Programme
The general programme took place in the Large Assembly Hall.
=> Programme overview
Framework programme
- Exhibition stands | A.0.19 Main hall A and passageway
- Alumni Lounge | A.0.11 Small assembly hall, building A
- General
- Large Assembly Hall
- Medium Assembly Hall
- Main Auditorium
- Future Lab
- Lecture Hall 1 | English track
Johann Haag | Chief Executive Officer (CEO), St. Pölten UAS
Markus Aulenbach | Lower Austrian Economic Chamber UBIT
Simon Tjoa | Head of Department of Computer Science and Security, St. Pölten UAS
Marion Marschalek | Senior Cloud Security Engineer
Computing on a global scale means doing the simple things really, really well. How does that work for security? Can we train large language models for all the important problems? Probably not. Lets look at some recent security incidents together, at their multiple facets and what challenges those pose in detection and response. We'll talk about how defense against one attack informs defense against many attacks, yet how this train of thought can be misleading in designing wholistic security solutions. I'll dive into the role of machine learning and AI in security, the path from research to production, the importance of metrics and measurability, the peculiar problems of scale and how we can achieve more with less.
*** Live stream via YouTube ***
Michael Egger & Ivo Friedberg | Austrian Power Grid AG
*** Live stream via YouTube ***
Thomas Poskocil | condignum GmbH
*** Live stream via YouTube ***
Felix Lehner | Deloitte Österreich
*** Due to legal reasons, this lecture will not be streamed via YouTube. ***
Reinhard Kugler | SBA Research
*** Live stream via YouTube ***
Bernhard Knasmüller & Michael Pristauz-Telsnigg | KPMG Advisory GmbH
*** Live stream via YouTube ***
Michael Kirchner | UAS St. Pölten
*** Live stream via YouTube ***
Daniel Haslinger & Christoph Lang-Muhr | UAS St. Pölten
*** Live stream via YouTube ***
Christian Wojner | CERT.at
*** Live stream via YouTube ***
Hannes Trunde | K-Businesscom AG
*** Live stream via YouTube ***
Alexander Tauber, Stefan Binna & Stefan Pfeiffer | Accenture
*** Live Stream via YouTube. ***
Johann Stockinger & Michael Beham | Deutsche Telekom Cyber Security Austria GmbH
*** Due to legal reasons, this lecture will not be streamed via YouTube. ***
Daniel Kroiß & Stefan Prinz | KPMG Security Services Gmb
*** Live stream via YouTube ***
Daniel Mrskos | Security mit Passion & Dominik Rieder | ZTP .digital
*** Live stream via YouTube ***
Florian Bogner | Bee Security
Roland Pucher & Manuel Werka | PwC Österreich
Yuri Gbur | SEC Consult
The QUIC protocol is gaining more and more traction since its standardization in 2021 and the recent finalization of the HTTP3 standard. This has been leading to a rising interest by various big tech companies. QUIC promises to make security and privacy a first-class citizen; yet, challenging these claims is of utmost importance.
To this end, this presentation provides insight into challenges deploying QUIC and securing environments around it. We highlight shortcomings of current stateful firewalls and discuss bypass capabilities. Furthermore, we show client-side request forgery attacks that directly emerge from the QUIC protocol design and how one of the uncovered attack modalities can be utilized to impersonate other UDP-based protocols, e.g., DNS requests. In addition, we identify traffic amplification vectors and pitfalls in the protocol specification which we confirm in our evaluation of 13 QUIC server implementations. Lastly, we discuss and propose mitigation approaches.
Felix Eberstaller & Bernhard Lorenz | Limes Security
David Wind | slashsec Red Teaming GmbH
Hassan Mohamad | Sec-Research GmbH
Stefan Schubert | VBV-Group
Thomas Wagner | willhaben internet service GmbH & Co KG
Susanne Schön | Radar Cyber Security
René Pfeiffer | Deepsec GmbH
Gerald Kortschak | sevian7
Martin Haunschmid | Adversary GmbH
Armin Huremagic | Censored Planet
Internet censorship is a growing concern worldwide, with numerous countries imposing restrictions on online content and communication. This talk provides an introductory exploration of internet censorship, focusing on its global prevalence and the methodologies employed by organizations like Censored Planet and OONI to measure and analyze it. The talk will give a comprehensive overview of censorship practices in different regions, including an examination of Russia's sophisticated censorship system. Real-world examples will be used to highlight the impact of censorship during significant events, emphasizing the crucial role of measurements in preserving digital rights.
Fabian Obermann | SBA Research
Software, like most things, ages, and this can introduce hidden vulnerabilities. In our study, we look beyond standard security testing by following software evolution over time. Our goal is to uncover potential weaknesses before they turn into critical issues. We bring these concepts to life with practical examples and insights from a real-world project.
Our work is a proactive effort aimed at creating secure and robust software. We study the ageing process by analyzing git histories, aiming for our software to become better and more reliable over time, instead of degrading into potential threats. This analysis provides insights into software ageing, which can help improve code robustness, make maintenance more efficient, and enhance overall system resilience. Our investigation promotes a better understanding of software's evolution and helps to lay a solid foundation for future development strategies. We aim to ensure that software not only endures but also improves with time.
Herbert Dirnberger | IKARUS
OT Security B-Sides: Play and Run
"Securing the Hidden and Unknown: Exploring Industrial Cyber Security in the Edge/Fog"
In this talk, we will delve into the realm of Industrial Cyber Security, focusing on the hidden and unknown vulnerabilities that exist in operational technology (OT) systems. We will discuss the challenges and nightmares associated with securing OT systems and how they differ from traditional IT security. By demystifying OT vulnerability and patch management, we will explore the unique challenges and solutions for protecting critical infrastructure.
Furthermore, we will analyze the unsolved problems that plague OT (also IT ;-) networks, exploring the lesser-known attack vectors and risks that are often overlooked. Through practical demonstrations, we will highlight the importance of understanding these B-sides and provide insights into effective defense strategies.
Finally, we will introduce open-source OT security alerts playbook templates that are designed for experts and analysts. These playbooks will empower security professionals with practical guidance and actionable intelligence to enhance their incident response capabilities in the industrial cyber security domain.
Martin Grottenthaler | SBA Research
Coercion techniques, such as PetitPotam or Printer Bug have been around for some time now. Surprisingly, many people believe that these techniques have been fixed and are no longer exploitable. In this presentation, I will demonstrate how these techniques can still be used to take over systems in a Windows environment.
Jeroen Vandeleur | NVISO
This presentation builds upon Erik van Buggenhout's thought-provoking RSA Conference talk, focusing specifically on automation within the continuous Purple Teaming framework.
Prepare to be inspired and equipped with the knowledge to integrate Purple Team methodologies and tooling into your security operations. During this presentation We will navigate through the intriguing world of continuous Purple Teaming, shedding light on how it can transform your security team. Whether you're seeking to optimize proactive threat hunting, streamline incident handling, or improve digital forensics, this presentation offers practical guidance and actionable insights.
Clemens Hopfer & Petar Kosic | Metalab
Last year, an industrial coffee vending machine with broken power electronics arrived at Metalab. This is a talk about how we repaired the machine, how these machines usually work, a dive into legacy software and electronics setups, and why those coffee vending machines taste like they do.
Last but not least, we will discuss how we started to reverse engineer the internal system communication and if we would award a hackvalue of over 9000 for this type of machines.