0.1 2026 2026-05-28 2026-05-29 2 00:05 https://cfp.securityfest.com Europe/Stockholm Main Stage Keynote 2026-05-28T09:30:00+02:00 09:30 00:45 Everyone is diving headfirst into the AI pool. The problem is they're diving into the shallow end. LLMs are being packed into every nook and crannie, mostly places nobody wanted it or asked for it. I'm going to be taking a baseball bat to LLMs - their hallucinatory nature and the extra instructions we're saddled with we don't get to see.. I'll be showing logs of how they literally talk themselves into lying to you. It's bad. Bring a helmet. Prompt engineering has become harness engineering, and now its "memory and context engineering". Openclaw and now codex are storing local files and 'memories' to try and handle the 'context window problem'. Moltbook has 3 million 'agents'. Openclaw is being used as a c2 now. TeamPCP is infecting every npm package they can with backdoors - weekly at this point! Just in 2026 alone we have more than tripled the number of supply chain bugs in tooling used in the LLM landscape The attack surface is growing so rapidly we can barely keep track of it. This talk will explore all this new attack surface, and cover some of the things you can do about it, and how to avoid the landmines and pitfalls when using LLMs. 2026-696-claude-is-your-insider-threat-now Dan Tentler en false https://cfp.securityfest.com/2026/talk/L38XLJ/ Main Stage Talk 2026-05-28T10:30:00+02:00 10:30 00:40 Visual Studio Code has become the de-facto IDE for millions of developers, and its extension marketplace is now a first-class target for supply-chain compromise. In this talk we move beyond yesterday’s JavaScript-only “theme” backdoors and show how to fuse high-level TypeScript with low-level Rust to create extensions that are indistinguishable from legitimate Microsoft-signed add-ons—yet silently execute native x86_64 shellcode inside the IDE process. We begin with a data-driven tour of recent in-the-wild incidents: the [Material Theme extension with vulnerable dependencies](https://www.koi.ai/blog/a-wolf-in-dark-mode-the-malicious-vs-code-theme-that-fooled-millions), the “Solidity” extension that stole $500 k in crypto from a Russian blockchain developer, and the [new self propagating GlassWorm extension](https://www.truesec.com/hub/blog/glassworm-self-propagating-vscode-extension). The rise of AI-centric forks (Cursor, Windsurf, etc.) has also given a rise to new extension marketplaces where malicious extension can use inflated download counts to serve as perfect camouflage. Next we deep-dive into the malicious extension toolchain: a Rust FFI bridge that compiles to a library, exposes a single innocent-looking TypeScript API, and preserves the marketplace’s blue “verified” tick. We demonstrate live how to backdoor a top-10 Microsoft-published extension so that every subsequent update remains functionally identical while the Rust payload executes shellcode —without triggering Windows Defender, AMSI, or the new Extension Host sandbox. We close with defensive takeaways: IoCs and TTPs to look for, defensive rules which can prevent such attacks and possible detection vectors. Attendees leave with a fully annotated GitHub repo that walks them through the process of developing such malware - starting with a "hello-world" C++ addon and building a stealthy rust based shellcode loader backdoored into a popular Microsoft extension. 2026-532-from-code-to-compromise-turning-modern-day-ides-into-attack-vectors-via-malicious-extensions Debjeet Banerjee en false https://cfp.securityfest.com/2026/talk/D9ZPZD/ Main Stage Talk 2026-05-28T11:30:00+02:00 11:30 00:40 This session moves beyond initial cluster access to explore a highly stealthy persistence vector: the weaponization of Mutating Admission Controllers. While typically used for security policy enforcement, these controllers can be subverted to inject malicious sidecars or modify pod specs in real-time without altering original deployment manifests. We will demonstrate how an attacker can maintain a "ghost" presence that survives standard audits, image updates, and pod restarts, effectively turning the Kubernetes control plane against itself. 2026-669-abusing-mutating-admission-webhooks-for-stealthy-cluster-dominance Nikita VermaHarshita Varma en We will perform a live-style technical deep dive into the architecture of a Mutating Admission Webhook attack. The session starts by compromising a cluster and installing a rogue controller that intercepts every CREATE and UPDATE request. We will walk through the logic of injecting a stealthy C2 sidecar that uses the cluster's internal service mesh to hide its traffic. Finally, we will transition to defense, showing how to implement Validated Infrastructure using OPA/Kyverno to ensure only authorized mutations occur, effectively "rebooting" the security posture of the cluster. What the audience will gain: Technical Exploit Knowledge: A step-by-step understanding of how admission controllers can be manipulated for persistence. Detection Strategies: Actionable methods to identify non-standard mutations in high-traffic production environments. Defense Blueprints: Practical configuration examples for OPA and Kyverno to prevent unauthorized pod mutations. false https://cfp.securityfest.com/2026/talk/LCMPBH/ Main Stage Talk 2026-05-28T14:00:00+02:00 14:00 00:40 Practical Exploitation – No CVE Required A live hacking session What actually happens between “no known vulnerability” and full compromise? In this session, we move beyond slides and theory and exploit real systems on stage. You will see how small implementation details, unsafe assumptions, and overlooked behaviors turn into working attack paths. No pre-recorded demos. Just live analysis. Live mistakes. Live exploitation. We start with exposed functionality and pull at the threads. We read the code. We question the assumptions. We look for the place where “this should be safe” quietly becomes “this is game over”. Sometimes there is no CVE, no advisory, no warning — just logic, trust, and attack surface waiting to be understood. This session is for developers, defenders, and security engineers who want to understand not just that something is vulnerable — but why it is exploitable, and how attackers convert technical nuance into control. If you build systems, you should know how they break. If you defend systems, you should know how they fall. Because exploitation is not magic. It is method. And method scales. 2026-702-practical-exploitation-no-cve-required Emil Trägårdh en true https://cfp.securityfest.com/2026/talk/HSRHP9/ Main Stage Talk 2026-05-28T15:00:00+02:00 15:00 00:40 The In-Vehicle Infotainment (IVI) system is increasingly becoming the core interaction and computing platform in connected vehicles, and is deeply coupled with in-vehicle networks through vehicle signal services, diagnostic channels, and gateway policies. Engineering/Factory Mode, designed for R&D debugging, manufacturing validation, and after-sales servicing, typically provides highly privileged capabilities such as debug toggles, logging/diagnostics, configuration writing, OTA-related operations, and vehicle integration testing. If Engineering/Factory Mode remains accessible in production builds via hidden entry points, weak authentication, or unclear authorization boundaries, attackers may obtain elevated privileges at low cost and expand their reach to vehicle control functions, resulting in vehicle-level cybersecurity risks. In this work, we conduct a security assessment of Engineering/Factory components on production IVI systems, summarize common entry-path categories and weaknesses, and evaluate the reachable control boundaries after privilege escalation from the perspective of coupling between engineering utilities and vehicle control services/middleware We finally provide practical hardening recommendations for production deployments to reduce vehicle-level risks introduced by engineering functions while preserving serviceability and operational efficiency. 2026-657-from-convenience-to-consequences-vehicle-level-cybersecurity-impact-of-engineering-functions Yuqiao Ning en true https://cfp.securityfest.com/2026/talk/MT7DSG/ Main Stage Talk 2026-05-28T16:00:00+02:00 16:00 00:40 Mainframes still underpin critical infrastructure such as banking, airlines, and government systems, yet most modern security teams approach them using assumptions formed around Unix, Windows, and enterprise platforms. These assumptions often fail on z/OS, creating blind spots that are difficult to detect and easy to underestimate. This talk explains how mainframe security actually works and why familiar concepts such as "root," shells, ports, and lateral movement do not translate cleanly. Focusing on components like JES, JCL, RACF, CICS, and PR/SM, we explore where attackers and defenders truly operate today: transactions, security managers, and management boundaries. From an offensive perspective, the talk reframes how attackers actually move inside mainframe environments: not through shells or services, but via job submission paths, inherited authority, transaction routing, and security manager behavior. The session highlights concrete failure modes red teams encounter when modern assumptions are applied to z/OS, and how those blind spots are exploited in real assessments. Using real TN3270 terminal screens and practical examples, attendees will learn a repeatable methodology for assessing mainframe environments and identifying misconfigurations that appear harmless but can have severe impact. The talk also demonstrates an AI-assisted assessment approach: a local LLM interprets TN3270 screens in real-time, narrates walkthroughs, and tutors interactively; all running 100% offline with no cloud APIs or data exfiltration risk. No prior mainframe experience is required. 