Speakers
Confirmed Speakers and Instructors:
Alex Nunes & Cauan Guimarães – Malware Analysis – workshop
Alex is a Penetration Tester and Security Researcher for the past 10 years, has participated in dozens of projects developing security software with SSL encryption and Pattern Recognition. Founding Member of the Brazilian CodeBreakers Team and author of several PoCs and Exploits. Alex is a well-known guest speaker at several IT Security Conferences worldwide and maintains a flawless record as a pentester.
Andrés Riancho – 100% hands-on W3af crash course (Speaker changed, new speaker following)
Taras Ivashchenko - 100% hands-on W3af Crash Course
Taras Ivashchenko is information security specialist and open source evangelist from Russia.
For a long time he focused on penetration tests (specially by PCI DSS), but his main focus has always been the web application security and web technologies in common.
He is well known for his Termite (Oracle bruteforce tool), xCobra (web application vulnerability scanner) and as contributor of famous W3AF a Web Application Attack and Audit Framework.
Taras was a speaker at several security conferences and events including:
INFOSECURITY RUSSIA, RusCrypto.
Now he works in Russia’s largest internet company as information security officer.
Alessio L.R. Pennasilico – DDoS workshop
Mr. Alessio L.R. Pennasilico, a.k.a. mayhem, 32 years, lives and works in Verona (Italy) as a Security Evangelist for Alba S.T. s.r.l.
His personal and working interests are into Information Technology, focusing on security issues, OpenSource and Digital Rights. That’s why he soon became a member of many independent organizations, such as AIPSI, AIP, CLUSIT, ILS, OpenBeer, Metro Olografix, Sikurezza.org, ISAC-IT, Recursiva.org, ISECOM’s Hacker’s Profiling Project (HPP) and many LUGs. He is usually invited as a speaker at most of the national events such as HOPE, Hack in The Box, Confidence, IT Underground, Infosecurity, E-privacy, Linux Day, OpenCon, OpenEXP, ESC, MOCA and the italian HackMeeting. Alessio also holds workshops in secondary schools and italian universities, with the aim of spreading the culture for an aware use of nowaday’s technology.
His main areas of competence are related to firewalling, High Availability, penetration testing, SCADA security, criptography, VoIP, privacy, Linux, OpenBSD and OpenSource philosophy.
Tiago Henriques Computer Forensics – Workshop
Tiago is a Researcher at the University of Bedfordshire, his research is focused on Information Security and Computer Forensics. At the university he does some part time lecturing on a different range of topics, from Computer Security, to Networking and Cryptography. He is also running the Security Group of the University, on which he gives other student and staff members training on different Security topics.
Daniel Mende – All Your Packets Are Belong to Us – Attacking Backbone Technologies – lecture
Daniel Mende is a German security researcher specialized on network protocols and technologies. He’s well known for his Layer2 extensions of the SPIKE and Sulley fuzzing frameworks, he has discussed new ways in building botnets and presented on protocol security at many occasions including Troopers08, ShmooCon and Blackhat. Usually he releases a new tool when giving a talk.
Helder Silva – Investigação Forense Digital em Portugal – lecture
Helder Silva has 9 years of experience in system and security industry his personal and working interests are into IT focusing on network security, network architecture, forensics, IT Consulting and training. Helder has taught several IT certification courses, as MCITP: Enterprise Administrator 2008, MCITP: Enterprise Messaging Administrator 2007, MCTS: ISA Server 2006, MCTS: MS SCCM 2007, MCTS: SCOM 2007, MCSE 2000/03 Security, as CEI (CEH, ENSA, CHFI) and ITILv3 Foundation at GALILEU Portugal and others.
Karsten Nohl – Can we trust GSM? – workshop
Karsten bridges the three worlds of academic research, hacking, and hardware industry. His research focuses on privacy protection in widely deployed technologies such as RFIDs, DECT, and GSM. His hacking projects assess (and usually break) proprietary cryptography. Through his consulting projects, Karsten helps corporations not to choose or develop technically inferior solutions.
This workshop discusses GSM’s security model and illustrates that a wide range of attacks is possible; including spoofing, (remote) tracking, and interception.
Abstract:
The world’s most popular security technology, GSM, is outdated. GSM’s protection mechanisms were designed two decades ago when security was guarded by governmental agencies. Today, users are still asked to blindly trust the cell phone networks and their business partners.
Matthias Luft – Can Data Leakage Prevention Prevent Data Leakage? – workshop
Matthias is a seasoned pentester with vast experience in corporate environments. Over the years he focused on evaluating and reviewing all kinds of applications. So he’s one of the first researches who revealed major design flaws and vulnerabilities in the approach of Data Leakage Prevention . He is a regular speaker at international security
conferences and will happily share his knowledge with the audience.
Christian Bockermann – ModSecurity Training – 4 hours
