•  - Shmoo Group - Opening Remarks, Rumblings, Ruminations, and Rants
•  - Aeva Black - Open Source Software — Y U No Secure?
•  - Paul Syverson - How to Use Sauteed Onion to Get to the Taste of Website You Want
•  - Nicole Schwartz - Ya Got Trouble (And SLSA May Help)
•  - Libby Liu - Big Tech Whistleblowers: Transparency, Accountability, and the Power of the Press
•  - Tom Howard - Social Engineering from the Detective Perspective
•  - Harley Geiger - Hacker Law for Hackers

•  - Firetalks Opening
•  - Bryson Bort and Tarah Wheeler - AWe’re Going To Hell in a Handbasket (Together)
•  - mubix “Rob” Fuller - Building a Successful Internal Red Team
•  - Amit Serper - A 15-minute Crash Course to Building Your Own IoT Hacking Lab at Home
•  - Brett Thorson - Incident Dress Rehearsal — Creating and Executing Your Own Table Top Exercise
•  - Tabatha DiDomenico and Tarah Wheeler - A Celebration of (End of) Life
•  - Nick Ascoli and Aiden Raney - Catching Some Phisherman [** TALK NOT RECORDED** ]
•  - Jake Williams and Ray [Redacted] - “No! No! I can’t go to bed! Someone is wrong about Infosec!”
•  - Firetalks Closing

•  - Jason Baird - Mr. Radar: Layer 1 Recon
•  - Brandon DeVault - Les Miserable Persistence: Hunting Through Scheduled Tasks
•  - Krassimir Tzvetanov - Media Effects Used in Influence Operations [** TALK NOT RECORDED** ]
•  - Travis Goodspeed - A Mask ROM Tool in Qt6 and C++
•  - Jay Beale - Escalating Attack and Defense on Cloud-based Kubernetes — The Difference Between a Container and a Pod is a Pod can Begin an Adventure!
•  - Kurt Opsahl - The UN Cybercrime Treaty: The One Treaty to Rule All the Hacking Laws
•  - Tracy Mosley - Dit Dit-Dah-Dit: The Evolution of Cellular Networks
•  - Jacob Torrey - Putting on a Big Show: Defending by Attacking Attacker Incentives
•  - Brian Butterly - An Insight into Railway Security
•  - Adnan Khan, Mason Davis, and Matt Jackoski - Phantom of the Pipeline — Abusing Self-Hosted CI/CD Runners
•  - Kaitlyn DeValk - Riverside: A Network Security Visualization Tool
•  - Christopher Forte - The Song Must NOT Go On
•  - Falcon Darkstar Momot - The Un-parsing Manifesto: Reconnecting our Corpus Callosum
•  - Christian Paquin - US Covid19 Immunization Credentials + Privacy-friendly QR Codes for Identity
•  - Carson Zimmerman - How to Save Your SOC from Stagnation
•  - nobletrout - How I Scanned the Internet for NSA Compromised Firewalls [** TALK NOT RECORDED** ]
•  - Mao Sui - Catching Chinese Actors — A Game of Cat and Mouse [** TALK NOT RECORDED** ]
•  - Andrew Logan - The OSINT Game that Reveals Hidden Helicopters of DC
•  - Christopher Hewitt - Bringing the Curtain Down on Flash Protection in Obscure Microcontrollers through Fault Injection
•  - Michael Rudden - Parkalot — Using Parking Apps Like Traditional Meters Using License Plate Validation Loopholes
•  - Jesika McEvoy - You and Me (But Mostly Me)
•  - Dylan Hoffmann - No, Really, The Gerasimov Doctrine Doesn’t Exist [** TALK NOT RECORDED** ]
•  - Xeno Kovah - OpenSecurityTraining2: Free Deep-Technical Training
•  - Space Rogue (C. Thomas) - The Perfect Resume For Entry-Level Infosec
•  - Amanda Draeger - Textiles and Technology
•  - Jonathan Fischer - From the Keyboards, Through the Walls, Got Implant Shells for Y’all
•  - Gabriel Landau and Mark Mager - Hide Your Valuables — Mitigating Physical Credential Dumping Attacks
•  - Madison Oliver and Jonathan Leitschuh - Congratulations! You Found a Security Vulnerability in an Open Source Project! Now What?
•  - The Shmoo Group - 0wn the Con
•  - Joe Oney - I Spy a Spy: Degrading Advanced Phishing Campaigns Against Your Organization and Clients
•  - Omer Tsarfati - Inglourious Drivers — The Revenge of the Peripheral Devices

•  - Jan Nunez and Jay Smith - Mainframe Hacking for CICS and Giggles
•  - Scott Young - REveal: Unmasking Malware’s True Identity
•  - Patricia Bailey - Telegram, Translations, and Twitter: How a Covert Russian Disinformation Effort Is Bypassing Censorship and Targeting Global Audiences
•  - evm, Joshua Bailey, Robert Barr, Amanda Lee, and Jonah Schimpf - It Must Be Nice to Have Washington on Your Side: Unlinking Binaries on the DARPA Assured Micropatching Program
•  - Gal Zror - Hacking ISPs with PPPoE
•  - Kelly Ohlert - Under Pressure: Balancing Privacy Breach Notification with Incident Response
•  - Kasimir Schulz - Escaping the Tar Pit and Securing the Supply Chain
•  - Paul Asadoorian - The UEFI Threat — Or How I Can “Permanently” Brick Your Computer
•  - Jonathan Fuller - Large-Scale Infiltration and Monitoring of C&C Servers
•  - Mark Manning, Tina Velez, SPAM, and Bruce Potter (moderator) - Closing Plenary: OK, So What IS Working?
•  - The Shmoo Group - Closing Remarks

plus-circle Add Review

comment

Reviews