2026-639-hacking-big-iron-when-modern-security-assumptions-fail-on-mainframes Adam Toscher en IBM mainframes were designed long before modern operating systems, networks, and security models existed, yet they remain central to some of the world’s most critical environments. As a result, security teams often evaluate them using mental models that simply do not apply. This talk demystifies how mainframe operating systems enforce trust and privilege, with a practical focus on security-relevant components such as JES, JCL, RACF, CICS, and TMAM. We examine why traditional approaches based on shells, services, and ports break down, and how real-world attackers instead navigate transactions, security definitions, and control boundaries. Rather than concentrating on legacy exploits, the emphasis is on methodology: how to reason about exposure, privilege, and segmentation within mainframe operating systems designed for batch processing, transaction processing, and long-running workloads. Real TN3270 terminal screens, generated using a custom tool, are used throughout to ground the discussion in real-world systems. The session concludes with a practical assessment workflow and a demo of an open-source tool designed to help testers and defenders understand TN3270 environments and interpret mainframe screens during security reviews. Attendees will leave with a clear mental model and a concrete checklist they can apply when assessing or defending mainframe systems. false https://cfp.securityfest.com/2026/talk/BXGMG9/ Main Stage Talk 2026-05-29T09:30:00+02:00 09:30 00:40 The days of hacking home routers are not over! Because every household, that wants internet access at their house, needs some kind of router, these could be a very interesting target, as there are millions of devices in use with an direct connection to the internet. One might think, that manufacturer should take extra care to make them as secure as possible, but apparently there is still room for improvement. A lot of room. This talk will show the accidental discovery of the most dangerous vulnerability type a device, especially a home router, can have: the unauthenticated remote code execution over the internet. It will not only focus on the technical part but also a practical example of how manufacturers should not respond to responsible disclosure. Be curious about non existing input validation resulting in various outcomes, a lot of "Wait... what?" moments and the difficulties of responsible disclosure. 2026-659-meshhacks-exploiting-linksys-intelligent-mesh-from-the-internet Christian Zäske en false https://cfp.securityfest.com/2026/talk/Y8RHXG/ Main Stage Talk 2026-05-29T10:30:00+02:00 10:30 00:40 Process injection on Linux is often treated as a solved problem. Yet, many modern tools remain architecture-locked or are easily flagged by basic heuristic analysis. This session introduces Aether, a Linux process injection framework designed for today’s landscape. We will deep-dive into the technical hurdles of building a tool that handles both 32-bit and 64-bit processes seamlessly. Aether utilizes ptrace for attachment and PLT (Procedure Linkage Table) hooking for precise function interception. The talk goes beyond the basics by exploring a "Polyglot" approach to offensive tooling. We will demonstrate how wrapping a performance-heavy C/C++ injection core within a Rust-based FFI (Foreign Function Interface) tunnel creates a "safe" but powerful parasite. This hybrid architecture increases exploit stability. It also complicates the work of reverse engineers by fragmenting the call stack across language boundaries. Attendees will walk away with a functional understanding of Linux runtime code modification, the state of modern PLT hooking, and a roadmap for "oxidizing" legacy C++ tools to stay ahead of evolving detection engines. 2026-618-aether-engineering-a-cross-architecture-linux-process-injector Lora en The current landscape of Linux process injection is dominated by aging techniques that are increasingly visible to modern Endpoint Detection and Response (EDR) systems. While tools leveraging LD_PRELOAD or basic shellcode injection remain functional, they often fall victim to heuristic scanners that flag predictable memory allocation patterns and standard C library calls. This presentation introduces Aether, a framework designed to bypass these limitations by utilizing low-level primitive operations, specifically ptrace and Procedure Linkage Table (PLT) hooking, to achieve cross-architecture code execution. By operating at the binary level rather than relying on high-level environment variables, Aether provides a robust foundation for runtime code modification in both 32-bit and 64-bit environments. The technical core of the talk focuses on the orchestration of ptrace for non-cooperative process attachment. We will examine the mechanics of capturing a running process's execution state, manipulating registers to redirect control flow, and the precise use of PTRACE_POKETEXT to inject our "parasite" shared library. A significant portion of the deep dive is dedicated to PLT Hooking, a technique that allows Aether to intercept specific function calls by overwriting entries