Version 0.18 April 16, 2026

We released a new schedule version!

We have new sessions!

• “LT12-CrimeWars Episode 1 - The LATAM Menace” by Jared Peck
• “LT18-The Cost Of Sharing” by Alessandro Strino
• “LT14-Flipping the Script” by Mayeul Fournial
• “LT16-Breaking MaaS in 3 Minutes” by Federico Valentini
• “LT08-A Crash Course in Pop Culture, the KimWolf Way” by Gwendal Saloum
• “LT04-From cheats to APT (or how a youtube ad made me loose all my free time)” by Paul Daligault
• “LT15-Modern Fraud botnet powered by AI?” by Pedro Falé
• “LT01-How to become a bot farmer” by Clément CARDIN
• “LT13-You just need to ask nicely” by Victor Rocheron
• “LT17-Good Labels” by Alexis Goodfaith
• “LT06-What Music Does Malware Listen To?” by Manuel Boll
• “LT05-One day in the life of a threat actor targeting Kazakhstani diplomatic entities” by Pierre Lorinquer
• “LT03-ENS, IPFS, and a custom mesh network walk into a botnet” by Jérôme Meyer
• “LT07-Fake IT workers infrastructure in 3 minutes” by Clifford
• “LT11-Using MCRIT for firmware analysis: experimental poorman's integrity check pipeline” by ARNOULD Quentin, Pierre-Yves LASCAUX
• “LT02-Introducing Ransomlook 2.0” by Tammy Harper
• “LT10-The People Behind the CVEs” by Dario NISI
• “LT09-Random cyber fails - Police POV” by François Lexis

We had to move some sessions, so if you were planning on seeing them, check their new dates or locations:

• “iMac-ulate Conception: The Birth of the macOS Stealer Ecosystem” by Maddie Stewart, Charlie Cullen (April 16, 2026, 2:30 p.m. → April 16, 2026, 2:15 p.m.)
• “Lightning talks” (April 16, 2026, 4:30 p.m. → April 16, 2026, 4:15 p.m.)
• “Coffee break” (April 16, 2026, 3 p.m. → April 16, 2026, 2:45 p.m.)
• “Following RondoDox's Breadcrumbs” by João Godinho (April 16, 2026, 3:45 p.m. → April 16, 2026, 3:30 p.m.)
• “Decoding the Core: Inside Stories of Malware Configuration Extraction” by Albert Zsigovits (April 16, 2026, 2 p.m. → April 16, 2026, 1:45 p.m.)

Version 0.17 April 16, 2026

We released a new schedule version!

We had to move some sessions, so if you were planning on seeing them, check their new dates or locations:

• “Defeating Node.js Malware through API Tracing” by Sven Rath (April 16, 2026, 9:30 a.m. → April 17, 2026, 9:30 a.m.)
• “Finding Meaning in /dev/null” by Paul Jung (April 17, 2026, 9:30 a.m. → April 16, 2026, 9:30 a.m.)

Version 0.16 April 14, 2026

We released a new schedule version!

We sadly had to cancel a session: “No Honor Among Pirates: Investigating Malware in Pirated Media” by Murtuza Ali

We had to move some sessions, so if you were planning on seeing them, check their new dates or locations:

• “Botnet Boasting: Investigating Power Proofs in the DDoS-for-Hire Market” by Maarten Weyns (April 16, 2026, 4:30 p.m. → April 15, 2026, 11:40 a.m.)
• “Lightning talks” (April 16, 2026, 5 p.m. → April 16, 2026, 4:30 p.m.)

Version 0.15 March 23, 2026

We released a new schedule version!

We have moved a session around: “Gala reception” (April 16, 2026, 7:15 p.m. → April 16, 2026, 7 p.m.)

Version 0.14 March 15, 2026

We released a new schedule version!

We have a new session: “Unseizable Extortion: cry0’s Use of the ICP Blockchain” by Tammy Harper.

Version 0.13 March 14, 2026

We released a new schedule version!

We have new sessions!

• “GPUGate: Repo Squatting and OpenCL Anti-Analysis to Deliver HijackLoader” by Theo Webb, Shungo Kumasaka
• “Smoking Out an Affiliate: SmokedHam, Qilin, a few Google ads and some bossware” by Marine Pichon, Alexis Goodfaith, Thomas

We sadly had to cancel a session: “Masks, Monsters, and Drivers: Unpacking the Deception of Chaos, Kraken, and DeadLock” by Chetan Raghuprasad

Version 0.12 March 12, 2026

We released a new schedule version!

We have moved a session around: “Gala reception” (April 16, 2026, 7:30 p.m. → April 16, 2026, 7:15 p.m.)

Version 0.11 Feb. 26, 2026

We released a new schedule version!

We had to move some sessions, so if you were planning on seeing them, check their new dates or locations:

• “Thinking Outside the Package: Hunting Supply Chain Behavior from the Endpoint Perspective” by Bar Matalon, Noa Dekel (April 17, 2026, 9:30 a.m. → April 16, 2026, 10 a.m.)
• “Finding Meaning in /dev/null” by Paul Jung (April 16, 2026, 10 a.m. → April 17, 2026, 9:30 a.m.)

Version 0.10 Feb. 24, 2026

We released a new schedule version!

