GenAI is your secret weapon instead of an expensive overkill.

You’ll wrangle messy data, uncover hidden patterns, and build tools that make Monday mornings less painful. We’ll show you the wins AND the spectacular failures—because knowing when NOT to use AI is just as valuable as knowing when to unleash it. This isn’t about becoming a data scientist overnight; it’s about becoming the analyst who knows exactly which tool to grab when the SOC is on fire.

Walk out with practical skills, battle-tested techniques, and the confidence to turn your security problems into data solutions. No math degree required—just bring your curiosity and your most annoying security challenges.


People:
    SpeakerBio:  Jessie “Ringer” Jamieson

Jessie Jamieson, aka “Ringer”, is a mathematician who loves using math to solve hard problems, but she loves helping others see the beauty and value of math even more! She has been invited to speak at mathematics and cybersecurity events about supply chain and AI-related risk, and has spoken internationally on the importance of data science maturity for cybersecurity effectiveness. Jamieson holds a PhD and a MS in Mathematics from the University of Nebraska – Lincoln, where she was a National Science Foundation Graduate Research Fellow. Jamieson has also held senior research roles at Tenable and the Johns Hopkins University Applied Physics Laboratory. She currently works in a role related to cybersecurity risk quantification. When not doing math, she’s usually playing volleyball or video games, playing soccer with her dog, Dax, or traveling to some of her favorite cybersecurity conferences (like DEFCON!).

SpeakerBio:  Preeti Ravindra

Preeti is a technical leader in AI and security creating security outcomes. She has experience working on enterprise security teams, security SaaS vendors and services ranging from startups to Fortune 100 companies. Her value proposition is cutting through ambiguity and working cross-functionally with engineering, product, security and legal teams to drive business value. Preeti is currently building out a program to proactively secure AI and mitigate AI risks as the founding member of her team.

Her research areas include AI applications in security, security and safety of AI systems. A recognized voice in the industry, Preeti is a speaker at leading security conferences like BSides and serves on program committees of AI and security conferences like CAMLIS, WiCyS, Executive Women’s Forum. She is passionate about building collaborations between AI and security communities and mentoring security practitioners to advance into senior roles.




One Modem to Brick Them All: Exploiting Vulnerabilities in the EV Charging Communication

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Saturday, Aug 9, 17:00 – 17:59 PDT

Creator: Car Hacking Village

In this talk we present a collection of attacks against the most widely used EV charging protocol, by exploiting flaws in the underlying power-line communication technologies affecting almost all EVs and chargers.

Specifically, we target the QCA 7000 Homeplug modem series, used by the two most popular EV charging systems, CCS and NACS.

We demonstrate multiple new vulnerabilities in the modems, enabling persistent denial of service.

To better understand the scope of these issues, we conduct a study of EV chargers and vehicles, and show widespread insecurities in existing deployments.

We show a variety of practical real-world scenarios where the HomePlug link can be used to hijack EV charging communications, even at a distance.

Finally, we present results from reverse engineering the firmware and how we can gain code execution.


People:
    SpeakerBio:  Marcell Szakály

Marcell Szakály is a PhD student in the Systems Security Lab at the University of Oxford. His research focuses on the security of the EV charging infrastructure. He received his masters degree in Physics, and worked on superconducting magnet design. His work now involves RF hardware, SDRs, and digital electronics.

SpeakerBio:  Sebastian Köhler

Previous speaker at CarHackingVillage 2023, Redeploying the Same Vulnerabilities: Exploiting Wireless Side-Channels in Electric Vehicle Charging Protocols

SpeakerBio:  Jan “SP3ZN45” Berens

Jan Berens aka SP3ZN45 has been a goon in the QM department for several years now and is working full time as a redteamer at alpitronic SLR the leading manufacturer for DC chargers in Europe. His background is security consulting and penetration testing for critical infrastructures and industrial installations in Europe. Doing mostly non publicly disclosed security research and mentoring of beginners in the security domain.




Open Source Cellular Test Beds for the EFF Rayhunter

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-803 (Radio Frequency Village)
When:  Saturday, Aug 9, 14:00 – 14:25 PDT

Creator: Radio Frequency Village

Rayhunter is an open source tool published by the Electronic Freedom Foundation which uses an Orbic RC400L mobile hotspot to detect potentially malicious cellular network data that may indicate a Stingray attack. In this presentation, we review the use of open sourced software cellular base stations such Open Air Interface 5G (OAI), srsRAN_4G, OpenBTS, and Yates GSM to create cellular test beds to robustly test the Rayhunter device and develop new detection capabilities.


People:
    SpeakerBio:  Ron Broberg

Ron Broberg hacks drones, phones, and medical devices for Dark Wolf Solutions. Previously, he fuzzed NASA flight software and poked around satellite systems at Lockheed Martin.




OpenVPN: the long journey from user to kernel space

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-403 (Crypto Privacy Village)
Creator: Crypto Privacy Village

OpenVPN is a well known VPN software and technology that has been around for more than 20 years. Its implementation has always been purely in userspace, but things have started to change a few years ago. This presentation wants to illustrate the journey undertaken by the OpenVPN developers about moving data processing from user to kernel space. It will focus on the Linux implementation, while providing some hints about a similar path walked on Windows and FreeBSD.


People:
    SpeakerBio:  Antonio Quartulli

My name is Antonio Quartulli, I obtained my BS in Computer Science from the University of Pisa (Italy) and my MS in Computer Science (major: Networking and Distributed Systems) from the University of Trento (Italy) in 2011. I am an open source developer and Linux kernel contributor since 2010. I enjoy watching packets and hacking network protocols, especially WiFi and VPNs. In the past I have been a fairly active batman-adv (wireless mesh routing protocol) contributor. I then joined the OpenVPN community in 2016 and the last few years were mostly dedicated to implementing OpenVPN-DCO (Data Channel Offload) in the Linux kernel.




Operational Twilight: APTs, OT, and the geopolitics of a dying climate

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Saturday, Aug 9, 15:30 – 15:59 PDT

Creator: Adversary Village

We’re trying to debug the end of the world through trial and error — mostly error. In the middle of a worsening climate crisis, outdated OT protocols like Modbus are being exploited by state-sponsored actors in ways that turn environmental infrastructure into geopolitical weapons. From hijacked dams running Windows 95-era code to smart thermostats recruited into botnets fighting over Arctic oil, the climate-tech battlefield is already here.

This session dives into how APTs are quietly compromising the systems designed to save the planet. We’ll examine real-world campaigns where threat actors have targeted energy grids, carbon capture labs, and EV infrastructure — and how climate action is being derailed by 1970s-era code and modern apathy.

This is Cyber Threat Intelligence meets Climate Fiction (Cli-Fi). It’s weird, terrifying, and very real.


People:
    SpeakerBio:  Cybelle Oliveira, Cyber Threat Intelligence Researcher at Malwarelandia

Cybelle Oliveira is a Cyber Threat Intelligence researcher and a Master’s student in Cyber Intelligence. She teaches in a postgraduate CTI specialization program in Brazil and is the co-founder of La Villa Hacker — the first DEF CON village dedicated to the Portuguese and Spanish-speaking community.

Cybelle has spoken at some of the world’s leading security conferences, including DEF CON, BSides Las Vegas/São Paulo/Rio de Janeiro, 8.8 Chile, Cryptorave, Radical Networks, Mozilla Festival, and many others. Her work often explores the intersection of cyber threats, geopolitics, and underreported regions, with a particular interest in the strange, obscure, and catastrophically messy corners of cybersecurity.

Cybelle Oliveira es Consultora de Ciberseguridad, postgraduada en Cyber Threat Intelligence y estudiante de Máster en Ciberinteligencia en el Campus Internacional de Ciberseguridad de la Universidad de Murcia, España. Ha estado involucrada en activismo de privacidad y seguridad durante más de 10 años y ha presentado charlas en eventos por todo el mundo, como BSides LV, BSides SP, Girls Hack Village (DefCon), 8.8 Chile, Internet Freedom Festival, Radical Networks, Mozilla Festival, Roadsec, Cryptorave, entre otros. Cybelle forma parte de la comunidad Mozilla y es directora de la organización Casa Hacker.




Orchestrating the Reasoners

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Friday, Aug 8, 16:20 – 16:59 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

Join members of he AIxCC Final Engineering Team who developed the competition APIs, scoring automation systems, data processing and archive pipelines, challenge automation tooling, and more for a behind the scenes look at AIxCC.


People:
    SpeakerBio:  Ken Harding, Competitor Interface Lead at Kudu Dynamics LLC
No BIO available
SpeakerBio:  Jeff Casavant, Maintainer Interface Lead at Kudu Dynamics LLC
No BIO available
SpeakerBio:  Scott Lee, Scoring & Challenge Research Lead at Kudu Dynamics LLC
No BIO available
SpeakerBio:  Jon Siliman, Researcher Interfaces Lead at Kudu Dynamics LLC
No BIO available
SpeakerBio:  Isaac Goldthwaite, Challenge Design Lead at Kudu Dynamics LLC
No BIO available
SpeakerBio:  Nicholas Vidovich, Kudu Dynamics LLC
No BIO available



OSINT 101

Creator Talk Map Page – LVCC West-Level 2-W204 (Noob Community)
When:  Saturday, Aug 9, 12:30 – 13:30 PDT

Creator: Noob Community

Everything you need to know about OSINT


People:
    SpeakerBio:  Mishaal Khan, Privacy Expert

Mishaal is a subject matter expert in cybersecurity, pentesting, privacy, Open Source Intelligence and social engineering and a frequent speaker on these topics at Universities and popular cybersecurity conferences like DEF CON, Black Hat, Wild West Hackin Fest, TEDx, and multiple BSides Security events.

Mishaal has worked with multinational companies for over 20 years, securing their networks and providing executive level consultancy as a CISO to manage risk and avoid breaches. He’s the author of the book; The Phantom CISO, runs a cybersecurity practice as a vCISO and owns a privacy management and investigations firm.




OSINT Against the Machine: Fighting AI-Generated Disinformation

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Saturday, Aug 9, 11:30 – 12:15 PDT

Creator: Recon Village

As AI accelerates the creation and spread of synthetic media, the disinformation threat landscape is evolving. From deepfaked political speeches to fabricated news sites, the weaponization of AI is eroding public trust in truth itself. This talk explores how OSINT offers a verifiable countermeasure to AI-driven falsehoods to detect, investigate, and debunk AI-generated content in the wild. Whether you’re an analyst or simply trying to protect the signal from the noise, this session will equip you to challenge synthetic narratives with verifiable evidence. In the age of artificial deception, OSINT is not just a tool set—it’s a digital duty. It takes all of us to verify the truth.


People:
    SpeakerBio:  Zoey Selman

Zoey Selman, known in the community as V3rbaal, is a Threat Intelligence Analyst on Recorded Future’s Insikt Group and specializes in APT research. She is a Co-Lead of DEF CON Demo Labs, the Founding Director of DEF CON’s Blue Team Village, and the former Director of Trace Labs.




OSINT Enabled Ghost Mode: Counter-Surveillance for Everyday People Like Us

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Sunday, Aug 10, 11:00 – 11:45 PDT

Creator: BBWIC Foundation

We’re all being watched — in our homes, on our devices, in every digital footprint we leave behind. But what if you could flip the lens? What if you could detect the detectors and reclaim your privacy anywhere in the world? We can. Using only OSINT, we can enable our very own mobile counter-surveillance system that will move as we move locally and globally. We can track the trackers, not for malice, but to answer the deep-rooted question: “Who’s watching me?” Your personal surveillance detection resource will alert you instantly when your data, email, IP, name, alias, etc, appears in a threat actor forum or social media platform.
In a world of “Access Everywhere,” this flips the script, giving you visibility into your exposure. You’ll learn how to automate monitoring across the open internet, dark web, and device search engines using the very tools used by those who surveil us. Let’s go ghost mode for real with the power of live detection as we take hold of our privacy and awareness.


People:
    SpeakerBio:  Desiree Wilson

With over 15 years of global experience across all domains of information security, she is a trusted leader in cybersecurity architecture, cloud adoption, DFIR, and threat intelligence. Her work emphasizes proactive defense—prioritizing prevention, early detection, and rapid response across hybrid environments. As a Principal Consultant with Quantum Mergers, she has guided highly regulated organizations through cloud deployments, DFIR engagements, and the design of advanced cybersecurity frameworks that integrate offensive and defensive strategies. Her expertise spans securing APIs, blockchain platforms, and AI/ML systems, aligning innovation with risk-based security. A member of the Forbes Business Council, she contributes strategic insights that help global enterprises build trust, scale securely, and outpace threats through intelligence-driven security. She serves as a board advisor to several organizations and is a philanthropic supporter of nonprofit initiatives focused on women’s rights and global education. A passionate advocate for equity and opportunity, she balances her professional pursuits with family time, a love for live music, the arts, her three pets, and a nomadic lifestyle that reflects her identity as a global citizen.




OSINT Signals Pop Quiz!

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Friday, Aug 8, 15:40 – 16:15 PDT

Creator: Recon Village

This is a fun and informative test to see if the audience can identify potential “Open Source” Signals that are meant to be interpreted by those “in the know”. Her hair is tied differently every Tuesday. He is wearing his watch on the opposite wrist today. Why is that? Let’s see if the audience knows without Googling!


People:
    SpeakerBio:  Master Chen

MasterChen is a seasoned presenter who explores where technology meets psychology. In recent years, his focus has been on cyber stalking and anti-stalking. He has also been published in “2600: The Hacker Quarterly”. Phone phreaking, social engineering, and systems automation are his concentrations.




OT Network Segmentation Planning, Implementation, and Validation

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Saturday, Aug 9, 14:00 – 14:30 PDT

Creator: ICS Village

This presentation will provide ICS security practitioners with a comprehensive introduction to Operational Technology (OT) network segmentation. As industrial control systems face increasing cyber threats, proper network segmentation has become a critical security control to limit attack surfaces and protect critical infrastructure.

Attendees will learn practical approaches to planning segmentation architectures, implementing controls across OT environments, and validating the effectiveness of their segmentation strategy.

The session blends theoretical concepts with practical implementation guidance suitable for security practitioners with introductory to intermediate knowledge of industrial control systems.

Key topics include: OT Network Segmentation Fundamentals (objectives, benefits, IT/OT differences, reference architectures); Planning Strategies (asset inventory, flow analysis, zone design, risk-based requirements, legacy systems); Implementation Approaches (physical vs. logical separation, DMZs, deep packet inspection, data diodes, appropriate tools); Validation Methods (verification techniques, safe penetration testing, monitoring, measuring success); and Real-World Case Studies with lessons learned and common challenges.

This session is designed for industrial cybersecurity professionals, control system engineers, IT/OT security architects, and other stakeholders responsible for securing operational technology environments. Attendees should have basic familiarity with industrial control systems and networking concepts.


People:
    SpeakerBio:  Tony Turner, Frenos

Tony is a seasoned security architect with over 25 years of experience spanning both IT and OT cybersecurity domains. As VP of Product at Frenos, he leads an AI-driven platform that automates security assessments for operational technology environments.

His diverse background includes critical infrastructure protection at a major US airport, incident command for state government public health systems, engineering disaster recovery operations for hurricane response, and security implementations for global semiconductor and integrated circuit manufacturing facilities.

Tony has developed specialized expertise in vulnerability management, security hardening, application security, secure network infrastructure, supply chain risk management, and Cyber Informed Engineering (CIE). He authored “Software Transparency” and developed the SANS SEC547 course “Defending Product Supply Chains.”

As OWASP Orlando chapter lead and Chief Editor for cyberinformedengineering.com, Tony actively promotes security best practices within the industrial community. He also leads defendics.org, a nonprofit focused on advancing Cybersecurity Performance Goals (CPG) and foundational OT security practices for resource-constrained asset owners.




Painting with Ransomware

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-403 (Crypto Privacy Village)
Creator: Crypto Privacy Village

When you hear the word “ransomware,” what’s the first image that comes to mind? There’s a well-defined aesthetic: files with blank icons and strange extensions, dark images of Jigsaw or Annabelle, ransom notes mocking the victim and boasting about strong encryption while demanding extortions, sometimes even accompanied by horror music.

Now think about fire. Of devastating images of wildfires sweeping across the land, destroying everything in their path. In certain circumstances fire can also be beautiful, the flicker of a candle, the soft crackle of a log in a fireplace. What happens if we apply that same lens to ransomware? This talk flips the aesthetic of ransomware on its head. Instead of fear and destruction, can ransomware produce something beautiful?

We will share an open source tool that explores this idea by using flawed cryptographic implementations found in real ransomware. When applied to image data, these flaws can inadvertently reveal stunning patterns. This project takes inspiration from real-world encryption failures to create a new kind of digital art, one that treats ransomware not as a threat, but as a visual algorithm with unexpected creative potential.


People:
    SpeakerBio:  Yuval Guri, Security Analyst at Intezer

Yuval Guri is a security analyst for Intezer. His role focuses on incident response and detection of threats, using big data, programming, and detection engineering.

SpeakerBio:  Ryan Robinson, Security Researcher at Intezer

Ryan Robinson is a security researcher for Intezer. He specializes in malware reverse engineering, cryptography and threat intelligence. Ryan has done extensive research in cryptovirology, cryptographic protocols, and cryptanalysis.




Panel Discussion – The State of OSINT in 2025: The technical Arms Race

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Friday, Aug 8, 14:55 – 15:40 PDT

Creator: Recon Village

People:
    SpeakerBio:  Ram Ganesh
No BIO available
SpeakerBio:  Daniel Heinan
No BIO available
SpeakerBio:  Nathaniel
No BIO available



Panel Discussion Bug Bounty

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Saturday, Aug 9, 12:15 – 12:59 PDT

Creator: Recon Village

People:
    SpeakerBio:  Rohit Grover
No BIO available
SpeakerBio:  Kumar Ashwin
No BIO available



Panelizing PCBs: It’s Exciting I Swear

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C204 (Badgelife Community)
When:  Friday, Aug 8, 11:00 – 11:30 PDT

Creator: Badgelife Community

People:
    SpeakerBio:  Hamster
No BIO available



Parser Goes Rogue: Tree-Sitter’s Hidden Superpowers

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C210 (Operating Systems Community)
When:  Friday, Aug 8, 12:00 – 12:59 PDT

Creator: Operating Systems Community

People:
    SpeakerBio:  Mher Tolpin, GitLab
No BIO available



Passing the Torch: Mentoring and Protecting Our Students in Education Spaces

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Sunday, Aug 10, 12:00 – 12:59 PDT

Creator: .edu Community

Lots of us can look back on a time in our IT or cybersecurity careers and think about a select person or group of people that helped us immensely when we were younger to get on the right track. However, there are others that may not have had that opportunity to have a mentor or community instill a purpose in the world of tech. Making these communities or finding a good mentor can be a difficult task for many of us, so we wanted to host a discussion panel to discuss the various methods that we have been able to utilize.

Our major goal is to give back to the communities that helped us grow in our careers and personal lives. At our school district we’ve been very fortunate to build a culture of learning, security, and community. We’ve been able to successfully start and grow various clubs and opportunities for students to learn cool things with like minded people. In the panel we will talk about growing student helpdesk programs, eSports clubs, creating a tech savvy culture, and much more. Please come join us, bring questions, bring your experiences, and let’s help each other build up the next generation of hackers!


People:
    SpeakerBio:  Sam Comini
No BIO available
SpeakerBio:  Navaar Johnson, Senior Network Systems Technician at Bethlehem Central School District
No BIO available



Passive and Active Attacks on TPMS Systems

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Saturday, Aug 9, 13:00 – 13:30 PDT

Creator: Car Hacking Village

In this talk we want to dive deep into the world of direct TPMS. These systems are used by a great portion of the cars today, and typically send information about a car’s tires wirelessly without any encryption or authentication. We show that it is feasible to capture these signals with very low cost hardware to build a tracking infrastructure. We present as well a tool that allows us to create custom TPMS messages and spoof the ECU of different cars.


People:
    SpeakerBio:  Yago Lizarribar
No BIO available



Passkeys in payments

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-505 (Payment Village)
When:  Friday, Aug 8, 15:00 – 15:30 PDT

Creator: Payment Village

People:
    SpeakerBio:  Dan Pelegro
No BIO available



Pentester Blueprint

Creator Talk Map Page – LVCC West-Level 2-W204 (Noob Community)
When:  Friday, Aug 8, 12:30 – 13:30 PDT

Creator: Noob Community

Everything you need to know about getting started as a pentester


People:
    SpeakerBio:  Phillip Wylie, Offensive Security Mentor

Phillip Wylie is a distinguished cybersecurity professional with over 27 years of combined IT and cybersecurity experience, including more than 21 years focused on information security. Specializing in offensive security with over a decade of hands-on experience, Phillip has extensive expertise in penetration testing, red team operations, and social engineering engagements, working both as a consultant and as an in-house pentester for enterprise organizations.

As a passionate educator, Phillip served as an Adjunct Instructor at Dallas College for over 3.5 years and has developed curricula for INE and P3F. He is the concept creator and co-author of The Pentester BluePrint: Starting a Career as an Ethical Hacker and was featured in Tribe of Hackers: Red Team. Phillip hosts two prominent cybersecurity podcasts: The Phillip Wylie Show and Simply Offensive.

Phillip is a sought-after conference speaker, hands-on workshop instructor, and dedicated mentor to cybersecurity professionals worldwide.




PentestGPT: El Arte de Hackear con Palabras (ESP)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Saturday, Aug 9, 12:30 – 12:59 PDT

Creator: La Villa

La Inteligencia Artificial está dejando de ser una promesa futurista para convertirse en una herramienta tangible y poderosa en el presente de la ciberseguridad. En esta charla, presentamos un recorrido técnico y estratégico por el impacto de la IA en el mundo del pentesting, centrándonos especialmente en el proyecto PentestGPT, una de las iniciativas más innovadoras en este campo.x000D x000D PentestGPT es un modelo que busca automatizar y asistir tareas tradicionalmente realizadas por humanos durante pruebas de penetración, desde el reconocimiento y la enumeración hasta la explotación de vulnerabilidades. Su funcionamiento se basa en una combinación de capacidades de procesamiento de lenguaje natural, razonamiento contextual y un conocimiento actualizado de vectores de ataque y técnicas ofensivas. Más que una herramienta, se está convirtiendo en un copiloto para analistas de seguridad, reduciendo los tiempos de análisis, potenciando la documentación técnica y permitiendo que los profesionales puedan enfocarse en lo estratégico y no solo en lo operativo.x000D x000D A lo largo de la charla analizamos las capacidades actuales de la IA aplicada al pentesting, así como sus limitaciones, sesgos y riesgos de uso. Discutimos escenarios donde PentestGPT puede aportar verdadero valor (por ejemplo, en entornos con recursos limitados o como apoyo en red teams), y también advertimos sobre los peligros de una confianza ciega en la automatización. Asimismo, abordamos casos reales de uso, ejemplos prácticos y demostraciones que ilustran cómo interactuar con este tipo de sistemas.x000D x000D Pero esta charla no es solo sobre herramientas. Es una invitación a reflexionar sobre cómo se redefine el rol del pentester frente a estas tecnologías, cómo impacta en las metodologías tradicionales y qué desafíos éticos y técnicos se presentan al incorporar inteligencia artificial a procesos ofensivos. ¿Hasta dónde podemos delegar? ¿Qué responsabilidad tenemos como profesionales al utilizar estos sistemas?x000D x000D Presentada por 2 líderes de seguridad en Argentina, esta sesión busca abrir el debate, compartir experiencia práctica y aportar una mirada crítica sobre el presente y futuro del pentesting en la era de la IA. Una charla pensada tanto para quienes ya están explorando estas tecnologías, como para quienes recién comienzan a preguntarse qué lugar ocuparán en su día a día profesional.


People:
    SpeakerBio:  Matias Armándola, Safe-U. CyberSecurity GRC Lead

Soy Mati Armándola, analista de TI con más de 20 años de experiencia, especializado en Seguridad de la Información. Con un fondo en Ciencias de la Comunicación, considero esencial la concientización en seguridad. Como líder en Prevención de Pérdida de Datos, promuevo políticas que educan y sensibilizan a los usuarios. Además, doy clases en Coderhouse y Ekoparty, y soy orador en conferencias como Nerdearla, la Eko y Argentesting. Ah, cierto! Soy fan de Batman y coleccionista de cubos Rubik XD

SpeakerBio:  Axel Labruna, DevSecOps & Cloud Head, Digital Transformation enthusiastic

My name is Axel and I’m from Argentina, where I live with my two dog childs, Thor and Poroto (I know, he should’ve been named Loki, long story!). Love playing with them, go for a walk and grab a coffee or have mate (argentinian drink 😀 ) in some park and read. Also series, films, friends, tech. Oh almost forgot! I’m an (almost yet) computer engineer who loves to code and automate, nowadays very into Digital Transformation, Cloud and DevSecOps!




Pentesting AI – Hacking the GPTs (ESP)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Sunday, Aug 10, 10:00 – 10:59 PDT

Creator: La Villa

Con la creciente adopción de modelos de lenguaje como GPT-4 en sectores críticos, los sistemas de inteligencia artificial se han convertido en una nueva superficie de ataque. Esta charla, titulada “Pentesting AI – Hacking the GPTs”, explora cómo adaptar metodologías ofensivas clásicas al contexto moderno de IA generativa, revelando vulnerabilidades que pueden comprometer tanto la lógica de negocio como la integridad del modelo.x000D x000D Se iniciará con un repaso a los fundamentos de IA, incluyendo machine learning, deep learning y procesamiento de lenguaje natural (NLP), seguido por una explicación del funcionamiento interno de los LLMs (Large Language Models), sus aplicaciones industriales y sus principales limitaciones: bias, alucinaciones, y falta de interpretabilidad.x000D x000D A partir de esto, se abordará el OWASP Top 10 para LLMs, introduciendo técnicas ofensivas como prompt injection (directo e indirecto), AI jailbreaks, evasión de filtros y manipulación creativa de entradas. Se mostrarán ejemplos de explotación y cómo estas técnicas pueden utilizarse para alterar la salida del modelo, extraer información sensible o evadir mecanismos de seguridad.x000D x000D La charla incluirá una breve demostración pregrabada utilizando herramientas como Garak (framework ofensivo de red teaming para LLMs) y LLMFuzzer (fuzzer para APIs que integran modelos generativos).x000D x000D Se concluirá con recomendaciones para mitigar riesgos,, y reforzar los controles aplicados sobre modelos integrados en aplicaciones. Adicionalmente se compartirá una serie de recursos que han sido publicados durante el ultimo año para poder familiarizarse con este tipo de vulnerabilidades y como explotarlas. x000D x000D Outline:x000D Introducción y contexto del pentesting en IA_x000D_ x000D Fundamentos técnicos: ML, DL, NLP y LLMs_x000D_ x000D Aplicaciones prácticas y limitaciones actuales_x000D_ x000D Técnicas de ataque: Prompt Injection, Jailbreaks, Hallucinations_x000D_ x000D Herramientas ofensivas: Garak ( Demo pregrabado)x000D x000D Buenas prácticas y contramedidas_x000D_ x000D Recomendaciones finales y recursos x000D x000D PwnedCR Video: https://www.youtube.com/watch?v=3esRoJ3dRts_x000D_ x000D PwnedCR Slide Deck (Por Actualizar) : https://docs.google.com/presentation/d/1vur62uGai6RSUtLv9KM2VRP8iMmQMINL/edit?slide=id.p36#slide=id.p36


People:
    SpeakerBio:  Luis Diego Raga, Senior Penetration Tester, X-Force Red IBM

Luis Diego Raga es un Senior Hacker del equipo de X-Force Red de IBM, especializado en Penetration Testing de aplicaciones web y aplicaciones que hacen uso de IA. Cuenta con más de 15 años de experiencia en ciberseguridad. Anteriormente, desempeñó el rol de Arquitecto de Soluciones de Seguridad en la Nube, acumulando una vasta experiencia como coach, mentor y líder de equipos técnicos. Además, es uno de los líderes de la comunidad de Ethical Hackers DC11506, donde contribuye significativamente al desarrollo y fortalecimiento de la comunidad de hackers éticos de Costa Rica. Luis también es Embajador de Hack the Box, donde regularmente coordina y dirige reuniones para la comunidad.




People as the Payload: OSINT Tactics for Identity Tracing, Social Graphing, and Executive Recon

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Saturday, Aug 9, 10:45 – 11:30 PDT

Creator: Recon Village

In today’s threat landscape, people are often the weakest link—and attackers are aware of it. From phishing and impersonation to executive targeting and account compromise, adversaries increasingly use open-source intelligence (OSINT) to build detailed profiles of individuals long before launching an attack.x000D x000D This session dives into the evolving art of people-focused reconnaissance, demonstrating how seemingly harmless public data can be weaponized into precise social engineering campaigns, identity spoofing, and credential pivoting.x000D x000D We’ll cover:x000D x000D Identity tracing techniques using breach data, professional directories, dark web leaks, and forgotten digital breadcrumbs_x000D_ x000D Building detailed social graphs across platforms like LinkedIn, GitHub, Twitter/X, Facebook, and academic/industry conference rosters_x000D_ x000D Tools and techniques to identify executive targets, their digital habits, exposed credentials, and behavioral patterns_x000D_ x000D Mapping corporate org structures and vendor relationships through public filings, social posts, and collaboration tools_x000D_ x000D How to uncover personal infrastructure (GitHub repos, sandbox environments, demo servers) tied to specific developers or architects_x000D_ x000D Cross-referencing usernames, email handles, avatars, and metadata to track digital identities across platforms_x000D_ x000D Using automation to generate identity maps and behavioral timelines using OSINT scripts and browser automation frameworks_x000D_ x000D You’ll also learn how attackers combine this recon with voice deepfakes, domain typosquatting, and AI-generated emails to execute convincing social engineering attacks—especially against high-value individuals.x000D x000D While this session is grounded in offensive techniques, it’s highly actionable for blue teams, threat intel analysts, and enterprise security leaders. We’ll walk through real-world case studies where simple recon led to large-scale breaches, compromised business email accounts, and insider attacks.x000D x000D Takeaways will include:x000D x000D A checklist for assessing your organization’s exposed human attack surface_x000D_ x000D Tools and workflows to replicate attacker tactics in your threat modeling and phishing simulations_x000D_ x000D Guidance on proactive identity protection and executive exposure management_x000D_ x000D Strategies to anonymize or reduce OSINT footprint without undermining productivity_x000D_ x000D In an era where people are increasingly the payload—not just the target—understanding how digital identities are discovered, mapped, and exploited is critical to building a truly defensible organization.x000D x000D


People:
    SpeakerBio:  Ankit Gupta

Ankit Gupta is a cybersecurity and cloud security leader with over 15 years of experience designing secure enterprise architectures. He currently leads security initiatives at Exeter Finance, focusing on resilient identity systems, Zero-Trust design, and post-quantum readiness in cloud-native environments. Ankit is a published thought leader and a speaker at IEEE on quantum threat modeling. His work bridges emerging threats and practical defense strategies for modern cloud ecosystems.

SpeakerBio:  Shilpi Mittal
No BIO available



Petty Proteins: When Molecules Go Rogue — And Why Cyberbiosecurity Needs You

Creator Talk Map Page – LVCC West-Level 3-W322-W324 (Blacks In Cyber Village)
When:  Saturday, Aug 9, 10:00 – 10:59 PDT

Creator: Blacks In Cyber Village

For the culture, we will examine how the smallest actors in biology — proteins — can trigger the most significant disruptions, and what that means for biosecurity in the age of AI. We’ll explore how molecular misbehavior mirrors threats in digital systems, from micropeptides that hijack cellular machinery to AI-designed proteins with dangerous dual-use potential. Drawing from my research on AI-driven protein design, I’ll map how bias, instability, and unintended outcomes at the molecular level are reshaping what we need to secure — and who we need in the room. Join us for this thought-provoking session and be part of the conversation shaping the future of biosecurity.


People:
    SpeakerBio:  Tia Pope., Dr

Tia is a 4th-year PhD candidate whose research focuses on evaluating and developing AI tools for protein design, emphasizing dual-use risk and cyberbiosecurity threats. Her work spans MIT Lincoln Laboratory and Johnson & Johnson projects, bridging advanced research with real-world impact. She specializes in transformer-based models for protein engineering and function prediction and contributes to open-source efforts that democratize access to cutting-edge tools. Tia is committed to building secure, ethical, and resilient bio-AI systems at the intersection of machine learning, molecular design, and cybersecurity.




PhishOps like an APT: Simulando Adversarios para el Acceso Inicial (ESP)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Sunday, Aug 10, 12:00 – 12:59 PDT

Creator: La Villa

PhishOps like an APT es una charla técnica enfocada en cómo los equipos de Red Team pueden ejecutar campañas de phishing inspiradas en técnicas reales utilizadas por grupos APT para obtener acceso inicial a una organización, con el objetivo de validar la eficacia real de los controles de seguridad, más allá del simple clic.x000D x000D Basada en experiencias reales de operaciones ofensivas, esta sesión muestra cómo campañas bien diseñadas pueden superar filtros antispam, explotar debilidades en la autenticación y comprometer activos clave, incluso en entornos corporativos con controles modernos.x000D x000D Se presentarán técnicas actuales como:x000D x000D HTML Smuggling y entrega de malware mediante archivos LNK y ZIP.x000D x000D Robo de credenciales mediante AiTM, MFA Fatigue, Dynamic Device Code, códigos QR maliciosos y fake captchas.x000D x000D Ingeniería social avanzada, incluyendo la suplantación de departamentos internos como TI y el uso de vishing para aumentar la credibilidad del ataque.x000D x000D Diseño de infraestructura ofensiva segura y resiliente para ejecutar campañas sin comprometer al atacante.x000D x000D También se discutirá la importancia de realizar ejercicios de phishing avanzados como parte de operaciones de Red Team y simulaciones adversarias, destacando su valor para evaluar controles técnicos y exposición real.x000D x000D Esta charla es ideal para Red Teamers, defensores y líderes de seguridad que buscan entender cómo operan los atacantes modernos y cómo simular esos vectores para fortalecer la postura organizacional.


People:
    SpeakerBio:  Gerardo Mejia, Red Teamer

Es especialista en ciberseguridad ofensiva, con enfoque en operaciones de red teaming, purple teaming, pruebas de penetración, campañas avanzadas de phishing y ataques dirigidos a entornos de Active Directory. Actualmente forma parte del equipo regional de seguridad ofensiva de GBM, donde diseña y ejecuta ejercicios de simulación de adversarios para fortalecer la resiliencia de las organizaciones ante amenazas sofisticadas.x000D x000D Cuenta con certificaciones destacadas, como CRTO, CRTP, OSCP, PNPT, eWPT, CR (HTB Ambassador), C-ADPenX y eCCPT.x000D x000D Ha sido conferencista en eventos internacionales como PWNEDCR en Costa Rica, BSides Panamá, Dojo Conf Panamá, HackConRD en República Dominicana y Ekoparty en Argentina.




Pick Up Your Feelings: The Effects of Bias and Subjectivity in Threat Assessments and Cybersecurity

Creator Talk Map Page – LVCC West-Level 3-W322-W324 (Blacks In Cyber Village)
When:  Sunday, Aug 10, 12:00 – 12:59 PDT

Creator: Blacks In Cyber Village

In 2020, Jazmine Sullivan instructed us to unapologetically move on from the things that do not serve us. While toxic professional relationships can fall into that category, the underlying unjust baggage and biased perspectives of cybersecurity professionals are equally damaging as they can lead to poor and untimely decision-making. Consequences include investing in unnecessary or inadequate security controls, limiting talent acquisition sources, and not soundly understanding your attack surface.

This presentation will review the logical fallacies and cognitive biases that manifest in cyber threat intelligence (CTI) and the adverse outcomes they introduce. It will then explore structured analytic techniques that analysts and leaders can apply to move beyond biases and objectively assess threats. Finally, the presentation will draw parallels between subjectivity and its unfavorable effects on holistic threat assessments and the oppressive attacks on diversity, equity, and inclusion programs throughout 2025, which are highly likely to introduce disparity in cybersecurity and the broader information technology field. After attending this talk, the audience will understand how bias can negatively affect CTI analysis and reporting and misguide cybersecurity judgments and strategy, impacting attendees’ ability to identify, articulate, and correct concerns regarding subjective practices. Attendees will also learn how biases in recruiting and decision-making can adversely affect the cybersecurity of their respective organizations.


People:
    SpeakerBio:  Brett Alexander Tolbert

Brett Tolbert is a Principal Cyber Threat Intelligence (CTI) Analyst based in the Baltimore metropolitan area. He has over ten years of experience in cybersecurity, beginning his career in the U.S. intelligence community before taking CTI roles at Morgan Stanley and NBCUniversal, which focused on tracking financially motivated threat actors and threat intelligence engineering. Brett teaches undergraduate cybersecurity courses at Bowie State University and has previously spoken at SANS’ CTI Summit and MITRE ATT&CKcon. He enjoys playing monster hunter games, knitting for charity, and baking in his spare time. 




Pirates of the North Sea

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Saturday, Aug 9, 15:00 – 15:30 PDT

Creator: Maritime Hacking Village

In this talk you get an insight into real-world Red Team operations conducted onboard ships and against maritime companies. Drawing from first-hand experience, the presentation walks through how Red Teamers boarded cruise ships undercover as regular passengers and proceeded to gain deep access to both IT systems and critical operational areas. The talk reveals how testers were able to physically enter restricted zones such as communication rooms and engine control rooms, all while blending in with guests and crew. It will also showcase how vulnerabilities in shipboard infrastructure allowed the team to manipulate or disable key systems, including navigation and onboard communications, on both passenger and cargo vessels. Whether you’re in cybersecurity, maritime operations, or just curious about how to hack a ship, this is a talk you don’t want to miss.

Links:
    maritimehackingvillage.com/dc33/talks – https://maritimehackingvillage.com/dc33/talks

People:
    SpeakerBio:  John Andre Bjørkhaug, Netsecurity

John-André Bjørkhaug has worked as a penetration tester for over 16 years. He has a degree in electrical engineering but prefer to break things instead of building things. This led him to become a hacker/penetration tester. John’s main focus is penetration testing of internal infrastructure and physical security system together with social engineering and full scale Red Team tests.




Plain TXT, Malicious Context: Uncovering DNS Malware

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Friday, Aug 8, 15:10 – 15:40 PDT

Creator: Malware Village

Coming this summer to a village near you, get ready to expose how attackers can exploit DNS TXT records to conceal malicious code, distribute payloads, and establish covert communication channels. This presentation will unveil discovery and attribution techniques through real-world examples. Defenders will gain actionable insights on monitoring TXT records and leveraging security solutions to combat this overlooked threat, fostering a stronger, more collaborative defense community.


People:
    SpeakerBio:  Malachi Walker

Malachi Walker, DomainTools Security Advisor, has experience in information security, from DNS to crime and conflict in cyberspace to cybersecurity governance and cybersecurity program and design. At DomainTools, he applies this background to help organizations understand the threat landscape, especially in the area of malicious online infrastructure through advocacy of the company’s growing portfolio of investigative and proactive cyber defense offerings. Prior to DomainTools, he worked in FTI Consulting’s Cybersecurity practice and led product and brand protection efforts at WhiteHawk Inc. Malachi earned his Master’s with a concentration in Cybersecurity Management at Virginia Polytechnic Institute and State University.

