Tuesday⏱️1730 - 1930

early Check-in - skip the long lines - sponsored by google cloud

⏱️0815 - 0900

Check-in - Breakfast provided by Team Cymru

⏱️0900 - 0905

Welcome

⏱️0905 - 0925

Keynote

Dmitri Alperovitch

⏱️0925 - 0955

Oil into the Fire: An Inside Look at SVR Cyberespionage

Michael van Landingham and Alex Orleans

⏱️0955 - 1025

When State Actors Go Mobile: APT29’s Use of Commodity Malware

Ivan Kwiatkowski

⏱️1025 - 1040

Coffee Break

⏱️1040 - 1110

From Hacker to Help Desk: The Surprising Story of a North Korean Cyber Operator

Caleb Marquis and Eric Kerr

⏱️1110 - 1140

Forecasting Typhoons: Volt Typhoon Next Steps in OT Disruption

Joe Slowik

⏱️1140 - 1210

From Automated Scans to Hands-On-Keyboard: China-Nexus APTs Exploited SAP NetWeaver to Breach Critical Infrastructure Networks

Arda Büyükkaya

⏱️1210 - 1325

Lunch sponsored by censys

Private lunch presentation hosted by Qintel

⏱️1325 - 1525

⚡️Lightning round⚡️

Ping First, Boom Second

Dlshad Othman and David Magnotti

Spy vs Spies: An Examination of Counterintelligence Tooling for Contested Networks

Tom Goldsmith

Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices

Sara McBroom and Brandon White

Cyber(trade)war: Paradigm Shift in Economic Espionage

Patrick Whitsell

⏱️1525 - 1540

Snack break

⏱️1540 - 1610

CyberWarFog: The IRGC’s Playbook for Narrative Control

Emma Goldberg and Lea Ronzaud

⏱️1610 - 1640

“Silk Mirage”

Ruarigh Thornton and Ethan Fecht

⏱️1640 - 1710

UTA0388 – APT Gone Wild: Targeted Operations with Untamed LLMs

Steven Adair

⏱️1710 - 1730

closing remarks & Raffle Drawing

⏱️1730 - 1930

On-site networking reception sponsored by QIntel

Unwind, meet new people, and make connections beyond the Cyberwarcon sessions.

Agenda