⏱️0815 - 0900
Check-in - Breakfast provided by Team Cymru
⏱️0900 - 0905
Welcome
⏱️0905 - 0935
Keynote
⏱️0935 - 1005
Oil into the Fire: An Inside Look at SVR Cyberespionage
Michael van Landingham and Alex Orleans
⏱️1005 - 1035
When State Actors Go Mobile: APT29’s Use of Commodity Malware
⏱️1035 - 1055
Coffee Break
⏱️1055 - 1125
From Hacker to Help Desk: The Surprising Story of a North Korean Cyber Operator
⏱️1125 - 1155
Forecasting Typhoons: Volt Typhoon Next Steps in OT Disruption
⏱️1155 - 1215
From Automated Scans to Hands-On-Keyboard: China-Nexus APTs Exploited SAP NetWeaver to Breach Critical Infrastructure Networks
⏱️1215 - 1315
Lunch
Private lunch presentation hosted by Qintel
⏱️1315 - 1515
⚡️Lightning round⚡️
Ping First, Boom Second
Dlshad Othman and David Magnotti
Spy vs Spies: An Examination of Counterintelligence Tooling for Contested Networks
Hacking Drone Warfare
What Moldova Tells Us About Russian IOs
Ksenia Iliuk and Roman Osadchuk
Cache Me If You Can: Modern iOS Spyware and the Vanishing Forensic Trail
The Beijing Buyers: A Survey of Salt Typhoon Customers
Poisoned Waters: Dive into APT24’s Multi-Pronged BADAUDIO Espionage Campaign
Is Your North Korean IT Worker Quiet Quitting?
Poisoning Fast and Slow: LLM Compromise as a Vector for Influence Operations
Cheap Tricks, High-Impact: How AI Is Powering Sloppy Influence Campaigns
Dina Sadek and Margot Fulde-Hardy
Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices
Sara McBroom and Brandon White
Cyber(trade)war: Paradigm Shift in Economic Espionage
⏱️1515 - 1545
Snack break
⏱️1545 - 1615
CyberWarFog: The IRGC’s Playbook for Narrative Control
⏱️1615 - 1645
“Silk Mirage”
Ruarigh Thornton and Ethan Fecht
⏱️1645 - 1715
UTA0388 – APT Gone Wild: Targeted Operations with Untamed LLMs
⏱️1715 - 1730
closing remarks
⏱️1730 - 1930