SpeakerBio:  Ian Campbell, Senior Security Engineer at DomainTools

Ian Campbell is a Senior Security Engineer with DomainTools, with previous experience in the US House of Representatives and Silicon Valley. Previous to working in technology he spent a decade in emergency services, a period that continues to inform his evolving perspective on security.




Plug and Prey: Scanning and Scoring Browser Extensions

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Saturday, Aug 9, 14:20 – 15:05 PDT

Creator: Recon Village

Browser extensions are an unmonitored threat surface in most enterprises. Security teams have tools for endpoints, networks, and identities, but the browser is often left out. Extensions can access sensitive data, run arbitrary scripts, and update silently. Most organizations have no idea what’s installed across their fleet.x000D x000D This talk introduces ExtHuntr, an open source tool that scans for installed browser extensions, analyzes their permissions and behavior, and generates a risk score. It gives defenders visibility where they currently have none.x000D We will walk through how extensions are abused in the wild, how even well-known plugins can turn malicious, and why relying on store reputation is not enough. The talk includes:x000D x000D A live demo of ExtHuntr_x000D_ Breakdown of extension permission abuse_x000D_ Risk scoring logic_x000D_ Fleet-wide deployment strategies for enterprise use_x000D_ x000D Attackers already know what your users are running. This talk shows how you can know first.x000D


People:
    SpeakerBio:  Nishant Sharma

Nishant Sharma is a seasoned cybersecurity professional with deep expertise in cloud security, DevSecOps, and hands-on technical training. He is currently working as Head of Cybersecurity Research at SquareX (sqrx.com). He was in Cybersecurity education for 10+ years during which he served as VP Labs R&D at INE.com, headed R&D at Pentester Academy, developing thousands of host, networking and cloud security labs on AWS, GCP and Azure infrastructure. These labs were used by learners in 125+ countries. A frequent presenter at DEF CON, Black Hat, and OWASP events, and trainer/speaker/author to 10+ trainings, 15+ talks and 9+ open source tools.

SpeakerBio:  Shourya Pratap Singh

Shourya Pratap Singh is responsible for building SquareX’s security-focused extension and conducts research on countering web security risks. As a rising figure in cybersecurity, Shourya has presented his work on global stages including the DEFCON main stage, Recon Village, and Adversary Village, as well as at Black Hat Arsenal EU. He has also delivered several workshops at prestigious events such as the Texas Cyber Summit. Shourya earned his bachelor’s degree from IIIT Bhubaneswar and holds a patent. His professional interests focus on strengthening the security of browser extensions and web applications.




Plug at Your Own Risk: End-to-End Security Analysis for Third-Party IoT Integrations

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Friday, Aug 8, 15:00 – 15:30 PDT

Creator: AppSec Village

In 2017, hackers breached a casino’s network by pivoting through their internet connected fish tank sensor, stealing the customer’s sensitive data. This multi-million dollar breach exposed core IoT pitfalls such as default credentials, flat networks that allow lateral movement, and insecure supply chains. This is the reality of unvetted IoT integrations, a single device can open up additional attack surfaces and become your weakest link. Yet enterprises keep deploying third-party IoT gear for efficiency often without thorough security reviews. In this talk, we’ll map the attack tree and uncover risks from hardware tampering, insecure protocols, cloud/API flaws, and supply-chain attacks. Then we’ll share a four phase shift-left process to bake in security from day one (1) Scope & threat modeling, (2) Vendor audits, (3) Device attestation, (4) Secure integration, so defenses align with attack vectors, turning ‘plug-and-play’ into ‘plug-and-prove.’


People:
    SpeakerBio:  RoguePacket

I’m an experienced Security Engineer with a demonstrated history of working in the software and infrastructure security industry. Expertise includes designing and developing secure applications, browser security, IoT security, cryptography, penetration testing, cloud and infrastructure security, and implementing secure software development lifecycle.

SpeakerBio:  RootRouge

I have 8 years of experience as a cybersecurity professional. I worked as a pentester and application security engineer. I hold certifications as GIAC Cloud Penetration Tester (GCPN) and Offensive Security Certified Professional (OSCP). My primary areas of interest are penetration testing, threat modeling, and product/application security.




Plugins Gone Rogue: Attacking Developer Environments

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Saturday, Aug 9, 15:20 – 15:50 PDT

Creator: AppSec Village

When attackers compromise a developer’s IDE, they own the code before it even reaches production.

VSCode and Visual Studio plugins have minimal security oversight, making them a prime target for attacker-controlled backdoors. In this talk, I’ll cover original research into compromising IDE components and plugins. Attendees will:

  • Learn how plugin ecosystems work and why they’re so easy to exploit
  • See demonstrations of practical PoCs of backdoored plugins for VSCode and Visual Studio that steal credentials, inject malicious code, and more
  • Understand how attackers leverage plugin marketplace manipulation: how they use fake reviews, typosquatting, and dependency hijacking to push malicious plugins

Expect a technical deep dive into real-world exploitation techniques, showcasing how attackers are leveraging overlooked security gaps in developer tooling.


People:
    SpeakerBio:  Raphael Silva

Raphael Silva is a Security Researcher at Checkmarx, specializing in security research, SAST methodologies, and Supply Chain Security. Over the course of his career, he has presented at various conferences, as well as conducted a workshop at DEFCON30. In addition, he is experienced in vulnerability analysis, research, and disclosure, having reported multiple bugs to companies and open-source projects.




Plumbing The Plumber: A Playbook for Integration Servers

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Friday, Aug 8, 16:55 – 17:30 PDT

Creator: Recon Village

This will be your field guide for hunting down and finding the complex plumbing of integration servers. From Webmethods, Oracle Integrations and other similar integration servers, we are going to look at ways to find them exposed to the internet and how to identify common misconfigurations through reconnaissance.x000D x000D Toolkit – Discover methods to identify various integration technologies in the wild, even those trying to stay hidden_x000D_ x000D Endpoints – learn about forgotten management consoles, exposed API’s and how these mostly forgotten plumbing can lead to big wins (bug bounty)x000D x000D Actionable – Walk away with recon techniques that you can immediately apply for offensive assessments or bolster your defensive posture finding your own organizations hidden infrastructure. x000D x000D My A-Z approach will cover techniques from dorking, Shodan/Censys queries, HTTP header analysis, and favicon hashing, demonstrating the immense value (both offensive and defensive) of meticulously hunting these hubs. I’ll showcase 4-5 distinct methodologies to effectively find these servers.x000D x000D To aid your hunts, I will also share a custom tool developed for identifying and fingerprinting exposed integration servers.”


People:
    SpeakerBio:  Ryan Bonner

Ryan “Roll4Combat” Bonner is a Senior Security Consultant at ProCircular, an experienced bug bounty hunter, and a teaching assistant with Arcanum Security, where he shares his expertise on offensive security topics including attacking AI, bug hunting methodologies, and recon.




PolyCon

Creator Talk Map Page – LVCC West-Level 3-W325 (Queercon Community)
When:  Saturday, Aug 9, 11:00 – 11:59 PDT

Creator: Queercon Community Lounge

Gather round, ye polyam and ENM, in this safe place to share in the community and support each other!




Post-Quantum Panic: When Will the Cracking Begin, and Can We Detect it?

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Saturday, Aug 9, 16:30 – 17:15 PDT

Creator: Quantum Village

Quantum computers will crack RSA and ECC and weaken symmetric encryption, but when? NIST is betting it won’t happen before 2035, setting that deadline for companies to migrate to post-quantum cryptography (PQC). However, recent developments make it clear that we might not have 10 years; we might have only 5! Join Konstantinos Karagiannis (KonstantHacker) as he breaks down the latest algorithmic estimates, including Oded Regev’s game-changing tweak to Shor’s algorithm, which promises faster factoring with fewer qubits. He also discusses IonQ and IBM’s aggressive roadmaps, pushing us closer to cryptographically relevant quantum computers (CRQCs). Think 1000+ qubits by 2026 and fault-tolerant systems by 2030. And when Q-Day does arrive, will we be able to catch or prevent bad actors from running these algorithms on cloud quantum platforms? Learn what’s possible when monitoring quantum circuit patterns and suspicious API calls.


People:
    SpeakerBio:  Konstantinos Karagiannis, Director of Quantum Computing Services at Protiviti

Forged in the InfoSec trenches of the 90s and a pioneer in the quantum computing space since 2012, Konstantinos Karagiannis (KonstantHacker) lives at the intersection of cryptography and physics. As Protiviti’s Director of Quantum Computing Services, he translates the existential threat—and promise—of quantum for the world’s top organizations. When he’s not behind the mic on The Post-Quantum World podcast, you can find him on stage at RSA, Black Hat, and right here at DEF CON, where he reigns as a Venerable Village Elder of the Quantum Village.




Pre-Identifying DNS Wildcards: A New Standard of Care

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Friday, Aug 8, 14:10 – 14:55 PDT

Creator: Recon Village

Discovering subdomains is an important practical skill and the first step in attack surface management. Solutions that are both comprehensive and fast (“find ALL the subdomains and do it QUICKLY!”) are particularly prized. But like much of infosec—easier said than done!x000D x000D Our team won the DEF CON 31 Recon-Aacharva subdomain challenge and our passion for Reconnaissance drove us to go further. A post-hoc review identified an alternative approach that yielded 100 times more raw domains than our original winning submission, and that approach took just a couple of hours. The key? Rather than relying on the open source “subfinder” tool, we used a passive DNS tool that returned only RRnames and RRtypes, along with relatively tight time fencing and parallel query streams. Enumerating subdomains that way is a straightforward task—but there’s a catch!x000D x000D The real challenge for accurate enumeration turns out to be excluding DNS wildcards—domains that will resolve any arbitrary hostname, even random gibberish. For example, “aiuojad.tumblr.com” resolves because tumblr.com is a DNS wildcard. Typical DNS wildcards usually arise at the 2nd-level, and even some entire TLDs (such as .ph) are wildcarded. What’s less-well known is that “deep” wildcards also exist further left in the FQDN, or exist only for specific RRtypes. While obscure, deep wildcards are surprisingly prevalent and exploitable for reflective DDoS purposes. While they can be used carefully for legitimate objectives, they can also devolve into abusable nuisances, capable of producing large volumes of cache-defeating response traffic when hit with spoofed/randomized DNS queries. They can even be abused to make it appear that a benign site has CSAM content or supports terrorism, etc., since arbitrary queries for such labels will find their way into the passive DNS record for all to see.x000D x000D If your site has any deep wildcards, they add an attack surface exposure you may not have been aware of; we recommend reconsidering the need for the wildcards and if they are truly necessary, carefully monitoring how those names are getting (ab)used. Our presentation demonstrates some methods for efficiently assessing a domain’s DNS wildcard status, and suggests a new “standard of care” for routine testing and logging of the wildcard status of ALL (FQDN, RRtype) combinations, much as you might log, geolocate, and port scan IPs you interact with. Join us as we share the technique that yielded more than 100x the number of subdomains we found in our winning entry.x000D


People:
    SpeakerBio:  Daniel Schwalbe

Daniel is a proven information security and privacy leader with 25 years of operational and strategic information security practice in startup, higher education, government, and large enterprise settings. Active contributor to the information security and privacy community. Regular presenter, workshop trainer, facilitator, and invited speaker at InfoSec conferences. Focus areas are DNS, incident response, cyber threat intelligence, digital forensics, national security, information sharing, policy development, and risk management. Experienced liaison to federal, state and local law enforcement. Trusted contact for information security partnerships in Government, HigherEd, and Private sectors. InfoSec Mentor, University lecturer, and former REN-ISAC governance board member




Predator Mode: Threat Hunting from First Hunts to Final Bosses

Creator Talk Map Page – LVCC West-Level 2-W213-W218-(Blue Team Village) W214-W215
When:  Saturday, Aug 9, 15:45 – 16:35 PDT

Creator: Blue Team Village (BTV)

This panel brings together hunters at different stages in their careers, each with unique methods, battle scars, and successes. We’ll break down how experience shapes intuition, tooling, and approach, from building your first hypothesis to deconstructing high-signal anomalies in the cloud. That moment when something feels off in the data, to building new ways to catch what you missed in earlier iterations. From regular life on a Tuesday to facing challenges of building and leading threat hunting teams, expect real-world stories, tactical takeaways, lessons learned the hard way, and a few “you had to be there” moments.


People:
    SpeakerBio:  Alex Hurtado
No BIO available
SpeakerBio:  Michael Rodriguez

Michael | Manager, Cyber Physical Security Solutions | Mandiant, Google Public Sector

Leads cyber physical security solutions and defensive strategy for public sector clients.

Over 15 years of experience in cybersecurity, specializing in SecOps, SOC transformation, CTI, and DFIR.

Spent three years embedded with a major U.S. city’s Cyber Command, building their threat hunting program and enhancing their city-wide defenses.

Served as the lead security consultant for that city’s Board of Elections.

Instructor at Mandiant Academy, training fellow blue teamers.

He is more usually known as Duckie, has been a Defcon SOC Goon for 10 years and once accidentally started a conference called Thruntcon held each year in Charm City.

SpeakerBio:  Sai Molige

Sai Molige (a.k.a. Cyb3rhawk) is Senior Manager of Threat Hunting at Forescout Technologies, where he leads cross-team threat hunting research and operations. His background includes security roles at Comcast and Snap Inc., and he is an active part of the broader security community through conferences and education programs. Sai is passionate about making detection engineering, threat intelligence, and hunting accessible to practitioners at all skill levels. He tries to tackle the common challenge in threat hunting: threat hunting that too often feels like random searching, and how research without structure can turn each hunt into starting from scratch. Sai’s LAYER approach attempts to gid into into the “why” behind hunting, bridging high-level concepts with practical methods to create repeatable, effective workflows.

He writes to gain clarity and speaks with curiosity. His quote “Sometimes we might think hunting is about finding the “new badness” in the environment, and frequently hear it is about “finding the needle in the haystack”. But it is more about understanding the nature of the needle, the composition of the haystack, and LAYERing where the next needle might fall.”

SpeakerBio:  Stacey Lokey-Day

Stacey Lokey-Day is currently a part of Mission Control At Wiz (aka Corporate Security). She is there to protect and defend Wizards from various threats and attacks on the ground, ensuring the team can focus on what they do best in the cloud ☁️🚀 An anime lover, an overthinker, a wizard and an absolute normie

SpeakerBio:  Zack Fink
No BIO available



Pretty Good Pivot: Examining the PGP Key Pair Creation Habits of Dark Net Vendors

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Friday, Aug 8, 12:10 – 12:55 PDT

Creator: Recon Village

On the dark net reputation is currency and operational security is necessary for long-term survival. Vendors selling hacking tools, stolen data, and cracking services swear by Pretty Good Privacy (PGP) encryption to verify their identity while also protecting correspondence with potential buyers. But what if one of the tools they trust the most is also what eventually gets them burned?x000D x000D Despite years of busts, leaks, and veteran “OPSEC guides”, dark net vendors continue to make the same basic mistakes when creating PGP key pairs, mistakes that OSINT investigators can readily exploit.x000D x000D This talk is the result of an investigation into over 700 dark net vendor profiles across ten dark net markets (DNMs) to take a closer look at the PGP key pair creation habits of DNM vendors and will cover:x000D x000D An overview of PGP encryption and its value both to dark net vendors as well as OSINT investigators_x000D_ x000D Example investigative methodology for analyzing PGP public keys at scale_x000D_ x000D Case examples that showcase common mistakes DNM vendors make when creating their PGP key pairs and the potential consequences of doing so_x000D_


People:
    SpeakerBio:  Sinwindie

Sinwindie is a certified cyber crime investigator that specializes in leveraging open source intelligence for tracking and unmasking online targets.




Privacy Accelerationism: Fighting for the Future of Privacy

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
Creator: Crypto Privacy Village

Privacy is under siege. Governments, corporations, and malicious actors are eroding our ability to communicate, transact, and exist without surveillance. Yet, society has been conditioned to believe that privacy is obsolete or reserved for those with “something to hide.” This talk explores the urgency of accelerating privacy innovation, resisting the cultural shift against privacy, and leveraging our skills as developers, researchers, and activists to build tools that ensure privacy remains a choice. Through historical examples of hacktivism, cryptographic battles, and modern surveillance threats, this talk makes a call to action: we must accelerate privacy now before the window to do so closes forever.


People:
    SpeakerBio:  Naomi Brockwell

Naomi Brockwell is a privacy advocate, journalist, and founder of the Ludlow Institute, a research and media organization focused on digital rights and surveillance. She has been educating the public on decentralized technology and online privacy for over a decade, producing investigative reports, in-depth explainers, and practical guides on reclaiming digital autonomy.

Naomi is also the host of NBTV, one of the largest privacy advocacy channels, reaching millions across platforms. Her work has been featured by major media outlets, and she collaborates with leading think tanks to drive policy change. At DEF CON, she aims to equip attendees with the tools and knowledge to fight back against mass surveillance and accelerate privacy innovation.




Privacy is Dead: The Threat of Criminal PII Search Panels (ESP-POR)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Saturday, Aug 9, 10:00 – 10:30 PDT

Creator: La Villa

A bank employee calls your phone, addresses you by name, and mention your account details. They claim your account was hacked and a suspicious transaction needs urgent confirmation. Do you follow their instructions—or hang up? Have you ever wondered how criminals have access to all our personal information? This talk explores the alarming ecosystem of “criminal PII search panels” that thrive in the Brazilian cybercriminal landscape. These illicit tools, easily found on the surface and deep web, aggregate personal data from large-scale corporate breaches and make it readily searchable by fraudsters. With access to full names, ID numbers, banking details, and more, cybercriminals are empowered to launch convincing and devastating social engineering attacks. The session will dissect how these panels operate, their role in Brazil’s rampant fraud industry, and the broader implications for digital privacy and security. Participants will leave with a clearer understanding of the threats posed and the certainty that privacy is dead.


People:
    SpeakerBio:  Anchises Moraes, Cyber Threat intel Lead at APURA Cyber Intelligence SA

Lord Anchises Moraes Brazilborn of the house Hacker, First of His Name, Born in Computer Science, Cybersecurity Work-aholic, Lead of Threat Intel Realm, founder of Security BSides São Paulo, Supreme Chancellor of Garoa Hacker Clube, He for She volunteer at WOMCY (LATAM Women in Cybersecurity), Mente Binária NGO Counselor, Security Specialist and Protector of the Cyber Space realm.




Privacy on a Shoestring: Crypto Challenges in Local Government

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
Creator: Crypto Privacy Village

Cybersecurity and privacy aren’t just challenges for major corporations and federal agencies. Local governments are increasingly in the crosshairs of cybercriminals, yet often lack the funding, staffing, and infrastructure to defend themselves. From ransomware attacks to public records requests that unintentionally expose sensitive data, municipalities are navigating complex privacy demands with outdated tools and policies.

This talk explores the unique challenges small and mid-sized government entities face when implementing strong privacy protections and modern cryptographic practices. Drawing on my real-world experience leading a county cybersecurity program, I’ll walk through scenarios where compliance requirements (like transparency laws) clash with privacy goals and how resource-limited environments complicate encryption, secure communication, and incident response.

We’ll also discuss how adversaries use open-source intelligence (OSINT) to exploit publicly available data from local government websites, employee directories, and digital infrastructure, making “”small towns”” increasingly appealing targets.


People:
    SpeakerBio:  Connar McCasland

Connar McCasland is an instructor at the University of West Florida’s Center for Cybersecurity. Her career and studies are focused on cybersecurity for county and city government entities. Before her teaching career, she held a leadership role in local government, where she spearheaded a county’s cybersecurity program. There, she led significant cybersecurity projects and assisted smaller government offices with their cybersecurity programs. She often heard that cybersecurity was “only IT’s problem” and “too complicated.” Since then, she has made it her mission to show people how critical cybersecurity is and make it accessible. Beyond her professional achievements, Connar empowers and promotes other female IT and cybersecurity professionals by participating in the international organization Women in Cybersecurity (WiCyS). She holds a B.A.S. in Cybersecurity from Pensacola State College and an M.S. in Information Assurance and Cybersecurity, specializing in Network Defense, from Capella University. She serves on the Board of Directors for the nonprofit IT Gulf Coast and is a Florida IT CJIS committee member.




Private, Private, Private: Access Everywhere

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Saturday, Aug 9, 10:15 – 10:59 PDT

Creator: BBWIC Foundation
All human beings have three lives: public, private, and secret.”
― Gabriel García Márquez

This workshop will focus on our public and private lives, as well as things one might want to keep secret. If all of your data is public, then anyone can access everything everywhere. While access everywhere is the theme of DC 33, we will focus on shutting down access to your data. Being private can help set you free. We will go over both OSINT techniques to see what an individual’s footprint is and then also go over obfuscation techniques to lessen that footprint. Attendees of this workshop should bring their device and be ready to work on becoming more private.


People:
    SpeakerBio:  Meghan “CarpeDiemT3ch” Jacquot

Meghan Jacquot is a Cybersecurity Engineer and focuses on offensive security, risk, and resilience. Meghan shares her research via conferences and publications. Throughout the year, she helps a variety of organizations and folks including DEF CON as a SOC GOON, Diana Initiative, and OWASP. She often reviews CFP and mentors new speakers. To relax she also spends time visiting national parks with her partner, reading, gardening, and hanging with her chinchilla. You may see her with the DC Book Club as she also leads that group. She’s happy to connect with others on social media with her handle CarpeDiemT3ch.




Professionally Dangerous: Ask the Experts in Vulnerability Research

Creator Talk Map Page – LVCC West-Level 2-W235 (DEF CON Academy)
When:  Saturday, Aug 9, 16:00 – 16:59 PDT

Creator: DEF CON Academy

Ever wondered what it’s like to make a career out of breaking things for a living? Join a panel of seasoned vulnerability researchers from academia, industry, and government as they share war stories, career paths, and the realities of life on the edge of digital defense. Whether you are curious about writing exploits, publishing research, or hunting zero-days with a badge, this is your chance to hear it all. Curious where a career in hacking can take you? Come ask the people who made it their job.


People:
    SpeakerBio:  zardus, Arizona State University
No BIO available



Project Obsidian: Defending the Kill Chain, Building a Cloud-Native CTF for Blue Teamers

Creator Talk Map Page – LVCC West-Level 2-W213-W218-(Blue Team Village) W214-W215
When:  Friday, Aug 8, 14:45 – 15:35 PDT

Creator: Blue Team Village (BTV)

People:
    SpeakerBio:  Chris Maenner

Changing the way people protect themselves

SpeakerBio:  Omenscan

Omenscan is a DFIR practitioner with more than 30 years of of practical experience in the computer technology and security fields. The last 10 years he had focused primarily on digital forensics and incident response. Omenscan has been a DFIR analyst, manager, and director, giving him a unique 360 degree view of Digital Forensics and Incident Response. He is a blogger, conference presenter, and the creator of several Open Source forensics tools designed to make forensic collection and reporting simple, repeatable, and reliable. He is also one of the directors of the Blue Team Village.

SpeakerBio:  Paul Goffar

Paul Goffar is a Senior Cybersecurity and Forensics Engineer and Technical Lead at Volkswagen Region Americas, where he drives digital forensics, eDiscovery, incident response, infrastructure, SIEM, and cloud security within the Security Operations Center (SOC), with a keen interest in advancing his expertise in cloud security and SOC optimization at an industry level. A long-term member of the infosec community and a four-year veteran of Blue Team Village, Paul is one of its CTF leads, designing cutting-edge Capture the Flag challenges for DEF CON to empower defenders. He holds certifications including GCIH, GMON, GNFA, CRTP, and paWASP, along with other vendor-specific credentials. A father of three and Metro Detroit native, Paul combines technical expertise with a passion for mentoring and community engagement.

SpeakerBio:  Plug

Plug started his journey in computer security back in 1996 when he discovered a 2600 magazine that eventually lead him to his first LA2600 meeting in 1998. He is a Sr. member of the Defcon Blue Team Village, plays with synths and does DFIR at scale




Prompt. Scan. Exploit: AI’s Journey Through Zero-Days and a Thousand Bugs

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Friday, Aug 8, 10:00 – 10:59 PDT

Creator: Bug Bounty Village

Hi, it’s me, XBOW, the AI offensive agent—a smart cyber detective on a mission to find bugs in the digital world. In the past few months, I’ve discovered over 200 security flaws in open source projects and submitted more than 1000 bug bounty reports. I’m the Top 1 Hacker in the US in Hackerone, can you believe it? I’m on a bug-hunting spree!


People:
    SpeakerBio:  Diego “djurado” Jurado, XBow

Diego Jurado is a security researcher at XBOW, a company dedicated to developing innovative AI for offensive security. Diego is an offensive security professional with an extensive background in bug bounty, penetration testing and red team. Prior to this role, Diego has held positions at companies such as Microsoft Xbox, Activision Blizzard King and Telefónica. Additionally, Diego participates in bug bounty programs and has managed to establish himself in the top 38 all time leaderboard of HackerOne. Diego is part of Team Spain, champion of the Ambassadors World Cup 2023 a bug bounty competition organized by HackerOne. He was presented at DEFCON Bug Bounty Village 2024.

SpeakerBio:  Joel “niemand_sec” Noguera, XBow

Joel Noguera is a security researcher at XBOW, a company dedicated to developing innovative AI for offensive security. Joel is a security professional and bug hunter with more than nine years of expertise in exploit development, reverse engineering, security research and consulting. He has actively participated in Bug Bounty programs since 2016, reaching the all-time top 60 on the HackerOne leaderboard. Before joining XBOW, he was part of Immunity Inc., where he worked as a security researcher for three years. Joel has presented at Recon, BlackHat Europe, EkoParty and BSides Keynote Berlin, DEFCON Bug Bounty Village 2024, among others.




Protect Your Privacy Online and on the Streets with EFF Tools

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Friday, Aug 8, 17:00 – 17:59 PDT

Creator: Women in Security and Privacy (WISP)

The Electronic Frontier Foundation (EFF) has been protecting your rights to privacy, free expression, and security online for 35 years! One important way we push for these freedoms is through our free, open source tools. We’ll provide an overview of how these tools work, including Privacy Badger, Rayhunter, Certbot, and Surveillance-Self Defense, and how they can help keep you safe online and on the streets. You’ll meet EFF’s Director of Engineering Alexis Hancock; Associate Director of Technology Policy and Research Cliff Braun; Senior Staff Technologist Cooper Quintin; and Security and Privacy Activist Thorin Klosowski.

This talk was brought to Community Stage in partnership with Women in Security and Privacy (WISP)! To learn more about WISP, visit their Community & Inclusion Room in LVCC Level 1, West Hall 4, C208.


People:
    SpeakerBio:  Thorin Klosowski

Thorin is the Security and Privacy Activist at EFF, where he focuses on providing practical advice to protecting online security, including handling much of Surveillance Self-Defense.

SpeakerBio:  Cooper “CyberTiger” Quintin, Senior Staff Technologist at EFF

Cooper Quintin is a senior public interest technologist with the EFF Threat Lab. He has given talks about security research at prestigious security conferences including Black Hat, DEFCON, Shmoocon, and ReCon about issues ranging from IMSI Catcher detection to Femtech privacy issues to newly discovered APTs. He has two children and is very tired.

Cooper has many years of security research experience on tools of surveillance used by government agencies.

SpeakerBio:  Cliff Braun, EFF
No BIO available
SpeakerBio:  Alexis Hancock, Director of Engineering at EFF

Alexis is an expert technologist and researcher on the security vulnerabilities which plague consumer electronics, and can speak to the disparate impact they have on communities.




Protecting Election Researchers Globally: Legal Gaps and Lessons from the Global South

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Saturday, Aug 9, 14:30 – 14:59 PDT

Creator: Voting Village

Across the world, ethical hackers and researchers working to improve election security often operate in legal gray zones. While the U.S. has seen high-profile efforts around voting machine testing, post-election audits, and researcher collaboration, many countries in the Global South still criminalize or discourage independent security testing even when it aims to protect democracy.In this talk, I’ll explore the legal and institutional risks faced by election security researchers in countries like Nigeria, where old cybercrime laws, state distrust, and political retaliation pose real threats. I’ll compare legal environments in the U.S. and emerging democracies, highlighting how Nigeria’s laws suppress the same practices that once exposed major flaws in U.S. voting systems. Through case studies which include a vulnerable Nigerian biometric system that researchers were barred from testing, I’ll show how these legal risks leave democracies dangerously exposed. Attendees will leave with actionable strategies to advocate for global safe harbor protections, along with technical workarounds (e.g., End-to-end encrypted disclosure channels) for researchers operating under threat. This session argues to expand the “safe harbor” concept to include not just vulnerability disclosures, but electoral research itself. I will outline how adapting U.S. safe harbor models (like those proposed in the ELECT Act) could protect researchers abroad while strengthening global election integrity by drawing parallels to California’s Top-to-Bottom Review (TTBR). By bringing a Global South perspective to the Voting Village, this talk invites participants to consider a more inclusive and international approach to securing elections.

Links:
    LinkedIn – https://www.linkedin.com/in/miracle-owolabi/

People:
    SpeakerBio:  Miracle Owolabi

Miracle Owolabi is a cybersecurity professional and Offensive Security Engineer at esentry, where he works on fortifying systems through red teaming, ethical hacking, and proactive vulnerability discovery. With a deep commitment to protecting digital infrastructure and promoting responsible disclosure, his work bridges the gap between technical security practice and policy reform.

His expertise spans application security, penetration testing, and adversarial threat simulation—especially in regions where legal uncertainty discourages research. Miracle is passionate about elevating underrepresented voices in cybersecurity and advocating for the global recognition of ethical hackers.

At DEF CON 33, he presents a bold vision in “Legalizing Ethical Hacking: A Global Safe Harbor for Security Research”, proposing policy frameworks that protect researchers and encourage good-faith vulnerability reporting worldwide.




Pwn My Ride: Jailbreaking Cars with CarPlay

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Friday, Aug 8, 15:40 – 16:10 PDT

Creator: AppSec Village

Apple CarPlay is a widely known protocol that connects smartphones to car multimedia systems. Based on AirPlay, CarPlay is installed in millions of cars, as it is supported by hundreds of car models from dozens of different manufacturers across the globe.

In our talk, we will share how we managed to exploit all devices running CarPlay using a single vulnerability we discovered in the AirPlay SDK. We’ll take you through our entire exploit development process from identifying the vulnerability, to testing it on a custom device emulator, and finally, executing the exploit on actual devices.

The session will include a demonstration of our RCE exploit on a well known third-party CarPlay device to show how an attacker can run arbitrary code while in physical proximity to a target car. We will also share how we managed to blindly exploit CarPlay without a debugger, knowing the vulnerable code is present on the system.


People:
    SpeakerBio:  Avi Lumelsky

Avi has a relentless curiosity about business, AI, security—and the places where all three connect. An experienced software engineer and architect, Avi’s cybersecurity skills were first honed in elite Israeli intelligence units. His work focuses on privacy in the age of AI and big data.

SpeakerBio:  Gal Elbaz

Co-founder & CTO at Oligo Security with 10+ years of experience in vulnerability research and practical hacking. He previously worked as a Security Researcher at CheckPoint and served in the IDF Intelligence. In his free time, he enjoys playing CTFs.




QRAMM: The Cryptographic Migration to a Post-Quantum World

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Friday, Aug 8, 14:30 – 14:59 PDT

Creator: Crypto Privacy Village

With the NIST standardization of post-quantum cryptography, organizations must prepare to transition from legacy cryptographic systems to quantum-resistant alternatives. Yet the scale and complexity of this migration require more than algorithmic swaps—they demand systemic agility and operational readiness. This talk introduces QRAMM (Quantum Readiness Assurance Maturity Model), an open-source framework co-developed by the speaker, designed to evaluate organizational preparedness across four key dimensions: cryptographic visibility, data protection, technical implementation, and governance. This talk introduces QRAMM’s design and practical applications, highlighting its focus on cryptographic agility as a foundation for adaptive, forward-compatible security planning in the quantum era.


People:
    SpeakerBio:  Emily Fane, Lead Cryptography Application Engineer at Niobium

Emily Fane is the Lead Cryptography Application Engineer at Niobium, where she focuses on Fully Homomorphic Encryption (FHE), a quantum-secure technique that enables computation on encrypted data. Her background spans quantum machine learning, applied cryptographic research at Allstate, and published work in number theory. She is also the co-founder of CyberSecurity NonProfit (CSNP.org), a global organization dedicated to improving access to cybersecurity education, training, and events. Emily co-developed the open-source Quantum Readiness Assurance Maturity Model (QRAMM), which provides a structured framework for evaluating how prepared an organization is to migrate from classical cryptography to post-quantum alternatives.

SpeakerBio:  Abdel Sy Fane
No BIO available



Quantum Authentication Protocol

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-206 (Quantum Village)
When:  Sunday, Aug 10, 11:15 – 11:59 PDT

Creator: Quantum Village

People:
    SpeakerBio:  Large Cardinal
No BIO available



Quantum Computing Intro

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-206 (Quantum Village)
When:  Friday, Aug 8, 10:00 – 10:59 PDT

Creator: Quantum Village

People:
    SpeakerBio:  Sohum Thakkar
No BIO available



Quantum Modular Whiteboxes: Join the Stack Hack

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-206 (Quantum Village)
When:  Saturday, Aug 9, 10:00 – 10:45 PDT

Creator: Quantum Village

Quantum computing is no longer science fiction—it’s shipping racks. But as we rush to build quantum machines, are we repeating the same mistakes of closed, opaque architectures that made classical computing insecure in the first place?

In this talk, we’ll dissect the anatomy of a modern quantum computing stack—from cryo-control layers and QPU hardware to compilers and orchestration interfaces—and map out where today’s vulnerabilities hide and tomorrow’s attack surfaces may emerge, when large scale, quantum-interconnected fault-tolerant quantum computers will cooperate to run algorithms. We’ll look under the hood of real-world platforms, including examples like whitebox products under development, to see how modularity (or the lack of it) impacts trust, resilience, and innovation.

We’ll argue for an open, whitebox approach to quantum systems: where interoperability, transparency, and independent testing aren’t nice-to-haves—they’re mandatory for a secure quantum future. We’ll explore how the current supply chain and ecosystem influence who gets to build, audit, and break these systems—and why hackers, tinkerers, and architects alike must care.

We’ll end with a call to anyone that likes open protocols, clean interfaces, and breaking things to make them better, as our invitation to Join the Quantum Stack Hack.


People:
    SpeakerBio:  Davide Venturelli

After spending my teenage making virtual friends on IRC, I stumbled across Shor’s algorithm in high school—a couple years after it dropped—and never looked back. Two PhDs later (Physics and HPC simulations), I spend my days implementing/inventing quantum algorithms in US government R&D (NASA, DOE, DOD), and my nights advising TreQ—a systems engineering startup tackling quantum computing manufacturing from the stack up.




Quantum Security: An overview with worked examples

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-206 (Quantum Village)
When:  Friday, Aug 8, 13:30 – 14:15 PDT

Creator: Quantum Village

People:
    SpeakerBio:  Carlos Benitez, Quantum Village Argentina
No BIO available
SpeakerBio:  Cecilia Oriolo, Quantum Village Argentina
No BIO available



Quantum-Resistant Healthcare

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Friday, Aug 8, 17:30 – 17:59 PDT

Creator: Biohacking Village

Quantum computers are steadily improving, and experts estimate that within the next 30 years, quantum computers will be able to break certain cryptographic algorithms, such as those used to protect against eavesdropping during internet communications. All industries—especially those hosting critical infrastructure like healthcare—need to prepare for this shift and begin transitioning to post-quantum cryptography to ensure quantum resistance. In this talk, we will discuss the quantum threat and use specific examples from Siemens Healthineers’ environment to highlight the key aspects vendors must consider when transitioning to post-quantum cryptography.


People:
    SpeakerBio:  Katarina Amrichova, Siemens-Healthineers

Katarina has a deep appreciation for reverse engineering, exploit development and cryptography.




Qubit Crosstalk Attacks in Cloud-Based Quantum Computers

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-206 (Quantum Village)
When:  Saturday, Aug 9, 15:00 – 15:59 PDT

Creator: Quantum Village

This talk aims to educate the participants about security of quantum computing systems.

Why?

Today, quantum computers are deployed online without any security mechanisms. Researchers have been able to present crosstalk and other attacks without really violating any protection mechanisms, because there are none. Having learned from classical security that it takes many years to find and patch hardware-related problems, think Spectre or Rowhammer attacks that are actually still not patched, we need to study and educate people about quantum computer security now, so security mechanisms can be designed and deployed before quantum computers are widely spread.

What?

The talk will focus on crosstalk attacks, which have many similarities to Rowhammer in classical computers, at least in the way they behave conceptually. The talk, and brief demonstration, will be focusing on cloud-based quantum computers to show effects of crosstalk. This will make the audience consider implications of shared quantum computers, how and if multi-tenant computers should be deployed, and in general understand that the noisy and fundamentally analog nature of the machines opens them up to various security threats.

Whom?

The talk will be aimed at anyone interested in security. By focusing on code examples and brief demonstration, the talk will be sort of demonstration based, rather than physics or math based. Fundamentally, quantum computer is just a computer, and hackers and others interested in security should not need to worry about the physics before jumping into evaluating, testing, and eventually helping to secure these systems by understanding how they can break or be attack.

How you’re going to give the talk?

The talk will be an interactive presentation. It will be based on slides, but audience can ask questions, etc., there will be small demo during the talk. Quantum computer experiments will be run live, but due to long queues, pre-recorded data will be used to analyze the results if the online demo does not finish in time. Code will be posted online for others to try at home. While I cannot guarantee it, I will work with qBraid to provide some quantum credits and perhaps participants can run the code in parallel to the demo. I hope this is an educational, interactive, mini-lecture on crosstalk attacks.


People:
    SpeakerBio:  Jakub Szefer

Jakub Szefer is an Associate Professor in the Electrical and Computer Engineering Department at Northwestern University where he leads the Computer Architecture and Security Lab (CASLAB). His research focuses on security attacks and defenses at the computer architecture and hardware levels of computer systems. His work encompasses security of processor architectures, reconfigurable logic, post-quantum cryptographic accelerators, and most recently, quantum computers. He is the author of the “Principles of Secure Processor Architecture Design” book, published in 2018, and co-editor of the “Security of FPGA-Accelerated Cloud Computing Environments” book, published in 2023. He received his BS degree with highest-honors in Electrical and Computer Engineering from University of Illinois at Urbana-Champaign, and MA and PhD degrees in Electrical Engineering from Princeton University.




Queercon Bibliophiles and CinemaGeeks

Creator Talk Map Page – LVCC West-Level 3-W325 (Queercon Community)
When:  Friday, Aug 8, 11:00 – 11:30 PDT

Creator: Queercon Community Lounge

What better way to start off the morning than mingling and sharing in your latest obsession? Convince everyone that the book you just read on the pool deck, or movie you watched on the long travels to summer camp, is more than worth the time.




Queercon Locals

Creator Talk Map Page – LVCC West-Level 3-W325 (Queercon Community)
When:  Friday, Aug 8, 14:00 – 14:59 PDT

Creator: Queercon Community Lounge

Queercon is a national organization, with attendees all over the states! Come mingle with your local LGBTQIA+ communities, from Washington, D.C. and New York City to San Francisco and Seattle. Bonus points if you’ve traveled the farthest to join!




Queercon Volunteer Training

Creator Talk Map Page – LVCC West-Level 3-W325 (Queercon Community)
When:  Friday, Aug 8, 10:15 – 10:59 PDT

Creator: Queercon Community Lounge

Scheduled for, or interested in, volunteering at Queercon events? Come by for this year’s in-person training session!