in the Global Offset Table (GOT). This method ensures that our injected code remains synchronized with the host process's legitimate activities, allowing for stealthy monitoring or modification of data without crashing the target, a common failure point in traditional "fire-and-forget" injectors. The research then pivots to the "Oxidation" of the framework: the integration of Rust via a Foreign Function Interface (FFI) tunnel. We explore the hypothesis that mixing programming languages can act as a form of binary-level obfuscation. By wrapping our performance-critical C++ injection engine in a Rust-based daemon, we fragment the call stack and generate machine code signatures that differ significantly from "pure" C++ malware. This section of the presentation will provide a comparative analysis of memory signatures, demonstrating how Rust’s unique binary structure and its "safety-first" memory management can be weaponized to evade modern heuristics and complicate the work of a reverse engineer attempting to trace the hybrid execution flow. Finally, the session concludes with a series of high-stakes demonstrations. We will first show a baseline "Legacy" injection being detected by standard Linux audit tools, followed by the successful deployment of the Oxidized Aether framework. The demo will highlight the tool's dedicated monitoring daemon, which maintains the health of the injected parasite and ensures persistence even through host process fluctuations. Attendees will be provided with a technical roadmap for porting their own offensive tools to this hybrid architecture, along with access to the Aether source code to further the community's research into polyglot exploitation. false https://cfp.securityfest.com/2026/talk/CJXNTP/ Main Stage Talk 2026-05-29T11:30:00+02:00 11:30 00:40 Operating a Cyber Threat Intelligence (CTI) capability for the public sector means working at the intersection of security, regulation, and trust. This presentation by CSIRT.SK shows how its Afrodita platform, built on MISP and integrated with several internal systems Aura and Atena, delivers actionable CTI while meeting the specific requirements of NIS2 directive and Slovak cybersecurity legislation. CSIRT.SK runs a centralized architecture of MISP instances connected across GOVNET, the governmental network, and beyond. This design enables secure CTI exchange among public institutions and partners, including selected international instances such as NATO MISP and FIRST MISP. Afrodita acts as the main interface for constituents, while Aura provides internal automation and correlation of incident data, and Atena links threat indicators to the Governmental Security Operation Center (SOC). In return, data collected during SOC operations and incident response, are used for building situational awareness as one of the core services defined by FIRST CSIRT Services. The presentation explains how this multi-layered architecture ensures data enrichment, contextualization, and traceable sharing of IoCs, enabling faster detection and coordinated response within a controlled trust domain. It also highlights practical challenges unique to the public sector constituency and the benefits for other CSIRT Services. Attendees will learn how CTI sharing under Afrodita helps public entities demonstrate NIS2 compliance, by integrating intelligence into vulnerability assessment, security monitoring, incident reporting, and evidence of “state of the art” cybersecurity controls. 2026-615-building-trusted-cti-for-the-public-sector-at-csirt-slovakia Adrian OndovMichal Rampasek en Key takeaways: 1. How a sectoral CSIRT operates a centralized MISP ecosystem (Afrodita–Aura–Atena) within Governmental Network. 2. Lessons learned from trusted CTI sharing under regulatory and operational constraints. 3. How CTI supports NIS2 implementation in public-sector environments. false https://cfp.securityfest.com/2026/talk/XRQQJB/ Main Stage Talk 2026-05-29T14:00:00+02:00 14:00 00:40 Offensive research on video surveillance systems is really not a new topic. Their components, especially cameras, are everywhere. It is very common to see at least one of them on the network during penetration tests on IT or OT. They have all been torn apart in many ways, from hardware to network services and configurations. Almost everyone has heard about the scenario of camera sequence looping to hide intrusions from security personnel. But how many tools and techniques do you know to address video surveillance systems during IT/OT pentests? How many of them are truly plug-and-play or at least practical? Do you know any ready-to-use scripts to perform the looping trick? Of course tools and scripts exist, but I was confident I would find many, and even comprehensive, practical toolkits. When I didn't, I also discovered that there are good technical reasons behind that. One of them relies on the constraints of assessments conditions, which is our starting point here. Many interesting attacks require a setup that is hardly