I had heard the rumors and I am happy to report that they were true.
Last week I had the pleasure of participating at the Swiss Cyber Storm as a speaker. It was one of THE most mentally stimulating conferences I have been to, a top shelf kind of conference for cybersecurity.

Everything from the speaker lineup to the content of the presentations was top notch...but it was also pretty noticeable that the conference attracted some truly interesting minds. If we met there, thank you for the wonderful discussions!

This is highly recommended cyber security conference, for all the right reasons. If you want to gain fresh perspectives, share & challenge your ideas, and meet some noteworthy industry professionals, make sure to attend.

Hope to see everyone again next year!

#SCS23 #swisscyberstorm #cybersecurity #infosec #conference

Behold, @evacide showing the mastery to squeeze a 45min presentation into a 25min slot on the Swiss Cyberstorm conference with some magical lossless compression. Great keynote that woke me up better than coffee 😋 #SCS23

Only opened the goodie bag today (thanks, @adfichter for the reminder! 😊).

I really appreciate the guys that included the bugs I can hunt for strength (left) and the blue pills, not only for the blue team! 🖖
#SCS23

Some top notch speakers at the 10th #SwissCyberStorm conference in Bern. Thanks to all the staff and specially @Folini for that day

#SCS23 #infosec #Infosecconference

#StefanLüders at #SCS23 explaining that when adding more manageability, scalability, virtualization etc. you continually add abstraction layers, separate networks, ….
Only to reconnect them at the next level again, reintroducing the interdependence and kill isolation anf security.

"So, this is not #KISS, this is #ACDC!"

#ChristineBejerasco on the challenges of next year in the interview with @Folini :

Managing #ThirdParty risk, namely the potential security problems comes from using #SaaS services, will be the main challenge for the near future. And don't forget the subcontracters.

Christian Folini compared this to the #Xplain leak, without mentioning their name. #SCS23

« We develop systems with user in mind, but we often do not think how they can be misused » - Christine Bejerasco from #WithSecure

#SCS23

#SBB specific awareness:

- 1500 interviews with team leass to learn about problems, challenges, situation
- Dashboard with actionable data, interpreted
- Collection of learning nuggets (with timeouts)
- For the unmeasured parts, have risk management
- Security Champions all over the company
- Continuous improvement

#SCS23

#SBB working on specific #AwarenessTraining, avoiding repetitions.

- Move from compliance-focused to *really* promote awareness/behavior change, long-term sustainment/culture change, and metrics framework
- 150 professions, 50 locations, 4 languages
- "Legacy" means up to 100 years old equipment 😊

#SCS23

Next presentation at #SwissCyberStorm #SCS23 by @jfslowik about converging behaviours across threat actors: oof, at last a good message: adversaries are lazy too and tend to standardize their toolset. So just look out for Mimikatz and the like, BUT that's still not that easy

Ok, once again.... Train the upper management and high value targets. Usually these are the ones with no time at all... Challenge accepted.
@ChristinaLekati at #SCS23 #SwissCyberStorm

After a great keynote by @evacide an at least as great sponsor note by David Jacoby.
#SwissCyberstorm #SCS23

@evacide from #EFF had a great Keynote about the human aspects, why we need 100% #HTTPS coverage (with just 99%, drive-by zero-click malware insertions can still happen).
#SCS23

« At the end, we are here to secure people » - @evacide

Great keynote #swisscyberstorm #scs23

Now that was a keynote. #SwissCyberStorm #scs23 started very well, great keynote by Eva Galperin!

#Bern begrüsst seine Besucher des #SwissCyberStorm #SCS23 mit einem kleinen #Rainstorm.

Let this 10th #SCS23 begins!

Listening to @evacide of @eff at #scs23
Such a privilege!

🎉 I am honored to be presenting at the #SwissCyberStorm conference on October 24, 2023! 🎉

🔍 Talk Title: "Unveiling Malicious Behavior in Unknown Binaries"

In this presentation, we will:

🔑 Dive deep into strategies for extracting malicious behaviors in unknown binaries.

🛡 Cover tactics from fundamental signature-based checks, string analysis, and packer detection to advanced heuristics.

🌐 Discuss identifying Command and Control (C2) communication and decryption routines in malware.

🚀 With the rise of sophisticated malware, traditional strategies often fall short. We will introduce advanced techniques and heuristics to navigate and analyze complex binary files.

📌 For more details and to register, visit: https://www.swisscyberstorm.com/schedule/

#scs23 #cybersecurity #itsecurity #reverseengineering #malware #malwareanalysis