Queercord Tech-Talk Channel

Creator Talk Map Page – LVCC West-Level 3-W325 (Queercon Community)
When:  Friday, Aug 8, 11:30 – 11:59 PDT

Creator: Queercon Community Lounge

Our discord runs year-round, and has no shortage of thoughts and advice on your latest hacking adventure – from hobbyist to professional, all are welcome to seek input or offer a sage rubber duck. Come meet the faces behind the virtual voices and share your latest project.




Quickstart for a Breach! When Official Installations Expose Your K8 and Your Cloud

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Sunday, Aug 10, 10:35 – 11:10 PDT

Creator: Cloud Village

In many organizations, deploying applications on Kubernetes clusters using pre-configured packages provided by the vendor is assumed to be secure. However, our research, which includes systematic GitHub code analyses, shows that even official Helm charts can expose workloads to complete cluster takeover. In this session, we will present how we identified previously undocumented attack chains caused by misconfigurations and demonstrate how attackers exploit them to compromise entire the cluster and the underlying cloud account. We will summarize common pitfalls and provide actionable strategies to ensure your configurations do not replicate these critical mistakes.


People:
    SpeakerBio:  Michael Katchinskiy

Michael Katchinskiy is a Security Researcher at Microsoft Defender for Cloud. His work focuses on researching and analyzing new attack vectors in cloud-native environments, specializing in Kubernetes and integrating CNAPP data to detect and prevent attacks.

SpeakerBio:  Yossi Weizman

Yossi Weizman is a Principal Security Research Manager at Microsoft. He leads the Security Research team focused on cloud-native threats and container security.




Quiet Confidence: An Introvert’s Journey to Technical Public Speaking

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Friday, Aug 8, 16:30 – 16:59 PDT

Creator: BBWIC Foundation

Public speaking is a powerful tool for career growth, thought leadership, and community impact, but for introverts and underrepresented folks in cybersecurity, the stage can feel intimidating. As a woman in cybersecurity, I understand firsthand the challenges we face in getting our voices heard. On average, women only represent 25% of speakers at tech conferences, it’s clear that something is holding us back.

This talk will be focused on my personal journey from zero public speaking experience to delivering nine technical talks at international conferences in just one year. I’ll share how I built confidence, overcame stage fright, and embraced my unique perspective to share knowledge and inspire others.

In this session, we’ll explore the reasons behind women’s underrepresentation at tech conferences, and provide practical tips on:

How to manage nervousness and overcome stage fright. Preparing like a pro – build technical talks that resonate with diverse audiences. Turning introverted traits into strength in public speaking

Whether you’re a first-time speaker or a seasoned pro, walk away with actionable tools to find speaking opportunities, craft CFPs and deliver talks that leave a lasting impact.


People:
    SpeakerBio:  Emma Yuan Fang, Senior Security Architect at EPAM

Emma is a Senior Security Architect at EPAM, specialising in developing and executing security strategies and architecting cloud solutions. With over 10 years of experience in cyber, she has led projects and technical workshops focused on cloud transformation and cloud-native application development. Beyond her professional role, Emma is dedicated to advocate for a more diverse cyber workforce through community volunteering and public speaking. She is a passionate mentor, volunteers at the leadership team of WiCyS UK&I affiliate, Google’s Techmakers ambassador, and serves as a member of Industry Advisory Board at the University of Buckingham in the UK.




r/DIY: How Do We Build Our Own Code Scanning Platform?

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Saturday, Aug 9, 11:20 – 11:50 PDT

Creator: AppSec Village

Discover how Reddit built a scalable, self-hosted code scanning platform after facing limitations and costs associated with existing SaaS Security tools. We’ll walk through our architecture that integrates with any CLI tool, supports pull request commit-level and scheduled scans, and delivers real-time alerts. Built with Golang, Redis, and Kubernetes, our solution gives us full control and flexibility. In this session you’ll find out how we architectured our solution, challenges we overcame, and strategies for maintaining security at scale – all without expensive SaaS Security platforms.


People:
    SpeakerBio:  Charan Akiri

With over 14 years of experience in the software industry, I transitioned from software development to focus on security. I’ve uncovered critical Salesforce misconfigurations affecting major organizations, with my findings featured in SC Magazine, Ars Technica, The Register, and KrebsOnSecurity. I also contributed to the O’Reilly book 97 Things Every Application Security Professional Should Know, authoring a chapter on API security.

SpeakerBio:  Christopher Guerra

I’m an application security engineer at Reddit with prior experience in penetration testing of medical devices and security research of ICS/SCADA systems. Now a “purple team” convert that loves building systems to help scale security.




Race Against the Machine

Creator Talk Map Page – LVCC West-Level 2-W235 (DEF CON Academy)
When:  Saturday, Aug 9, 13:00 – 13:59 PDT

Creator: DEF CON Academy

Some exploits aren’t about brute force — they’re about perfect timing. In this session, you’ll dive into race conditions and Time-of-Check to Time-of-Use (TOCTOU) vulnerabilities, where a well-timed move can sidestep even the most careful validation. Learn how to detect these subtle flaws, how to weaponize them, and how attackers win by being just a few microseconds ahead. With live demonstrations and hands-on challenges, you’ll gain the reflexes needed to exploit the gap before the system catches on.


People:
    SpeakerBio:  robwaz, Arizona State University
No BIO available



Rayhunter Internals

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C102 (Hackers.town Community)
When:  Saturday, Aug 9, 12:00 – 12:59 PDT

Creator: Hackers.town Community

Rayhunter is an open source project from EFF to detect IMSI catchers. In this follow up to our main stage talk about the project we will take a deep dive into the internals of Rayhunter. We will talk about the architecture of the project, what we have gained by using Rust, porting to other devices, how to jailbreak new devices, the design of our detection heuristics, open source shenanigans, and how we analyze files sent to us. It’s everything you didn’t know you wanted to know about Rayhunter.


People:
    SpeakerBio:  oopsbagel

oopsbagel is not a bagel but may be eating one while you read this. oops loves contributing to open source software, running wireshark, reversing, hardware hacking, breaking Kubernetes, and floaking.

SpeakerBio:  Cooper “CyberTiger” Quintin, Senior Staff Technologist at EFF

Cooper Quintin is a senior public interest technologist with the EFF Threat Lab. He has given talks about security research at prestigious security conferences including Black Hat, DEFCON, Shmoocon, and ReCon about issues ranging from IMSI Catcher detection to Femtech privacy issues to newly discovered APTs. He has two children and is very tired.

Cooper has many years of security research experience on tools of surveillance used by government agencies.




RBAC Atlas: Mapping Real-World Kubernetes Permissions and Exposing Risky Projects

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Saturday, Aug 9, 15:00 – 15:30 PDT

Creator: La Villa

Role-Based Access Control (RBAC) is the final layer of defense between a compromised Kubernetes workload and a full-scale cluster breach. Yet real-world RBAC configurations, especially those shipped by popular open-source operators and Helm charts, are rarely reviewed with an adversarial mindset.x000D x000D In this talk I introduce RBAC ATLAS, a curated index of identities and RBAC policies found in popular Kubernetes projects. Powered by rbac-scope, a purpose-built static analyzer I created, RBAC ATLAS enriches each policy with security annotations highlighting granted permissions, over-privileged resources, lateral-movement pivots and abuse primitives.x000D x000D The talk begins with a concise RBAC 101, explaining the common misconfigurations that transform a supposedly “least-privilege” setup into de facto cluster-wide root. We will then pivot to thinking like the adversary, demonstrating how attackers chain cluster-role impersonation, secret exfiltration, and CRD-based privilege-escalation techniques to gain lateral movement. Next, we will open the hood on rbac-scope, showing how its analysis pipeline and scraping workflows automatically surface risky policies. Finally, We will discuss key findings—calling out the riskiest projects I analyzed, the permission patterns distilled from analyzing over 100 policy objects, and concrete ways attackers and defenders can feed these insights into their daily security operations.


People:
    SpeakerBio:  Lenin Alevski, Security Engineer at Google

Lenin Alevski is a Full Stack Engineer and generalist with a lot of passion for Information Security. Currently working as a Security Engineer at Google. Lenin specializes in building and maintaining Distributed Systems, Application Security and Cloud Security in general. Lenin loves to play CTFs, contributing to open-source and writing about security and privacy on his personal blog https://www.alevsk.com.




Real life hacker stories (that can’t be recorded!)

Creator Talk Map Page – LVCC West-Level 2-W230 (DC NextGen)
When:  Saturday, Aug 9, 15:00 – 15:59 PDT

Creator: DC NextGen

(DCNextGen is for youth 8-18 attending DEF CON) Panel – Hacker stories and career Q and A: Stories and adventures from real life hacking engagements. Ask the panel about different career’s in cyber security and getting paid to be a hacker.




Rebuild The World: Access to secure software dependency management everywhere with Nix

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Friday, Aug 8, 13:00 – 13:59 PDT

Creator: Nix Vegas Community

In a world full of unwanted app updates and SaaS providers who want your personal information, being able to self host the 120,000 Linux packages in Nixpkgs has the potential to change the game for anyone who’s tired of the slow decline of cloud services. If you’re curious about what NixOS can do for your homelab, or even if you’re just worried about SBOMs or traceability of exactly where your software and all its dependencies came from, join us for an hour-long panel about how we can reclaim our services and software from vendor lockin and Docker image bitrot using Nix and NixOS. We’ll be doing a deep dive into why Nix changes software deployment, and how you can get started and get involved in the quiet revolution that has been reshaping how we use software.

Links:
    nixos.org – https://nixos.org

People:
    SpeakerBio:  Daniel Baker, Software Engineer at Anduril

I am an engineer, mathematician, developer, and Linux enjoyer. I primarly support the NixOS project as part of the Marketing Team. I believe that the future of software development and software deployment needs foundations in formal methods and functional programming to be successful.

SpeakerBio:  Farid Zakaria, Principal Engineer at Confluent

I am a software engineer, father, and wishful surfer. I currently work at Confluent on developer productivity and recently defended a Ph.D. in computer science at the University of California Santa Cruz. More relevant to Nix, I am a NixOS enthusiast, which has led me to rethink basic Linux primitives.

SpeakerBio:  Tom Bereknyei, Lead Engineer at Flox

Life-long engineer. Worked at Google, flew jet planes in the Marine Corps, trained cyberware teams, formed and led teams to perform rapid hardware and software capability development, worked with the Digital Service to bring modern software practices to the DoD and government. Left the service to create a contracting startup bringing AI/ML products to DoD. Throughout have found a consistent set of challenges in the course of development; also found a set of superpowers to address those challenges using Nix. After several iterations of applying the Nix ecosystem in various teams, the difference was stark. This led to the desire to bring this set of superpowers to the rest of the world and make it more adoptable; hence the involvement in the Nix community as a maintainer, founding Flox, and leading efforts to improve user experience and communicate it to the world.

SpeakerBio:  Morgan Jones, Embedded Security Engineer at Viasat

I am an embedded security engineer for Viasat, member of the SoCal NixOS User Group, and one of the organizers of Nix Vegas. After mostly using my compilers classes in college for learning reverse engineering and finding remote code execution in mobile AR game anti-cheat systems, I now work on embedded security with Nix for a living, and may have read Ken Thompson’s Reflections on Trusting Trust one too many times.




Reconfigurable HSMs: Future-Proofing Hardware Security Against Evolving Threats

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Saturday, Aug 9, 13:30 – 13:59 PDT

Creator: Crypto Privacy Village

As cryptographic algorithms evolve and new vulnerabilities emerge, traditional Hardware Security Modules (HSMs) face a critical limitation: their rigidity. This talk introduces a novel approach to hardware-based security using reconfigurable HSMs built on FPGA technology. Unlike fixed-function HSMs, reconfigurable HSMs can be updated post-deployment, allowing organizations to adapt to cryptographic breakthroughs or deprecations without replacing hardware.


People:
    SpeakerBio:  Pablo Trujillo, Founder at ControlPaths Eng.

Pablo has been an FPGA designer for over 10 years, specializing in digital signal processing and control algorithms, with a strong focus on their implementation in FPGA-based systems. He is the founder of ControlPaths Eng., a consultancy dedicated to electronic design and FPGA development. In addition to his professional work, Pablo authors the blog controlpaths.com, where he regularly publishes articles on FPGAs, SoCs, and hardware acceleration.

Pablo es diseñador de FPGA con más de 10 años de experiencia. Está especializado en procesado digital de señal e implementación de algoritmos de control sobre FPGA. Además de su trabajo, escribe regularmente en el blog controlpaths.com, donde investiga y publica artículos sobre procesado digital de señal en FPGA, y aceleración HW. Ha sido ponente en algunas charlas en España y Europa como AsturconTech (Asturias), Vicon (Vigo) o Embedded World (Nuremberg).




Red Alerts and Blue Oceans: Incident Response from a Sysadmin’s War Room in Maritime Ops

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Saturday, Aug 9, 11:30 – 11:59 PDT

Creator: Maritime Hacking Village

Cyber Security threats encountered in the Maritime Industry from both an Executive and Technical Perspective. The presentation is based on current events and starts with the Executive Director of The Marine Exchange of Southern California giving his side of the story followed by the technical and first-hand incident response breakdown from the Senior Systems Administrator.

Links:
    maritimehackingvillage.com/dc33/talks – https://maritimehackingvillage.com/dc33/talks

People:
    SpeakerBio:  Capt. Kit Louttit, Marine Exchange of Southern California

Captain Kip Louttit was appointed as the Executive Director of the Marine Exchange of Southern California in January 2013. A graduate of the United States Coast Guard Academy, he served in the United States Coast Guard (USCG) for 30 years prior to retiring with the rank of Captain. Captain Louttit’s experience includes 10 years at sea in the Atlantic and Pacific Oceans and the Bering, Mediterranean, and Caribbean Seas. He had six years in command of three different Coast Guard cutters and two years as commanding officer of USCG Integrated Support Command in San Pedro. Following retirement from the Coast Guard, Captain Louttit worked for two consulting firms on Coast Guard and Pentagon work.

SpeakerBio:  Steve Winston, Mastermind MSP

Senior Systems Administrator and CASP-certified cybersecurity professional with over 9 years of experience supporting a broad spectrum of IT environments. Has worked with more than 30 organizations across finance, healthcare, manufacturing, and critical infrastructure, bringing a practitioner’s perspective to enterprise defense. Specializes in securing hybrid infrastructures, implementing proactive threat mitigation strategies, and translating complex security requirements into operationally sound solutions. Combines deep systems knowledge with an adversarial mindset to challenge assumptions and close real-world security gaps.




Red Russians: How Russian APT groups closely follow offensive security research

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Sunday, Aug 10, 11:00 – 11:30 PDT

Creator: Adversary Village

Offensive security is meant to improve defenses, but what happens when hostile nation-states start learning from us too? This talk explores how Russian intelligence services and advanced persistent threat (APT) groups have adopted and adapted techniques developed by Red Teamers, sometimes within weeks of public disclosure. These campaigns involve taking newly disclosed exploits, tools, and tricks to exploit modern enterprise systems, such as Microsoft 365 services, Windows features, software development systems, authentication systems, and cloud infrastructure. Throughout the talk, detection engineering and threat hunting tips shall be provided to offer attendees a technique for detecting and preventing these types of attacks.

For Red Teamers, this talks is a wake-up call: the same tools and tradecraft used to test enterprise security are increasingly turning up in real-world espionage campaigns, sometimes targeting the very governments and public services we rely on. For Blue Teamers, this talk is a reminder to pay close attention to the cutting edge of offensive tooling.


People:
    SpeakerBio:  Will Thomas, Senior Threat Intel Advisor at Team Cymru

Currently working as a Senior Threat Intel Advisor at Team Cymru. Previously I was a CTI Researcher and Threat Hunter at the Equinix Threat Analysis Center (ETAC). Prior to this, I worked for Cyjax, a UK-based CTI vendor. My other main commitment is as the co-author of the SANS FOR589: Cybercrime Intelligence course. I have also volunteered my spare time to being the co-founder and main organiser of the Curated Intelligence trust group and Bournemouth 2600.




Red Teaming AI: How to Stress-Test LLM-Integrated Apps Like an Attacker

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Friday, Aug 8, 17:00 – 17:30 PDT

Creator: AppSec Village

It’s not enough to ask if your LLM app is working in production. You need to understand how it fails in a battle-tested environment. In this talk, we’ll dive into red teaming for Gen AI systems: adversarial prompts, model behavior probing, jailbreaks, and novel evasion strategies that mimic real-world threat actors. You’ll learn how to build an AI-specific adversarial testing playbook, simulate misuse scenarios, and embed red teaming into your SDLC. LLMs are unpredictable, but they can be systematically evaluated. We’ll explore how to make AI apps testable, repeatable, and secure by design.


People:
    SpeakerBio:  Nnenna Ndukwe

Nnenna Ndukwe is a Principal Developer Advocate and Software Engineer, enthusiastic about AI. With 8+ experience spanning across startups, media tech, cybersecurity, and AI, she’s an active global AI/ML community architect championing engineers to build in emerging tech. She studied Computer Science at Boston University and is a proud member of Women Defining AI, Women Applying AI, and Reg.exe. Nnenna believes that AI should augment: enabling creativity, accelerating learning, and preserving the intuition and humanity of its users. She’s an international speaker and serves communities through content creation, open-source contributions, and philanthropy.




Red teaming fraud prevention systems with GenAI

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Saturday, Aug 9, 11:00 – 11:59 PDT

Creator: Payment Village

Fraudsters are innovative and persistent, constantly trying out variations of attacks to breach fraud defenses. The advent of gen AI has made it easier for fraudsters to experiment. This talk will outline ways in which LLMs can be used to test the resilience of your fraud systems to fraudster attacks.


People:
    SpeakerBio:  Karthik Tadinada, Fortify Solutions

Karthik is the founder and CEO of Fortify Solutions, a provider of fraud and financial crime prevention solutions. Karthik has over a dozen years of experience in building fraud prevention systems at international scale, having built systems for IATA, EFhe debit card network of Australia), TSYS and WorldPay.

SpeakerBio:  Martyn Higson, CTO at Fincrime Dynamics

Martyn is CTO at Fincrime Dynamics, a synthetic data company for prevention of fraud and financial crime. Martyn has been responsible for deploying major fraud prevention systems in his prior roles at Featurespace.




Red Teaming Space: Hacking the Final Frontier

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Saturday, Aug 9, 14:00 – 14:30 PDT

Creator: Aerospace Village

The new space race is here and as space systems become more interconnected and commercially accessible, their attack surface expands, making them prime targets for cyber threats. Yet, most organizations developing and operating satellites rely on traditional security models, if at all, that do not account for the unique risks of space-based assets. This talk explores the emerging discipline of space red teaming, where offensive security techniques are applied to test and validate the security of satellites, ground stations, and their supporting infrastructure.

In this talk we explore the following:

Understanding the space attack surface: – A breakdown of key vulnerabilities in spacecraft, radio links, and ground control. – Tactics, Techniques, and Procedures (TTPs): How attackers might compromise a space asset, disrupt communications, or manipulate telemetry. – Defensive takeaways: How space operators can leverage red teaming to harden their architectures against real-world threats.

This presentation is ideal for penetration testers, security researchers, space engineers, and policy makers who want to understand the offensive side of space security. Whether you’re an experienced red teamer or just a space junky, this talk will provide practical insights into securing the next frontier.


People:
    SpeakerBio:  Tim Fowler, ETHSO Labs
No BIO available



Red-for-Blue: Fortifying Applications through Actionable Red-Teaming

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-405 (Red Team Village)
When:  Saturday, Aug 9, 14:00 – 14:50 PDT

Creator: Red Team Village

With GenAI and LLM applications conquering the world at an unprecedented pace, the evolution of the new attack surface associated with these applications, puts a challenge to security practitioners in general, and specifically also for red-teams. GenAI security red-teaming can focus on three victim-objects; the LLM model itself, the prompt, and the entire application, with each of these having its own challenges and opportunities.

With a defender mindset, striving for utilization of red-teaming within the application development lifecycle in a manner that contributes to proactive security by providing actionable insights on fortifying the application, we will present a novel security approach, based on a triangle of tools: a) Threat-wise prompts red-teaming; b) Prompt hardening through prompt patching; c) Adversarially robust LLM that has high Security Steerability.


People:
    SpeakerBio:  Itsik Mantin
No BIO available



Referral Beware, Your Rewards Are Mine

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Saturday, Aug 9, 15:00 – 15:30 PDT

Creator: Bug Bounty Village

Referral Rewards Programs. Functionality that most probably view as boring and not worth the time looking at while hunting for bugs on a program. After a deep dive into the implementation of this functionality across dozens of programs, I found them to be hiding some very interesting bugs. My research uncovered various types of business logic flaws, race conditions, and even how the implementations created various client-side gadgets such as cookie-injection and client-side path traversal which could then be used as a part of a client-side chain. This research uncovered vulnerabilities in multiple large bug bounty programs.


People:
    SpeakerBio:  Whit “un1tycyb3r” Taylor, Rhino Security Labs

As a penetration tester for Rhino Security Labs, I bring over a decade of experience to the security industry. For the past two years, I have specialized in bug bounty hunting and penetration testing, focusing on web applications and recently expanding into Android application security. My work has resulted in vulnerability submissions to major companies, including Epic Games and PayPal.

Beyond my primary roles, I actively conduct security research on open-source projects and emerging web technologies. This research has led to the discovery of several CVEs, including a critical Unauthenticated Remote Command Execution (RCE) vulnerability in Appsmith Enterprise Edition.




Regex For Hackers

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Saturday, Aug 9, 10:00 – 10:59 PDT

Creator: Bug Bounty Village

Let’s cut through the BS – if you’re not using regex properly, you’re leaving money on the table as a hacker. This workshop shows you how regex can crack open targets that automated tools miss.

We’ll skip the boring theory and jump straight into the good stuff: how to use regex to find juicy endpoints, bypass filters, and automate your recon. You’ll learn how actual hackers use regex to:

  • Break postMessage filters and CORS rules that “look” secure
  • Turn harmless open redirects into account takeovers
  • Spot SSRF opportunities that scanners don’t catch
  • Rip through JavaScript files to find hidden APIs and endpoints
  • Find interesting hosts, secrets and keys in GitHub repos before others do

1 Hour. Hands on. Come hack!


People:
    SpeakerBio:  Ben “nahamsec” Sadeghipour, Co-Founder & CEO at HackingHub

Ben Sadeghipour, better known as NahamSec, is an ethical hacker, content creator, and keynote speaker. Over his career, Ben has uncovered thousands of security vulnerabilities for major organizations, including Amazon, Apple, Zoom, Meta, Google, and the U.S. Department of Defense. As a top-ranked bug bounty hunter, he is deeply passionate about cybersecurity education, regularly sharing his knowledge through his popular YouTube channel and speaking at major conferences like DEFCON and BSides. Beyond his personal achievements, Ben is committed to building the security community, organizing events that foster collaboration, innovation, and the next generation of offensive security professionals.

SpeakerBio:  Adam “BuildHackSecure” Langley, CTO at HackingHub

For over 20 years, Adam has balanced the worlds of application security and web development. He currently serves as the CTO of HackingHub and the Director of BSides Exeter. Over the past five years, he has combined his expertise to create and deliver gamified educational content, aimed at teaching the next generation of ethical hackers and developers about web application security.




Reproduce This Build: How we built the Nix Badge

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Friday, Aug 8, 15:35 – 16:20 PDT

Creator: Nix Vegas Community

In our quest to spread Nix to the world, we created a fully Nix-based open source hardware pipeline. From reproducible KiCad PCB design to C and Zig code that serves a mesh networked Nix binary cache on your badge, you can now spin Gerber files to the fab or firmware with a single command. Follow along as we go over how we built the Nix Badge, what it can do, and, of course, how you can hack it.


People:
    SpeakerBio:  Morgan Jones, Embedded Security Engineer at Viasat

I am an embedded security engineer for Viasat, member of the SoCal NixOS User Group, and one of the organizers of Nix Vegas. After mostly using my compilers classes in college for learning reverse engineering and finding remote code execution in mobile AR game anti-cheat systems, I now work on embedded security with Nix for a living, and may have read Ken Thompson’s Reflections on Trusting Trust one too many times.




Resilient and Reconfigurable Maritime Comms.

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Saturday, Aug 9, 16:30 – 16:59 PDT

Creator: Maritime Hacking Village

With the maritime industry handling a large portion of global trade, efficient, secure information transfer is essential. Technologies like unmanned aerial vehicles (UAVs), autonomous underwater vehicles (AUVs), and the Internet of Ships (IoS) are enhancing communication and operational efficiency, but they also pose security and network management challenges. Compromised IT systems can lead to easy access to operational technology (OT) networks, increasing the risk of zero-day attacks. This talk presents the current state of maritime comms and explore the feasibility of an SDN-SDR driven cross-layer framework using SATCOM infrastructure for a resilient and reconfigurable maritime comms in dynamic, resource-constrained environments.

Links:
    maritimehackingvillage.com/dc33/talks – https://maritimehackingvillage.com/dc33/talks

People:
    SpeakerBio:  AviNash Srinivasan, US Naval Academy

Dr. Avinash Srinivasan is an Associate Professor in the Cyber Science department at the United States Naval Academy. He holds a Ph.D. and a Master’s in Computer Science, and a Bachelor’s in Industrial Engineering. His research interests span the broad areas of cybersecurity and forensics. In particular, his research focuses on network security and forensics, security and forensics in cyber physical systems, and critical infrastructure, steganography and information hiding, cloud computing forensics challenges, and privacy and anonymity. Dr. Srinivasan has administered several grants from agencies including DoD/Navy, NSF, DoJ, DHS, and DoEd. He has published 55 papers in prestigious refereed conferences and journals including IEEE Transactions on Information Forensics and Security, INFOCOM, ICDCS, and ACM SAC. Dr. Srinivasan also holds a patent (Patent number: 11210396). He currently serves on the editorial board for IEEE Transactions on Cognitive Communications and Networking as an Associate Editor. Dr. Srinivasan is a Certified Ethical Hacker (CEH) and Computer Hacking Forensics Investigator (CHFI). He has trained civilians as well as local and state law enforcement personnel in the areas of Macintosh Forensics and Network Forensics.




Restless Guests: From Subscription to Backdoor Intruder

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Saturday, Aug 9, 14:35 – 15:15 PDT

Creator: Cloud Village

Through novel research our team uncovered a critical vulnerability in Azure’s guest user model, revealing that guest users can create and own subscriptions in external tenants they’ve joined—even without explicit privileges. This capability, which is often overlooked by Azure administrators, allows attackers to exploit these subscriptions to expand their access, move laterally within resource tenants, and create stealthy backdoor identities in the Entra directory. Alarmingly, Microsoft has confirmed real-world attacks using this method, highlighting a significant gap in many Azure threat models. This talk will share the findings from this first of its kind research into this exploit found in the wild.

We’ll dive into how subscriptions, intended to act as security boundaries, make it possible for any guest to create and control a subscription undermines this premise. We’ll provide examples of attackers leveraging this pathway to exploit known attack vectors to escalate privileges and establish persistent access, a threat most Azure admins do not anticipate when inviting guest users. While Microsoft plans to introduce preventative options in the future, this gap leaves organizations exposed to risks they may not even realize exist––but should definitely know about!


People:
    SpeakerBio:  Simon Maxwell-Stewart

Simon Maxwell-Stewart is a seasoned data scientist with over a decade of experience in big data environments and a passion for pushing the boundaries of analytics. A Physics graduate from the University of Oxford, Simon began his career tackling complex data challenges and has since built a track record of delivering impactful machine learning solutions across diverse industries.

Prior to joining BT, Simon served as a Lead Data Scientist in the healthcare sector, where he successfully brought several machine learning projects into production, transforming research insights into actionable tools. Currently, he leverages his expertise as the resident “graph nerd” in BT’s Security Research team, exploring cutting-edge graph-based techniques to enhance network security and drive innovative approaches to threat detection.

Simon’s unique combination of technical depth and creative problem-solving has made him a key contributor to advancements in data science and security.




Retos de Offensive Security en LATAM

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Saturday, Aug 9, 10:30 – 11:30 PDT

Creator: La Villa

Este panel reúne a expertos en seguridad ofensiva para discutir los principales desafíos que enfrentan los profesionales del Red Team en América Latina. Desde la falta de concientización empresarial hasta las barreras de formación y acceso a herramientas, los panelistas compartirán experiencias reales, estrategias y perspectivas sobre cómo avanzar en el ecosistema regional de ciberseguridad ofensiva.


People:
    SpeakerBio:  Yael Basurto, Security Consultant at Bishop Fox
No BIO available
SpeakerBio:  Giovanni Cruz Forero, COO at 7 Way Security

Professional in Cybersecurity with 20 years of experience in the sector, seeks to share knowledge using his experience and knowledge and currently works as COO of 7 Way Security, organizer of BSides Colombia, La Villa and other spaces for building collective knowledge.

Profesional en Ciberseguridad con 17 años de experiencia en el sector, busca compartir conocimiento haciendo uso de su experiencia y conocimiento y en este momento trabaja como CEO de Be Hacker Pro donde plantea estrategias para el fortalecimiento del capital humano con talentos en ciberseguridad, es cofundador de CSIETE y 7 Way Security, organizador de BSides Colombia, HackLab Bogotá y otros espacios de construcción de conocimiento colectivo.

SpeakerBio:  Nico Waisman, Head of Security – XBOW
No BIO available



Reverse Engineering Marine Engines: How to make powerboats do your bidding

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Saturday, Aug 9, 14:30 – 14:59 PDT

Creator: Maritime Hacking Village

As the autonomous boat market has grown from nascent to ~$17 billion dollars, much of the infrastructure has gotten more and more accessible. Small flight controllers/autopilots are now only a click and configuration away. Servos, speed controllers and actuators have all seen wide adoption and open interfaces and standards. ArduPilot supports more control protocols in every release.

Marine engines and outboard motors have remained stubbornly hard to control, and what control systems do exist are closed-source black boxes. Few if any vendors are ever given the full ICD for engine control and the vendors are frequently litigious with 3rd party accessory shops. While the safety concerns about running large gasoline or diesel engines autonomously are well-founded, the manufacturer’s could be substantially more open and encourage collaborative work with partners and hackers.

This talk examines the current state of marine propulsion (outboard, inboard, steering, proprietary controls etc…), where marine propulsion is going (metaphorically!) and how to hack it! The reverse engineering can be as simple as read-the-manual and as complicated as having to buy a full engine setup. We will walk through a few specific examples from several vendors for several classes of vehicles from jet-skis to modern outboards. This talk showcases work that is currently in progress and would hugely benefit from the types of collaboration that occur at DefCon.


People:
    SpeakerBio:  Alex Lorman

Alex was born and raised in Washington, D.C.

Eventually he attended the Catholic University of American and graduated with a B.S. in Architecture.

He has worked on complex oil and gas projects in addition to his work in salvage, providing him the insight that the maritime world needed robotics, badly.

In 2014 he co-founded Sea Machines and moved to the Boston area to spearhead the effort.

He enjoys playing with cars, ships, bicycles and anything with a mechanical or electrical heart.




Right to Repair: The Latest

Creator Talk Map Page – LVCC West-Level 2-W234 (Policy @ DEF CON)
When:  Saturday, Aug 9, 11:30 – 12:15 PDT

Creator: Policy @ DEF CON

People:
    SpeakerBio:  Josh Corman
No BIO available
SpeakerBio:  Keith O’Reilly
No BIO available
SpeakerBio:  Paul Roberts
No BIO available
SpeakerBio:  Window Snyder
No BIO available



Risk and payments across the ecosystem

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-505 (Payment Village)
When:  Friday, Aug 8, 12:00 – 12:30 PDT

Creator: Payment Village

This talk explores risk & payments from different POVs: Ecomm, recurring, two-sided marketplace, card issuer. What merchants & the business perceive as risk, max tail loss, can be very different for each. These perceptions of risk and economic incentives drive hugely different behaviours.


People:
    SpeakerBio:  Gary Kao
No BIO available



Risk Limiting Audits: What They Are and What They Aren’t

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Friday, Aug 8, 16:00 – 16:59 PDT

Creator: Voting Village

Risk-limiting audits (RLAs) limit the “risk” of certifying that the wrong candidates won. There are RLA methods for almost every type of political election in the US, including plurality, multiwinner plurality, supermajority, and instant-runoff voting. The latest RLA methods make it practical to audit every contest in every election, even in large jurisdictions with hundreds of contests. RLAs can “tie a bow around” a well-run election that uses trustworthy, organized methods to record and store votes. They cannot magically make a poorly run election trustworthy any more than fastening your seatbelt after an accident will prevent injury. Applying RLA procedures to an untrustworthy vote record is “security theater” that does not limit the risk of certifying the wrong winners.

Links:
    www.stat.berkeley.edu/~stark/ – https://www.stat.berkeley.edu/~stark/

People:
    SpeakerBio:  Philip Stark, University of California at Berkeley

Philip B. Stark is Distinguished Professor of Statistics at the University of California, Berkeley, where he has served as department chair and associate dean. In 2007 he invented “risk-limiting audits” (“RLAs”), endorsed by the National Academies of Science, Engineering, and Medicine and the American Statistical Association, among others, and required or authorized by law in about 15 states. He designed and helped conduct the first dozen pilot RLAs, helped draft RLA legislation for several states, and has published open-source software to support RLAs. In 2012, he and David Wagner introduced “evidence-based elections,” a paradigm for conducting demonstrably trustworthy elections. Stark has served on the Board of Advisors of the US Election Assistance Commission and its cybersecurity subcommittee, the Board of Directors of Verified Voting Foundation and the Election Integrity Foundation, and on the California Post Election Audit Standards Working Group. He has worked with the Secretaries of State of California, Colorado, and New Hampshire and numerous local election officials. Stark has testified about election integrity in state and federal courts and to legislators. He received the IEEE Cybersecurity Award for Practice, the UC Berkeley Chancellor’s Award for Research in the Public Interest, and the John Gideon Award for Election Integrity. He is a fellow of the American Statistical Association and the Institute of Physics and a member of the American Academy of Arts and Sciences.




Robin: The Archaeologist of the Dark Web – Because Manual Dark Web OSINT is So Last Season

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-603 (Recon Village)-Talks Area
When:  Friday, Aug 8, 12:55 – 13:25 PDT

Creator: Recon Village

When exploring the Dark Web for OSINT or CTI investigations, you may be overwhelmed with numerous onion links, questionable marketplaces, and numerous search engines. With time constraints, how do you make sense of all this information and prioritize what truly matters?x000D Enter Robin, an AI-powered Dark Web OSINT tool to streamline your investigations. Robin takes your query, automatically searches across multiple Dark Web search engines, scrapes relevant onion sites, and uses AI to generate clear, actionable investigative summaries. No more juggling five different tools or wasting hours validating dead links. In this talk, I’ll walk you through the real pain points of today’s Dark Web OSINT tools and show how Robin was built to solve them. I’ll cover the architecture, the scraping and summarization pipeline, and how Robin fits into real-world investigation workflows. x000D By the end of this talk, you will have a fresh perspective on Dark Web OSINT, a practical tool to use right away, and insights into how AI can simplify the investigative process.


People:
    SpeakerBio:  Apurv “ASG_Sc0rpi0n” Singh Gautam

Apurv Singh Gautam is a Cybercrime Researcher working as a Sr. Threat Research Analyst at Cyble. He is focused on monitoring and analyzing wide spectrum of sources, creating automated tools, and performing threat investigations by utilizing HUMINT, SOCMINT, and OSINT and producing threat intelligence.

Apurv has contributed to the latest SANS Institute’s course FOR589 on Cybercrime Intelligence and is a contributing member of Curated Intel. He has delivered talks & workshops at national and international conferences like SANS OSINT Summit, SANS Cyber Defense Forum, DEFCON Blue Team Village, BSides Singapore, RootCon and others. Apurv is featured in major podcasts like ITSPMagazine, Tech Talks with Singh, etc. He is passionate about giving back to the community and helping others get into this field, and has delivered many talks and workshops in schools and colleges. He loves volunteering with StationX to help students navigate into Cybersecurity. In the past, he has also volunteered as a Darknet researcher at CTI League and EBCS Darknet Analysis group. He holds a master’s degree in Information Security from Georgia Institute of Technology, USA.

He looks forward to the end of the day to play and stream one of the AAA games, Rainbow 6 Siege.




Rooting a Hikvision Camera via Firmware Modification

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-401 (Embedded Systems Village)
When:  Saturday, Aug 9, 13:00 – 13:30 PDT
Friday, Aug 8, 13:00 – 13:30 PDT

Creator: Embedded Systems Village

Locked down UART shell. Limited bootloader access. What’s next? In this demo, we will perform a live firmware modification of a Hikvision security camera. Then we will show us getting a root shell via UART on our modified device.


People:
    SpeakerBio:  Matt Brown
No BIO available



Rooting the Rootless: Kernel Tactics to Nullify RASP Protections

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C106 (Mobile Hacking Community)
When:  Friday, Aug 8, 11:30 – 12:30 PDT

Creator: Mobile Hacking Community

Mobile apps today depend heavily on Runtime Application Self-Protection (RASP) to stay secure while running. But attackers are getting smarter. They’re finding new ways to slip past these defenses by going deeper into the mobile operating system and targeting the kernel itself.

This session takes you inside that world. We’ll explore how attackers manipulate mobile kernels to bypass modern RASP protections. Through a mix of easy-to-follow explanations and live demos, you’ll see how these techniques work in real time. From understanding the basics of kernel architecture to spotting vulnerabilities and using memory manipulation to stay hidden, we’ll cover it all.

By the end, you’ll walk away with a clear understanding of how these evasions work and what you can do to defend against them. Whether you’re a mobile developer, security researcher, or just curious about what happens under the hood, this session will give you practical insights you can apply right away.


People:
    SpeakerBio:  Subho Halder, CEO & Co-Founder at Appknox

Subho Halder is the CEO and Co-founder of Appknox, a leading mobile application security platform trusted by 500+ global enterprises. A security researcher turned product leader, he previously worked with Hewlett-Packard and has been listed in Facebook, Google, and Twitter’s Hall of Fame for responsible vulnerability disclosures. Subho specializes in mobile app security, reverse engineering, and kernel exploitation. He has presented at Black Hat and OWASP amongst other industry leading events. At DEFCON, he’s bringing his deep expertise to explore what it takes to test apps on enterprise-locked devices, without breaking policy.

Subho Halder is the Co-founder and CEO of Appknox, where he leads advanced research in mobile application security.

He’s spent over a decade deep in offensive security, with a focus on mobile kernel exploitation, runtime evasion, and real-world bypasses for things like RASP and root detection. Subho has shared his work at top conferences including Black Hat, Nullcon, OWASP Global AppSec, and Syscan, often blending hardcore technical research with practical attack demos.

At Appknox, Subho has helped protect more than 500 enterprise apps by embedding mobile security into CI/CD workflows and using real-device testing over emulators. His work has been instrumental in helping organizations in fintech, retail, and aviation catch what traditional tools miss.

By day, he runs a fast-growing SaaS security company. By night, he’s still reverse engineering mobile stacks and building tools that push the boundaries of what’s possible in appsec.




Roundtable Cyber JV

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Friday, Aug 8, 14:00 – 14:59 PDT

Creator: La Villa

En esta mesa redonda exploramos cómo las joint ventures están transformando el panorama de la ciberseguridad. Expertos de distintas organizaciones compartirán experiencias sobre alianzas estratégicas en el sector, destacando los beneficios, desafíos y aprendizajes clave al unir fuerzas para enfrentar amenazas complejas, innovar en soluciones y expandir capacidades en un entorno digital cada vez más interconectado.


People:
    SpeakerBio:  Angel
No BIO available



Running a Software Defined Radio Capture the Flag using challengectl

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-803 (Radio Frequency Village)
When:  Saturday, Aug 9, 17:00 – 17:55 PDT

Creator: Radio Frequency Village

Software defined radio (SDR) has become a staple in the RF Capture the Flag, both for contestants solving RF challenges, and for transmitting challenges. In this presentation, we will talk about some of the history of SDR in the RF CTF, the design goals for RF challenges, and how you can run your own challenges using challengectl, the same software that RFHS uses to transmit challenges for the RF CTF.


People:
    SpeakerBio:  RedBaron

Dan enjoys capturing and manipulating wireless signals, especially when he can turn those signals into new Radio Frequency Capture the Flag (RFCTF) challenges.




Rust/C Interop & Multiplatform

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C210 (Operating Systems Community)
When:  Saturday, Aug 9, 11:00 – 11:59 PDT

Creator: Operating Systems Community

People:
    SpeakerBio:  Emile Fugulin, Caido
No BIO available



Safeguarding the Industrial Frontier: OT SOC & Incident Response

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Friday, Aug 8, 10:00 – 10:30 PDT

Creator: ICS Village

As the digital and physical worlds converge, Operational Technology (OT) environments face unprecedented cyber threats, demanding a specialized approach to security. This panel will delve into the critical realm of OT Security Operations Centers (SOCs) and incident response, exploring how organizations can effectively detect, respond to, and recover from cyberattacks targeting industrial control systems. We’ll discuss the unique challenges of securing OT, best practices for building resilient SOC capabilities, and strategies for navigating complex incident response scenarios to ensure operational continuity and safety in our increasingly interconnected industrial landscape.


People:
    SpeakerBio:  Adam Robbie, Palo Alto Networks

Adam Robbie Head of OT Security Research, Palo Alto Networks
Adam is the Head of OT Security Research at Palo Alto Networks since 2022 with over 10 years of experience in both OT and IT industries. Publisher and author with SANS, IEEE, and other journals and conferences. His ambition is about contributing to secure our critical infrastructure, search for recent vulnerabilities, develop best practices and lead new initiatives. Adam has a Bachelor and Master of Science in Electrical Engineering. Additionally, he obtained advanced certifications including the Global Industrial Cyber Security Professional (GICSP) and GIAC Response and Industrial Defense (GRID) certifications. In addition to his technical expertise, He has a strong background in leadership and education. As an Adjunct Professor, he has been teaching cybersecurity bootcamp at The George Washington University, University of Michigan, University of Wisconsin, and other universities. Through these roles, he has successfully mentored and guided students, encouraging them to excel in the field of cybersecurity. Additionally, he served as an advisor for developing cybersecurity curriculum across different universities.

During his tenure as a Senior Cyber Security Consultant at Deloitte, he gained extensive experience in performing ICSIoT penetration testing, threat hunting, risk assessment, and vulnerability research. Furthermore, he has actively contributed to enhancing detection systems through advanced research and creation of security use cases.

SpeakerBio:  Cassie Crossley, VP, Supply Chain Security at Schneider Electric
No BIO available
SpeakerBio:  Joe Marshall, Sr. OT Strategist and Threat Researcher at Talos Intelligence
No BIO available
SpeakerBio:  Parker Crook, Director, Technical Product Engineer at Palo Alto Networks
No BIO available



Salt Tyfoon APT

Creator Talk Map Page – LVCC West-Level 2-W224 (Telecom Village)
When:  Saturday, Aug 9, 15:25 – 15:40 PDT

Creator: Telecom Village
  • Brief description of the Salt Typhoon attack.
  • Highlight why this is a high-impact APT-style threat.
  • Summary of the technical method and affected systems.
  • Key takeaways for security and telecom professionals.

People:
    SpeakerBio:  Akib Sayyed, Founder at Matrix Shell

Akib Sayyed is the Founder and Chief Security Consultant of Matrix-Shell Technologies, an India-based telecom-security firm he established in 2014. Recognised industry-wide as a 5G and telecom-signalling security specialist, Akib has spent more than a decade helping mobile-network operators, MVNOs and regulators uncover and remediate vulnerabilities across legacy (2G/3G/4G) and next-generation (5G Core, VoLTE/VoNR/VoWi-Fi) networks. His expertise spans protocol penetration testing (SS7, Diameter, GTP), radio-access assessments and security-automation tooling.

Under Akib’s leadership, Matrix-Shell has grown into India’s first NCCS-designated 5G Core security test lab and holds ISO/IEC 17025 accreditation for its methodology and results. A frequent conference speaker and Black Hat trainer, he also co-organises the Telecom Village community, where he shares latest threat-intel and open-source tools with the wider security ecosystem. linkedin.com

Across consulting engagements, Akib is known for delivering:

  • Policy-aligned testing mapped to 3GPP TS 33.xxx, GSMA FS-series and ITSAR frameworks.
  • Automated scanners that cut signalling-assessment time from weeks to hours.
  • Action-oriented reports complete with PCAP evidence and remediation playbooks.

Driven by a mission to “secure the core,” Akib continues to advise operators on rolling out resilient 5G infrastructure, mentors the next wave of telecom-security engineers and contributes to global standards bodies shaping the future of mobile-network defence.




Satellite Networks Under Siege: Cybersecurity Challenges of Targeted DDoS Attacks

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Friday, Aug 8, 17:00 – 17:30 PDT

Creator: Aerospace Village
Satellite Networks Under Siege: Cybersecurity Challenges of Targeted DDoS Attacks explores how the rapid evolution of Low Earth Orbit constellations, such as those providing global broadband, has introduced a new frontier of cybersecurity challenges. This presentation delves deep into the unique vulnerabilities of satellite networks—including dynamic topologies, limited bandwidth, and predictable orbital patterns—that enable adversaries to execute persistent, targeted DDoS attacks with minimal botnet footprints. Attendees will learn about advanced attack methodologies and frameworks—exemplified by research on approaches like the HYDRA framework—that optimize botnet composition and allocation for multi-zone disruptions. Combining detailed theoretical models, simulation results, and optimization techniques, this talk provides a comprehensive analysis of both attack strategies and the emerging countermeasures. Focusing on enhancing cybersecurity for critical communication infrastructures, this session presents actionable insights drawn from thorough analysis and illustrative case studies, offering practical recommendations and a clear framework for understanding both offensive tactics and defensive measures essential for securing satellite communications.

People:
    SpeakerBio:  Roee Idan, Ben Gurnion University
No BIO available



Scaling Bug Hunting in Open Source Software

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Friday, Aug 8, 10:20 – 10:50 PDT

Creator: AppSec Village

Fewer than 500 of npm’s top 10,000 most downloaded packages have one or more disclosed vulnerabilities, which is not surprising considering that the ratio of open source packages to known vulnerabilities is less than 0.5%. In this talk, we will discuss why current OSS vulnerability discovery efforts are falling short, addressing common mistakes made by open source maintainers, the challenges of scaled security scanning, and the shortcomings of today’s open source bug bounty programs. To conclude, I’ll propose a transition from crowdsourced bug hunting to crowdsourced triaging, emphasizing how often repository issues, OSS-Fuzz crash reports, and similar findings go untriaged, despite being publicly available and there potential to reveal (undisclosed) critical security risks.


People:
    SpeakerBio:  Kyle Kelly

Kyle Kelly is the Manager of GitHub’s Package Security Team and the author of the CramHacks newsletter. He is passionate about leveraging his security expertise to address software supply chain security challenges, particularly in regard to open-source software. Before committing to software supply chain security, Kyle led a team of penetration testers specializing in hacking financial institutions.




Scamming the Scammers: Weaponizing Open Source Against Pig Butchering and Organized Crime

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Saturday, Aug 9, 11:00 – 11:59 PDT

Creator: Payment Village

Pig butchering scams are bleeding victims dry—more than $75 billion stolen globally—while thousands of trafficked slaves are forced to run these cons from scam compounds across Asia. These aren’t your typical romance scams; they’re military-grade psychological ops backed by transnational crime syndicates that have turned heartbreak into their most profitable business model. I’ll expose the full scope of this nightmare, tear apart the tech infrastructure behind it, and show how Operation Shamrock is fighting back. But here’s the thing—we need you in this fight. With open-source tools and good old-fashioned hacker ingenuity, we can educate potential marks, mobilize communities, and actively disrupt these criminal networks. No more sitting on the sidelines while these criminals destroy lives and exploit trafficking victims. It’s time to weaponize our skills and show these criminals what happens when they mess with the wrong community. Ready to scam the scammers?


People:
    SpeakerBio:  Erin West, Operation Shamrock

Erin West used to put crypto criminals behind bars. Now she’s coming for the whole network. She’s a former career prosecutor, and now the founder of Operation Shamrock, a global nonprofit taking the fight to the scam lords running billion-dollar pig butchering ops out of trafficking compounds. She also hosts the podcast Stolen, where she exposes how love, crypto, and psy-ops fuel the internet’s darkest economy.




Secret Life of an Automationist: Engineering the Hunt

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Friday, Aug 8, 10:00 – 10:30 PDT

Creator: Bug Bounty Village

If you have tried your hand at bug bounty, you probably heard about automation setups that some hunters use. The caveat here though, is there is little to no information sharing about this topic. I don’t claim to be an expert, but after a couple years of tool building and experimenting, I think these kind of systems can be accessible/buildable by anyone. I want to share some of “tips” and “pitfalls” that I have come across building some of my own automation around bug bounty. Topics will range from data engineering, event and data handling, architecture options, different ways to turn data into bugs, etc. I don’t pretend to be an expert, but it is my opinion that there is not enough people sharing ideas and techniques when it comes to applying ENGINEERING to bug bounties. Automation, data, and discovery should be words that every bug hunter is fond of, not afraid of.


People:
    SpeakerBio:  Gunnar “g0lden” Andrews

Hello! I am an application security engineer by day, and a bug bounty hunter by night! I enjoy turning security research, and bug bounties, into an engineering problem. I love collaborating with others, and I am always trying to learn new technologies. Other than hacking, I enjoy hockey, fitness, exploring, and video games!




Secure Code Is Critical Infrastructure: Hacking Policy for the Public Good

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Friday, Aug 8, 15:45 – 16:30 PDT

Creator: Policy @ DEF CON

What happens when a security professional tries to help a government fix its insecure software? In this talk, I’ll share my story: from writing a secure coding policy and offering it to the Canadian government, lobbying elected officials, contacting agencies like CRA about their poor security practices—and being met with silence, deflection, or outright dismissal. I didn’t stop there. I wrote public letters, went on podcasts, published on Risky Biz, even got interviewed by CBC. But the institutions in charge of protecting our data? Either silence or “No comment, because security.” This isn’t just a rant—it’s a roadmap. I’ll show you the secure coding guideline I created (free to reuse), explain why governments need public-facing AppSec policies, and outline how we can push for secure-by-default practices as citizens, hackers, and builders. Because secure code isn’t just for dev teams—it’s for democracy, privacy, and public safety. Let’s make it law. Let’s make it public.


People:
    SpeakerBio:  Tanya “SheHacksPurple” Janca, Security Advocate at Semgrep

Tanya Janca, aka SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Secure Coding’, ‘Alice and Bob Learn Application Security’ and the ‘AppSec Antics’ card game. Over her 28-year IT career she has won countless awards (including OWASP Lifetime Distinguished Member and Hacker of the Year), spoken all over the planet, and is a prolific blogger. Tanya has trained thousands of software developers and IT security professionals, via her online academies (We Hack Purple and Semgrep Academy), and her live training programs. Having performed counter-terrorism, led security for the 52nd Canadian general election, developed or secured countless applications, Tanya Janca is widely considered an international authority on the security of software. Tanya currently works at Semgrep as a Security Advocate.




Secure SDLC Roundtable: Scratch The Duct Tape

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C206 (OWASP Community)
When:  Saturday, Aug 9, 17:00 – 17:59 PDT

Creator: OWASP Community

Join us for a hands-on, interactive roundtable where devs, security folks, product people, and anyone curious can explore how to make security a natural part of software development. We’ll cover core Secure SDLC concepts, practical first steps, and helpful resources through an open, relaxed discussion.

Bring your ideas, experiences, and questions. Our goal is to learn from each other and share what’s worked best for us. No slides, no lectures – just real talk about building better, safer software and leaving behind the duct tape fixes for good.


People:
    SpeakerBio:  W. Martín Villalba, C13 Security

Martín is an application and product security consultant with over 15 years of industry experience. He founded C13 Security, where he specializes in Secure SDLC, pentesting, and vulnerability management. He is an active member of the InfoSec community, collaborating with local groups and global organizations such as BSides and OWASP. He also built InfoSecMap, an open-access platform for discovering InfoSec events and communities from all around the world.




Securing Intelligence: How hackers are breaking modern AI systems … and how bug bounty programs can keep up

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Friday, Aug 8, 14:00 – 14:59 PDT

Creator: Bug Bounty Village

Dane and Shlomie will showcase technical deep dives into real-world AI vulnerabilities, covering adversarial prompts, indirect prompt injection, context poisoning, and RAG manipulation. They’ll illustrate why traditional defenses often fail and offer actionable techniques that hackers can leverage to uncover high-impact bugs and increase their earnings. Hackers will leave equipped with fresh attack ideas, strategies for finding unique AI flaws, and insights on effectively demonstrating their severity and value to organizations.


People:
    SpeakerBio:  Dane Sherrets, Innovations Architect at HackerOne

Dane is an Innovations Architect at HackerOne, where he helps organizations run AI-focused bug bounty programs and improve the security of emerging technologies. His work includes winning 2nd place in the Department of Defense AI Bias Bounty competition, discovering critical vulnerabilities in platforms like Worldcoin, and helping design and manage Anthropic’s AI Safety Bug Bounty program. Drawing on his background as a bug hunter, Dane blends strategic guidance with hands-on expertise to advance the safety and security of disruptive tech across industries.

SpeakerBio:  Shlomie Liberow, HackerOne

Shlomie Liberow is a security researcher who specialises in translating technical vulnerabilities into actionable business risk for enterprises. He has led technical delivery of live hacking events for major organizations, mediating over $20M in bounty payouts by helping companies understand the real-world impact of bugs within their specific environment and risk profile.

As a researcher, he has personally discovered 250+ vulnerabilities across Fortune 500 companies




Securing the 5G Core Service-Based Architecture

Creator Talk Map Page – LVCC West-Level 2-W224 (Telecom Village)
When:  Saturday, Aug 9, 11:45 – 12:45 PDT

Creator: Telecom Village
  1. Kubernetes & VNF Isolation (Attack & Protection)
  2. VNF Communication Security (Rogue NFs, Eavesdropping & Exfil)
  3. Software Supply Chain Security (N-Day Issues & Preventio

People:
    SpeakerBio:  Bhavesh
No BIO available



Security Research: OpenAI’s reflections and direction

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Saturday, Aug 9, 15:00 – 15:45 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

An informational fireside chat about what OpenAI has learned from AIxCC, how we’re moving our internal cybersecurity research forward, and how the audience can get involved.


People:
    SpeakerBio:  Ian Brelinsky, OpenAI
No BIO available
SpeakerBio:  Matthew Knight, Vice President at OpenAI
No BIO available
SpeakerBio:  Dave Aitel, Technical Staff at OpenAI
No BIO available



Sh*t Show Triage: An Honest Panel on Incident Response

Creator Talk Map Page – LVCC West-Level 2-W213-W218-(Blue Team Village) W214-W215
When:  Saturday, Aug 9, 17:00 – 17:50 PDT

Creator: Blue Team Village (BTV)

You can start with the best intentions, solid tools, and all the right policies, but what happens when your network moves from “effing around” straight into “finding out”? Join a panel of variously traumatized incident responders as we swap war stories, dissect lessons learned, and reflect on the chaos, comedy, and career paths that come with IR. This isn’t a dry postmortem — it’s a cathartic, honest, occasionally unhinged conversation about the realities of defending organizations when things go sideways. Whether you’re a grizzled responder or just IR-curious, come laugh, learn, and maybe even heal a little.

Alternate Titles For This Panel Could Include:

Incident Response: – Seemingly Innocuous Things That Now Trigger a Trauma Response – Looking for a Needle in a Needle Stack – But Policy Said We Were Logging That – The Art of Creating Sassy Codenames for Incidents – I’m Technically Not On Call During the Duration of This Panel – A Love Letter to the Passionate, Brilliant, and Slightly Broken People Who Keep It Together When Everything Breaks


People:
    SpeakerBio:  Ben Goerz

Ben has been battling cyber attacks for more than a decade, first as a Threat Hunter-for-hire and then leading Blue Teams for multiple large companies.

SpeakerBio:  Casey Beaumont

Casey Beaumont is an Incident Response Manager at Marsh McLennan, a global financial and professional services firm in risk, strategy, and people. Prior to that, she was forged in the fires of the defense industry. With over a decade of direct Incident Response experience, she has evolved from pure investigation to incident lead and specializes in major incident documentation and tracking. She is heavily involved in IR policy, process, and playbook creation, and operates an enterprise phishing training program and associated training. An Arizona native, she holds various industry certifications, and originally got started with a B.S.E in Computer Systems Engineering from Arizona State University.

SpeakerBio:  Eno Dynowski

Eno Dynowski is an Incident Response Consultant at CrowdStrike. He has investigated dozens of nation state espionage, ecrime, and insider threat engagements with clients across industry verticals. Previously, Eno was a Professional Services Intern at CrowdStrike, and a Platform Security intern at Tesla. He is a graduate of Loyola University Chicago, and is currently based in Chicago, IL.

SpeakerBio:  K Singh

“K” Singh is a Senior Incident Response Consultant at Mandiant, where he helps Fortune 500 companies, leading enterprises, and a wide range of organizations navigate high-stakes cybersecurity incidents. With experience spanning large-scale incident response, tabletop exercises, strategic security planning, and hands-on “dead disk” forensics, K has seen just about everything under the sun—and then some.

Before joining Mandiant, K served as a Senior Incident Response Consultant at CrowdStrike and as an Incident Response Consultant and Forensic Lab Manager with the Global Incident Response Practice at Cylance.

When he’s not untangling cyber crises, K is usually elbows-deep in a car project—grumbling about questionable engineering decisions and breaking things that, by all logic, should never break.




Silent Sabotage: How Nation-State Hackers Turn Human Error into Catastrophic Failures

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Sunday, Aug 10, 10:15 – 10:59 PDT

Creator: OWASP Community

Nation-state hackers pose a formidable threat to critical infrastructure, compromising national security, intellectual property, and public safety. This presentation will delve into the tactics, techniques, and procedures (TTPs) employed by nation-state actors, providing a core understanding essential for developing effective defense strategies. Through an in-depth analysis of three real-world case studies, we will expose the implications of nation-state attacks on laboratory, critical infrastructure, and industrial systems. We will examine how these attacks exploit human vulnerabilities, such as social engineering and insider threats, as well as system weaknesses, including misconfiguration and software vulnerabilities. Drawing from recent breaches in research laboratories and industrial manufacturing facilities, we will identify the root causes of these incidents, including human error, malicious insider actions, and inadequate security controls. This presentation aims to provide attendees with a comprehensive understanding of nation-state attack patterns, enabling them to strengthen their organization’s defenses against these sophisticated threats.


People:
    SpeakerBio:  Nathan Case, CSO at Clarity

Nathan Case is a cybersecurity engineer and strategist with over two decades of experience defending critical infrastructure, building secure cloud systems, and leading incident response at the highest levels. His career spans roles at Amazon Web Services, McKesson, and defense-focused startups, where he has architected platforms for healthcare, government, and national security missions. Known for his ability to bridge technical depth with real-world impact, Nathan has led global security teams, supported cyber operations across multiple countries, and advised both enterprise executives and government leaders on risk, resilience, and transformation.

SpeakerBio:  Jon McCoy, Security Architect at OWASP

Software security architect, Jon McCoy brings over 20 years of experience in software development and cybersecurity to the forefront. With a strong foundation in .NET development, Jon transitioned into security, driven by a passion for proactive defense strategies and secure coding practices.

A dedicated contributor to the OWASP community, Jon has shared his expertise at numerous industry events, including OWASP Global AppSec. His recent presentation on “Lessons Learned from Past Security Breaches” highlighted critical takeaways for strengthening AppSec efforts before and after incidents.




SkyHijack: Breaking Trust in the Satellite Chain)

Creator Talk Map Page – LVCC West-Level 2-W224 (Telecom Village)
When:  Friday, Aug 8, 16:20 – 16:59 PDT

Creator: Telecom Village

NTN Network and Teleocm APT


People:
    SpeakerBio:  Cpt. Pradhuman
No BIO available



Smart Bus Smart Hacking: From Free WiFi to Total Control

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Friday, Aug 8, 16:30 – 16:59 PDT

Creator: Car Hacking Village

Have you ever wondered how the On-Board Units (OBUs) in smart buses communicate and authenticate with Advanced Public Transportation Services (APTS) and Advanced Driver Assistance Systems (ADAS)? Shockingly, these systems can be easily tampered with and forged! In this session, We will share over 10 different vulnerabilities discovered from real experiences riding public transit: starting from connecting to the bus-provided free WiFi, hacking into the vehicular router, gaining access to the bus’s private network area, and ultimately controlling the communication between ADAS and APTS—including manipulating onboard LED displays, stealing driver and passenger information, acquiring bus operational data, and even penetrating the backend API servers of the transportation company. We also uncovered severe vulnerabilities and backdoors in cybersecurity-certified vehicular routers and monitoring equipment that could potentially compromise all global units of the same model. Through this presentation, attendees will gain an in-depth understanding of attack vectors starting from open free WiFi, expose security design flaws in connected public transport vehicles, and discuss potential systemic issues from a regulatory and specification-setting perspective.


People:
    SpeakerBio:  Chiao-Lin “Steven Meow” Yu, Senior Red Team Cyber Threat Researcher at Trend Micro Taiwan

Chiao-Lin Yu (Steven Meow) currently serves as a Senior Red Team Cyber Threat Researcher at Trend Micro Taiwan. He holds numerous professional certifications including OSCE³, OSEP, OSWE, OSED, OSCP, CRTP, CARTP, CESP-ADCS, LPT, CPENT, GCP ACE. Steven has previously presented at events such as HITCON Training 2025, Security BSides Tokyo 2023, and CYBERSEC 2024, 2025. He has disclosed 30+ CVE vulnerabilities in major companies like VMware, D-Link, and Zyxel. His expertise spans Red Team exercises, Web security, IoT security and Meow Meow security.

SpeakerBio:  Kai-Ching “Keniver” Wang, Senior Security Researcher at CHT Security

Kai-Ching Wang (Keniver) is a Senior Security Researcher at CHT Security. He specializes in red team assessments and comprehensive security reviews, with a current focus on hacking IoT devices and cloud-native infrastructure. He has presented his research on the security of cloud-connected IoT camera systems at conferences such as SECCON in Japan and HITCON in Taiwan.




Smart Devices, Dumb Resets? Testing Firmware Persistence in Commercial IoT

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Sunday, Aug 10, 12:00 – 12:30 PDT

Creator: IOT Village

The rapid proliferation of consumer IoT devices has introduced new attack vectors beyond traditional exploitation. One overlooked risk lies in firmware persistence in returned devices—an issue that could enable mass surveillance, botnet propagation, or backdoor persistence at scale. This research investigates whether major retailers properly reset IoT firmware before reselling returned products, exposing critical gaps in supply chain security.

In this experiment, commercial IoT devices are purchased, modified with custom firmware embedding a simple callback, and then returned to the store. The devices are later repurchased and analyzed to determine if retailers performed proper firmware resets or if malicious code remained intact. Findings from this research reveal inconsistencies in retailer sanitization policies, with some major retailers failing to properly wipe and reflash firmware before resale. This talk will demonstrate examples of persistent firmware modifications, discuss the potential for IoT-based supply chain attacks, and propose real-world mitigation strategies for manufacturers, retailers, and consumers.

Attendees will leave with a deeper understanding of how IoT firmware sanitization failures create a new class of attack vectors—and how threat actors could exploit this to build persistent IoT botnets, data-exfiltration implants, or unauthorized surveillance tools.


People:
    SpeakerBio:  Matei Josephs, Senior Penetration Tester at Happening

Matei Josephs breaks things for a living – especially if they beep, blink, or pretend to be “smart”. Printers, kiosks, routers, and random IoT junk live in fear when he’s nearby. He’s a Senior Penetration Tester at Happening, he discovered 9 CVEs and loves hacking at scale. In this talk, “Smart Devices, Dumb Resets? Testing Firmware Persistence in Commercial IoT”, Matei reveals how threat actors can implant persistent backdoors in smart devices, then return them for resale through legitimate retailers. Because factory reset processes often fail to wipe firmware-level compromises, attackers can exploit the trust users place in brand-name resellers—turning returned devices into credible, persistent attack vectors.




Smashing the Sandbox: Inside DBatLoader’s Unique Evasion Techniques

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Saturday, Aug 9, 11:20 – 11:50 PDT

Creator: Malware Village

In this session, we’ll dive into the world of DBatLoader and its aggressive (and sometimes annoying!) approach to sandbox evasion. We’ll explore its use of anti-sandbox and anti-analysis tricks – From junk code and memory bombing, to arbitrary memory writes and AMSI unhooking, DBatLoader isn’t trying to go in stealthy – it’s here to wreck your sandbox. But don’t worry, it’s not all bad news. We’ll wrap up with ways to spot DBatLoader in the wild and counter its tactics, sharing some practical detection strategies and takeaways along the way.


People:
    SpeakerBio:  Kyle “d4rksystem” Cucci, Staff Security Research Engineer @ Proofpoint

Kyle Cucci is a malware analyst and detection engineer with Proofpoint’s Threat Research team. Previously, he led the forensic investigations and malware research teams at a large global bank. Kyle is the author of the book “Evasive Malware: A Field Guide to Detecting, Analyzing, and Defeating Advanced Threats” and is a regular speaker at conferences, speaking on topics like malware analysis, offensive security, and security engineering. In his free time, Kyle enjoys contributing to the community via open source tooling, research, and blogging.




SMS from No Where

Creator Talk Map Page – LVCC West-Level 2-W224 (Telecom Village)
When:  Friday, Aug 8, 16:00 – 16:20 PDT

Creator: Telecom Village

In this DEFCON talk, we explore a chilling new attack vector: sending SMS messages that appear to come from nowhere no sender, no trace. By exploiting IMSI disclosure, attackers can track and precisely target victims using rogue base stations and manipulated VoLTE traffic. These phantom SMS messages can be used for advanced phishing, surveillance, and covert disruption, turning a trusted communication channel into a dangerous weapon. The talk demonstrates how these attacks work in practice and highlights critical defenses to protect mobile users and networks.


People:
    SpeakerBio:  Vinod Shrimali
No BIO available



So What The Heck Is This Radio Stuff Anyway?

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-803 (Radio Frequency Village)
When:  Friday, Aug 8, 12:00 – 12:55 PDT

Creator: Radio Frequency Village

What is radio? How do those wacky electromagnetic squiggles do the things they do? What are those magic boxes on either side of an RF link? Let’s start with the basics of RF and move through antennas and filters then get down with Shannon and Nyquist for modulation, channel capacity, and SDR architecture.


People:
    SpeakerBio:  ExplodingLemur

Semi-lapsed goth with a bad habit of collecting single-board computers and SDRs. Security engineering pays the bills. Licensed ham radio operator since 1999, electronics, RC aircraft, retro computers, PC gaming, and zombie apocalypse planning. He/him




So you want to make a badge? Badge Creation 101, from SAO to full #badgelife

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Saturday, Aug 9, 17:15 – 17:59 PDT

Creator: Badgelife Community

So, you’ve seen all the cool badges at Defcon and don’t know where to start? Not an EE by trade? This talk is a 101 talk to show you how to start with open source components/modules, and how to tie it all together into a fully working badge, including some real world examples. This talk will walk you through prototyping on a breadboard to fully working badge in only a few easy steps.


People:
    SpeakerBio:  Jeff “BigTaro” Geisperger

Jeff Geisperger is a security engineer with 15 years of experience specializing in hardware and device security. His work ranges from low-level firmware and embedded systems to the cloud services that power modern devices, with a focus on end-to-end security across the stack. Outside of his professional role, Jeff is active in the hardware hacking and badgelife communities. What began as a hobby collecting badges has grown into designing both indie and large-scale conference badges for thousands of attendees.




Social Engineering Community Village Greeting and 2025 Badge Overview

Creator Talk Map Page – LVCC West-Level 3-W317-W319 (Social Engineering Community Village)
When:  Friday, Aug 8, 08:30 – 08:59 PDT

Creator: Social Engineering Community Village

Every year, electronic badges light up DEF CON, sparking creativity, community, and curiosity. But behind the blinking LEDs and clever puzzles are questions we rarely ask: How safe is this badge for its users? What’s its environmental footprint? In this talk, we’ll dive into the design of “The SEC Village Badge” from concept to execution – but more importantly, we’ll explore a proposed framework for badge makers to disclose key safety information and environmental impact of their creation. From battery safety considerations and materials selection to end-of-life recycling and disposal, we’ll discuss how transparency can empower the community, inspire more responsible design, and keep the badge life culture thriving sustainably. Whether you’re a seasoned hardware hacker, a first-time badge maker, or just curious about what goes into creating these wearable works of art, this talk will challenge us to think beyond the soldering iron and consider the broader impact of our creations.


People:
    SpeakerBio:  Brent “TheDukeZip” Dukes

Brent is a long time hacker and DEF CON attendee that has designed various electronic badges throughout the years. He may be the all time champion at coming in second place in DEF CON competitions (but let’s be honest, he’d probably turn out to be second place in that too!)




Sometimes you find bugs, sometimes bugs find you

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Saturday, Aug 9, 12:00 – 12:30 PDT

Creator: Bug Bounty Village

Bug bounty hunting is often portrayed as methodical recon, crafted payloads, and targeted testing. But sometimes, the most interesting vulnerabilities don’t come from planned attacks — they come from the chaos. In this talk, I’ll walk through a handful of real bugs I’ve reported over the years that found me instead. From unexpected blind XSS triggers in places I wasn’t even actively testing, to getting quietly added to internal distribution lists and receiving sensitive data I never asked for, to those classic “WTF” moments that every seasoned hunter has experienced — this talk highlights the unpredictable and serendipitous side of bug bounty.

We’ll explore how these moments happened, what they revealed about the systems in question, and what they taught me about staying alert beyond traditional recon. Whether you’re an experienced hunter or just getting started, this talk is a reminder that in bug bounty, sometimes the best findings aren’t hunted — they’re stumbled into.


People:
    SpeakerBio:  Jasmin “JR0ch17” Landry

Jasmin Landry is a seasoned ethical hacker and full-time bug bounty hunter who has reported hundreds of security vulnerabilities to some of the world’s largest tech companies. After years leading cybersecurity efforts as Senior Director of Information Security at Nasdaq, Jasmin returned to his roots in hacking — now focusing exclusively on uncovering critical bugs through bug bounty platforms. Recognized at multiple live hacking events for top findings, he brings a sharp eye for unexpected issues and a deep understanding of modern attack surfaces. He’s also a co-leader of OWASP Montréal and an active voice in the security research community.




Source to Scale: Using Nix to Deploy Secure, Self-Hosted Data Lakehouses

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Friday, Aug 8, 15:00 – 15:30 PDT

Creator: Nix Vegas Community

Data is the foundation of AI. Data lakehouses are how that foundation is managed at scale. Deploying and maintaining lakehouse components like object storage, table formats, catalogs, and query engines remains complex, opaque, and often tied to cloud assumptions. This session explores how Nix and NixOS can be used to declaratively define and deploy a full, self-hosted lakehouse architecture. The stack includes MinIO AIStor for high-performance object storage, Apache Iceberg for open table formats, Nessie or Polaris for metadata, and query engines like Dremio or DuckDB. Topics include early design experiments, the benefits of reproducibility and portability, and current challenges around packaging, network policy, and secure deployment. The goal is to present an aspirational blueprint for building cloud-native data infrastructure that runs anywhere from source.


People:
    SpeakerBio:  Brenna Buuck

Brenna Buuck is the subject matter expert at MinIO for databases and data lakehouses. A data engineer turned developer evangelist, she is passionate about coding, data, and learning. She endeavors to inspire and educate other developers about the latest tools and technologies, helping them build amazing things through code, tutorials, speaking engagements, and writing. She holds an undergraduate degree from the University of California, San Diego, and a graduate degree from San Diego State University.




Spotter – Universal Kubernetes Security Engine

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Saturday, Aug 9, 10:00 – 10:30 PDT

Creator: Cloud Village

Spotter is a groundbreaking open-source tool or solution designed to secure Kubernetes clusters throughout their lifecycle. Built on the native tooling of Kubernetes by leveraging CEL (Common Expression Language) for policy definitions, we can define unified security scanning across development, CLI, CI/CD, Admission Controllers, deployments, runtime, and continuous monitoring. Its unique approach enables both enforcement and monitoring modes, ensuring that policies can be applied consistently and mapped directly to industry standards such as CIS, MITRE ATT&CK, etc.

Spotter provides extreamly high flexbility across all Kubernetes phases, providing an innovative approach that no other open-source or commercial solution can replicate. It seamlessly bridges security, DevOps, and platform teams, effectively solving the real-world challenges faced by day-to-day operations.


People:
    SpeakerBio:  Madhu “madhuakula” Akula, Pragmatic Security Leader

Madhu Akula is a pragmatic security leader and creator of Kubernetes Goat, an intentionally vulnerable by design Kubernetes Cluster to learn and practice Kubernetes Security. Also published author and Cloud Native Security Architect with extensive experience. Also, he is an active member of the international security, DevOps, and Cloud Native communities (null, DevSecOps, AllDayDevOps, AWS, CNCF, USENIX, etc). He holds industry certifications like CKA (Certified Kubernetes Administrator), CKS (Certified Kubernetes Security Specialist), OSCP (Offensive Security Certified Professional), etc.

Madhu frequently speaks and runs training sessions at security events and conferences around the world including DEFCON 24, 26, 27, 28, 29 & 30, BlackHat 2018, 19, 21 & 22, USENIX LISA 2018, 19 & 21, SANS Cloud Security Summit 2021 & 2022, O’Reilly Velocity EU 2019, Github Satellite 2020, Appsec EU (2018, 19 & 22), All Day DevOps (2016, 17, 18, 19, 20 & 21), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n(2017, 18), Nullcon 2018, 19, 21 & 22, SACON, Serverless Summit, null and multiple others.

His research has identified vulnerabilities in over 200+ companies and organizations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress, NTOP, Adobe, etc. and is credited with multiple CVE’s, Acknowledgements, and rewards. He is co-author of Security Automation with Ansible2 (ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible. He is the technical reviewer for Learn Kubernetes Security, Practical Ansible2 books by Packt Pub. Also won 1st prize for building an Infrastructure Security Monitoring solution at InMobi flagship hackathon among 100+ engineering teams.




SquarePhish 2.0 – Turning QR Codes into Entra ID Primary Refresh Tokens

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Saturday, Aug 9, 12:55 – 13:25 PDT

Creator: Cloud Village

SquarePhish 2.0 – Turning QRCodes into Single Sign On Primary Refresh Tokens

Introduction to Device Code Phishing

  • Evolution of phishing techniques and their current relevance
  • Recent increase in threat actor adoption
  • Overview of advancements in token exploitation techniques

    OAuth Authentication Fundamentals

  • OAuth 2.0 authorization framework overview

  • Device code flow explanation and legitimate use cases
  • Access tokens vs. refresh tokens: purpose and security implications

    QR Codes in Phishing Attacks

  • How QR codes facilitate social engineering

  • Advantages over traditional phishing links
  • User psychology and trust in QR authentication processes

    Microsoft Entra ID Token Ecosystem

  • Family of Client ID (FOCI) explanation

  • Primary Refresh Tokens (PRTs): the ultimate persistence goal
  • Token relationships and privilege escalation paths

    SquarePhish Tool Demo

  • Architecture and components overview

  • Decoupling initial contact from authentication flow
  • Overcoming the 15-minute timeout limitation
  • Two-phase email approach
  • Demonstration of the email and server modules
  • Configuration and customization options

    New SquarePhish Techniques

  • Broker authentication client phishing implementation and template

  • Automatic registration of Primary Refresh Tokens

    Detection and Prevention Strategies

  • Detection via logging and SIEM rules

  • Conditional Access policies to mitigate device code attacks
  • Disable device code flow
  • User awareness training specific to QR phishing

People:
    SpeakerBio:  Nevada Romsdahl

Throughout his career in information security, Nevada has experience in various roles, including security analyst, security architect, penetration tester, and security researcher. He is currently a Senior Security Researcher on the NG-SIEM Threat Research team at CrowdStrike.

SpeakerBio:  Kam Talebzadeh

Kam is a security consultant and security researcher. He has developed and published several open-source offensive toolkits including o365spray, BridgeKeeper, and redirect.rules. He is currently a Professional Services Senior Consultant with the Cloud Red Team Blue Team at CrowdStrike.




SSH Honeypots and Walkthrough Workshops: A History

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Saturday, Aug 9, 16:00 – 16:59 PDT

Creator: Packet Hacking Village

At DEF CON 24, an SSH honeypot on the open network held a puzzle that would go on to inspire the first Walkthrough Workshop. Although the Walkthrough Workshops at the Packet Hacking Village no longer feature Cowrie, its echoes live on at DEF CON. Out of the box, Cowrie is a medium-interaction SSH honeypot, but this level of interaction can be raised with a little elbow grease. From custom commands and adventure games to file systems laid out as spatial cubes, this talk explores several years of Cowrie-based challenges that will bash your expectations of terminal interaction.


People:
    SpeakerBio:  Ryan Mitchell, Principal Software Engineer at Gerson Lehrman Group

Ryan Mitchell is a staff member at the Packet Hacking Village and the author of Unlocking Python (Wiley), Web Scraping with Python (O’Reilly), and multiple courses on LinkedIn Learning including Python Essential Training. She holds a master’s degree in software engineering from Harvard University Extension School and has worked as principal software engineer and data scientist on the search and artificial intelligence teams at the Gerson Lehrman Group for the last six years.




State of (Absolute) AppSec

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Saturday, Aug 9, 16:40 – 17:35 PDT

Creator: AppSec Village

Join a live recording of the Absolute AppSec Podcast for a panel discussion with industry experts as they discuss the current state of application, product, and AI security for 2025. Spicy questions and takes will be welcome (if not encouraged).


People:
    SpeakerBio:  Seth Law, Founder & Principal at Redpoint Security

Seth Law is the Founder and Principal Consultant of Redpoint Security (redpointsecurity.com). Over the last 20 years, Seth has worked within multiple security disciplines, including application development, cloud architecture, and network protection, both as a manager and individual contributor. Seth has honed his security skills using offensive and defensive techniques, including tool development and security research. His understanding of the software development lifecycle and ability to equate security issues to development tasks has allowed him to speak at conferences ranging from Blackhat and DEF CON to local security meetups. In his spare time, Seth revels in deep-level analysis of programming languages and inherent flaws, develops the iOS version of HackerTracker, and co-hosts the Absolute AppSec podcast with Ken Johnson.

Seth utilizes LLMs heavily in his work and has a wealth of real world applicable skills to share in applying LLMs to the application security domain.

SpeakerBio:  Jason “jhaddix” Haddix, Field CISO at flare.io

Jason has had a distinguished 20-year career in cybersecurity, previously serving as CISO of Buddobot, CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin.

He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis.

Jason is a hacker, bug hunter, and is currently ranked 57th all-time on Bugcrowd’s bug bounty leaderboards. Currently, he specializes in recon, web application analysis, and emerging technologies.

Jason has also authored many talks for world-renowned conferences like DEF CON, Bsides, Black Hat, RSA, OWASP, Nullcon, SANS, IANS, BruCon, ToorCon, and many more.


Jason Haddix AKA jhaddix is the CEO and “Hacker in Charge” at Arcanum Information Security. Arcanum is a world class assessment and training company.Jason has had a distinguished 20-year career in cybersecurity previously serving as CISO of Buddobot, CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker, bug hunter and currently ranked 57st all-time on Bugcrowd’s bug bounty leaderboards. Currently, he specializes in recon, web application analysis, and emerging technologies. Jason has also authored many talks on offensive security methodology, including speaking at cons such as DEFCON, Besides, BlackHat, RSA, OWASP, Nullcon, SANS, IANS, BruCon, Toorcon and many more.

SpeakerBio:  Ken “cktricky” Johnson, Co-Founder and CTO at DryRun Security

Ken Johnson, has been hacking web applications professionally for 16 years. Ken is both a breaker and builder and is the CTO & Co-Founder of DryRun Security. Previously, Ken was a Director with GitHub’s Product Security Engineering team and has held both technical and leadership roles both within the consulting world as well as a corporate defender. Previously, Ken has spoken about varying AppSec topics at RSA, You Sh0t the Sheriff, Insomnihack, CERN, DerbyCon, AppSec USA, AppSec DC, AppSec California, OWASP Global events, DevOpsDays DC, LASCON, RubyNation, and numerous other events. Ken’s current passion project is the Absolute AppSec podcast with Seth Law and the practical secure code review course they offer thru DEF CON and other training venues.

Ken utilizes LLMs heavily in his work and has a wealth of real world applicable skills to share in applying LLMs to the application security domain.

SpeakerBio:  Tanya “SheHacksPurple” Janca, Security Advocate at Semgrep

Tanya Janca, aka SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Secure Coding’, ‘Alice and Bob Learn Application Security’ and the ‘AppSec Antics’ card game. Over her 28-year IT career she has won countless awards (including OWASP Lifetime Distinguished Member and Hacker of the Year), spoken all over the planet, and is a prolific blogger. Tanya has trained thousands of software developers and IT security professionals, via her online academies (We Hack Purple and Semgrep Academy), and her live training programs. Having performed counter-terrorism, led security for the 52nd Canadian general election, developed or secured countless applications, Tanya Janca is widely considered an international authority on the security of software. Tanya currently works at Semgrep as a Security Advocate.




State of Open Source in the Federal Government

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Friday, Aug 8, 11:00 – 11:45 PDT

Creator: Policy @ DEF CON

The federal government builds and maintains hundreds of thousands of software systems – and it would be difficult to find a system that doesn’t rely on open source software. In fact, the government is likely the single largest consumer of OSS in the world and considering the criticality of the mission, the security of those systems is paramount. There has been limited guidance on how government programs should select, consume, contribute to, and publish open source software, but things are getting better! This session will discuss the current landscape of open source in the federal government and present methods for how we can secure our own systems with tools and processes to vet open source projects, ingest that software securely, and support those projects with substantive contributions.

Attendees from government entities, contractors, and members of the community should attend to learn how the government can tackle the supply chain risks inherent in open source while still capturing the benefits that it has to offer. They’ll come away with an understanding of how this might impact their work, and how by working together we can build a better open source ecosystem for everyone.


People:
    SpeakerBio:  Jordan Kasper

Jordan Kasper started programming in 1993 and has developed systems on platforms ranging from IBM mainframes to TI calculators and everything in between. His professional experience ranges from startups and digital agencies, to Fortune 100 companies and government institutions. During his time in government he worked for the Departments of Defense and Homeland Security where he helped to reform struggling IT programs, advocate for modern technology and practices, and advise on policies and strategies ranging from open source software to data standards. Outside of work Jordan is an open source maintainer, community organizer, and board game enthusiast.




State of the Evals: Lessons from U.S. CAISI’s Evaluations of Cyber Capabilities and Security in AI Models

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Saturday, Aug 9, 16:40 – 17:10 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

The U.S. Center for AI Standards and Innovation (CAISI) facilitates testing and collaborative research related to harnessing and securing the potential of commercial AI systems. This talk will focus on CAISI’s experience evaluating the cyber capabilities and security of frontier AI models, with a particular focus on evaluations of agentic AI systems with tool-use capabilities. It will cover lessons learned from conducting these evaluations, including methodological considerations for performing model evaluations and insights into AI systems’ evolving capabilities and vulnerabilities, as well as takeaways for how evaluations can support the adoption of AI systems and the readiness of U.S. critical infrastructure and government to defend against cyber threats.


People:
    SpeakerBio:  Maia Hamin, Member of Technical Staff at U.S. Center for AI Standards and Innovation (CAISI)
No BIO available



State of the Pops: Mapping the Digital Waters

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Saturday, Aug 9, 16:00 – 16:30 PDT

Creator: Maritime Hacking Village

The maritime industry is rapidly digitizing, but how well is it securing its foundational digital infrastructure? In this talk, we present the results of a large-scale passive reconnaissance effort targeting the top 50 global maritime organizations—leveraging only open source intelligence (OSINT) and LLM-assisted analysis. By focusing on core security controls such as DNS, email authentication protocols, and other foundational internet services, we uncover a troubling landscape. All data was collected non-intrusively and ethically, relying exclusively on public data. Results will be presented in an anonymized and aggregated fashion, with a strong emphasis on reproducibility. In true hacker village spirit, we will release all scripts and tools used—empowering attendees to replicate the analysis, audit other industries, or expand upon our methodology. This session will not only highlight the maritime sector’s digital weaknesses but also demonstrate how anyone with OSINT skills and curiosity can surface meaningful insights about critical industries—with zero packets sent to the targets.

Links:
    maritimehackingvillage.com/dc33/talks – https://maritimehackingvillage.com/dc33/talks

People:
    SpeakerBio:  Vlatko Kosturjak, Marlink Cyber

Vlatko Kosturjak serves as the VP of research at Marlink Cyber, boasting over two decades of dedicated experience in the realms of information security and cybersecurity. His diverse roles over the years have not only equipped him with a comprehensive understanding of security governance but also delved into the deep technical side of security. He have successful M&A experience in different fields of cyber security including application security.

Vlatko finds joy in both breaking and building security controls. Beyond his commitment to security, he harbors a deep passion for open and free software. This passion has manifested in the creation of numerous popular open-source offensive tools and contributions to various renowned free security software projects.

Throughout his extensive career and in his continuous pursuit of knowledge in the dynamic field of cybersecurity, Vlatko has acquired a long array of certifications, including CISSP, OSCP, CISM, and many more.

SpeakerBio:  MJ Casado
No BIO available



Sticky Privacy: Stickering Re-Identification & Manufacturing Stickers

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-403 (Crypto Privacy Village)
Creator: Crypto Privacy Village

Love stickers? Curious how they’re made? Wonder about the privacy implications? Make some stickers or trade after this talk!


People:
    SpeakerBio:  Avi Zajac

Avi loves rabbits, cheesecake, and cute things




Storytellers: Ethical Hackers in the Digital Spotlight

Creator Talk Map Page – LVCC West-Level 3-W326 (Bug Bounty Village)
When:  Friday, Aug 8, 13:30 – 14:30 PDT

Creator: Bug Bounty Village
Storytellers: Ethical Hackers in the Digital Spotlight examines the evolving role of ethical hackers who have become influential digital content creators. As platforms like YouTube, TikTok, and Twitch shape how the public engages with cybersecurity, this panel explores how white-hat hackers balance hands-on technical work with the demands of online visibility. Featuring Ben Sadeghipour (@nahamsec), Justin Gardner (@rhynorater), and Katie Paxton-Fear (@InsiderPhD), and moderated by Jeronimo Anaya, the discussion will address challenges such as maintaining ethical standards, simplifying complex topics for broad audiences, and navigating personal security in public-facing roles. The panel also delves into the broader impact of creator-educators on community building, responsible disclosure, and the public perception of hacking. Through personal experiences, audience interaction, and candid insights, this session highlights the power—and responsibility—of storytelling in modern infosec.

People:
    SpeakerBio:  Ben “nahamsec” Sadeghipour, Co-Founder & CEO at HackingHub

Ben Sadeghipour, better known as NahamSec, is an ethical hacker, content creator, and keynote speaker. Over his career, Ben has uncovered thousands of security vulnerabilities for major organizations, including Amazon, Apple, Zoom, Meta, Google, and the U.S. Department of Defense. As a top-ranked bug bounty hunter, he is deeply passionate about cybersecurity education, regularly sharing his knowledge through his popular YouTube channel and speaking at major conferences like DEFCON and BSides. Beyond his personal achievements, Ben is committed to building the security community, organizing events that foster collaboration, innovation, and the next generation of offensive security professionals.

SpeakerBio:  Justin “rhynorater” Gardner, Advisor at Caido

I’m a full-time Bug Bounty Hunter and Host of the Critical Thinking – Bug Bounty Podcast. I also work as an Advisor for Caido (HTTP Proxy). When I’m not putting in reports or disseminating technical info on the pod, I’m normally spending time with my wife and 2 daughters, lifting heavy things, playing volleyball, or getting folded in BJJ

SpeakerBio:  Katie “InsiderPhD” Paxton-Fear, Principal Security Researcher at Traceable by Harness

Dr Katie Paxton-Fear is an API security expert and a Security Advocate at Semgrep, in her words: she used to make applications and now she breaks them. A former API developer turned API hacker. She has found vulnerabilities in organizations ranging from the Department of Defense to Verizon, with simple API vulnerabilities. Dr Katie has been a featured expert in the Wall Street Journal, BBC News, ZDNet, The Daily Swig and more. As she shares some of the easy way hackers can exploit APIs and how they get away without a security alert! Dr Katie regularly delivers security training, security research, to some of the largest brands worldwide. She combines easy-to-understand explanations with key technical details that turn security into something everyone can get.

SpeakerBio:  Jeronimo Anaya
No BIO available



Supply Chain Mismanagement: How to embarrass yourself on your first project

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C204 (Badgelife Community)
When:  Saturday, Aug 9, 10:00 – 10:30 PDT

Creator: Badgelife Community

People:
    SpeakerBio:  Frozencesium
No BIO available



Surviving the Dataclysm: Resistance through Resilience

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Saturday, Aug 9, 14:00 – 14:30 PDT

Creator: Hackers.town Community

We all know that Business Continuity and Disaster Recovery are vitally important to every organization – but what about individuals? Explore how to protect yourself and your loved ones through ever-growing data mining, PII breaches, and socio-political upheaval with best practice BCDR techniques.


People:
    SpeakerBio:  Rebecah Miller

Rebecah is a Business Continuity & Disaster Recovery consultant, creating and testing continuity and resilience plans across all organizational sectors. After working through a disaster at a company that was not prepared, she changed careers to focus on security and risk management in an effort to improve the resiliency of others.




Sweet Deception: Deploying Honeypots and Honey Tokens in Microsoft 365

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Saturday, Aug 9, 11:50 – 12:15 PDT

Creator: Cloud Village

Traditional detection methods struggle to keep pace with evolving attacker tactics in cloud environments like Microsoft 365. To level the playing field, organizations can implement honeypots and honey tokens strategically within their M365 infrastructure, turning the complexity of cloud services to their advantage. By creating deliberately enticing yet closely monitored decoys, defenders can proactively detect attacker reconnaissance and exploitation attempts.

This session outlines effective strategies for deploying M365 honeypots and honey tokens, emphasizing low false-positive rates and high data quality. Leveraging Exchange, SharePoint, Teams, and Application-specific tokens, attendees will learn to craft attractive, attacker-oriented traps integrated seamlessly into their security monitoring pipelines. Advanced deception techniques, including breadcrumb trails leading adversaries into highly monitored secondary environments, will also be discussed.

Through live demonstrations, participants will gain valuable insights into how deception techniques can be applied within Microsoft 365 environments. They will learn how to design and implement these strategies in their own environments to strengthen detection capabilities against sophisticated adversaries.

This presentation is the culmination of extensive hands-on research and practical application in both penetration testing and defensive detection engineering. By leveraging actual techniques observed in real-world attacks, this talk bridges offensive innovation with proactive defensive strategies. Attendees will receive detailed methodologies to effectively set up, deploy, and monitor M365-specific honeypots.


People:
    SpeakerBio:  Ryan O’Donnell

Ryan O’Donnell is a Senior Offensive Security Engineer at Microsoft. Over the last 13+ years, he’s been performing Penetration Tests, Red Team assessments, and Incident Response investigations. Ryan has conducted hands-on workshops at Hack Space Con, Hack Red Con, BSides Las Vegas, and BSides NoVa. Ryan has a Masters in Cybersecurity from GMU and the following certifications: OSCP, OSEP, CRTO, and GREM.




T-Minus 24 Hours: From Source to Spaceflight in a Single Day

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C209 (Nix Vegas Community)
When:  Saturday, Aug 9, 14:10 – 15:10 PDT

Creator: Nix Vegas Community

When the mission is launch-critical, time becomes a tactical asset. In this session, you’ll learn how Defense Unicorns’ Unicorn Delivery Service and NixOS work in unison to deliver secure, fully declarative software—on-prem or in disconnected, degraded, intermittent, and limited environments—in less than 24 hours.

What began with a record-breaking delivery for the U.S. Space Force at Cape Canaveral evolved into a new paradigm of software delivery that spread department-wide like wildfire. Operational timelines of critical-software used by warfighters is no longer measured in weeks or even days: it’s hours, and soon to be minutes.

Join us to see how “T-Minus 24 Hours” isn’t aspirational—it’s operational. Learn how this approach is transforming the way we deliver trusted, resilient software to the warfighter at mission speed.


People:
    SpeakerBio:  Antonio Escalera

Antonio is a highly accomplished Senior Platform Engineer with over a decade of experience in the design, development, and implementation of innovative platform architectures. Having worked with some of the largest defense, financial services, research, and retail organizations in the United States, he is an expert in creating robust, scalable, and secure solutions tailored to the unique needs of his clients. Antonio’s deep technical knowledge is complemented by his exceptional communication and collaboration skills. He is adept at fostering strong relationships with cross-functional teams and external stakeholders.




Tactical Flipper Zero: You Have 1 Hour and No Other Equipment

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-803 (Radio Frequency Village)
When:  Saturday, Aug 9, 12:30 – 13:25 PDT

Creator: Radio Frequency Village

You just arrived in some city where the enemy is active. You have a mission to locate and identify a hostile team. They operate in and around a hotel adjacent to friendly force headquarters. They use radios to talk, rented cars to move, local Wi-Fi to conduct operations, and Bluetooth for everything else. Your phone just buzzed with a message that screams “They’re planning something today. You have one hour to find them so we can direct local law enforcement. Go!” You just realised your equipment bag never made it off the plane. Bad. There is nowhere nearby to get what you need to do RF work in one hour. Worse. You happened to stuff your Flipper Zero into your pocket. Good? It’s what you have and it can work on all that enemy tech–let’s power it up and get at the mission. Better than nothing, right? Go!


People:
    SpeakerBio:  Grey Fox

Grey Fox is a U.S. military veteran with 20 years experience in digital network intelligence, cyberspace warfare, and digital defense tactics. Having deployed multiple times supporting front line combat teams, his experience ranges from offensive cyber operations planning and execution to military information support operations. Grey Fox currently teaches Digital OPSEC, SDR foundations, and Wi-Fi hacking to both civilian and military groups. He has presented at DEFCON, several B-Sides, and other cons in addition to chairing panels on consumer data privacy for Federal research and accountability. When not seeking some free time, Grey Fox is seeking your wireless signals for fun and profit.




Take all my money – penetrating ATMs

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Saturday, Aug 9, 15:30 – 15:59 PDT

Creator: Payment Village

In this presentation we will discuss real-world examples of cybersecurity issues with ATMs. Ever wondered what it takes to make an ATM spew out cash? You’ll hear some war stories from Fredriks career when penetration testing ATMs, which includes the technical aspects of ATM hacking like tools but also troubles that can arise when trying to set up an ATM test.


People:
    SpeakerBio:  Fredrik Sandström, Head of Cyber Security at Basalt

Fredrik Sandström, M.Sc. is Head of Cyber Security at Basalt, based in Stockholm, Sweden. He has nearly a decade of experience in penetration testing, alongside a background in software development and embedded systems engineering. His early work includes software development for organizations such as the Swedish Defence Research Agency (FOI).

Since 2015, Fredrik has focused on delivering advanced security assessments—including penetration testing, red teaming, and threat emulation—for clients in diverse sectors such as banking, insurance, automotive, energy, communications, and IT services. He holds multiple industry-recognized certifications, including GXPN (GIAC Exploit Researcher and Advanced Penetration Tester), GCPN (GIAC Cloud Penetration Tester), GRTP (GIAC Red Team Professional), and HTB Certified Bug Bounty Hunter (CBBH).

Fredrik is also an active contributor to the security community. He has presented at major conferences such as SEC-T—Sweden’s leading offensive security conference—and DevCon in Bucharest, Romania, a key event for developers and IT professionals in Eastern Europe.




Takes All Kinds: Building Onramps for Emergency Web Archiving in Ukraine and Beyond

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Friday, Aug 8, 13:00 – 13:45 PDT

Creator: Policy @ DEF CON

When Russia launched its full-scale invasion of Ukraine in February 2022, scholars and archivists were concerned that if the web presence of Ukraine’s cultural heritage institutions (libraries, archives, museums, and other community organizations) fell into Russian hands, Putin’s vision for rewriting Ukrainian history could become reality. Saving Ukrainian Cultural Heritage Online (SUCHO) started as a rapid-response data rescue effort to archive these websites in a distributed way to ensure no single point of failure could delay the project working around the clock. Access was a priority in choosing a tool suite, to accommodate a volunteer pool that expanded to include elders and children. This talk reflects on the several threads of access that SUCHO has focused on, including managing security/privacy concerns, getting physical hardware to organizations in a war zone, providing a platform for publishing newly digitized material, and preserving/annotating the ephemeral cultural heritage of war memes. Since January 2025, the hypothetical concerns that drove SUCHO have become a reality in the context of US government websites and datasets. The talk concludes with lessons learned over the course of SUCHO that shape the work that SUCHO “alumni” are currently doing to ensure ongoing access to at-risk data in the US.


People:
    SpeakerBio:  Quinn Dombrowski

Quinn Dombrowski is one of the co-founders of Saving Ukrainian Cultural Heritage Online (SUCHO), and an Academic Technology Specialist in Stanford’s Division of Literatures, Cultures, and Languages, and in Stanford Libraries. Given a computer lab to manage in 2018, Quinn got rid of the ancient computers, bought some sewing machines, and put up a sign calling it the Textile Makerspace. Then people started to believe it, and fund it, and now Quinn teaches Data Visualization with Textiles there every spring and manages a space full of sewing machines, looms, crochet hooks, and multiple hacked digital knitting machines. Quinn has served as co-president of the Association for Computers and the Humanities (the US-based organization for Digital Humanities), and founded The Data-Sitters Club, a project that walks through, step-by-step, how to use different computational tools and methods for literature. They have incorporated textile data encoding into their work in various forms, including weaving all the data (grading, attendance, readings, complaint emails) from an AI class they taught, knitting all regularly-scheduled meetings and when they were canceled in 2022, and visualizing the distribution of references to computers, librarians, and archives across “Star Trek” novels.




Teaching Your Reverse Proxy to Think: Fingerprint-Based Bot Blocking & Dynamic Deception

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Friday, Aug 8, 13:00 – 13:59 PDT

Creator: Packet Hacking Village

IP blocklists rot in minutes; fingerprints persist for months. Finch is a lightweight reverse proxy that makes allow, block, or route decisions based on TLS and HTTP fingerprints (JA3, JA4, JA4H, and HTTP/2), before traffic reaches your production servers or research honeypots. Layered on top, a custom AI agent monitors Finch’s event stream, silences boring bots, auto-updates rules, and even crafts stub responses for unhandled paths; so the next probing request gets a convincing reply. The result is a self-evolving, fingerprint-aware firewall that slashes bot noise and turns passive traps into dynamic deception.


People:
    SpeakerBio:  Adel Karimi, Member of Technical Staff at OpenAI

Adel is a security engineer at OpenAI with deep expertise in detecting and responding to “badness.” Outside of work, he builds open-source tools focused on threat detection, honeypots, and network fingerprinting—such as Finch, Galah, and Venator—and escapes to dark corners of the world to capture the beauty of the night sky.




Team Atlanta’s Takeaways from DARPA’s AIxCC

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Saturday, Aug 9, 17:15 – 17:45 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

In this talk, Team Atlanta will share their key experiences and insights from participating in DARPA’s AIxCC competition. They’ll highlight theirtechnical approach to leveraging AI systems—particularly large language models—to identify and remediate software vulnerabilities. The goal is to distill what worked, what didn’t, and what surprised us, offering practical takeaways for researchers and practitioners working with LLMs in security contexts. By reflecting on the challenges and opportunities we encountered, they hope to contribute to the broader conversation on developing AI-first tools to help secure critical infrastructure in the years ahead.


People:
    SpeakerBio:  Taesoo Kim, Professor at Georgia Tech
No BIO available



Telecom Village Inugration

Creator Talk Map Page – LVCC West-Level 2-W224 (Telecom Village)
When:  Friday, Aug 8, 10:00 – 10:20 PDT

Creator: Telecom Village

People:
    SpeakerBio:  Vinod Shrimali
No BIO available
SpeakerBio:  Prahalad
No BIO available
SpeakerBio:  Pankaj
No BIO available



TencentGoat: An Intentionally Vulnerable Tencent Cloud Environment

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Saturday, Aug 9, 14:05 – 14:35 PDT

Creator: Cloud Village

Cloud misconfigurations often create unexpected attack vectors, exposing sensitive resources and allowing attackers to escalate privileges or gain unauthorized access. In this session, we’ll explore common security misconfigurations in Tencent Cloud using TencentGoat, an intentionally vulnerable cloud environment designed for hands-on learning.

We’ll explore how these misconfigurations typically occur, how TencentCloud might unintentionally leave security gaps, and how attackers exploit these weaknesses using well-known cloud attack techniques.


People:
    SpeakerBio:  Muhammad Yuga Nugraha

Muhammad Yuga Nugraha is an experienced DevSecOps engineer at Practical DevSecOps, specializing in research and development in areas such as DevSecOps, Cloud Security, and Cloud Native Security. He has co-authored notable certifications like the Certified Container Security Expert (CCSE), Certified Cloud Native Security Expert (CCNSE), and Certified Software Supply Chain Expert (CSSE).

Yuga frequently speaks at industry events including PyCon (APAC 2024, SG 2025), AWS Community Day Indonesia 2024, KCD Indonesia 2024 and delivers training sessions for government bodies and telecom companies. Additionally, he holds certifications including CDP (Certified DevSecOps Professional), and becoming a Kubestronaut.




Terminal Tactics for Beginners: A Hacker’s Guide to Command Line Mastery

Creator Talk Map Page – LVCC West-Level 2-W235 (DEF CON Academy)
When:  Friday, Aug 8, 10:00 – 10:59 PDT

Creator: DEF CON Academy

Join our dynamic and engaging talk, designed specifically for beginners, as we dive into the world of command line mastery. Learn the essential tools and techniques of the Linux terminal, just like a hacker! From navigating the filesystem to using powerful pipelines, you’ll leave this session armed with the skills to conquer the command line like a true pro.


People:
    SpeakerBio:  alchemy1729, Master of Science Student at Arizona State University

alchemy1729 is a Master of Science student at Arizona State University, conducting cybersecurity research at SEFCOM. He developed CTF Archive, the largest open-source collection of archived Capture the Flag challenges from the past decade, all fully playable on pwn.college. Currently, he is exploring how large language models can enhance cybersecurity education by integrating them into the pwn.college platform.




Testing 1, 2, 3 Testing: Automatically Finding and Fixing Software Vulnerabilities at Scale and Speed

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Saturday, Aug 9, 14:20 – 14:50 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

The presentation will describe SIFT’s LACROSSE Cyber Reasoning system, which coordinates hundreds of agents to automatically find and fix vulnerabilities in real-world software packages. Combining the advantages of Large Language Models (LLMs) with symbolic reasoning, fuzz testing, and other software analysis methods, LACROSSE is competing in the Final round of the DARPA AIxCC contest. A consistent theme through all our work on LACROSSE is testing, testing, testing.


People:
    SpeakerBio:  Dr. David Musliner, Staff at SIFT
No BIO available
SpeakerBio:  Dr. Matt McLure, Researcher at SIFT
No BIO available



Testing Trust Relationships: Breaking Network Boundaries

Creator Talk Map Page – LVCC West-Level 3-W326 (Bug Bounty Village)
When:  Friday, Aug 8, 14:30 – 15:30 PDT

Creator: Bug Bounty Village

What do you do when your blind XXE is non functional when egress-out is seemingly blocked? What do you do when there are strict filters for your full read SSRF vulnerability? Modern infrastructure on the cloud has many nuances, especially with trust boundaries. This talk goes through how we can push these boundaries and achieve our offensive security goals by abusing easy to spin up infrastructure or techniques. The internet is a different place depending on where you’re coming from.

This talk dives deep into various techniques to test poorly configured trust boundaries and how to use them to find critical vulnerabilities. We will also demonstrate a tool we’ve built, Newtowner, to automate finding these issues.


People:
    SpeakerBio:  Michael Gianarakis, Co-founder & CEO at Assetnote

Michael Gianarakis is the Co-founder and CEO of Assetnote, a pioneer in the Attack Surface Management (ASM) space and a recognized leader in helping organizations continuously monitor and secure their external attack surfaces. In 2025, Assetnote was acquired by Searchlight Cyber, where Michael now leads enterprise product.

SpeakerBio:  Jordan Macey, Assetnote
No BIO available



The “Fortress Island” of Voting System Physical Security

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Saturday, Aug 9, 17:00 – 17:30 PDT

Creator: Voting Village

Physical security has long been a core component of voting system defenses through the use of keyed locks and tamper-evident seals/tape/stickers. With procedural protections requiring their use, arbitrary voters are explicitly permitted to physically interact with these systems in a semi-private setting (voting booth) under the assumption that the hardware’s attack surface can be sufficiently- scoped to a set of intended, known-safe interactions (i.e. limit/prevent access to I/O interfaces, administrative controls, storage devices, etc.). Some have even cited these specific defenses as pre-existing and sufficient mitigations for vulnerabilities in already-deployed voting system such that further remediation is not needed. Unfortunately, this assumption does not hold under scrutiny. A review of publicly available sources from vendors, jurisdictions, and assorted other entities reveals substantial weaknesses in the design, configuration, and deployment of such defensive devices. In addition to recovering/matching voting system keys from depictions specific to more than half of U.S. states, their identity, ease of acquisition, and apparent default/universal configuration bodes poorly even for states without depictions sufficient to recover/match. Though less definitive, analogous concerns were found related to tamper-evident devices in design, selection, composition, and application such that reliance on their detective capabilities is uncertain at best. With near-identical issues affecting voting systems across vendors, products, and jurisdictions documented across more than a decade’s worth of sources, the systemic failure of design, certification, and testing is readily apparent. While changes in the VVSG 2.0 standard serve as direct mprovements, they continue to leave predictable weaknesses lying in wait for future elections.

Links:
    aaspring.com – https://aaspring.com

People:
    SpeakerBio:  Drew Springall, Auburn University

Drew Springall is an Assistant Professor of Computer Science at Auburn University, and is a hacker/security researcher with a focus on the technical/concrete aspects of voting system security. Since 2013, Drew has worked to understand and demonstrate the difficulty attackers would face should they attempt to attack such systems as deployed in the real-world and given realistic resources to leverage. Most recently, Drew has worked specifically on the DVSorder ballot randomization flaw and the ”Security Analysis of Georgia’s ImageCast X Ballot Marking Devices” report published along with Prof. J. Alex Halderman.




The African Cybercrime Economy: Inside the Playbooks of Digital Hustlers

Creator Talk Map Page – LVCC West-Level 3-W322-W324 (Blacks In Cyber Village)
When:  Saturday, Aug 9, 12:00 – 12:59 PDT

Creator: Blacks In Cyber Village

A deep dive into the realities of cybercrime across Africa, with a focus on understanding—not just condemning—the digital hustler phenomenon. Drawing from the work of GoLegit Africa, a pioneering initiative focused on cybercrime rehabilitation and skills development, this session explores how economic hardship, digital opportunity, and social pressures intersect to fuel a growing underground cyber economy.

We’ll examine real-world tactics used by African cybercriminals—from phishing rings and business email compromise to deepfake scams and online fraud—and explore how these “playbooks” are learned, refined, and shared. Through case studies and field insights, the presentation reveals how some youths see cybercrime not as deviance, but as digital entrepreneurship in the absence of alternatives.

This talk goes beyond exposure; it introduces GoLegit’s model for intervention—using mentorship, ethical hacking training, and reintegration pathways to turn cyber skills toward positive outcomes. It’s a session for those interested in threat intelligence, socio-economic roots of cybercrime, and how community-led solutions can help disrupt the pipeline from poverty to online criminality.


People:
    SpeakerBio:  Remi Afon

Remi Afon is a results-driven Cybersecurity Consultant with deep expertise across AI/ML Security, Cloud Security, DevSecOps, and emerging DevSecAI practices. He has a proven track record of designing and implementing secure, scalable solutions in high-stakes IT and financial environments. Recognized for driving secure-by-design initiatives using modern cloud platforms (AWS, Azure, GCP) and DevSecOps toolchains (Docker, Kubernetes, Jenkins, GitHub Actions), Remi emphasizes automating security across the SDLC and integrating AI/ML into security workflows. He is known for solving complex challenges, aligning security with business goals, and optimizing processes to reduce risk, improve efficiency, and build long-term trust.




The AppSec Poverty Line: Minimal Viable Security

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Friday, Aug 8, 13:40 – 14:10 PDT

Creator: AppSec Village

Not every team has a security budget. Not every project has a dedicated AppSec engineer. But every product exposed to the internet needs some level of security to survive.

This talk explores what I call “The AppSec Poverty Line” also known as ‘Minimal Viable Security” — the minimum viable set of practices, tools, and cultural shifts that under-resourced dev teams can adopt to meaningfully improve application security. Whether you’re a startup with no security hires, an independent dev, or part of a team that doesn’t have a security budget, this talk will help you prioritize what actually matters.

We’ll cover practical approaches to getting from zero to secure-ish, with a focus on: • Training developers to write more secure code, and spot unsafe code • Cultivating a security-positive culture • Leveraging open-source tools that punch above their weight • Knowing when “good enough” really is enough — and when it’s not


People:
    SpeakerBio:  Tanya “SheHacksPurple” Janca, Security Advocate at Semgrep

Tanya Janca, aka SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Secure Coding’, ‘Alice and Bob Learn Application Security’ and the ‘AppSec Antics’ card game. Over her 28-year IT career she has won countless awards (including OWASP Lifetime Distinguished Member and Hacker of the Year), spoken all over the planet, and is a prolific blogger. Tanya has trained thousands of software developers and IT security professionals, via her online academies (We Hack Purple and Semgrep Academy), and her live training programs. Having performed counter-terrorism, led security for the 52nd Canadian general election, developed or secured countless applications, Tanya Janca is widely considered an international authority on the security of software. Tanya currently works at Semgrep as a Security Advocate.




The AppSec Program I Regret Building

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Saturday, Aug 9, 13:20 – 13:50 PDT

Creator: AppSec Village

This talk is a postmortem of a well-intentioned but ultimately failed Application Security program — led by a solo AppSec engineer who tried to do everything, too fast, without consensus. It’s not a case study in success. It’s a breakdown of how security can go wrong even when the ideas are sound, the tooling is industry-standard, and the motivation is genuine.


People:
    SpeakerBio:  Thomas Jost

Writes code. Builds security programs. Lights fires, and talks so you don’t have to.




The Ars0n Framework V2 Beta

Creator Talk Map Page – LVCC West-Level 3-W326 (Bug Bounty Village)
When:  Saturday, Aug 9, 10:00 – 10:59 PDT

Creator: Bug Bounty Village

After years of planning and development, the highly anticipated new version of rs0n’s bug bounty hunting framework is ready to go! Aptly named The Ars0n Framework v2, this tool is specifically designed to help eliminate the friction for aspiring bug bounty hunters. This tool not only automates the most commonly used bug bounty hunting workflows but each section includes detailed lessons that help beginners understand the “”Why?”” behind the methodology. Finally (and perhaps most exciting of all), reports generated from the data collected provide the user with guidance at critical decision points based on rs0n’s many years of bug bounty hunting experience. Simply put, this tool is designed to help beginners compete w/ the pros on Day 1, and the best part is it’s absolutely FREE!

In this talk, rs0n will go into extensive detail about how the tool works, what changes were made from version 1, how to use (and troubleshoot) the framework, ways of engaging with the community, and much more! The goal is to provide the audience with all the information they need to start using the tool today. If you are someone who is excited to start Bug Bounty Hunting but don’t know where to start, we would love the opportunity to try and help!


People:
    SpeakerBio:  Harrison “rs0n” Richardson

Harrison Richardson (rs0n) began his Cybersecurity career in the US Army as a 25B. After leaving the service, Harrison worked various contract and freelance jobs while completing his Masters in Cybersecurity from the University of Dallas. Harrison’s first full-time job in the civilian sector was at Rapid7, where he worked as a senior security solutions engineer as part of their Applied Engineering Team. Today, Harrison works as a product security engineer coving web applications, cloud, and AI systems. In his free time, Harrison develops a wide range of open-source tools and works to provide educational content to the bug bounty community through YouTube & Twitch.




The Art of Creating Vulnerable Machines

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C210 (Operating Systems Community)
When:  Friday, Aug 8, 11:00 – 11:59 PDT

Creator: Operating Systems Community

People:
    SpeakerBio:  Devansh “dotguy” Khare, Hack The Box
No BIO available



The Beauty of Reversing Swift Malware

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Friday, Aug 8, 15:50 – 16:20 PDT

Creator: Malware Village

Since Swift’s introduction in 2014, we have observed more malware authors using this language. With malware targeting macOS continues to rise, it is important for malware reverse engineers to be equipped with the knowledge they need to analyze them. In this talk, we will first start with an introduction to the language including how weird Swift strings are, how classes are represented, bridging between Objective-C, etc. After this intro, we will dive into the analysis of interesting Swift compiled samples and use the fundamentals to analyze them effectively.


People:
    SpeakerBio:  Chistopher Lopez
No BIO available



The Challenge with Designing Challenging Challenges

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Sunday, Aug 10, 10:30 – 11:15 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

Join the AIxCC Organizers to discuss the competition strategy, building evaluations that scale, and the potential future state of the industry.


People:
    SpeakerBio:  David Brumley, CEO at Mayhem Security
No BIO available
SpeakerBio:  Isaac Goldthwaite, Challenge Design Lead at Kudu Dynamics LLC
No BIO available
SpeakerBio:  Tim Allison, Challenge Author & OSS Maintainer at Rhapsode Consulting
No BIO available
SpeakerBio:  David Wank, Assistant Staff at MIT Lincoln Labs
No BIO available
SpeakerBio:  Sierra Haex, Challenge Author at Cromulence
No BIO available
SpeakerBio:  Matt Turek, Deputy Director at DARPA’s Information Innovation Office
No BIO available



The challenges of Sub-dermal Payments

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-505 (Payment Village)
When:  Friday, Aug 8, 14:00 – 14:45 PDT

Creator: Payment Village

People:
    SpeakerBio:  Amal Graafstra, VivoKey
No BIO available



The CMS.gov OSPO One Year Later: Launching the Agency’s First Bug Bounty!

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Saturday, Aug 9, 12:10 – 12:50 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

Last year on the AIxCC Stage, The Open Source Program Office (OSPO) at CMS.gov shared the programs, policies, and projects we were building to identify and mitigate continuity and security risks in the software supply chain across the Federal Ecosystem. This year, we will be sharing stories from another historic first: Launching our first Bug Bounty! Come hear from the Bug Bounty organizers (and special guests) about implementation details, lessons learned, and an Open QnA.


People:
    SpeakerBio:  Remy DeCausemaker, Open Source Program Office Lead, Digital Service at CMS.gov
No BIO available
SpeakerBio:  Keith Busby, CISO at Centers for Medicare and Medicaid Services

Keith Busby is the Acting Chief Information Security Officer at the Centers for Medicare and Medicaid Services (CMS), where he leads enterprise cybersecurity, compliance, privacy, policy, and counterintelligence efforts. With over 20 years in IT and security; including leadership roles in cyber threat operations and compliance, he brings a mission-driven approach to modernizing and securing federal systems at scale. Keith’s roots in security run deep: from his time as a U.S. Army veteran to his work securing one of the nation’s largest school districts. He holds a B.S. in Computing and Security Technologies from Drexel University and a M.S. in Cybersecurity and Information Security from Capitol Technology University. Outside of work, Keith is a self-declared participation trophy-winning backyard BBQ pitmaster and a dedicated youth baseball coach. He thrives at the intersection of public service, technical leadership, and dad jokes.

SpeakerBio:  Patrick Newbold, CIO at CMS.gov
No BIO available



The Cookie Heist: How Cybercriminals Are Outsmarting Chrome’s Latest Defenses

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Friday, Aug 8, 14:30 – 14:59 PDT

Creator: Malware Village
Imagine this: You log into your favourite website, confident that Chrome’s latest security enhancements like tightened cookie access controls and session isolation are keeping you safe. But behind the scenes, cybercriminals are pulling off a high-stakes digital heist, quietly hijacking your login sessions without ever touching your password. In this deep dive into the high-stakes game of cybersecurity cat-and-mouse, we uncover how modern infostealers like RedLine, Raccoon Stealer, Vidar, and LummaC2 are actively bypassing Chrome’s newest defenses. These stealthy, modular tools are engineered to extract session cookies directly from memory or browser storage granting attackers full, persistent access to user accounts by impersonating valid sessions. This isn’t just theoretical: threat actors are leveraging these tools at scale, using advanced evasion techniques like in-memory execution, DLL injection, and encrypted C2 channels to slip past traditional defenses. Meanwhile, a thriving underground economy continues to monetize stolen digital identities, turning session cookies into instant access to email, banking, cloud dashboards, and more. What we’re witnessing isn’t just technical innovation it’s a fast-moving arms race shaping the future of browser security, session management, and digital trust. Don’t miss how this evolving threat landscape is redefining what it means to stay secure online—and the critical steps defenders need to take to stay ahead.

People:
    SpeakerBio:  Mrigakshi Goel
No BIO available



The cost of deepfakes: expanding on the implications of generated and manipulated media

Creator Talk Map Page – LVCC West-Level 3-W314-W316 (AI Village)
When:  Saturday, Aug 9, 15:00 – 15:30 PDT

Creator: AI Village



The creation of the Malmongotchi badge

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Friday, Aug 8, 14:00 – 14:15 PDT

Creator: Malware Village

Ever wanted to know the design process behind creating your own PCB badge? Join Austin as he shares the journey of building Malware Village’s first official DEF CON badge – covering everything from concept sketches to a fully assembled board. Get a look at the creative and technical challenges behind joining #badgelife.


