Schedule

16.5.2024 (Thursday) at Park Boutique Hotel Varaždin.
Technical lectures, single track, relevant technical content with no sales talks.
Keep in mind that most of the talks in the schedule will be presented in Croatian.
Time Speaker Subject
09:00 - 09:30 Registration
09:30 - 09:35 Opening Ceremony
09:35 - 10:20 Ivan Fratric Hacking Mobile Basebands of Pixel and iPhone: Techniques, Tooling and Findings
10:30 - 11:15 Slaven Smojver DORA (Digital Operational Resilience Act)
11:30 - 12:15 Tomislav Turek How (not) to go to battle
12:15 - 14:00 Lunch Break (no organized lunch, make your own arrangements)
14:00 - 14:45 Josip Stuhli Inspecting IPTV for fun and no profit
15:00 - 15:45 Vanja Švajcer Exploring malicious Windows drivers
16:00 - 16:45 stamparm Late-Night Talks With AI Chatbots
17:00 - 17:45 Bojan Zdrnja La casa de papel BSides Varaždin, S2
18:00 -> Closing Ceremony and Social Time

Ivan Fratric - Hacking Mobile Basebands of Pixel and iPhone: Techniques, Tooling and Findings

During 2023, multiple Google Project Zero members joined forces to look for vulnerabilities in baseband processors on mobile phones and, in this process, discovered multiple vulnerabilities that would allow attackers to hack phones from the mobile network and beyond. This talk will cover getting started in the area of baseband security research, specifically focused on the basebands used in the latest Pixel and iPhone mobile phones. It will also cover the tooling we used, both existing and new, and show some of our findings.

# About the speaker

Ivan Fratric is a security researcher at Google Project Zero, where he currently focuses on remote attack surfaces and tooling. Previously, he worked on the Google Security Team and, before that, at the University of Zagreb where he received his PhD. He has been publishing security research for over a decade and is the author of multiple open-source security tools.

Slaven Smojver - DORA (Digital Operational Resilience Act)

The Digital Operational Resilience Act (DORA) is a new EU regulation that provides a set of rules for financial institutions concerning the use of IT/ICT, with a particular focus on:
• ICT risk management,
• security and business continuity,
• digital operational resilience testing,
• contracts with ICT service providers and
• oversight framework for critical ICT service providers.
The presentation will briefly cover DORA and some of the more technical requirements that it introduces.

# About the speaker

Slaven is director of the Information Systems Supervision Department in the Croatian National Bank (HNB). The department assesses and supervises IT risk in banks, other payment institutions and some FinTech companies. Slaven obtained his Ph.D., M.Sc. and M.Eng.EE degrees from the University of Zagreb, Croatia. He authored several scientific papers and has presented extensively on various topics related to financial services supervision, control and management of IT and InfoSec in financial institutions. He is CRISC, CISA and CISM.

Tomislav Turek - How (not) to go to battle

As part of Phish Paprikaš CTF team, I had an opportunity to participate in DefCamp 2023 CTF finals on-site in Romania. This talk tries to bring this form of competition closer to others so they can learn from our mistakes. We will look into how we have prepared and our experience of the competition including our successes, failures and lessons learned.

# About the speaker

Tomislav Turek is an application security lead at Infobip working with a team that analyzes and performs security reviews of application systems, integrations and code. While mostly focused in application security and software engineering, he likes to tinker with all things related to security and open source. He invests a lot of his free time in computers and loves to participate in capture the flag competitions.

Josip Stuhli - Inspecting IPTV for fun and no profit

Find out what happens when you put a network tap between your TV and your router. Ever wanted to know what kind of magic needs to happen in your Set Top Box to show you your favorite TV channel? What technologies are used? What if I told you YOU could control what's displayed on your TV or watch any channel you want? In this talk, I'll explain how to inspect the inner workings of modern telco IPTV. You'll see how you can build your own network tap using nothing more than a simple Raspberry Pi and use it to inspect and modify network traffic on the fly.

# About the speaker

Josip has been involved with computers for the better part of his life. Started with web development back in high school. Since then he's moved to backend and DevOps. Loves security stuff and is obsessed with optimising everything. Works in Zagreb as CTO @ SofaScore.

Vanja Švajcer - Exploring malicious Windows drivers

Drivers have long been of interest to threat actors, whether they are exploiting vulnerable drivers or creating malicious ones. Malicious drivers are difficult to detect and successfully leveraging one can give an attacker full access to a system.

With the existence of malicious drivers, there is a need for those who can analyze identified samples. This analysis requires specific knowledge of the Windows operating system, which can be difficult to acquire. Windows drivers and the kernel can be overwhelming to learn about, as these topics are vast and highly complex. The documentation available on these subjects is daunting and difficult to navigate for newcomers, even for those with programming experience.

This initial hurdle and steep learning curve create a high barrier of entry into the subject. To many, the kernel space seems to be an arcane and hidden part of the operating system.

This presentation will be a high-level introduction into drivers, their usage by malicious actors and the Windows kernel. No previous experience of drivers is required.

# About the speaker

Vanja Svajcer works as a Threat Researcher at Cisco Talos. Vanja enjoys tinkering with automated analysis systems, reversing binaries and analysing mobile malware. He thinks time spent scraping telemetry data to find indicators of new attacks is well worth the effort. He presented his work at conferences such as FSec, Bsides, Virus Bulletin, RSA, CARO, AVAR, BalcCon and others.

stamparm - Late-Night Talks With AI Chatbots

In an era where artificial intelligence (AI) is becoming increasingly integrated into our daily lives, understanding how to effectively communicate with AI chatbots is crucial. This talk aims to explore the dynamics of conversing with AI chatbots, delving into the intricacies of natural language processing, machine learning algorithms, and the human-computer interaction paradigm. Through practical demonstrations and engaging discussions, attendees will gain insights into the challenges and opportunities of communicating with AI chatbots effectively, with a focus on information security implications.

# About the speaker

Senior security engineer at Intel 471, born in 1982, with a lifelong passion for computer coding. Holds a PhD in Computer Science from FER, University of Zagreb, Croatia. Known for contributions to prominent open-source projects like sqlmap and Maltrail, focusing on information security.

Bojan Ždrnja - La casa de papel BSides Varaždin, S2

There have been a number of high profile incidents in last 2 years - since the last BSides Varazdin presentation (S1 actually).
It looks like El Professor did not stop after S1 and is back with his gang members Zagreb, Ljubljana and Tirana. We'll take a look at their tactics, techniques and procedures to see if we have any chance against such an organized gang.

# About the speaker

Bojan is the CTO of Infigo, where he also leads the offensive security team, which is one of the largest in the region.
He is also a Certified SANS Instructor, where he teaches the popular SEC542 (Web application penetration testing) course, of which he is also a co-author.
Besides this, he uses every opportunity to trade the routine of Outlook for the thrill of engaging with advanced offensive security tools.
Finally, he is also a senior SANS Internet Storm Center (ISC) handler, where he gets a chance to play with latest attacks.

Old Schedules

Old conference schedules: