Two days until #BSidesBoulder25 and only 15 tickets remain! Today we highlight, two #BSidesBoulder25 talks: Andrew Brandt's "Smashing Smishing by Quashing Quishing" and Eric Harashevsky's "Firmware Readout Bypass in STM92 (Don't put this in an alarm control panel).

Andrew's talk will examine QR-based phishing attacks, how attackers are exploiting QR codes and SMS to steal credentials and MFA tokens, and how a cross-industry collaboration between mobile vendors, telcos, and the infosec community could finally slam the door on mobile phishing. Think SafeBrowsing, but for QR scans! And we promise that our BSidesBoulder event QR codes will not redirect you to an Andrew-controlled C2 server.

Eric's talk will explore his adventure tinkering with an old STM92's firmware - the talk will explore his findings, reverse engineering the legacy microcontroller, bypassing firmware protections, and what that means for devices still hanging on your wall! Expect a live demo that is sure to excite your future hardware hacking journey.

#BSides #BSidesBoulder #CyberSecurity #Quishing #Smishing #MobileSecurity #PhishingDefense #HardwareHacking #FirmwareSecurity

Check out our full schedule at https://bsidesboulder.org/schedule/

Tickets are available for purchase for our 13 June event here: https://www.eventbrite.com/e/bsides-boulder-2025-registration-1290129274389

Did you know, Las Vegas locals and students qualify for discounted badge rates? Locals and students can get a BSidesLV badge for $35.

More information is available online in the FAQ: https://bsideslv.org/registration

¡Estamos a menos de dos días para que comience el registro para #bsidescdmx25! Pasen la voz y no se queden sin su entrada.

Security BSides CDMX es gratis gracias al apoyo de nuestros increíbles patrocinadores, así que no olviden darles amor con likes, reposts, y más.

Deadline is June 30th!!!
There's still plenty of time!

Didn't get your talk accepted at DEFCON33 this year?
Will you be near Scranton, PA on September 5th?
We'd love to have you!

https://bsidesnepa.org/cfp/

And the free ticket went to Lennard (last name known to BSides) - not sharing full name at this point as we don't have the consent for it.

📣 📣 Elbsides 2025 conference is fully booked 📣 📣

Really looking forward to seeing a full conference room on Friday and listening to our wonderful speakers presenting their latest insights.

#Elbsides2025 #Infosec #Cybersecurity #Hamburg

We are just days away from our annual #BSidesBoulder event on 13 June and just about 40 tickets are left. Today, we're highlighting an application of AI talk.

⚔️💥 AI is building websites faster than ever — but who's checking the locks? Unlock your potential with Yash Thapliyal's #BSidesBoulder25 talk "Taking Down Websites as Fast as They're Made: Common Vulnerabilities in AI-Generated Sites" that will provide a live, fast-paced walkthrough of how platforms like Wix, Durable, and Cursor Agent are unintentionally publishing XSS, SQLi, and other vulnerabilities by default. Yash will generate a site live with the audience, then hack it! Learn how to spot the cracks, secure your builds, and stay ahead of the script kiddies. 💥⚔️

#BSides #BSidesBoulder #RedTeam #AI #WebSec #AppSec

Check out our full schedule at https://bsidesboulder.org/schedule/

Tickets are available for purchase for our 13 June event here: https://www.eventbrite.com/e/bsides-boulder-2025-registration-1290129274389

Hey folks.

Incredibly, fantastically, we're close to 200 tickets gone.

Ticket number 200 will be free for whomever is lucky enough to take it!

📣 Excited for Elbsides 2025 on Friday, June 13th in Hamburg? We are! 😀
There are just a handful of tickets left - you better hurry to snatch the last ones up before we are sold out. Ticketshop closes tomorrow afternoon.

https://www.elbsides.eu/2025/registration/

#Elbsides2025 #Infosec #Cybersecurity #bsides #Hamburg #ITCommunity

We are still looking for talks for BSides Saskatoon 2025, but the clock is ticking!