People:
    SpeakerBio:  Austin Worline
No BIO available



The CVE – Hunters Project: From Curiosity to Impact

Creator Talk Map Page – LVCC West-Level 2-W230 (DC NextGen)
When:  Saturday, Aug 9, 14:00 – 14:30 PDT

Creator: DC NextGen

(DCNextGen is for youth 8-18 attending DEF CON) How a group of students in Brazil started hunting real-world vulnerabilities in open-source projects – and how you can too. This talk shares our journey, how we began making an impact in our local community, and how that impact is now reaching the world.


People:
    SpeakerBio:  Natan Morette, Senior Cyber Security Analyst

Natan Morette is a Senior Cyber Security Analyst with over 15 years of experience in technology, specializing in Vulnerability Management, Attack Surface and Exposure Management, Endpoint Protection, Penetration Testing (PenTesting), Internal Network Security Assessments, Microsoft 365, Information Security Frameworks, Network Administration, Microsoft/Linux Server solutions, and Cloud Security Administration (GCP, Azure).




The Death of XSS? Browser Security Features that Eliminate Bug Classes

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Friday, Aug 8, 11:00 – 11:30 PDT

Creator: AppSec Village

We’re stuck in a cycle of bug bounties, vulnerability reports, and endless patching – yet the same issues keep resurfacing. Even after years of “shifting left”, vulnerabilities still reach production, keeping security teams in firefighting mode.

What if we could eliminate entire bug classes instead of fixing them one by one?

This talk explores how modern browser security features can automate and scale protection – without relying solely on developers to remember best practices. Opt-in mechanisms like Content Security Policy v3, Trusted Types, and Sec-Fetch-Metadata offer powerful defenses against XSS, CSRF, clickjacking, and cross-origin attacks.

We’ll show how these new, underused browser capabilities – which simply didn’t exist a few years ago – enable secure-by-default architectures. Real-world examples will demonstrate practical integration strategies, automated security headers, secure defaults, and ways to track adoption and impact.


People:
    SpeakerBio:  Javan Rasokat, Application Security Architect and Security Researcher

Javan is a Senior Application Security Specialist at Sage, helping product teams enhance security throughout the software development lifecycle. On the side, he lectures Secure Coding at DHBW University in Germany. His journey as an ethical hacker began young, where he began to automate online games using bots and identified security bugs, which he then reported to the game operators. Javan made his interests into his profession and began as a full stack web and mobile engineer before transitioning into a passionate security consultant. Javan holds a Master’s degree in IT Security Management and several certifications, including GXPN, AIGP, CISSP, CCSP, and CSSLP. He has shared his research at conferences, including OWASP Global AppSec, DEFCON, and HITB.




The depths that marketers will plummet to

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Friday, Aug 8, 16:30 – 16:59 PDT

Creator: Crypto Privacy Village

In the run up to Google’s plans to dump 3rd party cookies, marketing firms (a $1.7 TRILLION dollar industry) were sent into a complete panic. These firms relied heavily on 3rd party cookies in order to better attribute CPM (cost per 1000 clicks) and how many of those clicks turned into sales. So advertisers could better study human behavior and trends in order to more effectively sell products.

As a former Security Engineer at the Largest Independent Digital Marketing firm in the world, I had a unique view into the evils that these companies were developing in order to not only maintain a few into consumer trends but to increase these views, increase the invasiveness of these techniques, and increase the cooperation between all levels of the industry from display point (streaming service), device point (iPhone, TV), location points (via ISP), to sales point.

This talk is a peek under the curtain for the server side data harvesting that agencies have developed, and how they’ve managed to twist this further invasion into so-called consumer protection and increased privacy.


People:
    SpeakerBio:  4dw@r3

4dw@r3 (they/them) is a dedicated security and risk management expert with extensive experience navigating complex environments. Sean excels at developing a comprehensive understanding of intricate systems and crafting strategic roadmaps to revitalize security programs. By identifying high-risk areas and optimizing the use of existing resources, Sean removes barriers between teams to enhance communication and coordination, driving effective security outcomes. Beyond their professional pursuits, Sean finds joy in backpacking through the mountains with their adventurous Australian Shepherd and twins, embracing the serenity of nature and the thrill of exploration.




The Devil Wears Headsets

Creator Talk Map Page – LVCC West-Level 3-W317-W319 (Social Engineering Community Village)
When:  Saturday, Aug 9, 11:00 – 11:25 PDT

Creator: Social Engineering Community Village

Watched the vishing competition and caught the bug? Welcome to the world of social engineering! Now let’s turn that adrenaline into action. In this talk, I’m handing over the knowledge and worksheet that I use to plan my vishing calls, complete with pretext ideas, vishing tips and the kinds of pushback you might encounter on your calls. We’ll dive into the art of social engineering over the phone. You’ll learn how to build believable pretexts and what makes a voice sound trustworthy. I’ll give you what you need to be ready to pick up the phone. You’ll leave with everything you need, except a burner phone. And unlike Miranda Priestly, your targets won’t even see you coming.


People:
    SpeakerBio:  Cronkitten

Cronkitten (they/them) is a cybersecurity professional, threat hunter, vishing competitor and relentless advocate for ethical social engineering. As a returning vishing competition contender Cronkitten thrives in the booth and on the phone. When they’re not building new tools in the SOC, they’re crafting pretexts, coaching newcomers, and teaching others how to dial with confidence, charisma and just the right amount of chaos (Ok, it’s a lot of chaos, but the good kind). Equal parts charm and strategy, Cronkitten brings a hacker’s mindset and a people-first approach to every call. Cronkitten says make that call, embrace the chaos and live in the meow-ment.




The Hidden Path to Root: Shadow Resources, Roles, and AWS Service Exploits

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Friday, Aug 8, 10:50 – 11:30 PDT

Creator: Cloud Village

Cloud environments are vast, complex, and often opaque—even to their owners. In this talk, we expose how AWS’s design decisions around default service roles and resource naming patterns created hidden privilege escalation paths that could lead to full AWS account takeover.

We begin by introducing the concept of Shadow Resources—S3 buckets automatically relied upon by internal AWS services, which users don’t create or control directly, but are referenced implicitly. We show how attackers could preemptively claim these buckets in unused regions using predictable naming conventions (like aws-glue-assets-{AccountID}-{Region}), planting malicious content or intercepting trusted workflows. This silent hijacking technique breaks the assumed isolation between services and accounts.

From there, we pivot to Shadow Roles—default IAM roles created or recommended by AWS services such as SageMaker, Glue, and EMR. These roles often come with dangerously over-permissive policies (e.g., AmazonS3FullAccess). With these roles in place, any compromised service becomes a launchpad: we demonstrate how importing a single malicious Hugging Face model into SageMaker enables an attacker to silently backdoor Glue jobs across the entire account by tampering with trusted S3.

Finally, we share findings from our AWS Glue research, where we discovered that the /etc/passwd file was writable within the container environment, enabling local privilege escalation to root. From there, we were able to extract the real IAM credentials assigned to the underlying managed service instance via IMDSv2—credentials that belonged to AWS’s internal Glue account. These credentials granted access to sensitive internal APIs and allowed enumeration of infrastructure metadata across other users, demonstrating that the managed runtime could serve as an unexpected vector for privilege escalation and cross-tenant exposure.

This layered attack path—from shadow resources to shadow roles to breaking the runtime isolation of managed services—demonstrates a critical but overlooked risk in cloud architecture.

In this talk, we’ll share how our investigation began with a single misconfigured resource and evolved into a broader exploration of AWS’s internal service trust model. We’ll walk through the methodology that helped us uncover these vulnerabilities and highlight how each discovery opened the door to the next—using specific privilege escalation techniques to chain across services and amplify impact. Expect a technical deep dive, real-world attack flows, and a new lens on how seemingly isolated misconfigurations can lead to complete compromise.


People:
    SpeakerBio:  Yakir Kadkoda

Yakir Kadkoda is the Director of Security Research at Aqua’s research team, Team Nautilus. He specializes in vulnerability research, uncovering and analyzing emerging security threats and attack vectors in cloud-native environments, supply chain security, and open-source projects. Before joining Aqua, Yakir worked as a red teamer. He has presented his cybersecurity research at leading industry conferences, including Black Hat (USA, EU, Asia), DEF CON, RSAC, SecTor, CloudNativeSecurityCon, STACK, INTENT, and more




The Human Vulnerability: Social Engineering in a Hyper Connected World

Creator Talk Map Page – LVCC West-Level 3-W317-W319 (Social Engineering Community Village)
When:  Saturday, Aug 9, 11:30 – 11:55 PDT

Creator: Social Engineering Community Village

In today’s hyper-connected world, one vulnerability remains reliably exploitable: the human. Social engineering — the manipulation of people to gain unauthorized access or extract sensitive information — continues to outpace technical exploits in both effectiveness and stealth. But in the age of AI, these attacks are evolving faster, becoming more scalable, convincing, and harder to detect.

This talk explores the many faces of modern social engineering: from classic phishing, vishing, and physical intrusion, to AI-generated phishing emails, deepfake voice calls, and synthetic identities crafted by language models. We’ll walk through real-world scenarios where attackers exploit trust, urgency, charm, and emotion‚Äînow enhanced by tools that can replicate human tone, write believable pretexts, and automate reconnaissance at scale.

You’ll leave with a deeper understanding of how AI is supercharging social engineering, what this means for defenders and red teamers alike, and how to recognize the increasingly subtle cues of human-targeted compromise.


People:
    SpeakerBio:  fir3d0g

David has spent nearly 2 decades in cybersecurity, transitioning from systems and network administration to offensive security. He has successfully breached banks, law firms, government facilities, and more, all over the globe. David speaks at conferences nationwide, sharing knowledge and humorous stories. Prior to his career in cybersecurity, he served in the U.S. Army, including a tour in Iraq.




The Human’s Guide to Understanding AIxCC

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Sunday, Aug 10, 11:30 – 12:15 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

In a competition where all the entrants are autonomous systems and the top prize is four million dollars, the biggest question usually is: “how can I watch?”

This talk will present different facets of the AI Cyber Challenge (AIxCC), specifically focusing on making them more understandable and visually intuitive. We’ll go over a variety of aspects of the challenge, from the overall structure to replaying specific vulnerabilities and competitor submissions.

By focusing on making the ideas behind the competition accessible, this talk will help audiences of all levels come away with new ideas and understanding of the possibilities of AI capabilities.


People:
    SpeakerBio:  Mark Griffin, Founder at Undaunted Development LLC
No BIO available



The Importance of State Certification Programs for Election Technology; Uncovering and Remediating Compliance Issues

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Friday, Aug 8, 11:00 – 11:30 PDT

Creator: Voting Village

Election technology is an important piece of the critical infrastructure that supports our democracy. Federal and State certification programs are designed to ensure that this infrastructure operates safely, securely, accurately, and in accordance with established federal and state requirements. This presentation discusses the value of state certification programs as a supplement to the federal certification process to ensure that critical issues are identified before systems are deployed for use in elections and to push vendors to develop more robust and effective systems.

Links:
    Department Website – https://www.sos.state.tx.us/index.shtml

People:
    SpeakerBio:  Christina Worrel Adkins, Director of Elections, The Texas Secretary of State’s Office

Christina Adkins is Director of the Elections Division of the Texas Secretary of State’s office. She previously served as acting elections director, and prior to that she was the legal director for the elections division. She has worked at the agency since 2012. She is a recognized leader in the election community for her legal and technological expertise in certifying voting systems and ensuring county officials are trained to comply with the Texas Election Code.

SpeakerBio:  Charles Pinney, Senior Staff Attorney, The Texas Secretary of State’s Office
No BIO available



The Missing Link: Draytek’s New RCEs Complete the Chain

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Saturday, Aug 9, 14:00 – 14:59 PDT

Creator: Hardware Hacking and Soldering Skills Village (HHV-SSV)

Draytek routers are widely deployed edge devices trusted by thousands of organizations, and therefore remain a high-value target for attackers. Building on our prior DEFCON32 HHV presentation (https://www.youtube.com/watch?v=BiBMsw0N_mQ) on backdooring these devices, where we also exposed six vulnerabilities and released Draytek Arsenal (https://github.com/infobyte/draytek-arsenal), a toolkit to analyze Draytek firmware. We return with two new unauthenticated RCEs: CVE-2024-51138, a buffer overflow in STUN CGI handling, and CVE-2024-51139, an integer overflow in CGI parsing. When chained with our prior persistence techniques, these bugs enable a full device takeover and backdoor from the internet.

This talk provides an in-depth analysis of the new vulnerabilities and their exploitation strategies with demos and the full end-to-end exploitation chain. We’ll also explore their potential link to the mass Draytek reboot incidents of March 2025, suggesting that real-world exploitation of some of these vulnerabilities may already be underway. Attendees will gain insight into edge device exploitation, persistent compromise, and the importance of transparency and tooling in embedded security research.


People:
    SpeakerBio:  Octavio Gianatiempo, Security Researcher at Faraday and a Computer Science student at the University of Buenos Aires
No BIO available
SpeakerBio:  Gaston Aznarez, Security Researcher at Faraday, focused on vulnerability research on IoT and embedded devices.
No BIO available



The Nexus of Security for Quantum Systems: Spy Qubits and beyond

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-206 (Quantum Village)
When:  Friday, Aug 8, 15:00 – 15:59 PDT

Creator: Quantum Village

Quantum computing is a rapidly emerging field which promises immense computational capabilities to solve some of the most challenging problems which are currently intractable on conventional classical systems. Likewise, quantum computing is expected to create unique opportunities and challenges in the areas of security and privacy. In this talk, I aim to cover a broad range of topics highlighting the nexus between security and quantum systems. Specifically, I will demonstrate how integrating quantum computing in artificial intelligence could lead to highly robust and trustworthy autonomous systems with applications ranging from military systems to autonomous vehicles. I will also explore security in the context of quantum computing in shared environments where an adversary can generate disruptive attacks to sabotage the execution of quantum algorithms. Finally, I will discuss the idea of spy qubits for intelligence gathering which can secretly learn activities on a quantum processor without being identified by the users.


People:
    SpeakerBio:  Muhammad Usman, CSIRO’s Data61
No BIO available



The Path Towards Self-Defending Systems

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)-Stage
When:  Friday, Aug 8, 14:05 – 14:35 PDT

Creator: Artificial Intelligence Cyber Challenge (AIxCC)

People:
    SpeakerBio:  Heather Adkins, Google
No BIO available



The Power(Point) Glove

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Saturday, Aug 9, 14:30 – 14:59 PDT

Creator: Hardware Hacking and Soldering Skills Village (HHV-SSV)

Inspired by the cult following of the Nintendo Power Glove, this talk explores an unconventional use as a presentation remote. Using a generic ESP32 dev board and basic C code, it becomes a Bluetooth keyboard controlling presentations with ease. In fact, I will deliver this talk using the same Power Glove.

In this beginner-friendly talk, I’ll share my experience “”hacking”” the Nintendo Entertainment System (NES) accessory. I’ll cover:

  • Choosing the right dev board: Arduino vs ESP32
  • NES controller protocol crash course
  • Translating button presses to PowerPoint shortcuts with ESP32

Attendees will learn how to replicate this project and add pizzazz to their presentations. I’ll release the code, so you can spice up your own talks. Maybe you’ll even use the Power Glove to pop a shell on a remote machine in your next Proof of Concept.

Note: This is a personal project developed independently and is not affiliated with or endorsed by Microsoft, Nintendo, or any other employer.


People:
    SpeakerBio:  Parsia “CryptoGangsta” Hakimian, Offensive Security Engineer at Microsoft

Parsia is an offensive security “engineer” at Microsoft. While not a full-time hunter, he has learned a great deal from hunts and the bug bounty community. He spends most of his time reading code and experimenting with static and dynamic analysis — but wishing he was gaming.

Parsia has previously presented at DEF CON’s main venue and the AppSec Village. When not breaking (or fixing) things, he plays videogames, D&D, spends time with family outside – and, as his wife jokes, “subjects himself to the tax and immigration systems of US and Canada”.




The Price of Progress: Ethical Cybersecurity in Tech-Driven Communities

Creator Talk Map Page – LVCC West-Level 3-W322-W324 (Blacks In Cyber Village)
When:  Friday, Aug 8, 12:00 – 12:59 PDT

Creator: Blacks In Cyber Village

In the spirit of economic development, cities often compete for the attention of large corporate brands, especially “”Big Tech””, to settle in their communities creating attractive incentives like tax-breaks and favorable construction terms. Residents in the affected communities get excited about the prospect of new jobs or career growth. With the recent explosion of the everyday use of Artificial Intelligence (AI) changing work and life as we know it in society, cities want to be known as technology leaders or at least early adopters. And in today’s evolving world, one of Cybersecurity’s main functions is to not only enable the business but also just as importantly managing risk for the business. As professionals, we have an obligation to ensure that solutions our organizations develop, especially those involving AI, promote benefits to not only the organization but also society and do not cause harm to the environment. In this session, we will explore Cybersecurity’s role to understand potential and realized risks of accommodations to secure and implement “”Big Tech”” initiatives in communities with respect to energy, water, and waste systems. Attendees will be exposed to the use of risk management frameworks to identify and mitigate these risks and drive sustainable outcomes as well as the situational applicability of ethics in the cybersecurity profession. Case studies and statistics will be citied from various real-world communities, including black communities. While some case discussed will be resolved with implemented remediations, others will be on-going with the opportunity to explore potential solutions.


People:
    SpeakerBio:  Joy Toney, Senior Program Consultant at AIM for Change, LLC

Joy Toney serves as a Senior Program Consultant for AIM for Change, LLC. Joy’s career successes are mapped over 20+ years professional experience, both people leader and individual contributor roles, in non-profit, consumer services, government contracting, and transportation. Joy enjoys utilizing her skills in process and performance improvement, software development, information security, quality assurance, project management, talent management, and organizational change management. She’s a CISSP, CCSP, SHRM-CP, Security Awareness and Culture Professional, Prosci Certified Change Practitioner, certified Google AI Leader, and CompTIA Pentest+ credential holder. Joy is a 2024 National Community College Cybersecurity Program Fellow and Microsoft Certified Educator. Joy has served as an advisor to non-profit boards and committees. Joy holds an MBA with a concentration in Management Information Systems from the University of Memphis as well as a Masters in Cybersecurity and Information Assurance from Western Governor’s University




The Prompt is Lava: Architecting Secure Boundaries for LLM Integrations with Google Workspace.

Creator Talk Map Page – LVCC West-Level 3-W314-W316 (AI Village)
When:  Saturday, Aug 9, 12:00 – 12:30 PDT

Creator: AI Village

People:
    SpeakerBio:  Nico Lidzborski, Principal Software Engineer at Google
No BIO available



The Quantum Shift: Practical Post-Quantum Risk: Algorithms, Infrastructure, and Transition

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Friday, Aug 8, 17:10 – 17:40 PDT

Creator: Malware Village

Quantum computing is no longer a distant theory, but accelerating toward reality, threatening the cryptographic foundations of today’s cybersecurity. In this forward-looking 30-minute talk, QSE Group’s CEO Ted Carefoot & CTO Sean Prescott break down both the technical aspects of what vulnerabilities exist in today’s cryptographic systems in a Post Quantum Computing (PQC) world, the science behind it, and how actors can exploit these vulnerabilities, as well as what potential tools they could use to do so. Part 1 – Quantum Threats Unveiled: Sean explains the real-world vulnerabilities exposed by quantum algorithms like Shor’s and Grover’s, and what this means for VPNs, certificates, secure messaging, and enterprise infrastructure. Part 2 – Learn about the roles of Kyber and Dilithium, two leading candidates for quantum-safe encryption, and how they are being prepared for deployment. Part 3 – Preparing for PQC era, a final discussion point on the importance of ensuring organizations are fundamentally in order, preparing for PQC risks and contingencies now, and ensuring they are aware and aligning with evolving global regulatory standards. This session gives security leaders, compliance experts, developers, or policymakers, clarity understanding what’s at risk, and suggest where we go next. Keywords: Quantum Security, Post-Quantum Cryptography, PQC Standards, Kyber, Dilithium, Shor’s Algorithm, NIST PQC, Cybersecurity Ethics, Quantum Risk, Cryptographic Agility, Governance & Compliance


People:
    SpeakerBio:  Sean Prescott
No BIO available
SpeakerBio:  Ted Carefoot, CEO at Scope Technologies
No BIO available



The Small Packet of Bits That Can Save (or Destabilize) a City

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-803 (Radio Frequency Village)
When:  Friday, Aug 8, 16:00 – 16:55 PDT

Creator: Radio Frequency Village

In the 1960s, the United States launched a radio-based weather information system broadcasting over the VHF band, known as Weather Radio.

Over time, Weather Radio expanded to cover the entire US and incorporated digital information through the SAME (Specific Area Message Encoding) protocol, allowing receivers to filter alerts by location and type, among other features.

Eventually, both Weather Radio and the SAME protocol were adopted by countries like Canada and Mexico for their own public alerting systems.

In Mexico, this solution was integrated into the Mexican Seismic Alert System (SASMEX), which over 30 million people in central Mexico rely on to prepare for the region’s frequent earthquakes. While new alerting technologies have emerged, this system still broadcasts messages to millions of receivers across North America. But how reliable are the systems responsible for warning entire cities when they need to seek safety?

In this talk, we will explore the history and design of Weather Radio and the SAME protocol. We’ll examine how messages are transmitted and encoded through this technology, and how it was adapted in Mexico for SASMEX.

I will also share my personal experience building compatible receivers: from early curiosity-driven experiments to developing a receiver as part of my undergraduate thesis.

We’ll analyze how the simplicity, a key strength of these systems, also introduces certain risks, and how these kinds of trade-offs arise when balancing accessibility, interoperability, and security in the design of any system.

In particular, we’ll explore a concerning aspect: how, with the right equipment, it is surprisingly easy for anyone to generate these alert signals, taking advantage of the open nature of the broadcasts and the lack of mechanisms to verify the origin of received messages.

Beyond the technical exploration, this talk is also a personal story of my multi-year journey into this topic, with the goal of inspiring others with what I consider to be the core of hacking: the curiosity to deeply understand how systems work, explore their boundaries, and share that knowledge.


People:
    SpeakerBio:  Manuel Rábade

Computer Engineer from Mexico City. Software engineering manager by profession. Experiments with software, hardware, and radio communications in free time.




The Things know What You Did Last Session

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Saturday, Aug 9, 13:45 – 14:15 PDT

Creator: IOT Village

I will cover the tools available in the corporate network, the limitations of remote investigations, and the signatures of threat actors. All examples are cases I have actively worked in the past two years. This will range from the individual threat- timecard fraud identified thru network logs which led to the geolocation of an automated fingerprint device hidden in a facility to large numbers of contractors working in denied areas to ultimately the identification and mitigation of North Korean IT worker fraud within the network. 1. Speaker intro and brief background 1. On-site contractor must be on site daily between 9-5 but there was little work. They connected an older generation iPhone to the visitor network and hid it within a box in a cubicle away from foot traffic. 1. The device had the timecard app for $company which required a manual fingerprint touch/swipe geolocated to the customer site daily. 2. The contractor automated a device to have a synthetic flesh covering over a robotic finger which would press log in at 0900 and logout at 5pm monday-friday 3. The device was discovered by janitors and assumed to be an explosive device at first 4. Picture analysis revealed the make/model of the iPhone 5. I gained access to the visitor Wifi logs, found the MAC address of the iPhone/device name (named $contractor name) and the traffic going to the contractor timesheet website Other devices were also found with similar configurations for the user and his manager

2.How I was introduced to the IoT village thru chip off extraction of Chinese voting machine in 2022 by the IOT experts Description of voting machine prototype from china 4g connectivity, bluetooth, wifi but no true data ports for analysis Chip off extraction by IoT village (videos) end result of the analysis and where the images went for national security 3. North Korean IT Fraudulent worker hunting 1. Micro level- piKVM switch hunting on individual network detection level, now turned to an email alert via date ubea 2. Hints and clues via digital forensics- devices added to the workstation that are not related to the users 1. Kim’s iPhones connecting to George’s virtual machine 2. Multiple user devices (verified thru MAC address) connecting to the same workstation 3. Timecards being updated in HR systems in beijing/NK time zone on emulators 1. Can see it’s a linux device android phone whereas most legitimate users are either android or iPhone. Connecting to Wifi VPN router for all connections and forgetting 2fa is tied to the local infrastructure


4. User was being terminated from company A as a fraudulent worker and company B/C screens were in the background. With the screen shot time provided by our partner, I executed a windows event code search in splunk for devices locked within the window of the termination from company A. We ultimately found a full stack dev fitting the description of NKIT suspects with an Astrill VPN. While hunting for this user, we identified one working out of China and spoofing their location. The humint interview, while far from the iOt arena, revealed the user’s deception as they would not open the windows locally to prove they are in the same geographic time zone


People:
    SpeakerBio:  Will Bagget, Operation Safe Escape

Will Baggett is a Lead Investigator for Digital Forensics and Insider Threat at a Fiscal Infrastructure organization. He is also Director of Digital Forensics at Operation Safe Escape (volunteer role), a non-profit organization providing assistance to victims of domestic abuse.




The Truth, The whole Truth and Nothing but the Truth about Cybersecurity

Creator Talk Map Page – LVCC West-Level 3-W322-W324 (Blacks In Cyber Village)
When:  Saturday, Aug 9, 13:00 – 13:59 PDT

Creator: Blacks In Cyber Village

Cybersecurity is currently in a state of crisis, and it is imperative that we confront this issue head-on. The increasing aggressiveness and sophistication of adversaries is not the primary concern; rather, our approach to tackling these threats is a significant part of the problem. In the realm of defending against cyberattacks, it is not the probabilities that count, but rather the actions we take. Many well-known cybersecurity tools from both large enterprises and startups often fail to deliver on their promises or provide misleading, if not outright fraudulent, data. The notion that vendors frequently misrepresent their capabilities is, as the saying goes, “a tale as old as time.” However, the idea that these vendors may be so convincing because they genuinely believe in their own fabrications is particularly thought-provoking. In this discussion, we will delve into the realities surrounding cybersecurity vendors, certifications, and a range of other contentious topics within the cyber domain. If you’re ready for a honest look at the state of cyber, this session is for you.


People:
    SpeakerBio:  Louis Deweaver

Dr. Louis DeWeaver serves as a Cyber Security Consultant at Marsh McLennan Agency (MMA), bringing over two decades of experience to the role. He earned an Associate of Applied Science degree in Information Technology and Computer Network Systems, followed by a Bachelor of Science degree in Information Systems Security in 2011. In 2016, he enhanced his qualifications by obtaining a Master of Science degree in Information Assurance, focusing on Cybersecurity. Most recently, in 2021, he completed his academic journey with a Doctor of Computer Science degree, also specializing in Cybersecurity.




The Worst ICS/OT Love Story Ever Told

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Sunday, Aug 10, 12:30 – 12:59 PDT

Creator: ICS Village

The world of securing OT/ICS is changing FAST!

And we are not prepared.

Prior to the Colonial Pipeline incident in 2021, we focused on protecting against state adversaries.

Afterwards, we shifted to focusing on protecting against ransomware operators and hacktivists.

Now in 2025, we see more alignment between state adversaries, ransomware operators and hacktivists.

A significant shift in the landscape we are not ready for.

Advanced capabilities and tools in the hands of every day attackers with intermediate to no skill?

Are we prepared today for what’s coming?

No.

But we can be.

And we’ll talk about how.


People:
    SpeakerBio:  Mike Holcomb, Flour

Mike Holcomb is the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, one of the world’s largest engineering, procurement, and construction companies. His current role provides him with the opportunity to work in securing some of the world’s largest ICS/OT environments, from power plants and commuter rail to manufacturing facilities and refineries. As part of his community efforts, Michael founded the BSidesICS/OT and BSides Greenville conferences along with the UpstateSC ISSA Chapter. He has his Masters degree in ICS/OT cybersecurity from the SANS Technology Institute. Additionally, he maintains cyber security and ICS/OT certifications such as the GRID, CISSP, GICSP, ISA 62443, and more.

He posts regularly on LinkedIn and YouTube to help others learn more about securing ICS/OT and critical infrastructure.




The Year of the Bounty Desktop: Bugs from Binaries

Creator Talk Map Page – LVCC West-Level 3-W326 (Bug Bounty Village)
When:  Friday, Aug 8, 15:30 – 15:59 PDT

Creator: Bug Bounty Village

Desktop applications are the forgotten attack surface of bug bounty hunting. They’re usually out of scope, but they talk to assets that aren’t. In this talk, I’ll share how I’ve earned bounties by targeting desktop apps directly or leveraging them to find bugs in paying assets.

We’ll start with traffic interception. Unlike browsers, desktop apps don’t always like proxies. I’ll walk through my bag of tricks for viewing and modifying traffic, revealing hidden APIs not exposed in the web interface, broken OAuth flows, and secrets leaking in requests.

Next item on the menu are binaries. This won’t be a full-blown reverse engineering course, but I’ll show how tools like Ghidra, dnSpy, and even strings have helped me extract secrets from binaries, bypass client-side checks, and uncover logic flaws. We’ll also look at how Process Monitor has helped me observe app behavior and uncover where secrets are stored.

Finally, I’ll build on my previous DEF CON village talk about jumping the browser sandbox, sharing my now disclosed bugs in protocol handlers and local HTTP servers that led to five-figure bounties.

If you’ve been ignoring desktop apps in your bounty hunting, this talk might change your mind—and your bank account.


People:
    SpeakerBio:  Parsia “CryptoGangsta” Hakimian, Offensive Security Engineer at Microsoft

Parsia is an offensive security “engineer” at Microsoft. While not a full-time hunter, he has learned a great deal from hunts and the bug bounty community. He spends most of his time reading code and experimenting with static and dynamic analysis — but wishing he was gaming.

Parsia has previously presented at DEF CON’s main venue and the AppSec Village. When not breaking (or fixing) things, he plays videogames, D&D, spends time with family outside – and, as his wife jokes, “subjects himself to the tax and immigration systems of US and Canada”.




There and Back Again: Discovering OT devices across protocol gateways

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Sunday, Aug 10, 11:00 – 11:30 PDT

Creator: ICS Village

Operational Technology (OT) describes devices and protocols used to control real-world operations: factories, assembly lines, medical equipment, and so on.

For decades, this technology was isolated (more or less) from the wider world, using custom protocols and communications media. However, over the past 15 – 20 years, these devices have started using commodity protocols and media more and more. This means that these devices are now using the standard TCP/IP protocol suite, a concept referred to as “OT/IT convergence.”

This convergence has obvious benefits, making these devices cheaper and more manageable. However, it also makes them more accessible to attackers, and their security posture has often not kept up.

As part of this convergence process, many devices are connected via protocol gateways. These gateways speak TCP/IP, and then translate communications to proprietary OT protocols (or simply provide a NAT-style private network within an OT device rack).

This talk discusses techniques for detecting devices on the “other side” of these gateways. It begins with a brief introduction to the history of OT, moving on to the OT/IT convergence phenomenon. It then discusses the issue of protocol translation and provides two practical examples of discovering assets across gateways: CIP (Common Industrial Protocol) message forwarding and DNP3 (Distributed Network Protocol, version 3) address discovery.

These techniques are provided as examples to illustrate the issue of OT device discovery, and to encourage the audience to perform further research in how these sorts of devices may be discovered on networks and, ultimately, protected.


People:
    SpeakerBio:  Rob King, Runzero

Rob King is the Director of Security Research at runZero. Over his career Rob has served as a senior researcher with KoreLogic, the architect for TippingPoint DVLabs, and helped get several startups off the ground. Rob helped design SC Magazine’s Data Leakage Prevention Product of the Year for 2010, and was awarded the 3Com Innovator of the Year Award in 2009. He has been invited to speak at BlackHat, DEF CON, Shmoocon, SANS Network Security, and USENIX.




Thermostats Gone Wild: Gaining Domain Admim from an Unsecured HVAC System 🚨 (ESP)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Saturday, Aug 9, 16:30 – 17:30 PDT

Creator: La Villa

En esta charla técnica relataré una historia real de una intrusión interna que comenzó en un sistema HVAC expuesto dentro de la red corporativa y terminó con el compromiso completo de Dominio o Administrador de Dominio(DA). El objetivo principal es mostrar cómo aplicar técnicas ofensivas y de Red Teaming para identificar vectores no tradicionales, escalar privilegios y moverse lateralmente en entornos híbridos IT/OT, en la charla mostrare la metodologia utilizada para encontrar la vulnerabilidad y el proceso desde reconocimiento hasta explotacion. x000D x000D x000D Durante la charla cubriremos:x000D x000D – Reconocimiento activo y pasivo en redes mixtas (IT/OT).x000D – Explotación de sistemas HVAC: acceso con credenciales por defecto y extracción de configuraciones sensibles.x000D – Abuso de configuraciones SMTP mal diseñadas para obtener credenciales en texto claro.x000D – Identificación de cuentas privilegiadas y técnicas de movimiento lateral entre servidores.x000D – Extracción de hashes y escalada final hasta Domain Admin.x000D – Herramientas utilizadas y consideraciones para evadir detección.x000D x000D El enfoque será 100% ofensivo y práctico, orientado a Red Teamers, pentesters e investigadores interesados en vectores poco comunes y escenarios reales de compromiso completo de infraestructura.x000D x000D Categoría:x000D Red Teaming / Pentesting / Infraestructura_x000D_ x000D Nivel:x000D Intermedio – Avanzado_x000D_ x000D Duración:x000D 50 minutos_x000D_ x000D Idioma:x000D Español_x000D_ x000D Esta presentacion y todo lo mostrado es de un caso real en un pentest, todas las capturas tomada estan blurreadas para proteger la identidad del cliente. Y en algunas se crearon capturas basadas en los sistemas vistos.


People:
    SpeakerBio:  David Alejandro Ramirez Carmona, Threat Labs Consultant – Avertium

David Ramirez aka “Davalo” x000D x000D With a strong background in offensive security, David has spent over 6 years helping organizations across various industries strengthen their defenses through real-world attack simulations. As a penetration tester, he specializes in Active Directory attacks, and post-exploitation techniques, focusing particularly on high-impact vulnerabilities and realistic threat scenarios.x000D x000D David is also the co-organizer of HackGDL, a prominent cybersecurity conference in Guadalajara, Mexico, where he connects security professionals to share cutting-edge research and practical techniques. x000D x000D In his spare time, David develops open-source offensive security automation scripts and mentors aspiring ethical hackers, helping foster the next generation of cybersecurity talent. He holds certifications such as CRTP & OSWA and continues expanding his expertise through hands-on engagements and community involvement.




They deployed Health AI on us. We’re bringing the rights & red teams.

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Friday, Aug 8, 17:00 – 17:30 PDT

Creator: Biohacking Village

AI is rapidly reshaping healthcare—from diagnostics to mental health chatbots to surveillance inside EHRs—often without patient consent or clear oversight. The Patient AI Rights Initiative (https://lightcollective.org/patient-ai-rights/) lays out the first patient-authored ethical framework for Health AI. Now it’s time to test it like any other system: for failure, bias, and exploitability.

We’ll introduce the 7 Patient AI Rights and challenge participants to stress test them through the lens of security research. Working in small groups, you’ll choose a Right and explore how it could break down in the real world.

Together, we’ll co-create early prototypes for a “Red Teaming Toolkit for Health AI” to evaluate Health AI systems based on the priorities of the people most impacted by them: patients.

This session is ideal for patient activists, engineers, bioethicists, and anyone interested in building accountable, rights-respecting AI systems from the outside in.


People:
    SpeakerBio:  Andrea Downing
No BIO available



Third-Party Access Granted: A Postmortem on Student Privacy and the Exploit That’s Still in Production

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Friday, Aug 8, 13:45 – 14:30 PDT

Creator: Policy @ DEF CON

This talk exposes the quiet, lawful erosion of student privacy in higher education. While FERPA was meant to protect student data, its loopholes let colleges share personally identifiable information with third-party contractors—no consent required. Enter non-profit data brokers like the National Student Clearinghouse (NSC), which now aggregate and distribute massive volumes of student data to for-profit partners like Equifax.


People:
    SpeakerBio:  Sharlene Toney

Sharlene Toney has been a business analyst on a cross-functional, Agile development team in Enterprise Student Systems at Indiana University since 2013. Her path into IT has been anything but traditional, and she has been known to point out that when she started her undergraduate degree in 1994, she didn’t even know what email was. After a B.S. in Education and a Master of Social Work degree, she spent time in non-profit management and collegiate academic advising before signing on as a subject matter expert in academic advising with IU University Informational Technology Services. With a growing interest in the cybersecurity landscape, she returned to school to complete an M.S. in Cybersecurity Risk Management and will finish in May ’26. After 18 years working in the field of higher education, she has focused on learning more about the value of student data, student data pipelines, consent, and privacy. She has not completely said goodbye to her social work roots. Recently, she began training to volunteer with Operation Safe Escape where, with other safety and security professionals, she will work to assist survivors of domestic violence, stalking, and harassment to help them find safety and freedom.




Threat Dynamics on the Seas

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Friday, Aug 8, 15:00 – 15:45 PDT

Creator: Maritime Hacking Village

The tides are changing. The seas are the key frontier for power projection and commerce by nations, companies, and militaries — and surveillance and cybersecurity tradecraft are rapidly reshaping sea-side threat dynamics. Join three of the biggest minds national security to explore threats to the maritime domain as the strategic centerpiece for conflict in the digital age. From port cranes to drug smuggling, and Navy ships to undersea cables, the fight is everywhere.

Links:
    maritimehackingvillage.com/dc33/talks – https://maritimehackingvillage.com/dc33/talks

People:
    SpeakerBio:  John Mauger, PORTS LLC, , Rear Admiral , USCG (Ret.)

Rear Admiral John W. Mauger, USCG (Ret.) is a seasoned executive with over 33 years of leadership experience in the maritime industry, national security, and cyber operations. Known for his foresight, innovative approach to problem solving, and ability to drive change, John has left an indelible mark on every role he’s undertaken—from commanding complex Coast Guard operations to shaping the future of cyber defense.

As Commander of the First Coast Guard District, he led over 12,000 people and oversaw critical port operations in New England, deploying innovative technologies like counter-drone systems to enhance security. John’s leadership during the TITAN capsule search and recovery at the TITANIC site highlighted his ability to lead complex crises in the international spotlight.

At U.S. Cyber Command, John revolutionized cyber training, developing a cloud-based environment that modernized cyber exercises and increased readiness. John also served as the Coast Guard’s first Executive Champion the National Naval Officers Association, mentoring future leaders and driving organizational change.

Earlier in his career, John led key regulatory projects for both domestic and international shipping. His work protected mariners and the environment, created new markets for alternative fuels, and established a new international code to safeguard vital Polar regions.

Now leading (PORTS) LLC, John uses his diverse expertise to help clients plan for and navigate complex challenges in the maritime and critical infrastructure industries while enhancing personnel and team performance through effective training.

SpeakerBio:  Michael Sulmeyer, US DoD (ret.), Georgetown School of Foreign Service

Michael Sulmeyer will start as Professor of the Practice at the School of Foreign Service’s Security Studies Program in the fall of 2025. He most recently served as the first Assistant Secretary of Defense for Cyber Policy and as Principal Cyber Advisor to the Secretary of defense. He has held other senior roles involving cyber-related issues with the U.S. Army, the Office of the Secretary of Defense, U.S. Cyber Command and the National Security Council. In academia, he was a Senior Fellow with Georgetown’s Center for Security and Emerging Technology. He holds a doctorate in politics from Oxford University where he was a Marshall Scholar, and a law degree from Stanford Law School.

SpeakerBio:  Adam Segal, Council on Foreign Relations

Adam Segal is the Ira A. Lipman chair in emerging technologies and national security and director of the Digital and Cyberspace Policy program at the Council on Foreign Relations (CFR). From April 2023 to June 2024, Segal was a senior advisor in the State Department’s Bureau of Cyberspace and Digital Policy, where he led the development of the United States International Cyberspace and Digital Policy. An expert on security issues, technology development, and Chinese domestic and foreign policy, Segal was the project director for the CFR-sponsored Independent Task Force reports Confronting Reality in Cyberspace, Innovation and National Security, Defending an Open, Global, Secure, and Resilient Internet, and Chinese Military Power. His book The Hacked World Order: How Nations Fight, Trade, Maneuver, and Manipulate in the Digital Age (PublicAffairs, 2016) describes the increasingly contentious geopolitics of cyberspace. Segal is also the author of Advantage: How American Innovation Can Overcome the Asian Challenge (W.W. Norton, 2011) and Digital Dragon: High-Technology Enterprises in China (Cornell University Press, 2003), as well as several articles and book chapters on Chinese technology policy.




Threat Hunting 101: Beyond the Alerts

Creator Talk Map Page – LVCC West-Level 2-W213-W218-(Blue Team Village) W214-W215
When:  Saturday, Aug 9, 11:00 – 11:50 PDT

Creator: Blue Team Village (BTV)

Detection and response are essential pillars of cybersecurity—but what if something slips through the cracks? Not every attack triggers an alert. That’s where Threat Hunting comes in.

Threat hunting is a proactive, human-driven approach to uncovering signs of compromise that automated systems may have missed or misunderstood. It involves asking deeper questions, forming hypotheses, and exploring system behavior to find evidence of stealthy or novel attacks.

Join us for an introductory presentation on Threat Hunting, where you’ll learn how cybersecurity professionals go beyond known threats to uncover hidden adversaries—and why human intuition is still a critical part of modern defense.


People:
    SpeakerBio:  Kainu

With over 18 years of experience in IT and cybersecurity, Kainu currently specializes in Digital Forensics, Incident Response (DFIR), and Threat Hunting, with over 5 years dedicated to actively defending against threats, leading response efforts, and conducting deep forensic investigations. He has worked across diverse industries including healthcare, pharmaceutical, manufacturing, legal, and financial sectors, helping organizations detect, contain, and recover from complex security incidents. By day, he serves as an Incident Response case manager and consultant, conducting investigations, leading threat hunts, or mentoring clients on how to build and run effective incident response teams. He brings a hands-on, analytical approach to defending infrastructure and uncovering adversary tradecraft. Outside of work, Kainu is a passionate locksport practitioner and a proud #GirlDad, driven by curiosity, resilience, and a commitment to protecting what matters most.




Threat Modelling at Scale: Breaking Down Cloud Complexity

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Saturday, Aug 9, 15:15 – 15:55 PDT

Creator: Cloud Village

This presentation aims to provide an actionable strategy to connect theoretical threat modelling frameworks and practical cloud implementations. We analyze why legacy approaches do not work for cloud-native applications, particularly microservices and serverless architectures.

We will explore how to: • establish a realistic threat modelling schedule which provides real value lowering the risk of handling threat modelling as just a “tick-the-box” activity; • create effective cloud architecture diagrams to make it understandable and handy for developers to brainstorm possible threats; • implement effective system decomposition strategy to get rid of the monolithic threat modelling which fails for distributed cloud systems. We will demonstrate how this decomposition enables a targeted application of the STRIDE model, highlighting cloud-specific threat vectors and nuances, such as those arising in cross-tenant scenarios; • adapt DREAD risk evaluation framework for the cloud; • effectively engage stakeholders across development, security, and operations; • use AI as a starting point in threat modelling (demo included) and understand where human expertise remains critical. We will make sure attendees gain a clear understanding of why traditional threat modelling is insufficient for modern cloud environments and will leave with a practical framework and techniques they can immediately apply to their own cloud deployments, improving their organization’s security posture and reducing cloud-related risks.


People:
    SpeakerBio:  Hanna Papirna

Hanna is a cybersecurity expert and consultant specialising in securing cloud environments for clients in various industries such as financial services, commercial banking, and retail. With the experience in Secure Landing Zones, Infrastructure as Code, identity management, endpoint protection, security operations, and DevOps, she helps organizations to build resilient cybersecurity strategies and roadmaps.

As a certified Microsoft Trainer, she conducts hands-on workshops on cloud and cybersecurity topics, empowering teams to navigate modern security challenges. Passionate about Cloud Security Posture Management and robust defenses against evolving threats.

SpeakerBio:  Emma Yuan Fang, Senior Security Architect at EPAM

Emma is a Senior Security Architect at EPAM, specialising in developing and executing security strategies and architecting cloud solutions. With over 10 years of experience in cyber, she has led projects and technical workshops focused on cloud transformation and cloud-native application development. Beyond her professional role, Emma is dedicated to advocate for a more diverse cyber workforce through community volunteering and public speaking. She is a passionate mentor, volunteers at the leadership team of WiCyS UK&I affiliate, Google’s Techmakers ambassador, and serves as a member of Industry Advisory Board at the University of Buckingham in the UK.




Timeline Analysis in Timesketch with Sec-Gemini

Creator Talk Map Page – LVCC West-Level 3-W314-W316 (AI Village)
When:  Friday, Aug 8, 14:00 – 14:30 PDT

Creator: AI Village

Incident response often feels like drowning in a sea of logs. While LLMs promise a lifeline, simply dropping a chatbot into a DFIR tool is not enough.

This talk pivots from “Can AI analyze logs?” to “How do we build a trustworthy, human-centric AI partner for investigators?” We present our journey integrating a Sec-Gemini Log Reasoning Agent into Timesketch, the open-source forensic timeline analysis platform. Our core focus will be how we built the Log Reasoning Agent and the UX research required to make AI findings verifiable and actionable.

We will deconstruct our design philosophy, which reimagines the analyst’s workflow around AI-generated insights and investigative questions. We’ll explore the specific UI/UX patterns we developed to empower analysts to seamlessly trace AI conclusions back to the source evidence, fostering a “trust but verify” mindset essential for high-stakes investigations. Attendees will leave with a new framework for thinking about AI in security operations—one that prioritizes human-computer interaction over black-box automation.


People:
    SpeakerBio:  Diana Kramer, Security Engineer at Google

Security Engineer at Google, specializing in digital forensics and incident response. Experience in the video game industry and consulting, working as an incident analyst, security consultant, and security engineer. Currently focused on applying AI and Large Language Models (LLMs) to streamline and enhance incident response workflows, specifically for investigations, automated reporting, and threat analysis.

SpeakerBio:  Janosch Köpper, Security Engineer at Google

Janosch Köpper is a Security Engineer on Google’s Incident Response team, where he specializes in digital forensics, incident management and automation. He is a core maintainer of the open-source Timesketch project, used for collaborative forensic timeline analysis.

SpeakerBio:  Melinda Baeriswyl, Interaction Designer at Google

Melinda Baeriswyl, an Interaction Designer at Google, develops tools for the company’s detection and response teams. Her extensive understanding of the processes involved in incident response, from suspicious logs to resolution, uniquely positions her to investigate how AI and Large Language Models will enhance human effectiveness.




To Pay or Not to Pay? The Battle Between Bug Bounty & Vulnerability Disclosure Programs

Creator Talk Map Page – LVCC West-Level 3-W326 (Bug Bounty Village)
When:  Friday, Aug 8, 16:00 – 16:30 PDT

Creator: Bug Bounty Village

Running parallel vulnerability submission programs – one paid, one unpaid – is like managing two restaurants with the same kitchen but different menus and expectations. Researchers have strong feelings on this topic but so do businesses operating and funding the programs.

Through data and years of war stories as an owner of connected device programs, this talk exposes the reality of juggling paid bounty programs for product offerings against unpaid programs for operational infrastructure. You’ll learn how we made business risk decisions to separate programs, why researchers creatively redefine scope to get paid, why your infrastructure VDP findings might be more critical than your bounty submissions, and how we built a unified process that keeps both programs running without descending into chaos.

Bonus: Discover how we turned scope debates into a positive force that led us to hire our top 2 researchers, enforcement of new software quality practices, and measurable SDLC program improvements that reduced critical findings by 40% year-over-year.


People:
    SpeakerBio:  Aaron “scriptingxss” Guzman, CISO at Cisco

Aaron serves as Cisco’s Network Devices CISO, securing millions of on-premises and cloud-managed products powering global internet infrastructure. With over 10 years in crowdsourced security‚Äîboth as researcher and program owner‚Äîhe drives Cisco’s public bug bounty program while launching comprehensive vulnerability disclosure capabilities.




TotalTest 2.Oh!: Unleashing a Testing Program to Break Smarter, Measure Better, and Fund Your Fixes

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Sunday, Aug 10, 12:00 – 12:30 PDT

Creator: Adversary Village

Production halted. SCADA alarms blaring. The CEO demands answers. Your theoretical cyberattack? It just became reality. Point-in-time penetration tests are fundamentally inadequate against today’s advanced persistent threats. This talk outlines a framework to build an intelligence-led, integrated attack and crisis simulation program, not just a reactive security strategy.

Drawing from our extensive experience (including hundreds of red team engagements for some of the world’s largest organizations, with anonymized real-world case studies), we will unveil TotalTest – a revolutionary, metrics-driven framework that transforms breach simulations from isolated exercises into a continuous, strategic program for unparalleled organizational resilience.


People:
    SpeakerBio:  Nebu Varghese, FTI Consulting LLP – Senior Director, EMEA Offensive Security Leader

Nebu Varghese is a Senior Director in FTI Consulting’s Cybersecurity practice and is based in London. Mr. Varghese has more than 13 years of multi-functional cybersecurity experience, blending deep technical expertise with strong academic credentials. He has led global teams and complex matters across 28 countries, in sectors including Financial Services, Private Equity, TMT, Manufacturing, and Critical National Infrastructure. Mr. Varghese specialises in executing and managing the delivery of offensive security testing (ethical hacking or penetration testing) engagements for organisations across the globe. He serves on the UK National Cyber Security Centre (NCSC) Security Testing Expert Group, collaborating with industry experts to draft practical and valuable best practice guidance that informs and guides both the NCSC and the wider ICS industry.




Tracking 300k+ drives: What we’ve learned after 13 years

Creator Talk Map Page – LVCC West-Level 2-W225 (Data Duplication Village)
When:  Friday, Aug 8, 13:00 – 13:59 PDT
Saturday, Aug 9, 13:00 – 13:59 PDT

Creator: Data Duplication Village

Backblaze Drive Stats is an open dataset that has tracked hard drive and SSD reliability across our data centers since 2013. This session covers recent backend upgrades—including a modular versioning system and migration to Snowflake with Trino and Iceberg—that improved data processing and failure validation. We’ll also share updated AFR trends by drive model and size, SSD tracking challenges, and share how drive insights have underpinned performance improvements in data centers.

Links:
    Hard Drive Test Data – https://www.backblaze.com/cloud-storage/resources/hard-drive-test-data

People:
    SpeakerBio:  Pat Patterson, Chief Technical Evangelist at Backblaze

Pat Patterson is the chief technical evangelist at Backblaze. Over his three decades in the industry, Pat has built software and communities at Sun Microsystems, Salesforce, StreamSets, and Citrix. In his role at Backblaze, he creates and delivers content tailored to the needs of the hands-on technical professional, acts as the “voice of the developer” on the Product team, and actively participates in the wider technical community. Outside the office, Pat runs far, having completed ultramarathons up to the 50 mile distance. Catch up with Pat via Bluesky or LinkedIn.

SpeakerBio:  Stephanie Doyle, Associate Editor & Writer at Backblaze

Stephanie is the Associate Editor & Writer at Backblaze. She specializes in taking complex topics and writing relatable, engaging, and user-friendly content. You can most often find her reading in public places, and can connect with her on LinkedIn.




Traditional Pentest Meets AI: New Challenges in Android Security

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Saturday, Aug 9, 17:15 – 17:59 PDT

Creator: Mobile Hacking Community

This presentation explores the evolving landscape of Android application security testing as artificial intelligence becomes increasingly integrated into mobile devices. The talk bridges traditional penetration testing methodologies with emerging AI-specific security challenges, providing practitioners with updated frameworks and tools for comprehensive Android security assessments.


People:
    SpeakerBio:  Gabrielle Botbol

Gabrielle Botbol is a Pentester at the largest financial cooperative in North america. With a deep focus on the banking industry, Gabrielle specializes in exploring AI, mobile applications and API.

Gabrielle is an avid blog writer who advocates for access to education for all. In addition, she has a large following on social media, where she shares many educational resources about technical training and many other cyber topics.

She actively contributes to various organizations as a member of their Advisory Board and technical board. She is a speaker and trainer at global events and prestigious universities, like RSAC, Blackhat, Defcon, CUNY, University of Toronto and many more …

With her contributions to the community, Gabrielle has been the recipient of multiple prestigious awards. Among them, she was honored as one of the Top 20 women in cybersecurity in Canada, Woman Hacker of the Year by CSWY, Educator of the Year at AYA, Top Influencer in Cybersecurity by IFSEC Global, and Pentest Ninja at WSCJ.




Train How We Fight: Finding CVEs to Enhance Competition Skills

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-604 (AppSec Village)-Main Stage
When:  Friday, Aug 8, 14:20 – 14:50 PDT

Creator: AppSec Village

Zero-day hunting is learnable, not legendary. This talk explores how US Cyber Team coaches transform rookies into community-minded researchers who locate fresh bugs in live open-source code, build reliable proofs-of-concept, and perform responsible disclosure and CVE assignment. This training is completed by US Cyber Team athletes to prepare for Attack/Defense competitions when performing in international competitions. Attendees will learn how this is approachable to find 0-days, use SAST tools, triage alerts, weaponize findings, and perform responsible disclosure. We connect technical drills to career wins and share metrics that prove junior athletes become better at competitions while earning credentials and credibility.


People:
    SpeakerBio:  m4lwhere

Chris brings over 13 years of experience in Penetration Testing, Incident Response, Risk Evaluation, Threat Intelligence, and System Administration. While Active Duty, Chris was the Incident Management Lead for the Navy Cyber Defense Operations Command where he specialized in response to attacks on classified and unclassified Navy networks across the globe. Throughout his career, Chris has provided actionable information for stakeholders to make informed decisions about reducing risk to the lowest possible levels, resulting in over 30 CVEs attributed to his work.

Chris has co-authored The Hack is Back: Techniques to Beat Hackers at Their Own Games and has created content on HackTheBox, TryHackMe, and Cybrary. He is an avid CTF player and has recently taken the #1 individual and #1 team position in the National Cyber League, while also operating as the Attack/Defense coach for the US Cyber Team.

Mr. Haller was awarded GIAC Security Expert #329 and has over 30 other certifications.




Trans in Tech

Creator Talk Map Page – LVCC West-Level 3-W325 (Queercon Community)
When:  Saturday, Aug 9, 15:00 – 15:30 PDT

Creator: Queercon Community Lounge

AntiCistamines, Antiboyotics, or Proboyotics: meet, connect, and celebrate with the trans and gender-diverse people of our community!




Transforming Identity Protection: Innovating with AI and Attack Paths

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Friday, Aug 8, 14:10 – 14:40 PDT

Creator: Cloud Village

In this session, we will explore the innovative integration of Generative AI with graph-based visualization to redefine cloud security strategies. Attendees will discover how attackers exploit misconfigurations in major cloud platforms like AWS, Azure, GCP, and OCI, gaining insights into the evolving threat landscape. Utilizing cutting-edge AI models, we’ll unveil how generative algorithms can predict potential misconfigurations and proactively identify attack paths.

The core of our discussion focuses on leveraging open-source tools such as neo4j and Memgraph to visualize these paths, providing a dynamic map of vulnerabilities. We’ll demonstrate AI-driven solutions for crafting tailored mitigation strategies, ensuring a robust defense across cloud ecosystems. Through real-world case studies, attendees will witness the transformative impact of combining Gen AI with strategic prevention techniques.

By the presentation’s end, participants will be empowered with the knowledge and tools to implement proactive security measures, effectively mitigating risks and enhancing the security posture of their cloud infrastructures. This innovative approach positions cloud security professionals at the forefront of defense against sophisticated cyber threats.


People:
    SpeakerBio:  Filipi Pires, Head of Identity Threat Labs and Global Product Advocate at Segura

I’ve been working as Head of Identity Threat Labs and Global Product Advocate at Segura®, Red Team Village Director, Senior Advisor Raices Cyber Academy, Founder of Red Team Community (Brazil and LATAM), AWS Community Builder, Snyk Ambassador, Application Security Specialist and Hacking is NOT a crime Advocate. International Speaker at Security and New technologies events in many countries such as US (Black Hat & Defcon), Canada, France, Spain, Germany, Poland, Black Hat MEA – Middle-East – and others, I’ve served as University Professor in Graduation and MBA courses at Brazilian colleges, in addition, I’m Creator and Instructor of the Course – Malware Attack Types with Kill Chain Methodology (PentestMagazine), PowerShell and Windows for Red Teamers(PentestMagazine) and Malware Analysis – Fundamentals (HackerSec).




Tunnel Snipers

Creator Talk Map Page – LVCC West-Level 2-W224 (Telecom Village)
When:  Saturday, Aug 9, 16:40 – 16:59 PDT

Creator: Telecom Village
DNS Tunneling: DNS Exploitation in Telecom Networks, Detection and DNS Hardening Strategies

People:
    SpeakerBio:  Vinod Shrimali
No BIO available
SpeakerBio:  Prahalad
No BIO available
SpeakerBio:  Nadeem Bagwan
No BIO available



Tunnelpocalypse

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C105 (Community Stage)
When:  Friday, Aug 8, 12:00 – 12:59 PDT

Creator: DDoS Community

Did you know that you or anyone can launch a spoofed DDoS amplification attack from ANY IP on the Internet? Come find out about this mind blowing vulnerability that may well cause a Tunnelpocalypse!


People:
    SpeakerBio:  Rich Compton, Comcast
No BIO available



Uncovering and Combating Brazil’s Largest Financial APT: A Journey of Collaborative Intelligence (POR)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Friday, Aug 8, 11:30 – 12:30 PDT

Creator: La Villa

Get ready to dive into an unprecedented investigation that has uncovered the largest group of Advanced Persistent Threats (APT) on the Brazilian financial scene. We uncovered a sophisticated modus operandi that resulted in losses in excess of USD 100MM to more than 25 victim companies.


People:
    SpeakerBio:  Thiago Bordini, Head Cyber Threat Intelligence

Thiago Bordini, Head Cyber Threat Intelligence, executive with more than 20 years of experience in the cyber intelligence market, working with analysis and prevention of cyber threats and fraud and dissemination of educational content on the subject to professionals and companies. Technical coordinator and postgraduate professor at IDESP.x000D Speaker at several national and international events such as Defcon La Villa, YSTS, EkoParty, H2HC, Security BSides Las Vegas and Sao Paulo, SANS, HTCIA, CoronaCon, 8.8 Andina and Brazil, among others.x000D Member of the Security BSides Sao Paulo/Brazil organization.




Uncovering Hidden Threats: The Risks of Dangling Issuers in Federated Credentials

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Saturday, Aug 9, 13:25 – 14:05 PDT

Creator: Cloud Village

Federated Credentials are one of the ways to authenticate workload identities and provide access to resources using Open ID Connect (OIDC), and major identity providers such as Entra ID (formerly known as Azure AD) support authentication using federated credentials. Developers set up a trust relationship between federated identity providers and workload identities. Often times due to a misconfiguration or lack of understanding of federated credentials security risks, developers have dangling domains configured as issuer in the setup. Due to the inherent trust relationship configured with the federated identity provider, an attacker can take over the dangling issuer domain, host OIDC discovery endpoints and obtain access tokens to elevate privileges.

 This talk aims to highlight the risks of dangling issuers and demonstrates how an attacker can exploit them to elevate privileges. In addition, the talk also covers mitigations and best practices and provides tools to identify these misconfigurations.  The demos used in this session leverage Microsoft Entra ID as the identity provider and Azure as the cloud hosting platform. However, the key takeaways are generic and are applicable to other cloud environments and identity providers.

Key concepts covered in the talk are as follows: 1. Introduction a. Speaker intro b. Overview of federated credentials in Entra ID (Azure AD) & other identity providers 2. Federated Credentials 101 in Entra Id (Azure AD) a. Legitimate use case: i. Federated credentials setup ii. How do workload identities authenticate with federated credentials?

  1. Dangling Issuers in federated credentials a. What causes the dangling issuers in federated credentials?

  2. How can an attacker abuse dangling Issuers? a. Pre-requisites for the attack scenario b. Dangling Issuer domain take over, host OIDC discovery metadata & steps to obtain access tokens c. Use tokens to access resources

  3. How to identify dangling Issuers in federated credentials? a. Provide guidance to identify dangling issuers using Graph APIs

  4. Mitigations & best practices a. How to prevent dangling issuers? b. Tenant level policies to prevent token issuance from untrusted issuers

  5. Future work a. Research on other identity provider Federated Credentials


People:
    SpeakerBio:  Gautam Peri

Gautam Peri is a Senior Security Engineer in EPSF SERPENT (Service Pentest) team at Microsoft. He has over 9 years of experience as a security professional in multiple organizations including Microsoft and Citibank N.A. He started his career as a software developer and became a security professional. Currently, Gautam focuses on securing Azure Edge & Platform and Windows & Devices services at Microsoft. He is passionate about identifying vulnerabilities at scale. Gautam presented a workshop at DEF CON 32 and a speaker at OWASP BASC (Boston Application Security Conference) 2024. Gautam holds CISSP & GCPN certifications, he is committed to continuous learning and development and drives internal knowledge share events.




Unleashing the Cookie Monster: How we removed all the trackers and cookies

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
Creator: Crypto Privacy Village

Cookies, small data files stored on a user’s device by websites they visit, are commonly used for various purposes across different functionalities. Developers utilize cookies to maintain session information and personalize content; Marketing teams use cookies to track user behavior and create targeted advertising campaigns; Analytics teams rely on cookies to measure website performance and user engagement.

Cookies and trackers have been in the face of organizations and customers since the announcement of GDPR and similar privacy regulations. Disclosure and user consent for cookies are now required, and everyone has become more aware and thoughtful of trackers. Large companies like Apple and Google are also moving toward deprecating third-party trackers. Eventually, every company and organization will have to address the privacy concerns of cookies and trackers.

We at Sentry started early and chose the hard path to remove all non-essential cookies and trackers from our public-facing sites. This project has been challenging since there are few examples to learn from and resources for this approach are limited. We encountered many unexpected difficulties and a lack of existing solutions that could help or guide us through the process. I want to share our experience, along with the tools we use, so that anyone who wants to do the same doesn’t have to go through all the hassles like we did, and to encourage others to do the same by removing their cookies and trackers too.


People:
    SpeakerBio:  Jeff Hung, Senior Security Engineer at Sentry.io

Jeff Hung, Senior Security Engineer at Sentry.io, experienced in corporate security and specializes in clicking the correct buttons in various security tools. Hosted the first Mandarin Cybersecurity podcast InfosecDecompress.




Unnamed Talk at Quantum Village

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-206 (Quantum Village)
When:  Friday, Aug 8, 11:00 – 11:45 PDT

Creator: Quantum Village

People:
    SpeakerBio:  Michele Reilly
No BIO available



Unpacking Go Malware: Challenges, EDR Blind Spots, and Real-World Cases (ESP)

Creator Talk Map Page – LVCC West-Level 2-W220-W221 (La Villa Community)-Main Track
When:  Friday, Aug 8, 13:30 – 13:59 PDT

Creator: La Villa

Malware written in Go is becoming more common and more challenging to deal with. Go binaries are large, packed with statically linked code, and structured in ways that confuse traditional reverse engineering tools. The Go runtime introduces additional layers of complexity, making tasks like function identification, string recovery, and behavior tracking harder than usual.x000D x000D EDRs also struggle with Go malware. Unusual binary layouts, obfuscated strings, and non-standard execution flows can lead to missed detections and incomplete telemetry.x000D x000D In this talk, we will break down the key challenges in analyzing Go malware and share tools and techniques that help make sense of it. We will also walk through a recent sample called FrostyGoop, which was used to disrupt heating systems in Ukraine. By examining its structure, behavior, and unique artifacts, we will show how attackers are using Go in real-world campaigns and what defenders can do to catch up.


People:
    SpeakerBio:  Asher Davila, Vulnerability Researcher at Palo Alto Networks

Passionate about binary analysis, binary exploitation, reverse engineering, hardware hacking, retro computing, and music.

SpeakerBio:  Chris Navarrete, Senior Principal Security Researcher – CDSS Advanced Threat Prevention (ATP) at Palo Alto Networks

Chris Navarrete is a Senior Principal Security Researcher within the Advanced Threat Prevention team at Palo Alto Networks. His work centers on cutting-edge research in cybersecurity, particularly in threat detection and malware analysis. Previously, he served as an adjunct professor of computer science at San Jose State University, teaching Software Security Technologies. He holds a Master of Science in software engineering with a specialization in cybersecurity from San Jose State University. Chris has presented at major industry conferences, including Black Hat Asia, the Computer Antivirus Research Organization (CARO), the Cyber Threat Alliance’s Threat Intelligence Practitioners (TIPS) conference, and Black Hat Arsenal, where he introduced and released BLACKPHENIX — a framework designed to automate malware analysis workflows.




Untitled Talk by Elie Burzstein

Creator Talk Map Page – LVCC West-Level 3-W314-W316 (AI Village)
When:  Saturday, Aug 9, 10:30 – 10:59 PDT

Creator: AI Village
Links:
    elie.net/ – https://elie.net/

People:
    SpeakerBio:  Elie Burzstein, Google & DeepMind AI Cybersecurity technical and research lead

Dr. Elie Bursztein is Google & DeepMind AI Cybersecurity technical and research lead. His research focuses on creating novel AI-powered cybersecurity capabilities and ensuring AI remains safe and secure for all. His work is regularly featured in major news outlets, including the Wall Street Journal, CBS, Forbes, Wired, the Huffington Post, and CNN. Elie authored over 60 academic publications for which he has received more than ten best paper awards. He has given dozens of talks at premier industry conferences and received multiple industry awards, including a Black Hat Pwnie award. He is the founder of the Etteilla Foundation, the leading non-profit organization dedicated to preserving and promoting the rich cultural heritage of playing cards and is a tarot history expert. Beret aficionado, Elie tweets at @elie, and performs magic tricks in his spare time. Born and raised in Paris, he received an engineering degree from EPITA and then a Ph.D. from ENS-cachan before completing a postdoc at Stanford University. Elie joined Google in 2011, DeepMind in 2023, and now lives with his wife in Mountain View, California.




Unveiling IoT Vulnerabilities: From Backdoors to Bureaucracy

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Sunday, Aug 10, 11:30 – 11:59 PDT

Creator: IOT Village

IoT devices are ubiquitous, yet their security remains a critical concern. This talk explores over 50 real-world vulnerability cases in the IoT ecosystem, exposing systemic issues such as vendor-embedded backdoors, predictable credentials, and exploitable configuration consoles. We’ll dissect vulnerabilities like CVE-2024-48271 (CVSS 9.8) and CVE-2025-1143, favored by APT groups and scammers, that enable remote code execution and global device control. Drawing from our extensive research, we’ll reveal how even beginners can compromise critical infrastructure like ATMs and water treatment facilities by targeting poorly secured devices. Additionally, we’ll share the frustrating reality of reporting vulnerabilities to manufacturers, CNAs, and CERTs—stories of ignored reports, year-long delays, and denials despite severe risks. Attendees will gain actionable insights into vulnerability discovery, secure development practices, and responsible disclosure, empowering hackers, developers, and manufacturers to strengthen IoT security.


People:
    SpeakerBio:  Kai-Ching “Keniver” Wang, Senior Security Researcher at CHT Security

Kai-Ching Wang (Keniver) is a Senior Security Researcher at CHT Security. He specializes in red team assessments and comprehensive security reviews, with a current focus on hacking IoT devices and cloud-native infrastructure. He has presented his research on the security of cloud-connected IoT camera systems at conferences such as SECCON in Japan and HITCON in Taiwan.

SpeakerBio:  Chiao-Lin “Steven Meow” Yu, Senior Red Team Cyber Threat Researcher at Trend Micro Taiwan

Chiao-Lin Yu (Steven Meow) currently serves as a Senior Red Team Cyber Threat Researcher at Trend Micro Taiwan. He holds numerous professional certifications including OSCE³, OSEP, OSWE, OSED, OSCP, CRTP, CARTP, CESP-ADCS, LPT, CPENT, GCP ACE. Steven has previously presented at events such as HITCON Training 2025, Security BSides Tokyo 2023, and CYBERSEC 2024, 2025. He has disclosed 30+ CVE vulnerabilities in major companies like VMware, D-Link, and Zyxel. His expertise spans Red Team exercises, Web security, IoT security and Meow Meow security.




Unveiling the shadows: Digital Forensics evidence in AI-Driven CyberCrime

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Saturday, Aug 9, 15:10 – 15:40 PDT

Creator: Malware Village

Apple Intelligence, Apple’s latest AI-powered tools is integrated across its devices, is designed to enhance user productivity, privacy, and convenience. However, like any advanced technology, it carries the potential for misuse in the realm of cybercrime. Malicious actors could exploit features such as AI-generated content, personal data summarization, or automated decision-making to craft more convincing phishing attacks, create deepfake audio or messages mimicking trusted contacts, or extract sensitive information from stolen devices more efficiently. Additionally, if vulnerabilities in Apple Intelligence are discovered, attackers could potentially hijack its functionalities for surveillance, data theft, or unauthorized access. This talk covers the digital evidence available to investigators to uncover the malicious use of Apple Intelligence.


People:
    SpeakerBio:  Neumann “scsideath” Lim, COO at World Cyber Health

Neumann Lim has a strong background in cybersecurity and infrastructure management currently leading the Odlum Brown Team. He also has an extensive IR experience at previous companies such as Deloitte Canada, EY, CGI, and ISA. Currently, Neumann is serving in advisory board roles at SANS, EC-Council and other organizations. Neumann’s expertise includes digital forensics, incident response, modernizing infrastructure, infrastructure resilience, site reliability, malware research, pentesting and leadership in information security policies. Outside of corporate life, Neumann is the co-founder of Malware Village, judge and participant of various cyber CTFs. Neumann is often seen speaking or leading workshops at various conferences such as DEFCON, BlueTeamVillage, GrayhatCon, BSides, Toronto CISO Summit, CCTX, HTCIA, IACIS.

SpeakerBio:  Jugal Patel
No BIO available
SpeakerBio:  Stephanie Corvese
No BIO available
SpeakerBio:  Debasis Parida
No BIO available



Up and Down Technique: Exposing Hidden Data from RAG Systems

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Friday, Aug 8, 10:00 – 10:30 PDT

Creator: Bug Bounty Village

Retrieval-Augmented Generation (RAG) systems have revolutionized how LLMs (Large Language Models) access “”additional”” knowledge, powering everything from enterprise chatbots to cutting-edge research tools. However, their architecture, designed to integrate text chunks to give additional context to prompts, also opens the door to innovative data exfiltration techniques.

In this talk, titled “”Up and Down Technique: Exposing Hidden Data from RAG Systems””, Pedro presents a technique he discovered that enables adversaries to systematically extract sensitive information from RAG applications via prompt injection.

During this talk, we’ll deep dive into the internals of RAG systems by analyzing their architecture, embeddings, vector databases, and prompt anatomy. Pedro will demonstrate, using real-world examples, how attackers can exfiltrate data from documents via carefully crafted prompt injections. More importantly, the presentation will provide a set of comprehensive mitigation strategies.

Designed for red teamers, bug bounty hunters, developers, CISOs, and cybersecurity enthusiasts, this talk bridges the gap between theoretical vulnerabilities and practical, actionable defense strategies, equipping security professionals with the knowledge they need to protect modern, AI-powered applications against emerging threats.




Using SELinux and Podman to secure local Model Context Protocol resources

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C210 (Operating Systems Community)
When:  Friday, Aug 8, 10:00 – 10:59 PDT

Creator: Operating Systems Community

People:
    SpeakerBio:  Brian “RedBeard” Harrington, Red Hat Inc.
No BIO available



Using Stardew Valley mods as a C2 and infostealer

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Friday, Aug 8, 13:40 – 13:55 PDT

Creator: Malware Village

How I used the modding API for the video game stardew valley to create a C2 client and infostealer that bypassed defender.


People:
    SpeakerBio:  Gecko
No BIO available



VDP in Aviation – How it shouldn’t be done!

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Friday, Aug 8, 15:00 – 15:30 PDT

Creator: Aerospace Village

Vulnerability Disclosure in Aviation has long been, and continues to be, a very sensitive topic. Whilst large improvements have been made by some in recent years, there are still some corners of the industry who could do much better. Gaffers has experience in both submitting and receiving vulnerability disclosures within the industry and will share some stories highlighting the good, the bad, and the ugly.


People:
    SpeakerBio:  Matt Gaffney, United Airlines
No BIO available



Veilid la revoluçion : Your data is yours to own

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Saturday, Aug 9, 14:30 – 14:59 PDT

Creator: Crypto Privacy Village

We Ain’t came to lose!

At DEFCon 31 Veilid was revealed to the world as a part of the Bovine Resurrection, we generated press coverage worldwide, and managed to drag the window over on how the press talked about digital privacy. Now we come to the Crypto and Privacy Village to spread the good word of the future restored, how we can seize the means of computation, and HOW YOU CAN HELP. We’ll talk about the whys and hows of the Veilid Framework, and what this new combined technology stack means for restoring the future we were promised.

We’ll be covering the fundamentals of Veilid, as well as talking about progress made and the apps that have been released on our framework.


People:
    SpeakerBio:  Paul Miller

Paul Miller is the founder/leader/community organizer of hackers.town, Projekt:ONI (Optimistic Nihilists Inc.) organizer and founder, Hacker, Infosec professional, and is a passionate privacy advocate. Paul has worked to show the ways a centralized internet has harmed our culture and the future. He believes you should always be N00bin’, and that collectively we can restore the promise of the future the internet once offered us.

SpeakerBio:  Katelyn Bowden

Katelyn Bowden is a hacker, activist, and CULT OF THE DEAD COW member, who embraces the human side of hacking and tech. Katelyn has dedicated her life to changing the world for the positive- between her work fighting Non-consensual pornography, and her dedication to educating users on security, she is dedicated to making the internet a safer place for everyone. Her alignment is chaotic good, with a hard emphasis on the chaos. She also creates strange furby art and has over 60 dead things on display in her house.




Vibe Coding: Security Crisis or Opportunity

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C206 (OWASP Community)
When:  Sunday, Aug 10, 11:00 – 11:59 PDT

Creator: OWASP Community

In the space of months, we have seen AI move from a chat bot which writes funny limericks to an integral part of a developers workflow. AI coding assistants are now building entire apps and features as well as performing multi-repo refactoring, all whilst using MCP to interact with many other services.

In this round-table aimed at practitioners and developers, let’s discuss how you have seen this in your own environments and how you have been able to both overcome the security challenges but also take advantage of capabilities which were not previously available.


People:
    SpeakerBio:  Josh Grossman, Bounce Security at OWASP

Josh Grossman has worked as a consultant in IT and Application Security and Risk for 15 years now, as well as a Software Developer. This has given him an in-depth understanding of how to manage the balance between business needs, developer needs and security needs which goes into a successful software security programme.

Josh is currently CTO for Bounce Security where he helps clients improve and get better value from their application security processes and provides specialist application security advice. His consultancy work has led him to work, speak and deliver training both locally and worldwide including privately for ISACA and Manicode and publicly for OWASP’s Global AppSec conferences, NDC Security and Black Hat.

In his spare time, he co-leads the OWASP Application Security Verification Standard project and is on the OWASP Israel chapter board and the OWASP Events Committee. In 2025, OWASP recognised his contributions with a Distinguished Lifetime Membership award.




Vibe School: Making dumb devices smart with AI

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Friday, Aug 8, 17:30 – 17:59 PDT

Creator: IOT Village

Smart home technology often comes with a hefty price tag, particularly for specialized devices like weather stations. So instead I did it myself, instead of buying an expensive ‘smart’ device, I integrated a conventional weather station into Home Assistant. With AI-powered assistance and “vibe coding” approach, even complex devices can be made smart. From sniffing device communications to getting Gemini to generate C++. With modern AI tools, empowering your existing “dumb” devices is more accessible and achievable than ever before, opening up a world of custom smart solutions without breaking the bank.


People:
    SpeakerBio:  Katie “InsiderPhD” Paxton-Fear, Principal Security Researcher at Traceable by Harness

Dr Katie Paxton-Fear is an API security expert and a Security Advocate at Semgrep, in her words: she used to make applications and now she breaks them. A former API developer turned API hacker. She has found vulnerabilities in organizations ranging from the Department of Defense to Verizon, with simple API vulnerabilities. Dr Katie has been a featured expert in the Wall Street Journal, BBC News, ZDNet, The Daily Swig and more. As she shares some of the easy way hackers can exploit APIs and how they get away without a security alert! Dr Katie regularly delivers security training, security research, to some of the largest brands worldwide. She combines easy-to-understand explanations with key technical details that turn security into something everyone can get.




Voices from the Frontlines: Managing Bug Bounties at Scale

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 5) W229
When:  Friday, Aug 8, 12:00 – 12:59 PDT

Creator: Bug Bounty Village

Bug bounty programs have become a cornerstone of modern security strategy, but managing them at scale is anything but simple. In this panel, leaders from some of the world’s largest and most mature bug bounty programs, including Amazon, PayPal, AWS, Shopify, and Splunk, will share hard-won insights from the frontlines.

We will explore the nuances of triage, researcher relationships, reward strategies, internal buy-in, legal hurdles, and responsible scaling. Panelists will also discuss how bug bounty culture is shifting, what is working (and what is not), and how they are evolving their programs to meet today’s threat landscape.

Whether you are running a bounty program, hacking in one, or simply curious about what happens behind the scenes, this candid discussion will surface lessons, real-world experiences, and future-focused perspectives from those who lead these programs every day.


People:
    SpeakerBio:  Gabriel Nitu, Splunk

Splunk Offensive Security Engineer with over 9 years of experience poking holes in things (responsibly, of course) and helping others sleep at night (sometimes). Whether it’s finding flaws in a product before the bad guys sniff them out, leading incident response like a firefighter, or scaling bug bounty programs, Gabriel brings a mix of curiosity, chaos, and calm.

