QUBIT CONFERENCE® AGENDA 2024 | 22 - 24 APRIL 2024
PRE – CONFERENCE TRAINING DAY | 22 APRIL 2024
All trainings will be in English.
Read more about pre-conference trainings in Prague on April 22.
CONFERENCE DAY 1 | 23 APRIL 2024
All sessions will be in English.
In the dynamic interplay of cybersecurity, Artificial Intelligence (AI) has emerged as a double-edged sword wielded by both defenders and attackers. This presentation builds on the original “Barbarians at the Gate(way)” talk that I last delivered five years ago, where I discussed the tools and methodologies of attackers. It ventures into the burgeoning domain where attackers repurpose AI’s capabilities to launch sophisticated cyberattacks, turning defensive technologies against us. We explore the enhancement of traditional hacking methods with AI, the rise of intelligent malware, and the strategic use of AI in cyber espionage, underscoring the urgency for innovative defense mechanisms. Simultaneously, we scrutinize AI’s role in reinforcing cybersecurity, spotlighting the adaptive and predictive analytics that safeguard our digital frontiers. By examining case studies and current trends, we underscore the necessity for ethical deployment and robust regulatory frameworks in the face of these evolving threats. This talk distills the complexities of AI in cybersecurity into a strategic discourse, aiming to prepare stakeholders for a future where AI’s role is as much about defending the gateway as it is about anticipating the next move in the ‘Game of Pwns.’
Many organizations today still use decades-old technology to secure their networks – VPNs and legacy firewalls were not built for cloud computing, SaaS applications, or remote work. Meanwhile, malicious actors have become increasingly sophisticated and take advantage of organizations’ ever-expanding attack surfaces. In this presentation, we will introduce the Zero Trust security framework and discuss how this network architecture is imperative for the future of cybersecurity.
The European NIS2 Directive has been in force for more than a year. We all know that it brings enormous changes. We are all still waiting. So, what are we waiting for? Maybe we should wait so we can run that much faster later. The EU and ENISA may be almost done. Folks, we are not done!
Today’s real-time Deepfake technology makes it possible to create indistinguishable doppelgängers of a person and let them participate in video calls. Since 2019, the TNG Innovation Hacking Team has intensively researched and continuously developed AI around real-time Deepfakes.
In 2023, CrowdStrike tracked the activities of over 232 adversaries. While the speed and number of cyber intrusions generally increase, a few threat actors were more successful, destructive, or problematic than others. Get to know the top three adversaries of 2023 and learn about the reasons for their success so you can defend against them in 2024.
An exponential growth in online services and platforms presents organizations with a challenging task: to be sure that someone is who they say they are online. Add an adversary in the shape of generative AI that creates deepfakes to steal identities and generate new ones, and it’s a pretty daunting situation. These sophisticated technologies create considerable cybersecurity challenges and open up a new era of risks for organizations that must onboard and authenticate users to their digital platforms.
AI is here to stay, bringing new possibilities and huge risks. This guide provides key points and live demos to help you navigate the different types of AI, understand how malicious actors use AI, the risks it poses, and how stressed-out security professionals use it to their advantage.
In the dynamic interplay of cybersecurity, Artificial Intelligence (AI) has emerged as a double-edged sword wielded by both defenders and attackers. This presentation builds on the original “Barbarians at the Gate(way)” talk that I last delivered five years ago, where I discussed the tools and methodologies of attackers. It ventures into the burgeoning domain where attackers repurpose AI’s capabilities to launch sophisticated cyberattacks, turning defensive technologies against us. We explore the enhancement of traditional hacking methods with AI, the rise of intelligent malware, and the strategic use of AI in cyber espionage, underscoring the urgency for innovative defense mechanisms. Simultaneously, we scrutinize AI’s role in reinforcing cybersecurity, spotlighting the adaptive and predictive analytics that safeguard our digital frontiers. By examining case studies and current trends, we underscore the necessity for ethical deployment and robust regulatory frameworks in the face of these evolving threats. This talk distills the complexities of AI in cybersecurity into a strategic discourse, aiming to prepare stakeholders for a future where AI’s role is as much about defending the gateway as it is about anticipating the next move in the ‘Game of Pwns.’
Many organizations today still use decades-old technology to secure their networks – VPNs and legacy firewalls were not built for cloud computing, SaaS applications, or remote work. Meanwhile, malicious actors have become increasingly sophisticated and take advantage of organizations’ ever-expanding attack surfaces. In this presentation, we will introduce the Zero Trust security framework and discuss how this network architecture is imperative for the future of cybersecurity.
The Dark Web is a scary place. I want to invite you on this journey of venturing far beyond your defense perimeter, where cybercriminals are just planning their attacks, and teach you how you can use this knowledge as defensive skills to prevent attacks from happening in the first place.
Today’s real-time Deepfake technology makes it possible to create indistinguishable doppelgängers of a person and let them participate in video calls. Since 2019, the TNG Innovation Hacking Team has intensively researched and continuously developed AI around real-time Deepfakes.
This moderated talk will explore the evolving landscape of Identity and Authentication Technologies, focusing on transitioning to a passwordless and phone-centric world. We will discuss the integration and implications of the EU Digital Identity project, specifically the eIDAS 2.0 initiative, and its role in shaping global identity verification frameworks. The discussion will highlight the need for enhanced security measures such as Multi-Factor Authentication (MFA) and Privileged Access Management (PAM) in the face of increasing digital identity threats such as phishing and insider attacks.
