[*] 2024

BSides Vilnius 2024 Archive

This page serves as an archive for 2024 event agenda and everything else.

Check the photo album here: 2024 PHOTOS

Video recap: 2024 RECAP MOVIE


The BSides Vilnius 2024 agenda consists of one track of talks, running from morning until afternoon, and two hands-on interactive workshops. After the day programme, you are welcome to join for drinks in Lukiškės Prison 2.0 (from 5PM). All infosec community is welcome to join the afterparty venue, not only BSides Vilnius 2024 ticket holders.

Check this virtual guide for the venue map. The DC Atrium is the venue's central hub, hosting registration, breaks, and lunch, as well as offering additional activities and networking opportunities. A coffee shop will also be located within the main hall.

All talks and workshops will be held in English language.

NOTE: the agenda is subject to change. For the most up-to-date information, check this page before the event. More details about the speakers and talks will be revealed once the event approaches.

Atrium and Pangea Room (DC Valley Building)

09:00 - 10:00 Registration. Have your ID ready.

Also coffee served here.

10:00 - 10:05 Intro speech by BSides Vilnius hosts

Short welcome and code of conduct.

10:05 - 10:35 KEYNOTE: Europol's Role in Fighting Cyber Criminality by Donatas Mažeika

Europol Cybercrime Centre was established 11 years ago. During these years many operations were organised, supported and coordinated, many criminal networks were taken down. But how?

Donatas Mažeika joined the National Criminal Police of Lithuania in 1997. Since 2004, he has been involved in cybercrime investigations as an investigator, digital forensic examiner (holding an MSc in Digital Forensics), and Head of Cybercrime Investigations at the National Criminal Police of Lithuania as of early 2013. In January 2019, he joined Europol's Cybercrime Centre as the Team Leader of Forensics, where they are pushing the limits of law enforcement capabilities in accessing data relevant for cybercrime investigations.

10:40 - 11:10 Scam as a Service Powered by Telegram by Aurimas Rudinskis

In 2022, an insider from one of the scammers' groups switched sides and shared details about the ongoing attacks. This kicked off a multi-year analysis of the underground economy that provides a range of illicit Telegram-based services to facilitate shady activities, offering everything from data breaches and identity theft to financial fraud. The talk will explore how fraudsters leverage platforms' features to launch "Scam as a Service" operations.

Aurimas Rudinskis serves as the Engineering Manager of the Cyber Defence team at Vinted. With a passion for tackling intricate challenges and leading a team of skilled technical professionals, he's dedicated to making a positive impact in the cybersecurity sphere. Aurimas firmly believes in the strength of community in cybersecurity, emphasizing the importance of collaboration and continuous learning.


11:10 - 11:30 Coffee Break

Help yourself with coffee, tea, soft drinks or water that will be available outside the Pangea room.


11:30 - 12:00 Securing CI/CD Runners Through eBPF Agent by Cenk Kalpakoglu

CI/CD pipelines are complex environments. This complexity requires methodical comprehensive reviews to secure the entire stack. Often a company may lack the time, specialist security knowledge, and people needed to secure their CI/CD pipelines. Realising these facts, cyberattacks targeting CI/CD pipelines have been gaining momentum, and attackers increasingly understand that build pipelines are highly-privileged targets with a substantial attack surface. In this presentation, I will share some of our observations through showing different flavours of attack on possible development pipelines, and introduce a tool to detect them.

Cenk is the Co-founder & CEO of Kondukto Inc. An experienced system developer and a notorious breaker of presumably secure things, Cenk is a longtime Linux aficionado. He enjoys speaking about appsec automation, fuzzing, Linux Kernel, and eBPF.

12:05 - 12:50 The Great Source Code Swindle - Hijacking Software Components En-Mass by Elliot Ward

In this talk, we present a recent research project from the Snyk Security Labs team on the topic of RepoJacking. RepoJacking is a technique that is not widely understood, which affects multiple Source Code Management providers and has serious consequences for modern application supply chains. Attendees will first learn the core concepts of the technique and its implications for Git repositories, before we dive into the wider implications for supply chain security, where we identified how abusing this technique can compromise the Terraform and Composer ecosystems and hijack software components used by millions.

Elliot Ward is currently a senior security researcher in Snyk’s security labs team. He has a background in application security and, prior to working at Snyk, has held security engineer and penetration testing roles. He currently resides in Zurich, Switzerland, and enjoys snowboarding and skateboarding in his spare time.


12:50 - 13:50 Lunch Break

Help yourself with sandwiches, snacks and drinks that will be available outside the Pangea room.


13:50 - 14:35 The Physical Security Blind Spot by Brian Harris

Talk about how physical security is often overlooked in the security landscape and how this vitally ignored topic leaves most companies and organizations completely vulnerable to catastrophic attack.

Brian is a seasoned security professional with more than 15 years of extensive experience in both cyber and physical penetration testing across the globe. His career spans across black team engagements, where he has excelled both as a key team member and as a leader in hundreds of operations. His portfolio of covert entry and black team engagements includes Fortune 500 companies, government entities, and critical infrastructure.