We have a new session: “Thinking Outside the Package: Hunting Supply Chain Behavior from the Endpoint Perspective” by Bar Matalon, Noa Dekel.

Version 0.9 Feb. 20, 2026

We released a new schedule version!

Version 0.8 Feb. 19, 2026

We released a new schedule version!

We have new sessions!

• “Lunch”
• “No Honor Among Pirates: Investigating Malware in Pirated Media” by Murtuza Ali
• “Defeating Node.js Malware through API Tracing” by Sven Rath
• “FrostyNeighbor’s playbook: How phishing and malware drive long-term espionage in Europe” by Damien Schaeffer
• “Gala reception”
• “Closing speech”
• “Meet GopherWhisper: Uncovering an APT’s secrets through its own words” by Eric Howard
• “Coffee break”
• “Tracking the Next Botnets after the RapperBot’s PowerOFF” by Hideyuki Furukawa
• “Registration”
• “Lightning talks”
• “Lunch”
• “Exploring the AitM Phishing Ecosystem: From Kit Hunting to Operator Profiling” by Quentin Bourgue, Grégoire Clermont
• “Cocktail party”
• “iMac-ulate Conception: The Birth of the macOS Stealer Ecosystem” by Maddie Stewart, Charlie Cullen
• “Dissecting Evil Twin RATs: Tracking the Long-Term Use of TA410's FlowCloud Toolset” by Hiroshi Takeuchi
• “Opening speech”
• “Botnet Boasting: Investigating Power Proofs in the DDoS-for-Hire Market” by Maarten Weyns
• “Registration”
• “Lunch”
• “Izanagi RAT: Discovery and Analysis of a Cross-Platform, Long-Lived Go Backdoor” by Fabian Marquardt
• “The Howl of Kimwolf Resonates Across 1.8 Million Android Devices Worldwide” by Alex Turing, Acey9, Wang Hao
• “Coffee break”
• “Finding Meaning in /dev/null” by Paul Jung
• “Coffee break”
• “The Dangers of Calendar Subscriptions: A New Ecosystem Unveiled” by Pedro Falé, Ana Rita Castanheira
• “Coffee break”
• “Registration”
• “Masks, Monsters, and Drivers: Unpacking the Deception of Chaos, Kraken, and DeadLock” by Chetan Raghuprasad
• “When One Botnet Leads to Another: Pivoting from Quad7-like Activity to Unknown Proxy Networks on Embedded Devices” by Andreas Petker, Hanno Heinrichs
• “Malicious Blind Pack: Uncovering all RAT Tools in Silver Fox campaign” by Rachael Liao, Yi Ping (Cara) Lin
• “When Your CTV Box Goes Rogue: How Millions Were Tricked Into Aiding a Global Cybercrime Operation” by Lindsay Kaye, Vikas Parthasarathy, Joao Santos
• “For Educational Purposes Mostly: Tracking the Stealerium and PhantomStealer Ecosystem” by Kyle Cucci
• “From Mods to Malware: Dissecting Minecraft Stealer Campaigns” by Jaromir Horejsi
• “Following RondoDox's Breadcrumbs” by João Godinho

We had to move some sessions, so if you were planning on seeing them, check their new dates or locations:

• “Chasing XLoader: Tracking a Notoriously Complex Malware Family at Scale” by Souhail Hammou, Alexey Bukhteyev (April 16, 2026, 10:30 a.m. → April 16, 2026, 11 a.m.)
• “Tomb Raider - In Search of the Lost Signatures” by Stephan Berger (April 15, 2026, 10:30 a.m. → April 15, 2026, 4:45 p.m.)
• “Broken by Design: Defeating APK Malformation at Scale in the MaaS Era” by Alessandro Strino, Michele Roviello, Federico Valentini (April 15, 2026, 11:15 a.m. → April 15, 2026, 11:10 a.m.)
• “Decoding the Core: Inside Stories of Malware Configuration Extraction” by Albert Zsigovits (April 15, 2026, 2 p.m. → April 16, 2026, 2 p.m.)

Version 0.7 Feb. 13, 2026

We released a new schedule version!

Version 0.6 Feb. 13, 2026

We released a new schedule version!

We have a new session: “Chasing XLoader: Tracking a Notoriously Complex Malware Family at Scale” by Souhail Hammou, Alexey Bukhteyev.

Version 0.5 Feb. 13, 2026

We released a new schedule version!

We have new sessions!

• “Decoding the Core: Inside Stories of Malware Configuration Extraction” by Albert Zsigovits
• “Broken by Design: Defeating APK Malformation at Scale in the MaaS Era” by Alessandro Strino, Michele Roviello, Federico Valentini

Version 0.4 Feb. 13, 2026

We released a new schedule version!

We have moved a session around: “Tomb Raider - In Search of the Lost Signatures” by Stephan Berger (April 14, 2026, 10 a.m. → April 15, 2026, 10:30 a.m.)

Version 0.3 Feb. 13, 2026

We released a new schedule version!

We have a new session: “Tomb Raider - In Search of the Lost Signatures” by Stephan Berger.

Version 0.2 Feb. 13, 2026

We released a new schedule version!

Version 0.1 Feb. 13, 2026

We released our first schedule!