CYBER CONFLICTS; THE TOOLS AND TECHNIQUES OF TOMORROW

In an age where digital technology and artificial intelligence play an ever-expanding role in shaping our lives, the risks associated with their misuse in cyber- and hybrid warfare, and foreign influence operations and malign information campaigns are becoming increasingly significant. This lecture aims to deepen the understanding of how technology plays a role in these domains in our geopolitically turbulent times.The session will provide insights into the mechanisms by which technology is employed in cognitive warfare to create and amplify hybrid- cyber and malign information. It will explore both the opportunities AI presents for defending democratic values and the ethical challenges it poses. Participants will gain an understanding of how societies can build resilience against cognitive warfare while safeguarding core principles such as freedom of expression and democracy.

Generative AI is changing cybersecurity faster than most organizations are prepared for. What began as a productivity tool for writing, coding, and analysis is quickly becoming something more consequential: a force multiplier for both attackers and defenders. As AI systems improve at programming, reasoning, and autonomous task execution, they are also becoming better at discovering vulnerabilities, mapping attack paths, and accelerating offensive operations. At the same time, these same capabilities can help defenders identify weaknesses earlier, prioritize the risks that matter most, and remediate vulnerabilities at greater speed and scale.This talk explores how AI is reshaping the cyber domain, why the balance between offense and defense may shift rapidly, and what that means for security leaders, practitioners, and organizations.

As modern societies grow increasingly dependent on space-based systems for critical services, ranging from communication and navigation to emergency response and infrastructure coordination, the security and resilience of these systems have become essential components of both national and civil defence. This presentation explores the intersection of space security, cyber resilience, and societal preparedness, highlighting how threats to space assets can have cascading effects on civilian functions on the ground.

Participants will gain an overview of current and emerging risks to space‑dependent services, including cyberattacks, system disruptions, signal interference, and vulnerabilities within the expanding commercial and governmental space ecosystem. The session will also discuss strategic approaches to enhancing resilience, covering topics such as risk management, public–private collaboration, capability development, and integration of space considerations into broader civil defence planning.

Energy production is fundamentally local, yet it has become a prime target and leverage point in geopolitical conflict. As cyber threats intensify - from state actors, organized crime, and broad opportunistic attacks - the energy sector must stay fast and adaptable. At the same time, it must sustain long-term operations across very different IT and OT lifecycles. This talk explains why “collaboration” is not enough. We need coordinated, practical action. We must reduce noise, avoid “cry wolf” effects, and reach every part of an organization - and the sector. Using real incidents and lessons learned from the energy domain, we connect national security policy and national cyber strategies to practical measures for availability, lifecycle-aware technology choices, and value-based protection - clarifying what matters most to keep critical energy services running.

What happens when a computer solves in one minute what the most powerful supercomputer would need 10,000 years to accomplish? Imagine your worst competitor being able to simulate and optimize what takes you months — in seconds. Or worse, that a hacker can easily take over your "secure network/data" that you've spent hundreds of thousands protecting. That sounds like science fiction. It no longer is! IBM Quantum and quantum computers represent an industrial revolution that is changing the rules of the game in cybersecurity, innovation, medical technology, and more. At the same time, quantum computers introduce new challenges in the world of cryptography. In this session we will explain what IBM Quantum can actually do today, what post quantum cryptography means, and how you can position yourself correctly before it's too late. Because it's already starting to become too late.

In today’s threat landscape, even a near perfect security posture can’t guarantee safety since Cyber risk doesn’t stop at organizational borders. Modern businesses are tethered to a complex ecosystem of vendors, service providers, customers, and shared infrastructure, where someone else’s misfortune rapidly can become your own problem.

In this short session, SEB shares how our view of the threat landscape is shaping well informed, risk-based decisions and why engagement, not isolation, is becoming a critical security capability. We explore how security collaboration strengthens both us and our peers, and how purposeful security engagements can foster trust in business relationships while at the same time reduce collective risks.

We also examine the role of information and trust in countering fear, uncertainty, and doubt, and why blaming victims of cyber incidents is not only ineffective, but strategically harmful in a world where resilience depends on cooperation.