14:40 - 15:10 What You See is Not What You Sign: Condition Based Manipulations of Digitally Signed Documents by Giedrius Bagaliūnas and Šarūnas Kupstas

Digital signatures are easy. Digital documents are hard. We believe that digitally signed documents are immutable - and they are, well in most of the cases. However, what if the document contains content that can be displayed or hidden based on conditions? This presentation exploits vulnerabilities in document digital signing portals that allow signing of ambiguous documents, which content varies based on conditions. In addition, the presentation shows ways to protect against similar attacks.

Security Consultant at Advisense, Giedrius is relatively new to the security scene but has been a tech enthusiast his whole life. His journey in IT paved the way to everything security—from website penetration testing to social engineering. Šarūnas is a security enthusiast with a passion for penetration testing, currently leveraging his skills as a security consultant at Advisense. Alongside his professional endeavors, he’s actively engaged in bug bounty platforms, constantly honing his abilities in identifying and addressing vulnerabilities.

15:15 - 16:00 Fighting Unethical Sabotage Through Ethical Hacktivism by GhostExodus

Generally, most hacktivists are unable to differentiate between the target goal of a hacktivism operation and the innocent companies and individuals caught in the middle. They, in every sense, victimize the public unknowingly, being blinded by their cult-of-personality, and mob mentality. Today's hackers operate without a thought for the consequences of their actions. This is why my team guides groups with principles and discipline, with the aim of imparting this culture to others. Hackers will never cease to exist. But a culture of accountability impresses others to follow this path. This is how we fight cybercrime. By turning hacktivists into humanitarians, however controversial that may be.

Greetings, my name is GhostExodus. I'm a former black hat computer hacker and insider threat. I founded the hacktivist group known as the Electronik Tribulation Army, and I direct an OpChildSafety initiative called W1nterSt0rm. In 2009, I was arrested for installing malicious code on healthcare systems. Upon conviction, I became the first person in recent US history ever to be convicted for corrupting industrial control systems, and ultimately served nearly 11 years in federal prison. I became a two-time fugitive by attempted to flee the country. I broke into a US Customs-controlled shipyard and blackmailed the captain of a cargo ship into taking me to Nigeria after discovering that they were disabling their AIS tracking beacon while in international waters. Present day, I work as a freelance contributor at Cybernews, and as a humanitarian activist for the Coalition for Civil Freedoms. Regardless of my dark history, I am a cybersecurity researcher at heart, and I use my experiences as a former threat actor to bring awareness to security risks.

16:00 - 16:05 Closing speech by BSides Vilnius hosts

A bittersweet goodbye...

103 Flatlands Room (DC Meadow Building)

11:30 - 13:00 Workshop #1: "How to (Friendly) Hack Your Neighbor's WiFi"

Details:

Have you ever found yourself in a situation, desperately needing internet and the only option available is your neighbor's Wi-Fi? Ever considered how your life might take a turn if you possessed the magical ability to crack a password or two, satisfying your daily craving for internet without relying on your neighbor's generosity? Picture the feeling of freedom from borrowing connections, and the newfound independence it brings. Since you've been borrowing your neighbor's internet, why not repay the favor with a data swap? Share some bytes and see what memes or cat videos they bring to the table! Rest assured, this workshop will equip you to break free from relying on your neighbor's kindness. Just remember, with great power comes great responsibility... and maybe a bit of legal trouble.

There are multiple ways to hack wireless Wi-Fi (802.11) access points (AP's). Initially we will start with aircrack-ng and move with other tools to analyze and probe security of the wireless access points protected with WEP, WPS or WPA2-PSK. For hands-on experience an aircrack-ng compatible wireless adapter will be provided (limited amount).

Prerequisites for attendees: bring your Kali host or VM.

Instructors: Mantas Kazlauskas and Rimantas Milieška (penetration testers at Baltic Amadeus)
Time: starts at 11:30, ends at 13:00
Duration: 1 hour 30 minutes

13:50 - 15:20 Workshop #2: VPN Server and Client Side Security

Details:

The workshop will begin with an overview of VPN server architecture, provisioning and maintenance best practices and will take a closer look at data leakage prevention. In the second part, we will review the potential threats that lurk on the VPN client side, will deep dive into the latest attacks and how to mitigate them.

Participants are encouraged to bring their computers to make the workshop more interactive.

Instructors: Donatas Budvytis and Aleksandr Suchovarov (Surfshark)
Time: starts at 13:50, ends at 15:20
Duration: 1 hour 30 minutes

Afterparty

All infosec community is welcome to our afterparty event at Lukiškės Prison 2.0. The venue will be open from 5PM.

The exact entrance location is 54°41'30.5"N 25°16'00.5"E. Enter the prison from Lukiškių skg. street, go past through the second gates, then look to the right.

Note that the afterparty venue is cashless - only card, contactless and app payments are accepted.

BSides Vilnius 2024 Sponsors

Vinted

Danske Bank


Flo Health


Cujo AI


Advisense Baltics


Surfshark


Nord Security



NRD Cyber Security



Baltic Amadeus