If you want to participate in TECH LAB, prepare your computer in advance according to the following instructions -> https://prague.qubitconference.com/instruction-for-the-ebpf-lab-attendants/.
eBPF is a revolutionary technology that allows the instrumentation of Linux, MS Windows, and other kernel operating systems without kernel programming. Big companies like Seznam, Google, Meta, and Netflix widely accept it for high-performance load-balancing, DDoS mitigation, and firewalling. Other well-known use cases are increasing observability for cybersecurity and performance monitoring. Less known is the possibility of stopping the execution of functions, including system calls. It allows the implementation of restrictions on when the specific call can be executed based on time, executable name, etc. Sometimes, there is a known vulnerability, but a patch is not available for a particular device, or it is impossible to restart it immediately. Simple eBPF programs can be used to protect the device in such cases. This deep technical presentation shows step-by-step programming of an eBPF program to stop the execution of a system call. The presentation does not need previous knowledge about eBPF. An overview of eBPF and an introduction to eBPF programming are included. The presentation shows how eBPF can be used to implement a specific cybersecurity requirement and how it can be used in cybersecurity in general. The deep technical part allows the audience to understand why eBPF is so flexible, fast, and secure and helps them to evaluate the value of using eBPF in their organization.
If you want to participate in TECH LAB, prepare your computer in advance according to the following instructions -> https://prague.qubitconference.com/instruction-for-the-ebpf-lab-attendants/.
eBPF is a revolutionary technology that allows the instrumentation of Linux, MS Windows, and other kernel operating systems without kernel programming. Big companies like Seznam, Google, Meta, and Netflix widely accept it for high-performance load-balancing, DDoS mitigation, and firewalling. Other well-known use cases are increasing observability for cybersecurity and performance monitoring. Less known is the possibility of stopping the execution of functions, including system calls. It allows the implementation of restrictions on when the specific call can be executed based on time, executable name, etc. Sometimes, there is a known vulnerability, but a patch is not available for a particular device, or it is impossible to restart it immediately. Simple eBPF programs can be used to protect the device in such cases. This deep technical presentation shows step-by-step programming of an eBPF program to stop the execution of a system call. The presentation does not need previous knowledge about eBPF. An overview of eBPF and an introduction to eBPF programming are included. The presentation shows how eBPF can be used to implement a specific cybersecurity requirement and how it can be used in cybersecurity in general. The deep technical part allows the audience to understand why eBPF is so flexible, fast, and secure and helps them to evaluate the value of using eBPF in their organization.
Malware and Memory forensics are inevitable today due to the ever-growing threats. While they could be an exhaustive process, what happens if we introduce malware to the docker/container world? We will analyze malware in containers, capture its memory, and churn out a new way of analysis.
CONFERENCE DAY 2 | 24 APRIL 2024
All sessions will be in English.
Be a cyber leader you wish you had, lead a team and learn in our lesson’s tradecraft for a better version of you. Technical competency matters, half of the game is opertional teams’ efficiency. In this lecture we explore leadership from cyberwarfare to commercial enterprises.
We will examine the role physical security has to play in Red Team engagements and ensure that company premises are designed and secured in a way that makes it hard for an attacker to gain entry to steal data, access computers, deploy “dropboxes” on networks or leaving behind hidden cameras or listening devices.”
The presentation provides insights and tips on how the global organizations can establish effective Information Security Management System, including the process of how to get through the certification ISO 27001 within different timelines, showcasing scenario of going through such process in 6 months.
This presentation explores the groundbreaking innovation of utilizing Virtual Chief Information Security Officers (CISOs) as effective managers in the realm of cybersecurity. As organizations grapple with evolving cyber threats, the Virtual CISO model emerges as a dynamic solution to address the challenges of maintaining robust security postures. The session delves into the core concepts of virtualized leadership in cybersecurity, emphasizing how this innovative approach enhances adaptability, scalability, and cost-effectiveness. Join us to gain insights into the transformative potential of Virtual CISOs, unlocking a new era in cybersecurity management.
Be a cyber leader you wish you had, lead a team and learn in our lesson’s tradecraft for a better version of you. Technical competency matters, half of the game is opertional teams’ efficiency. In this lecture we explore leadership from cyberwarfare to commercial enterprises.
The use of machine learning and artificial intelligence has been on the rise in various industries, including the field of cybersecurity. These technologies have shown great potential in detecting and mitigating cyber threats, but they also come with their own set of risks. One of the most significant risks is the threat of machine learning poisoning attacks. Machine learning poisoning attacks involve an attacker manipulating the data or the learning algorithm used by an AI model to compromise its accuracy or functionality. This type of attack is particularly dangerous because it can go undetected for a long time, and it can be challenging to trace its origins. A successful poisoning attack can result in the AI model making incorrect decisions, which can lead to a security breach or data loss.
The presentation follows underestimated source of truth (netflow data) that you can rely on, when other security and forensic data sources are compromised (or too costly). Various aspects are illustrated on the security incident which started at ISP level and finally landed in OT network of a SME. We will walk through individual steps in the kill-chain to see what traces were left after each step in network logs, what additional context could have been derived from network layer, with what amount of confidence it could have been detected, and how some steps are possible to mitigate or even prevent all together.
During the workshop, we cover the following topics: Roles of locks in society, Physical Recon (remote and up close), Door Assessment of How locks work, Lock Picking, Lock bypassing Decoding keys & Locks Field Key generation – demo Door bypassing.
During the workshop, we cover the following topics: Roles of locks in society, Physical Recon (remote and up close), Door Assessment of How locks work, Lock Picking, Lock bypassing Decoding keys & Locks Field Key generation – demo Door bypassing.