The Evolution of macOS Security – Csaba Fitzl

Over the years Apple has been stepping up its game in security. There are many talks focusing on key memory corruption exploit mitigations, but logic bug prevention is often dismissed; however, it is just as important.

In this talk, I try to fill that gap and will go over some key macOS security features that prevent or make it harder to exploit logic vulnerabilities. We will see how the basic features have improved since macOS Mojave and what other smaller, but large-impact mitigations were added.

This talk will be held in English.
 

Malware “Powered by AI”: Insights and Outlooks of early AI Malware - Candid Wüest

It is not surprising that GenAI is able to create malware. But how suitable is it to control complex autonomous malware? The first metamorphic AI-based samples like LameHug and PromptLock emerged in 2025; however, so far with negligible impact.

In this talk, I discuss the insights about the first real agentic malware samples like Yutani Loop and what this means for the defenders. Multi-agent and multi-model malware already exists in the laboratory – but what advantages can it actually grant attackers? Can malware autonomously choose its goals, hide from local EDR solutions and learn from previous mistakes?

The goal of this presentation is to show the participants what autonomous malware is actually able to do, where its advantages and disadvantages lie, what is pure media hype – and of course how to protect oneself against this new type of threat.

This talk will be held in German.
 

Cybersecurity is exactly like soccer (Football) – John Stoner

Cybersecurity is exactly like soccer (Football)” uses football analogies to break down the complexity of cyber roles, teams, and strategies. With over 50 cybersecurity specializations, from hyper-focused experts to adaptable generalists, this talk compares them to players like Leroy Sané (a pacey specialist winger) and Joshua Kimmich (a versatile midfield generalist). Are you a star striker for a Top Team (at Bayern Munich), or an intern breaking through at a scrappy startup (like a youth product at St. Pauli)? Just like in football, tailored training, smart team-building, and understanding player attributes are critical, your goalkeeper (Cloud Engineer) doesn’t train like your holding midfielder (Threat Intel Analyst). Managers need to assess their roster, decide whether to grow talent (youth academy) or buy expertise (transfer market), and define a strategy, possession play, pressing, or a counter-attacking setup? With humor and insight, this talk explores hiring, development, and cybersecurity teamwork through the beautiful game, no yellow cards and NO VAR, just lessons from the Soccer (Football) world and the cyber world."

This talk will be held in English.
 

From Buffer Overflows to Prompt Injection: Why AI is Resetting Software Security – Chris Wysopal

AI is entering the enterprise at breakneck speed. It’s baked into SaaS tools, driving application development, and powering autonomous agents. Yet most organizations have little visibility into the risks. Generative AI has become the new Shadow IT: powerful, uncontrolled, and already creating new attack surfaces. Sensitive data can leak through prompts and training, and GenAI is generating insecure code at scale—re-introducing entire classes of vulnerabilities the security community spent decades working to eliminate.

We’ve been here before. In the 1990s, the industry resisted acknowledging vulnerabilities. Security researchers and Microsoft clashed over disclosure, patching was chaotic, and organizations had no reliable process for addressing flaws. Only after years of painful incidents did coordinated vulnerability disclosure and secure development practices become standard. AI threatens to reset that hard-won progress: code is now being created by systems that don’t understand security, deployed by developers who trust it blindly, and integrated into pipelines without the checks we once fought to establish.

This session will dissect how GenAI reshapes the attack surface across the SDLC and enterprise IT, from code generation to SaaS integration and autonomous agent behavior. Attendees will see where the same disclosure and remediation battles of the past are resurfacing in new form—and what technical controls and engineering practices are needed to keep history from repeating itself.

This talk will be held in English.
 

Allpacka: Malware à la Carte – Leon Schmidt

The days when generic and publicly known malware has easily resulted in successful attacks are long gone – at least for companies that protect themselves. Modern solutions for detection and response like EDRs make an attacker’s life more difficult. This is why attackers are now regularly using their own tooling, individual mechanisms to hide the loading and packing of malware, and several other tricks to bypass such modern detection software. Simulating these motivated, advanced and competent adversary groups, who use different vectors to attack a company, is often the topic of so-called red team assessments. As a professional red team, it is therefore our task to not only cover these techniques but also spontaneously adapt malware to new situations in a time-efficient way.

For this purpose, we at cirosec have developed our own solution, making our red team’s daily work easier: our malware toolkit “Allpacka”. The idea is that each task – from compiling, obfuscating and packing to platform-specific adaptation of the malware – is abstracted through individual modules that can be combined. Linking these modules together creates a “recipe”, which is “prepared” by the “Allpacka chef” and then “served” as individual malware.

The primary goal of Allpacka was to achieve a high degree of automation. Additionally, this approach makes it possible for all red team members to use the entire arsenal of malware components without having to know every detail of how each of the components work. Encapsulation of the components in Allpacka modules allows each member to fully concentrate on their specialty while benefiting from the know-how of the other members.

In this presentation, I will show you how we designed and built Allpacka, how the system works under the hood and what we have learned about modularity, security, and standards in practice.

This talk will be held in German.
 

Cyberwar between Russia and Finnish Companies – Sami Laiho

I’m one of the Finnish cybersecurity specialists that took part in destroying company IT systems when companies needed to flee Russia.

Finland has more border with Russia than the rest of the EU combined. When Russia declared that it could nationalize company assets when the companies leave Russia, we had 72 hours to destroy the company IT systems, using dead man’s switches as Russia threatened to cut Internet connections to the country. This is hopefully my only war story that I ever have to tell my kids, and I would like to share it with the world. People are talking about expensive machinery left in Russia but not the systems that control them and store all sorts of intellectual property.

In this session, you will learn about an IT pioneer’s job in making directories unreadable and doing, normally 18-month-long, domain splits in 72 hours.

This talk will be held in English.
 

Beyond the AI Black Box: IT Security Requirements in the AI Act – Joerg Heidrich

The European AI Act will become effective in mid-2026 and sets out many requirements for every company using ChatGPT and the like. The focus is on operating so-called high-risk AI systems. When such services are used, for example in HR, legislation demands strict IT security regulations.

In this practical presentation, Joerg Heidrich, legal adviser of the German publishing house Heise and a lawyer, shows how these requirements must be implemented and until when. In particular, he will explain the classification into different risk levels in the AI Act, what is classified as high-risk AI systems, what legal requirements it entails for IT security and what happens in case of a violation.

This talk will be held in German.
 

The Emissary's Mistake: Seeing the Pebble, Missing the Path – Jared Atkinson

Iain McGilchrist's The Master and His Emissary illustrates the tension between two ways of seeing: the right hemisphere attends broadly to context and anomalies, while the left focuses narrowly on rules and routines. Detection engineering suffers from the same imbalance. Broad rules create false negatives; narrow rules overwhelm analysts with false positives. Attack graphs provide a contextual, right-hemisphere perspective, showing how identities and systems connect into exploitable paths. Combined with detailed detection practices, they allow us to balance precision with awareness. This talk explores how integrating both perspectives creates more resilient detection strategies.

This talk will be held in English.