achievable outside of test benches. Therefore, we will discuss a few techniques and tools that can be used during pentests, with a focus on those that rely on the very common ONVIF standard. In this context, we consider that the only way to reach the video surveillance components is through the network. One of these techniques is, of course, the video looping trick, but this approach has specific requirements that are bypassed in most demos and tutorials I’ve seen (including one I’ve done myself :)). Now, let’s face the challenge and make the attack work in real-world conditions - always with safety in mind. 2026-699-the-never-implemented-story-of-penetration-tests-on-video-surveillance-networks Claire Vacherot en false https://cfp.securityfest.com/2026/talk/KRKY9H/ Main Stage Talk 2026-05-29T15:00:00+02:00 15:00 00:40 The Russian infamous hacktivist group Killnet is more than meets the eye; it's a cyber army directed by a few to cause harm. With a checkered history and inconsistent behaviors, deciphering who is behind this group is challenging. Nevertheless, we will lift this veil and share a personal story of disrupting the group, unbalancing Killnet into chaos. 2026-531-versus-killnet Alex Holden en The infamous Russian hacktivist group, Killnet, operated as a clandestine cyber army, orchestrated by a select few to create chaos and inflict harm. Despite its notoriety, investigating the true operators behind Killnet proved to be a significant challenge, given its checkered history and inconsistent behavior. However, through an in-depth investigation and direct confrontation with the gang, we shed the veil of secrecy shrouding the group and will share a compelling personal account detailing how we disrupted Killnet, plunging it into a death spiral. Our strategy to dismantle this cyber army hinged on identifying a critical vulnerability – its connection to the Russian illegal drug marketplace - Solaris. By exposing this nefarious link and diverting proceeds from the Russian drug operation to support a Ukrainian charity, we triggered widespread questioning of Killnet's leadership and actions. This created an instability and within the group and beyond, ultimately leading to loss of support of the Russian government and breaking of financial ties. Delving deeper, we will explore the true identity of Killnet's leader, KillMilk, and explore his dark and criminal past. This will allow you to see some of the Killnet’s actions in a different light and interpret the public events and actions associated with Killnet. Our successful efforts to undermine Killnet's leadership have led to a spectacular downfall and disintegration of the entire collective. As of the beginning of this year, Killnet changed drastically, leaving behind remnants of a group once synonymous with disruptive hacktivism. Our small push against Killnet set forth a chain of events changing the trajectory of the group and leaving it far removed from its former destructive pursuits. Join me as I unravel the complex narrative of Killnet, offering insights into the evolution of cyber warfare and the enduring struggle to combat malicious actors in the world of cyber warfare and disruptive hacktivism. false https://cfp.securityfest.com/2026/talk/DJTBVS/ Main Stage Talk 2026-05-29T16:20:00+02:00 16:20 00:40 You've successfully compromised your target. How do you maintain access in the face of reboots, crashes, credential resets, and active remediation? In this presentation, we take a deep dive into stealthy persistence techniques that go far beyond the basic Windows services, run keys, and cron jobs. We explore the latest attacker tradecraft that abuses trusted components and blends into normal enterprise operations. The talk covers persistence techniques derived from novel research and techniques observed in the wild from my work as a Principal Forensic Consultant. These techniques evade modern detection/AV/NDR/EDR and, more importantly, are difficult for forensic investigators to identify and eradicate. We also examine how to exploit the limitations in modern forensic tooling and common DFIR workflows. Finally, the presentation distills these findings into practical attacker tradecraft for maintaining covert, resilient access in enterprise networks. 2026-735-stayin-alive-stealthy-persistence-in-enterprise-environments Alexander Andersson en This talk explores persistence, focusing on what actually works in real-world intrusions versus techniques that only look impressive. Using a mix of real-world cases and novel research, the presentation highlights both common mistakes and solid persistence mechanisms. The talk will feature multiple live demos. The talk content is based on (1) my experience leading hundreds of complex investigations as a Pricipal Forensic Consultant, (2) learnings from years of developing proprietary forensic tooling, and (3) an extensive review of persistence techniques and the limitations of current forensic tooling. false https://cfp.securityfest.com/2026/talk/9G7B9Q/