"What is happening when somebody writes an exploit?"
by @halvarflake :

"What is happening when somebody writes an exploit?"<br>by @halvarflake  :

In spite of being central to everything that is going on in IT security, the concept of "exploit" is surprisingly poorly formalized and understood only on an intuitive level by security practitioners. This lack of clear definition has all sorts of negative side-effects: From ineffictive teaching to muddled thinking about mitigations.

In this talk, I will make an attempt to more clearly define what it is that attackers do when they write an exploit - and then talk about what this means for mitigations and secure coding.

[C6] "Why hunting indicators of compromise fils at protecting against targeted attacks"
by Candid Wüest

[C6] "Why hunting indicators of compromise fils at protecting against targeted attacks"<br> by Candid Wüest

Indicators of compromise (IOC) were once a useful tool in the fight against APTs; however, irrespective of how fast they are obtained or how many are available they are steadily losing their value. While IOCs may still prove useful in combating common cybercriminal attacks, sophisticated attacks in their current form are another matter completely....

[C8] "SAML: With Great Power Comes Great Pawnage"
by Emanuel Duss & Roland Bischofberger

[C8] "SAML: With Great Power Comes Great Pawnage"<br> by Emanuel Duss & Roland Bischofberger

The Security Assertion Markup Language (SAML) provides a framework for cross-domain single sign-on in the enterprise field ... with a single point of failure; what if you could break it? In this talk we will first discuss the benefits of SAML by presenting two showcases of Swiss institutions that heavily rely on this technology. 

[C10] "Introducing Man In The Contacts attack to trick encrypted messaging apps"
by Jérémy Matos

[C10] "Introducing Man In The Contacts attack to trick encrypted messaging apps"<br> by Jérémy Matos

Mobile messaging applications have recently switched to end-to-end encryption, including the most popular ones like WhatsApp. With debates at the government level to ask for backdoors, those tools are perceived as unbreakable. Yet, most of the implementations use the phone number as the identifier and blindly trust ...

"Le Bug Bounty au service des entreprises"
by @Korben & @Free_man_

"Le Bug Bounty au service des entreprises"<br>by @Korben & @Free_man_

C'est quoi un "Bug Bounty" ? Après une démystification de l'approche cette keynote abordera son histoire, son fonctionnement, les avantages et inconvénients ainsi que les contraintes légales actuelles et risques. Ces points seront illustré par des retours d’expérience de plusieurs entreprises ayant mis en place un programme de Bug Bounty.

[C1] "Corporations, the new victims of targeted ransomware"
by Candid Wüest

[C1] "Corporations, the new victims of targeted ransomware"<br>by Candid Wüest

This presentation will discuss real world examples of ransomware attacks against enterprise customers. We will explain the newest tactics attackers use to infiltrate enterprises and install threats, including the use of psexec and TeamViewer with stolen credentials. We will highlight methods deployed by ransomware targeted towards corporate environments, such as encrypted web files and database entries. Different use cases for ransomware, including cases where it has been used as a diversion or to cover the attacker's tracks, will be assessed in order to better understand the issue.

[C2] "Reverse engineering Swisscom's Centro Grande modems"
by Alain Mowat

[C2] "Reverse engineering Swisscom's Centro Grande modems"<br>by Alain Mowat

While trying to figure out how Swisscom controls all of it's home-based routers through their own website, we stumbled onto a series of vulnerabilities in the Centro Grande router which when combined could lead to remote code execution.
We started by obtaining the router's firmware to investigate how the CWMP protocol was used to manage them, but quickly moved to other aspects of the firmware in order to discover serious flaws...

[C4] "15 years building web application defenses"
by Matthieu Estrade

[C4] "15 years building web application defenses"<br>by Matthieu Estrade

In 2000, port 80 was one of the few ports opened on firewall, HTTP request and response became the best attack vector to compromise an organisation. Web applications were powered by Apache, with mostly some static content, and few dynamic execution. To block this new kind of attacks, Web application firewall have been created to defend web applications, with more or less success.

[C5] Robots are among us, but who takes responsibility?
by Sylvain Métille

[C5] Robots are among us, but who takes responsibility?<br>by Sylvain Métille

Self driving cars or IA assisted machines in hospitals are not the future, they already exists. Robots are not standard machines as they do not simply execute orders but also decide by themselves. They are not human being with their own liability either. Should they be given a specific legal personality or should someone else be responsible? And who should be that person: the custodian, the owner, the manufacturer?