Schedule

Managing hardware and software risks in the post-quantum computing era primarily involves proactively assessing current cryptographic systems, identifying vulnerabilities to quantum attacks, and implementing "post-quantum cryptography" (PQC) algorithms to update software and hardware, ensuring data remains secure even when quantum computers become powerful enough to crack current encryption methods; this requires a comprehensive strategy including risk assessments, technology upgrades, employee training, and ongoing monitoring of emerging quantum computing developments.

Feeling overwhelmed by alerts? Ever want to "hack back" the Hackers, but don't want to break laws? Well here's a revolutionary new strategy that will get you going! Defend by deceiving, and overwhelm anyone persistent enough to keep looking. Based on nearly a decade of R&D and fieldwork, we are ready to premier a revolutionary new strategy for network defence. This talk will take a few moments to understand the current state of affairs, how it came to be, and turn it all upside down. We will discuss increasing your security posture by overwhelming your adversaries with everything they think they want and more. Join us, while we present a revolutionary new network defence strategy that will leave your adversaries confused, overwhelmed, and unmotivated to come back for more. What had started as a funny joke-turned-side-project, has taken on a whole new meaning when the long-term results were analyzed. Surprising results lead to deeper research and more in-depth analysis on strategies of both the Blue and Read Team perspectives. Exploratory Purple Team research at it's finest! If you're looking for something unique, something that laughs at the idea of existing within a box, then this is it. Presented with the beginners in mind, but an enticing enough of an idea that even long-time veterans will be interested. Sprinkled with just enough memes and shenanigans, this is a presentation sure to keep a wide audience on the edge of their seats with intrigue. "All warfare is based on deception." -Sun Tzu

The presentation examines how different OS architectures, particularly Linux and BSD, shape the techniques used in binary exploitation. It begins by highlighting the foundational systems and standards—System V, POSIX, BSD, UNIX, and Linux—that influence an OS's behavior and security mechanisms like memory management, calling conventions, and stack management. Key topics include the System V application binary interface (ABI), which governs function calls and stack management, and POSIX standards, which ensure cross-platform exploit portability. The presentation explores UNIX philosophy's emphasis on simplicity and modularity, showing how patterns can help us think about vulnerabilities. The section about BSD's influence focuses on advanced memory management techniques that impact exploit strategies. The presentation also covers OS security features (e.g., ASLR, Write XOR Execute (W^X), and stack canaries), and how to bypass them. It delves into exploiting system calls for privilege escalation, using a case study surrounding Shellshock (CVE-2014-6271) and how it relates to recent memory corruption issues. A comparison of SysV and BSD mechanics shows differences in calling conventions, stack management, and system calls—all of which affect exploit development. In conclusion, the presentation displays why an OS's architecture can make or break successful binary exploitation, even if techniques themselves are theoretically viable.

The cyber battlefield is undergoing a profound transformation. As nation-states and advanced threat actors adopt generative AI and other sophisticated technologies, traditional human-led operations will give way to autonomous, machine-driven tactics. This talk will explore this near-horizon evolution of machine-on-machine conflict, where AI systems simulate and plan attacks through swarm intelligence and wargaming frameworks, and how they may actively engage in dynamic offensive and defensive cyber operations against one another. This talk will provide a cutting-edge overview of this paradigm shift, exploring the multifaceted dimensions of machine-on-machine warfare. One of the most significant advancements lies in how sophisticated agent paradigms and their underlying models can simulate cyber war games and attack pathway planning. This allows for a rapid iterative process of planning and refinement, where potential attack vectors are explored and optimized without needing any real-world deployment. The ability for agents to simulate complex, multi-stage cyberattacks, disinformation operations and espionage campaigns can radically enhance downstream operationalization. Furthermore, the audience will explore how agents can employ adversarial AI techniques against other agents. This involves a sophisticated form of cyber warfare where one AI system is specifically designed to attack the alignment and/or decision boundaries of another AI system. The objective is to degrade, deceive, or disable an opposing AI, creating vulnerabilities or misjudgments that can be exploited for strategic advantage. This introduces a new layer of complexity to cyber defense, as protective AI systems must not only guard against human-initiated attacks but also against the deliberate and intelligent subversion attempts of hostile AI. Beyond direct conflict, machine-driven espionage and surveillance at scale represent another critical frontier. The use of autonomous AI agents for large-scale OSINT harvesting and passive surveillance is already becoming prevalent. These systems can autonomously scour the internet for information, identify patterns, and construct detailed profiles of targets or adversaries without human intervention. Crucially, these systems may also deploy defensive disinformation to counter their adversarial agentic counterparts, creating a fog of war in the informational domain. This includes the generation of synthetic data, misleading narratives, or even fabricating digital footprints to misdirect or confuse enemy intelligence gathering agents. Finally, the audience will be introduced to the weaponized fine-tuning of open-source models. This involves taking publicly available AI models and enhancing them through specialized training data to improve both strategic planning capabilities and domain-specific, tactical execution. By fine-tuning these models nation-states and sophisticated actors can rapidly develop highly potent and specialized AI capabilities which align with their goals. Open source models democratizes access to advanced AI tools while simultaneously raising the stakes, as the very foundations of AI are repurposed for offensive or defensive cyber operations. The convergence of these capabilities paints a clear picture: the future of cyber warfare, espionage, and simulation will be dominated by machines, fighting against and learning from one another in an ever-accelerating digital arms race.

Breaking into cybersecurity can feel overwhelming. Threats and technologies are constantly evolving, so it's easy to feel like you're always behind. However, we don't have to navigate this journey alone. This talk explores how AI can be a powerful, accessible tool for learning cybersecurity, helping newcomers get hands-on experience and enabling others to accelerate their growth and stay current in a fast-moving industry. Drawing from our diverse backgrounds, we'll share how AI supported our growth and how it can help others do the same. