The second edition of the conference gathered over a hundred computer security experts at SRCE.
The conference program began with introductory remarks by the director of SRCE, Ivan Marić, who emphasized SRCE's focus on incorporating the highest standards of computer security into the infrastructures it builds and maintains, as well as the systems and digital services it develops and makes available to the academic and scientific community. He also highlighted SRCE's commitment to bringing communities together and emphasized the organization of the BSides Zagreb conference as confirmation of that approach, wishing all attendees successful networking with exchanges of experiences and knowledge in their daily work in the field of computer security.
The one-day conference program included eight presentations, starting with a very interesting perspective on artificial intelligence from the standpoint of computer security, presented by Mackenzie Jackson from GitGuardian in a lecture titled "The AI survival guide: Practical advice for stressed-out security workers".
Bojan Ždrnja from Infigo, in his lecture "QUIC and Furious", introduced the QUIC protocol, explained its usage, and demonstrated with interesting examples how this protocol can be used for both good purposes and abuse, and what measures need to be taken for timely detection or even prevention of such abuses.
The third presentation, "Malware and Cryptography," was delivered by Zhassulan Zhussupov from MSSP LAB, focusing on research in the field of bypassing AV solutions and the role of cryptography in malware development. He presented the application of classical cryptographic algorithms for encrypting useful data and C2 communication, demonstrating practical implementation and simulation of APT attacks.
Vlatko Košturnjak from Diverto gave a lecture on "Linux improvements in memory corruption based protections", presenting recent Linux enhancements aimed at protecting against potential memory corruption at both the hardware and software levels.
In the presentation "SIEM vs EDR: the fight for a holistic and combined approach," Michel de Crevoisier presented various EDR evasion techniques performed by attackers, emphasizing the necessity of a holistic and combined approach together with SIEM solutions to anticipate increasingly sophisticated and cunning attacks.
Alexander Peslyak from Openwall, better known as Solar Designer, presented the results of his research for the Linux Kernel Runtime Guard (LKRG) project in a lecture titled "Linux kernel remote logging: approaches, challenges, implementation". LKRG is a Linux kernel module that performs kernel integrity checking and detects exploitation of kernel security vulnerabilities.
In the lecture "Showing Off Their SCILz: Sandworm Disrupts Power in Ukraine Using Novel Attack Against OT", Daniel Kapellmann Zafra from Google Mandiant presented details of an operation during which the Russian Sandworm targeted a Ukrainian critical infrastructure organization with a layered, destructive attack using a new technique to impact operational technology (OT) environments and provided insight into potential consequences of future cyber-physical attacks based on analysis of this and other OT events over the past few years.
The conference program concluded with a presentation by Davor Frkata from Bosch Engineering on the topic "Automotive Security Challenges: Supplier's View," offering a perspective on security threats from the viewpoint of suppliers and demonstrating how the automotive industry accelerates vulnerability and incident management, hampers emerging threats, and pushes new security features and solutions, as well as the challenges suppliers face in raising awareness among manufacturers in the automotive industry about the need for holistic vehicle system security.
BSides Zagreb is a non-profit event intended for the community of information security professionals and enthusiasts, organized with the aim of mutual acquaintance, exchange of ideas, and collaboration. Participants in this conference, whether information security professionals or hackers, gather to exchange ideas and knowledge and discuss current topics, trends, and issues in the broad field of information security. BSides Zagreb is held for the second consecutive year under the organization of the University Computing Centre of the University of Zagreb.