Have an idea for a talk? Submit now before our June 30, 2025 deadline.
Never spoken before but want to try, we have 15-minute lightning talks perfect for a first timer!

CFP Is open at https://forms.office.com/r/DQaz1ixPZz but closes soon!

#CFP #BSides #Saskatoon #infosec #YXE #BSidesYXE

Looking forwards to Chris' talk, Pentest Pains, live this Friday at 4:15PM during Elbsides in Hamburg, Germany:
https://www.linkedin.com/posts/chris-traynor_come-listen-to-my-talk-pentest-pains-live-activity-7337943301859299328-PrIh

Tickets are on sale until June 11th - very few left: https://www.elbsides.eu/2025/registration/

#Elbsides2025 #Cybersecurity #PentestPains #Hamburg

Thanks to WIVB for the coverage of this weekend's event!

¡Cada vez más cerca! Y nada de esto sería posible sin el apoyo de nuestros patrocinadores, organizaciones que apoyan a la comunidad para seguir creciendo juntos, como @lyftmexico que se une con su patrocinio Gold a #bsidescdmx25

In this week’s article #BSidesMunich2025 NEINth Edition we are looking at how we proactively say, “No!” to attackers by exploring cyber threat intelligence (CTI). CTI is the process of gathering and analyzing information about potential cyber threats and using that information to protect an organization’s systems and data. Cyber threat intelligence offers a lot of potential, but implementation is not trivial.

Learn more under the link below!

https://social.bsidesmunich.org/?p=1066

As a warm-up for #BSidesLuxembourg2025, which kicks off in JUST 7 (SEVEN) days, we interviewed @d3sre about career, burn-out/high pressure work, and about inclusion/making #Infosec available to everyone, minorities included, without gatekeeping.

Read it here: https://2025.bsides.lu/blog/bsides.lu-2025-interview/

#BSides

💥🖥️ Don't miss Nathan Montierth's #BSidesBoulder25 talk "Navigating the Virtualization Battlefield: A Deep Dive into Hypervisor Attack Vectors", which plans to explore how attackers are breaching hypervisors (think ESXi, Active Directory, and more), and what you can do to fight back! 🛡️💥

Organizations globally have embraced virtualization as a way to scale solutions and centralize network management, but if your hypervisor gets popped, it could cost your organization millions. If you run virtualized infrastructure, this one’s mission-critical. #BSides #BSidesBoulder #CyberSecurity #VirtualizationSecurity #HypervisorHacking #CyberDefense

Check out our full schedule at https://bsidesboulder.org/schedule/

Tickets are available for purchase for our 13 June event here: https://www.eventbrite.com/e/bsides-boulder-2025-registration-1290129274389

Monday but already thinking about Friday? We're thinking about the HashiCorp sponsored after-party at #BSidesPGH on Friday July 11 at Rivers.

Register to attend BSides at www.bsidespgh.com now to avoid late registration. Check out our posted schedule of talks!

Get ready to make a splash!

Sponsor the BSLV pool party and put your company's logo front and center! Don't miss this opportunity to shine bright and connect with our vibrant community.

Visit https://bsideslv.org/sponsors or email sponsors [@] bsideslv [.] org

Querida comunidad, ya caaaaaasi está lista la agenda para #bsidescdmx25! Las propuestas de este año han sido increíbles, ¡Gracias!

Y en otras noticias, ¿listos para comenzar el registro? Los boletos se liberan este viernes 13 de Junio a las 11:00 hrs de Ciudad de México.

https://www.bsidescdmx.org/tickets

ATTENTION: Our partner managing ticket validation is having some small challenges with accessing payment info.

All WILL be solved within a few days, but if you'd like your ticket(s) validated now, feel free to forward payment proof to info@bsides.lu and we will validate manually.

So sorry for the delays.