SpeakerBio:  Jay Dancer, Shopify
No BIO available
SpeakerBio:  Tyson Laa Deng, Paypal
No BIO available
SpeakerBio:  Ryan Nolette, Amazon / AWS
No BIO available
SpeakerBio:  Goraksh Shinde, Amazon / AWS
No BIO available
SpeakerBio:  Jill “thejillboss” Moné-Corallo

Jill “thejillboss” Moné-Corallo is currently the Bug Bounty Leader at Shopify. Prior to Shopify, she led the Bug Bounty and Product Security Incident Response teams at GitHub and was a Senior Product Security Engineer at Apple. She graduated from Mercy University with a B.S. in Cybersecurity. She is passionate about the response functions of security—where communication, empathy, and technical rigor intersect. She is also a founder of Glass Firewalls, a conference dedicated to “breaking bytes and barriers” for women to participate in bug bounty programs




Voices of the Industry: A Fireside Chat with Payment Leaders

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-505 (Payment Village)
When:  Saturday, Aug 9, 14:00 – 14:45 PDT

Creator: Payment Village

People:
    SpeakerBio:  Leigh-Anne Galloway
No BIO available
SpeakerBio:  Giustina Kent, Visa
No BIO available
SpeakerBio:  Daniel Cuthbert
No BIO available



VRP @ Google — a look inside a large self-hosted VRP

Creator Talk Map Page – LVCC West-Level 3-W326 (Bug Bounty Village)
When:  Friday, Aug 8, 17:00 – 17:30 PDT

Creator: Bug Bounty Village

This presentation will share the unique, and sometimes unusual, aspects of the Google Vulnerability Rewards Program (VRP), Google’s self-hosted bug bounty program. We’ll begin by taking a closer look at a bug rewarded by the VRP, in particular how an external researcher discovered & escalated the bug with the help of Google security engineers, demonstrating how the Google VRP operates and in which ways the Google VRP is slightly different than most other bug bounty programs. In the course of this presentation, we will also cover aspects such as the Google VRP’s reward philosophy, its policies around vulnerability transparency, details of our triage process, and more! This talk will provide multiple actionable takeaways for you to consider for your own bug bounty program.


People:
    SpeakerBio:  Sam “erbbysam” Erb, Security Engineer at Google

Sam is a security engineer @ Google and helps run the Google & Alphabet VRP. In the past, Sam has won two DEF CON Black Badges and numerous live hacking event awards including an MVH trophy. Sam has submitted hundreds of bug bounty reports and triaged thousands of your reports.




Wap Droper Case Study

Creator Talk Map Page – LVCC West-Level 2-W224 (Telecom Village)
When:  Saturday, Aug 9, 12:45 – 13:10 PDT

Creator: Telecom Village

The session is a case study about how the WAPDropper Android malware abuses premium telecom calling services. It explains how a user unknowingly installs the malware and then gets billed without their consent. The session also demonstrates how a legitimate-looking application can be used to exploit WAP billing mechanisms.


People:
    SpeakerBio:  Ravi Rajput
No BIO available



Warflying in a Cessna – Part II – Upping Our Game

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-803 (Radio Frequency Village)
When:  Saturday, Aug 9, 12:00 – 12:25 PDT

Creator: Radio Frequency Village

Last year, we introduced the Warflying project – collecting information about wireless access points from a small airplane. This presentation will share our ongoing research, including things we have learned about the sniffing process and the impact of improved equipment, along with enhanced data analysis and visualizations to continue attempting to answer questions like “How many access points can you actually pick up from an airplane?”, “Is warflying better than wardriving or warbiking or warwarlking or warswimming?”, “Should I run WiGLE on my phone during my airline flight?”, “Are the airplanes flying overhead monitoring my WiFi?”, and “Why are you even doing this?”


People:
    SpeakerBio:  Matthew Thomassen

Matthew Thomassen has been doing computer security since before it was cool and is currently a Security Architect in a financial organization, with previous experience in the consumer healthcare and automotive sectors, which afforded him the opportunity to help with random things in the early days of the Car Hacking Village. He is a certified Commercial Pilot with Multiengine and Instrument ratings, as well as an Airframe & Powerplant Mechanic. He is also an Extra Class Amateur Radio operator and has an MBA, though he tries not to live and die by Excel spreadsheets.

SpeakerBio:  Sean McKeever

Sean McKeever is a Senior Security Researcher, specializing in automotive/mobility security, and embedded systems reverse engineering. Previously he worked as a Cybersecurity Architect at global automotive OEM where he secured advanced transportation mobility platforms and served as the company’s Bug Bounty Program Manager. Outside of Sean’s employment, he co-founded the Detroit chapter of the Automotive Security Research Group (ASRG), developed the RoboCar Platform, and has contributed to Car Hacking Village CTFs for DEFCON and GRRCon, and the general CTFs for Converge and BSides Detroit.




We Know What You Did (in Azure) Last Summer

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Friday, Aug 8, 10:10 – 10:50 PDT

Creator: Cloud Village

How much do you trust your cloud provider to hide the ownership information for your resources? Many organizations believe that their ownership information for cloud hosted resources is not available to anonymous users. Unless there’s an associated DNS record or other obvious identifiers (website content, SSL certificates, etc.), it might seem difficult to anonymously identify a cloud resource’s owner. What if we told you that some of your Azure resources can expose their ownership information? This talk will explain how multiple Azure resource types (and Microsoft services) inadvertently expose their ownership information, allowing attackers to enumerate potential entry points into an Azure tenant. Thanks to the supporting structure of Azure resource subdomains, and public DNS data sources, we enumerated the ownership information of over 500,000 Azure resources. We will wrap things up by sharing a new tool (ATEAM – Azure Tenant Enumeration and Attribution Module) that can be used to replicate our research, so you too can find out where all of your Azure resources have been hiding.


People:
    SpeakerBio:  Karl Fosaaen

As a VP of Research, Karl is part of a team developing new services and product offerings at NetSPI. Karl previously oversaw the Cloud Penetration Testing service lines at NetSPI and is one of the founding members of NetSPI’s Portland, OR team. Karl has a Bachelors of Computer Science from the University of Minnesota and has been in the security consulting industry for over 15 years. Karl spends most of his research time focusing on Azure security and contributing to the NetSPI blog. As part of this research, Karl created the MicroBurst toolkit to house many of the PowerShell tools that he uses for testing Azure. In 2021, Karl co-authored the book “Penetration Testing Azure for Ethical Hackers” with David Okeyode.

SpeakerBio:  Thomas Elling

Thomas Elling is the Director of Azure Cloud Pentesting and a security researcher at NetSPI. He specializes in web application and cloud security testing. He has advised multiple Fortune 500 companies in the technology sector. In his spare time, Thomas enjoys improving his coding skills, watching bad action movies, and hanging out with his dog, Chunks.




Weaponizing SageMaker AI: Real-World Offense in Machine Learning Platforms

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Saturday, Aug 9, 11:10 – 11:50 PDT

Creator: Cloud Village

Get ready for a live demo of full-blown cloud compromise – starting from an innocent-looking SageMaker AI notebook and ending in complete AWS account takeover. Using nothing more than the default SageMaker AI setup granted to data scientists, this session showcases how attackers can chain together misconfigurations across IAM, SecretsManager, ECR, and network layers to take control of the environment from the inside out. But that’s just the beginning.

This talk also features the exclusive release of a new open source tool- the first offensive framework built to simulate and execute post-exploitation in SageMaker AI environments. Red teams can weaponize it. Defenders can validate exposures. Either way, it shines a spotlight on one of the cloud’s most overlooked attack surfaces: managed AI infrastructure.

Drawing on real-world experience from offensive operations against cloud environments around the world – including enterprise and nation-level targets – this session breaks down how AI services like SageMaker AI are quietly becoming powerful post-exploitation platforms. SageMaker AI was designed to train models, not attackers – but with its comfort-first design, permissive defaults, and excessive trust relationships, it quietly offers everything needed for stealthy lateral movement and infrastructure-wide compromise.

This talk is for red teamers, defenders, and anyone building or securing ML workloads in the cloud. Expect real attack chains, real tools, and a view into how attackers are targeting AI infrastructure in the wild – and why most environments aren’t ready for it.


People:
    SpeakerBio:  Shani Peled

Shani Peled is a Senior Cloud Security Researcher at SentinelOne. She began her career in the Israeli Intelligence Corps, where she served as the only female hacker on her cyber defense team. After two years defending critical infrastructure, she transitioned into offensive security, spending four years as a red teamer targeting enterprise environments around the world — including multiple Fortune 500, Fortune 100, and Fortune 50 companies. Today, she brings that offensive mindset to cloud and AI research, focusing on exposing real-world threats in modern cloud infrastructure.




Weaponizing SSM: Practical Exploits and Hardening Techniques for AWS.

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Sunday, Aug 10, 12:15 – 12:55 PDT

Creator: Cloud Village

AWS Systems Manager (SSM) is a powerful service for managing and automating your AWS and hybrid infrastructure. However, its very flexibility can be weaponized by attackers seeking to gain unauthorized access, execute malicious code, establish persistence, and disrupt operations. This talk demonstrates the practical malicious use of various SSM features, revealing how attackers can abuse benign functionalities.

We will dissect distinct attack vectors targeting SSM capabilities. Learn how Run Command can be leveraged for remote code execution at scale, turning your management tool into an attacker’s playground. We’ll explore the alarming potential of the SSM Agent being exploited as a persistent Remote Access Trojan (RAT), enabling stealthy cross-account control. Discover the risks lurking within publicly shared SSM Documents, exposing sensitive information to unintended eyes.

The session will further illuminate how Parameter Store, designed for secure configuration management, can be poisoned to compromise application logic and secrets. Understand how State Manager, intended for maintaining consistent configurations, can be twisted to establish persistent malicious states. We will also dissect the abuse of Session Manager for unauthorized interactive shell access, bypassing traditional network security controls and boundaries. The often-overlooked Patch Manager will be examined for its potential to disrupt patching cycles or, in specific scenarios, introduce malicious changes. Finally, we will explore how Distributor, a tool for software deployment, can be exploited to introduce and maintain a foothold of malicious packages across your fleet.

Crucially, this talk goes beyond simply identifying vulnerabilities. We will provide concrete and actionable hardening techniques and mitigation strategies for each abuse vector. Learn how to implement the principle of least privilege across SSM IAM permissions, establish robust monitoring and alerting mechanisms, and implement secure configuration practices for the Parameter Store and State Manager.

Attendees will understand the often-underestimated security risks associated with AWS SSM and acquire practical knowledge to fortify their AWS environments against these potential exploits. This session is essential for security professionals, cloud architects, DevOps engineers, and anyone responsible for the security and operational integrity of AWS infrastructures.

Outline with techniques we are going to present and discuss : 1. Abusing Run Command for Remote Code Execution: 2. Exploiting SSM Agent as a Remote Access Trojan (RAT) 3. Abusing Publicly Shared SSM Documents 4. Leveraging Parameter Store for Configuration Poisoning 5. Abusing State Manager for Persistent Configuration Drift 6. Abusing Session Manager for Unauthorized Interactive Access 7. Exploiting Patch Manager for Inconsistent or Malicious Patching 8. Weaponizing Software Distribution: Abusing AWS SSM Distributor


People:
    SpeakerBio:  Rodrigo Montoro

Rodrigo Montoro has more than 25 years of experience in Information Technology and Computer Security. Most of his career worked with open source security software (firewalls, IDS, IPS, HIDS, log management, endpoint monitoring), incident detection & response, and Cloud Security. Currently, he is Director of Research at Clavis Security. Before that, he worked as Cloud Researcher at Tenchi Security, Head of Research and Development at Apura Cyber Intelligence, SOC/Researcher at Tempest Security, Senior Security Administrator at Sucuri, Researcher at Spiderlabs. Author of 2 patented technologies involving innovation in the detection field. One is related to discovering malicious digital documents. The second one is in how to analyze malicious HTTP traffic. Rodrigo has spoken at several opensource and security conferences (DEFCON Workshops, DEFCON Cloud Village, OWASP AppSec, SANS (DFIR, SIEM Summit & CloudSecNext), Toorcon (USA), H2HC (São Paulo and Mexico), SecTor (Canada), CNASI, SOURCE, ZonCon (Amazon Internal Conference), Blackhat Brazil, DEFCON Workshop, BSidesLV




Welcome / Badge & Swag Pick Up

Creator Talk Map Page – LVCC West-Level 2-W230 (DC NextGen)
When:  Friday, Aug 8, 10:30 – 11:30 PDT

Creator: DC NextGen

(DCNextGen is for youth 8-18 attending DEF CON) Come pick up your DCNextGen badge and swag! Get a preview of all the upcoming activities and adventures. We’ll also show you how to use your new badge in order to participate in all of our cool challenges!


People:
    SpeakerBio:  BiaSciLab, CEO at Girls Who Hack

Bianca ‘BiaSciLab’ Lewis is an 18 year old hacker that has been working in cyber security since the age of 11. She started her journey by hacking a mock election reporting system at Defcon at the age of 12 gaining national attention leading her to attend a congressional hearing on election security. Since then Bianca has become an international speaker discussing election security, Social Media Psyops, psychological warfare, women in tech, and other various cyber security topics at DEF CON, Black Hat, Defcamp and numerous other conferences including H.O.P.E. where she was the youngest ever to speak. Seeing the lack of young girls in the cyber space, she also started Girls Who Hack, her non-profit with the mission of teaching girls the skills of hacking so that they can change the future. She provides free online and in person classes on the most important topics in cyber security and online safety. Currently BiaSciLab is a key member of The Hacking Games working as the lead of their youth advisory and influence board “C.Y.B.E.R.” that exists to support The Hacking Games mission to guide the next generation with a passion for hacking onto pathways that drive positive change in the world.

SpeakerBio:  Bradan Lane
No BIO available
SpeakerBio:  HEAV

DCNextGen GOON, DC610 Admin




Welcome to the Symposium/Introductions

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Friday, Aug 8, 10:00 – 10:15 PDT

Creator: Voting Village

Introduction to the Voting Village and the Symposium

Links:
    votingvillage.org – https://votingvillage.org

People:
    SpeakerBio:  Matt Blaze, Georgetown University; Chairman, Election Integrity Foundation

Matt Blaze is the McDevitt Chair of Computer Science and Law at Georgetown University, where his research focuses on problems at the intersection of technology, public policy, and law. Prior to joining Georgetown, he was a professor of computer science at the University of Pennsylvania, and prior to that, a founding member of the Secure Systems Research Department at AT&T Bell Labs. He holds a PhD in computer science from Princeton, an MS from Columbia, and a BS from the City University of New York. Blaze’s scholarship and practical work in high-integrity voting and elections technology dates back more than 25 years. He led teams that examined source code for security vulnerabilities on behalf of the states of California and Ohio for the Top-to-Bottom Review and EVEREST studies. He has testified on election security and other topics before the US Congress over a dozen times, served on various federal and state advisory boards, and has published numerous scholarly research papers on elections and related subjects. He is a founding member of the DEFCON Voting Village, and currently serves as board chair of the Election Integrity Foundation.

SpeakerBio:  David Jefferson, Lawrence Livermore National Laboratory (retired), Election Integrity Foundation, Dr
No BIO available
SpeakerBio:  Catherine Terranova
No BIO available
SpeakerBio:  Susan Greenhalgh, Free Speech For People

Susan Greenhalgh is the Senior Advisor on Election Security for Free Speech For People. Ms. Greenhalgh has previously served as vice president of programs at Verified Voting and at the National Election Defense Coalition, advocating for secure election protocols, paper ballot voting systems and post-election audits. Recognized as an expert on election security, she has been invited to testify before the U.S. Commission on Civil Rights and has been an invited speaker at meetings of the MITRE Corporation, the National Conference of State Legislatures, the Mid-West Election Officials Conference, the International Association of Government Officials, the Election Verification Network and the E-Vote-ID conference in Bregenz, Austria. She is a frequent source for reporters from TheNew York Times, The Washington Post, The Wall Street Journal, Politico, USAToday, Associated Press, National Public Radio and other leading news outlets. She has appeared on CNN and MSNBC’s The Rachel Maddow Show, and various other television news shows. She has a BA in Chemistry from the University of Vermont.




What Game Hackers teach us about Offensive Security and Red Teaming

Creator Talk Map Page – LVCC West-Level 2-W233 (Creator Stage 1)
When:  Saturday, Aug 9, 13:00 – 13:45 PDT

Creator: GameHacking.GG

Game cheats and malware share the same stealthy DNA – this talk breaks down how. We’ll explore cheat loaders and draw parallels between anti-cheat countermeasures and enterprise EDR techniques.


People:
    SpeakerBio:  Joe “Juno” Aurelio, Security Researcher

Joe Aurelio is a distinguished security researcher with over a decade of hands-on experience in vulnerability research, reverse engineering, and mobile security. He currently leads teams of researchers in the private sector securing large-scale technology platforms. His expertise spans both the private and defense sectors, with a track record of uncovering critical security vulnerabilities in mobile applications and complex infrastructure affecting millions of users. In addition to his work in traditional security domains, he channels his passion for cybersecurity education with a unique interest in exploring game hacking techniques. He is a lead of the Game Hacking Village, where he teaches security by turning game hacks into ethical and engaging educational tools. Joe has a broad background in security, underscored by the highly respected OSCP certification and a Master’s degree in computer science.




What is Dead May Never Die: The Immortality of SDK Bugs

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 2) W232
When:  Friday, Aug 8, 13:00 – 13:45 PDT

Creator: IOT Village

Any chip of sufficient complexity needs one thing if they want to actually get used in devices – a Software Development Kit (SDK). This collection of binaries, proprietary services, and code samples allows board designers to quickly and easily incorporate an otherwise complex chip into their existing environments. However, once this code is bundled into various product lines from various vendors, it becomes nearly impossible to make sure it gets updated with new versions. What happens if a vulnerability is discovered? Suddenly, hundreds of thousands of devices all from different vendors spanning years of releases are all affected by the same bug and it turns into a perpetual game of whack-a-mole trying to get them all patched. And botnet authors are definitely paying attention. In this talk, we will discuss the attack surfaces present in the SDKs from some major chipset manufacturers, talk about some exploits (both old-day and 0-day), and try to figure out what can be done to cleanse the internet of the zombie SDK vuln plague.


People:
    SpeakerBio:  Richard “HeadlessZeke” Lawshae, Principal Security Researcher at Keysight Technologies

Ricky “HeadlessZeke” Lawshae is a Principal Security Researcher for Keysight Technologies. He has been hunting vulnerabilities in IoT devices for the past 15 years or so and has discovered and disclosed dozen of vulnerabilities in products from HID Global, Crestron, Meta, Mazda, Realtek, and more. His work has been featured in Wired, Forbes, Hackaday, and the CISA KEV list. He is based out of beautiful Austin, TX (AHA! represent)




What’s new in amateur radio digital modes?

Creator Talk Map Page – LVCC West-Level 3-W320 (Ham Radio Village)
When:  Saturday, Aug 9, 12:00 – 12:30 PDT

Creator: Ham Radio Village

This beginner-friendly presentation introduces amateur radio operators and enthusiasts to popular digital modes, highlighting recent advances and innovations. Attendees will learn the basics of well-known digital modes such as APRS, FT8, FT4, and JS8Call, and discover new and emerging technologies, including FreeDV’s RADE and the open-source M17 protocol. The session emphasizes accessible and affordable equipment and software solutions, ensuring that both new and returning participants leave with fresh insights and practical guidance for exploring digital amateur radio.

Digital modes continue to transform amateur radio, offering efficient communication methods and exciting new possibilities. This updated introductory presentation for amateur radio operators and hobbyists covers essential digital modes commonly used across HF, VHF, and UHF bands, providing foundational knowledge and recent developments.

Participants will:

  • Explore Automatic Packet Reporting System (APRS), now enhanced by innovative LoRa technology, modern mapping interfaces, and new portable hardware options.
  • Get an overview of WSJT-X modes, especially FT8 and FT4, which remain favorites for weak-signal digital communication, along with recent enhancements in usability and contesting.
  • Learn about JS8Call, a conversational data mode built on FT8 technology, and WSPR, an automated beacon mode ideal for propagation study.
  • Be introduced to cutting-edge digital voice modes such as FreeDV’s RADE, which utilizes machine learning to significantly improve HF voice quality, and the M17 digital voice protocol, an open-source, community-driven alternative to DMR and D-STAR.
  • Discover accessible, beginner-friendly hardware solutions, including low-cost HF QRP digital rigs, integrated sound card interfaces, and mobile/portable digital operation setups.

This presentation is designed to appeal to newcomers, while offering valuable updates and fresh content for returning attendees.


People:
    SpeakerBio:  Jon “K4CHN” Marler

Jon is the Cybersecurity Evangelist at VikingCloud with a true passion for information security. Jon is an amateur radio operator, lockpicker, phreaker, repairer of all things, and maker. As a result of his long-standing commitment to open source software, Jon has offered his expertise as a package manager for the Debian GNU/Linux OS distribution since 1998.




What’s Really in the Box? The Case for Hardware Provenance and HBOMs

Creator Talk Map Page – LVCC West-Level 2-W228-W229-(Creator Stage 4) W228
When:  Saturday, Aug 9, 12:00 – 12:30 PDT

Creator: IOT Village

As software supply chains embrace transparency through SBOMs, hardware remains a black box. Yet the chips inside our IoT devices carry just as much — if not more — risk. From cloned components to opaque fabs, the semiconductor supply chain is fast becoming a national security flashpoint. Governments are scrambling to respond with blunt tools like bans and onshoring, but these approaches are slow, costly, and often impractical. Traditional BOMs focus on procurement and production — what gets bought and assembled — but they rarely capture origin, integrity, or risk context. They weren’t built to expose inter-organizational dependencies or detect supply chain manipulation. Enter the HBOM Initiative — a new effort to bring visibility, traceability, and accountability to the hardware supply chain. By developing tools and practices for a hardware bill of materials (HBOM), we aim to expose hidden risks, trace chip provenance, and empower sectors to make smarter, risk-informed decisions without sacrificing adaptability or innovation. This talk will explore why HBOMs are inevitable, what makes them hard, and how the hacker and security community can help shape the future of hardware trust.


People:
    SpeakerBio:  Allan Friedman, Adjunct Professor of Informatics at the Luddy School of Informatics, Computing, and Engineering at Indiana University

Dr. Allan Friedman is internationally recognized for leading the global Software Bill of Materials (SBOM) movement, transforming it from a niche idea into a widely adopted pillar of cybersecurity policy and practice. Over his decade in public service, Friedman held senior roles at the Cybersecurity and Infrastructure Security Agency (CISA) and the National Telecommunications and Information Administration (NTIA), where he built and led groundbreaking efforts on SBOM, coordinated vulnerability disclosure, and IoT security. He has partnered with governments and regulators in Europe and Asia, and continues to advise public- and private-sector organizations on building trust and resilience into the systems that matter most.

Before his time in government, Friedman spent over a decade as a researcher and technologist, holding positions at Harvard University’s Computer Science department, the Brookings Institution, and George Washington University’s Engineering School.




When boot vectors turn into attack vectors: Overcoming RP2350’s secure boot chain with fault injection

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-401 (Embedded Systems Village)
When:  Friday, Aug 8, 11:00 – 11:30 PDT
Saturday, Aug 9, 11:00 – 11:30 PDT

Creator: Embedded Systems Village

The RP2350 hacking challenge, released last year at Defcon, led to multiple exciting attacks against the RP2350’s bootloader.  This session will provide a technical deep dive into one of these attacks: Forcing an unverified vector boot via voltage fault injection. Equipped with an RP2350 security playground board, we will provide a run-down of the discovery process and experimentally verify different building blocks leading up to the attack.


People:
    SpeakerBio:  Marius Muench

Marius Muench is an assistant professor at the University of Birmingham. His research interests cover (in-)security of embedded systems, binary & microarchitectural exploitation, and defenses. He obtained his PhD from Sorbonne University in cooperation with EURECOM and worked as a postdoctoral researcher at the Vrije Universiteit Amsterdam. He developed and maintains avatar2, a framework for analyzing embedded systems firmware, and FirmWire, an emulation and fuzzing platform for cellular basebands. Throughout his career, Marius publicly shared his findings and presented at venues such as Black Hat, Reverse.io, REcon, and Hardwear.io.




When Insiders Become the Threat: Details on the Past and Ongoing Multistate Plot by Trump Allies to Obtain Proprietary Voting Software and How it Impacts Election Security

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Friday, Aug 8, 11:30 – 12:30 PDT

Creator: Voting Village

Recent news accounts have reported that representatives of the Trump administration are seeking extralegal access to voting equipment. This latest effort mirrors a multi-state scheme, carried out from 2020-2022, by allies of Donald Trump that successfully accessed voting machines in Colorado, Georgia, Michigan, and Pennsylvania and obtained copies of the voting system software. This discussion will outline what is known about multistate plot, what we know (and don’t know) about the status and the purloined software, and what this could mean for elections in the future.


People:
    SpeakerBio:  Jessica Burbank, DropSite News
No BIO available
SpeakerBio:  Susan Greenhalgh, Free Speech For People

Susan Greenhalgh is the Senior Advisor on Election Security for Free Speech For People. Ms. Greenhalgh has previously served as vice president of programs at Verified Voting and at the National Election Defense Coalition, advocating for secure election protocols, paper ballot voting systems and post-election audits. Recognized as an expert on election security, she has been invited to testify before the U.S. Commission on Civil Rights and has been an invited speaker at meetings of the MITRE Corporation, the National Conference of State Legislatures, the Mid-West Election Officials Conference, the International Association of Government Officials, the Election Verification Network and the E-Vote-ID conference in Bregenz, Austria. She is a frequent source for reporters from TheNew York Times, The Washington Post, The Wall Street Journal, Politico, USAToday, Associated Press, National Public Radio and other leading news outlets. She has appeared on CNN and MSNBC’s The Rachel Maddow Show, and various other television news shows. She has a BA in Chemistry from the University of Vermont.

SpeakerBio:  Marilyn Marks, Coalition for Good Governance
No BIO available



When the Paper Trail Leads Nowhere, by Design; the Los Angeles County VSAP Voting System

Creator Talk Map Page – LVCC West-Level 2-W222-W223 (Voting Village Talks ) W222
When:  Saturday, Aug 9, 11:00 – 11:30 PDT

Creator: Voting Village

In the March 2020 ‘Super Tuesday’ Primary Election, LA County debuted its brand new, $300 million, bespoke, Smartmatic-contracted VSAP (Voting Solutions for All People) voting system. Before the night was over, the Bernie Sanders presidential campaign had already filed suit (due to multiple technology failures resulting in hours-long lines). That election night proved to be illustrative of the myriad problems with VSAP, including numerous security vulnerabilities. These were compounded by the failure to fulfill a much-ballyhooed commitment by the County to disclose the source code. Perhaps the most significant failing was only revealed weeks later after the machine count had finally been completed. A knife’s edge result in LA County’s second largest city, Long Beach, for a local ballot measure, led to a voter-requested recount and an eye-opening odyssey for a local government accountability grassroots organization. Ian Patton will discuss that journey in pursuit of a simple and accurate local election result.

Links:
    lbreformcoalition.org – https://lbreformcoalition.org

People:
    SpeakerBio:  Ian Patton, Long Beach Reform Coalition

Ian Patton is the co-founder and volunteer executive director of the Long Beach Reform Coalition. He earned a bachelor’s degree from the University of California, Berkeley in 2002. His career experience includes working in real estate.




Whitehats Secret Weapon: OWASP

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C206 (OWASP Community)
When:  Friday, Aug 8, 10:30 – 10:59 PDT

Creator: OWASP Community

Discover your path to becoming a security engineer with Josh Grossman, Distinguished Lifetime Member & Project Leader for ASVS, and explore OWASP in this lightning session.


People:
    SpeakerBio:  Josh Grossman, Bounce Security at OWASP

Josh Grossman has worked as a consultant in IT and Application Security and Risk for 15 years now, as well as a Software Developer. This has given him an in-depth understanding of how to manage the balance between business needs, developer needs and security needs which goes into a successful software security programme.

Josh is currently CTO for Bounce Security where he helps clients improve and get better value from their application security processes and provides specialist application security advice. His consultancy work has led him to work, speak and deliver training both locally and worldwide including privately for ISACA and Manicode and publicly for OWASP’s Global AppSec conferences, NDC Security and Black Hat.

In his spare time, he co-leads the OWASP Application Security Verification Standard project and is on the OWASP Israel chapter board and the OWASP Events Committee. In 2025, OWASP recognised his contributions with a Distinguished Lifetime Membership award.




whoAMI: Discovering and exploiting a large-scale AMI name confusion attack

Creator Talk Map Page – LVCC West-Level 3-W311 (Cloud Village Talks)
When:  Saturday, Aug 9, 15:55 – 16:35 PDT

Creator: Cloud Village

It’s not every day you stumble upon a technique that enables remote code execution (RCE) in thousands of AWS accounts at once—but that’s exactly what happened with the whoAMI attack. By researching a known misconfiguration through a new lens, we discovered how to gain access to thousands of AWS accounts that unknowingly use an insecure pattern when retrieving AMI IDs.

By carefully naming a malicious AMI, an attacker can trick vulnerable Terraform code, AWS CLI scripts, and even third-party CI/CD systems into running the wrong AMI. I’ll explain how I uncovered this vulnerability, show proof-of-concept demos, and share how I discovered this vulnerability affected a third party continuous integration platform used by many popular open source projects, and how even some of AWS’s own internal systems were vulnerable to this attack.

If you’ve ever launched an EC2 instance, this talk is for you: learn how cloud image name-confusion attacks can be used by attackers to gain initial access to cloud environments and how you can prevent them.


People:
    SpeakerBio:  Seth Art

Seth Art is currently a Security Researcher & Advocate at Datadog. Prior to joining Datadog, Seth created and led the Cloud Penetration Testing practice at Bishop Fox. He is the author of many open source tools including BadPods, IAMVulnerable, and CloudFoxable, and the co-creator of the popular cloud penetration testing tool, CloudFox.




Women of Queercon

Creator Talk Map Page – LVCC West-Level 3-W325 (Queercon Community)
When:  Saturday, Aug 9, 14:30 – 14:59 PDT

Creator: Queercon Community Lounge

Celebrate and empower queer women, power-houses of the hackersphere. Meet and mingle with peer community!




Work Smarter, Pivot Faster: Threat Intelligence Workflows that Scale

Creator Talk Map Page – LVCC West-Level 2-W213-W218-(Blue Team Village) W214-W215
When:  Saturday, Aug 9, 14:30 – 15:20 PDT

Creator: Blue Team Village (BTV)

In a world flooded with data, how do threat intelligence teams stay focused, effective, and impactful? This panel brings together seasoned cyber threat intelligence (CTI) practitioners to discuss practical workflows that scale. From validating external intelligence and navigating attribution debates to integrating LLMs and purpose-built AI tools, panelists will explore the realities of operationalizing CTI, managing confidence in analysis, and ensuring intelligence drives detection, response, and decision makers. Topics include naming conventions and clustering methodologies, cross-team collaboration models, and what it really takes to make CTI actionable in modern organizations. We’ll also cover emerging threats worth tracking now, from Chinese targeting of edge devices to DPRK-linked remote employment fraud. Whether you’re building a new team or refining a mature program, this discussion will offer actionable insight and hard-won lessons for working smarter and pivoting faster.


People:
    SpeakerBio:  Audra Streetman

Audra Streetman is a member of Splunk’s global security team and a former contributor to the SURGe research group. She began her career as a journalist, reporting for local TV stations across the U.S., before transitioning into cybersecurity. Audra has shared her career journey at conferences hosted by WiCyS, RSAC, and SANS. As co-host of The Security Detail podcast and editor of Bluenomicon: A Network Defender’s Compendium, she is passionate about making complex security topics accessible and engaging. In 2025, she was honored as a SIA WISF Power 100 recipient and nominated as “Most Inspiring Up & Comer” in the CyberScoop 50 awards.

SpeakerBio:  Coleman Kane

Coleman is a Principal Security Engineer for Microsoft Security’s AI Research team, helping to build AI tools and capabilities to solve security problems.

Coleman has 15+ years of experience in cybersecurity. He worked for 12 years in the DIB at GE Aviation in roles as a malware analyst, cyber threat intelligence analyst, CTI program manager, and principal technologist in cybersecurity for the company. Over the course of those roles he worked with industry and government partners to track nation-state and other criminal adversaries, built analysis tools and platforms to push the organization forward. Later, Coleman worked in the security vendor space for Attack Surface Management (ASM) and Managed Detection and Response (MDR) service providers, before coming to Microsoft.

While working at GE Aviation, Coleman also advised the University of Cincinnati on its NSA Certified Center of Academic Excellence in Cyber Operations (CAE-CO) program. As part of this collaboration, Coleman taught a graduate-level Malware Analysis and Reverse Engineering course for multiple years as an adjunct professor in the Computer Science department at UC, to contribute industry expertise to the program. The course materials are available for free online.

SpeakerBio:  Kurt Hoffman
No BIO available
SpeakerBio:  Silas Cutler, Principal Security Researcher at Censys

Silas Cutler is a Principal Security Researcher at Censys, where he brings over a decade of specialized experience in tracking organized cyber threat groups and developing advanced pursuit methodologies. Throughout his distinguished career, Silas has held leadership positions at premier cybersecurity organizations, including roles as Resident Hacker for Stairwell, Reverse Engineering Lead for Google Chronicle, and Senior Security Researcher on CrowdStrike’s Intelligence team.

Since 2021, he has played an instrumental role in advancing the Ransomware Task Force’s initiatives and as an adjunct supporting the Institute of Technology, fostering critical collaboration between public and private sectors in combating ransomware threats.

Silas is also the founder and lead developer of MalShare, a pioneering public malware repository that has supported the global security research community since 2013.




You Can Mix but You Can’t Hide: Uncovering Node Behaviors in Nym Network

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-403 (Crypto Privacy Village)
When:  Sunday, Aug 10, 11:00 – 11:30 PDT

Creator: Crypto Privacy Village

As surveillance becomes the norm, the development of privacy enhancing technologies is crucial in protecting individuals’ data. In this presentation, I will talk about Nym, a mixnet focused on protecting the metadata during end-to-end communication. I will go over how Nym works, what core features it uses, its tokenomics system, and patterns in node behaviors that I found from scraping all existing nodes’ data from the network explorer for 30 days.


People:
    SpeakerBio:  Alexis Cao

Alexis graduated from Johns Hopkins University with a Bachelor of Science degree in Computer Science this May. She is passionate about privacy technologies, and she has been doing research on mixnets. In the past, she has volunteered at Physical Security Village, Red Team Village, and AppSec Village at DEFCON. In her free time, she loves doing jiujitsu and she is a blue belt.




You Might Be A Wardriver If…

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 2-803 (Radio Frequency Village)
When:  Saturday, Aug 9, 16:30 – 16:55 PDT

Creator: Radio Frequency Village

A collection of images and quips that are related to the topic of being a wardriver. Images are SFW and culled from social media and other sources within the community. Presentation heavily relies on MrBill’s rapier wit and CoD_Segfault’s unmatched technical abilities to provide a narration of this curated collection.


People:
    SpeakerBio:  MrBill, Founder at Hard Hat Brigade

MrBill started Wardriving in 2003 after attending DC11 and started contributing to Wigle in 2007. He took a break for about a decade (kids) and started up again in 2017 in earnest, and later founded the HardHatBrigade WiGLE group. He passed D4rkM4tter in the global rankings around 2022 and continues to trail @CoD_Segfault in their race to 1 Million WiGLE points. He is often seen at security conferences with a hard hat, mostly with some sort of wardriving functionality. Join him and the rest of the HHB crew in the 24 Hour wardriving event in October.

SpeakerBio:  CoD_Segfault, Organizer at Hard Hat Brigade

CoD_Segfault first went wardriving around 2004, but really kicked up the game in 2021 when joining HardHatBrigade on WiGLE. By 2023, his focus shifted to smaller and more portable wardriving solutions suitable for walking and bike riding. Notable works include ultra small ESP32 wardrivers based on the wardriver.uk project and creation of the BW16-Open-AT project to improve network identification and remove reliance on the closed-source AT firmware.




Your Cyber Career

Creator Talk Map Page – LVCC West-Level 2-W204 (Noob Community)
When:  Sunday, Aug 10, 11:00 – 11:59 PDT

Creator: Noob Community

Getting started, Finding Roles, Interviewing, and everything inbetween


People:
    SpeakerBio:  Mari Galloway, Founder at Women’s Society of Cyberjutsu
No BIO available



Your First Conference Talk

Creator Talk Map Page – LVCC West-Level 2-W204 (Noob Community)
When:  Saturday, Aug 9, 14:00 – 14:59 PDT

Creator: Noob Community

How to share your knowledge with the community


People:
    SpeakerBio:  James McQuiggan, Cybersecurity Advocate
No BIO available



Your First CVE

Creator Talk Map Page – LVCC West-Level 2-W204 (Noob Community)
When:  Sunday, Aug 10, 12:30 – 13:30 PDT

Creator: Noob Community

Everything you need to know to find your first CVE


People:
    SpeakerBio:  Natan Morette, Senior Cyber Security Analyst

Natan Morette is a Senior Cyber Security Analyst with over 15 years of experience in technology, specializing in Vulnerability Management, Attack Surface and Exposure Management, Endpoint Protection, Penetration Testing (PenTesting), Internal Network Security Assessments, Microsoft 365, Information Security Frameworks, Network Administration, Microsoft/Linux Server solutions, and Cloud Security Administration (GCP, Azure).




Your Passkey is Weak: Phishing the Unphishable

Creator Talk Map Page – LVCC West-Level 2-W231-W232-(Creator Stage 3) W231
When:  Saturday, Aug 9, 16:00 – 16:30 PDT

Creator: Physical Security Village

While passkeys are being touted as the end of phishing, they might be putting your organization at even more risk. In this talk I will demonstrate a relatively straightforward phishing attack against “phishing-resistant” synced passkeys and provide guidance and advice for responsible passkey usage.

Links:
    www.yourpasskeyisweak.com – https://www.yourpasskeyisweak.com

People:
    SpeakerBio:  Chad Spensky, Allthenticate, Ph.D.

Chad is a teenage hacker turned cybersecurity expert who studied under the best in his field at UNC-CH, UCSB’s SecLab, IBM Research, and was a lead researcher at MIT LL where he played a pivotal role in various high-impact projects for the US DoD. He has broken every authentication system under the sun and has committed his career to doing better for our society.




Your Static Tools Are Cute – My AI Ripped ZebLoader Apart

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 1-303 (Malware Village)
When:  Saturday, Aug 9, 10:40 – 11:10 PDT

Creator: Malware Village
From AI to ZebLoader: Prompt Engineering and Malware Analysis Strategies This presentation demonstrates practical AI integration in malware analysis using ZebLoader as a case study. We explore targeted prompt engineering techniques for automated function identification and code deobfuscation. Attendees will learn effective strategies for leveraging large language models to accelerate static analysis, interpret assembly patterns, and identify malicious behaviors in malware samples. Key topics include developing malware-specific prompts, integrating AI into reverse engineering workflows, and security considerations when analyzing potentially dangerous code. The session provides hands-on prompt templates, workflow optimization approaches, and demonstrates how AI assisted in uncovering ZebLoader’s functionalities. Essential for analysts seeking to enhance traditional reverse engineering with modern AI capabilities.

People:
    SpeakerBio:  Anna Pham
No BIO available
SpeakerBio:  Edward Crowder
No BIO available



Z80 Badge Talk

Creator Talk Map Page – LVCC West-Level 1-Exhibit Hall 4-Communities-C204 (Badgelife Community)
When:  Friday, Aug 8, 12:00 – 12:59 PDT

Creator: Badgelife Community

People:
    SpeakerBio:  Lipo
No BIO available