In an era defined by accelerating geopolitical tension, Saab faces a rapidly evolving threat landscape where nation state actors, strategic competitors, and supply‑chain adversaries increasingly target defence industry capabilities. These pressures intersect with Saab’s growing use of modern technology and a complex web of technical dependencies, creating both new opportunities and new vulnerabilities.

At the same time, the regulatory environment is expanding at unprecedented speed. Requirements grow more demanding every year, yet many inherited frameworks remain rooted in a confidentiality‑first mindset that no longer reflects modern operational realities. Regulatory shifts introduce further ambiguity as organisations adapt to rules that are still maturing.

AI adds another layer of transformation. Where we stand today is a mix of promise and turbulence: AI systems are powerful but dependent on vast volumes of high‑quality data, and the need to secure that data across systems, partners, and borders has never been greater.

Against this backdrop, Saab is navigating a pivotal moment. The organisation is modernising at high velocity, adapting to new technologies, strengthening resilience across its environment, and aligning security practices to meet both current and future demands. The pace is increasing, and the ability to move fast without compromising security or trust is becoming a defining capability.

We are entering an era where cyber attackers are deploying AI to increase the speed, scale and sophistication of attacks.In this environment, defenders must automate to keep the balance of power, and think about new ways to use AI and intelligence to improve the odds. This talk will focus on the requirements for and opportunities with automated cyber defenses.

Life took an unexpected turn when I left an art career to study computer science, eventually pivoting to cybersecurity and making bug bounty my full-time livelihood. Bug bounties allow anyone to use big corporations as a playground for real-world security learning. I will walk through some of my favorite findings from my years hacking GitLab, demonstrating how curiosity and persistence can allow anyone to join the field of cybersecurity.

What happens when the kernel's own timekeeping mechanisms can be turned against it? Such was the case for CVE-2025-38352 – a vulnerability in the Linux / Android kernel's POSIX CPU timers implementation that was exploited in the wild. In this talk, I'll walk through the vulnerability and dissect Chronomaly, the exploit I built for it.

CTF teams presented on stage and the winners are announced.

On-stage head to head binary exploitation tournament. Are you fast at hacking? Show it off!

A friend and I bought some Baofeng UV5R-Mini walkie talkies, to find that the wireless programming feature was only supported by an ugly phone app. In this lecture, I'll teach you how to sniff BLE traffic on an unrooted Android phone, how to read that traffic to create your own wireless client, and how to compose your own client as a desktop or phone app. We'll have some good laughs about minor bugs and XOR encryption. We'll dive into the hardware, showing what this radio might be capable of after firmware patching, and how to patch the firmware.

On-stage head to head binary exploitation tournament. Are you fast at hacking? Show it off!

The Disruptive Impact of Large Language Models on Capture the Flag Competitions and the Path Toward Fair Play

Capture the Flag (CTF) competitions have long been one of cybersecurity's most effective training grounds, forging practical skills across cryptography, reverse engineering, web exploitation, and binary pwn. But the ground is shifting fast. Large language models can now solve a growing share of challenges with minimal human input, raising urgent questions about fairness, the validity of rankings, and whether participation still delivers the learning that justifies the effort.

This talk presents findings from a mixed-methods study of LLM impact on modern CTFs. Drawing on benchmarks of frontier models against public CTF datasets, case studies across jeopardy, attack–defence, and educational formats, and interviews with organisers, veteran players, and educators, we identify the challenge categories most exposed to automation and the patterns of LLM-assisted participation already visible in competitive play. Against this backdrop, we propose a safeguard framework combining tiered competition divisions, LLM-resistant challenge design, detection heuristics drawn from solve telemetry, and a draft community code of conduct.

Trigon is a deterministic iOS kernel exploit based on CVE-2023-32434. In this talk, we will discuss how one vulnerability can be exploited across fourteen major iOS versions (iOS 3 - 16) and three distinct chipset architectures (armv7, arm64 and arm64e). This will include exploits techniques and strategies, and look into how different devices and versions required entirely different approaches.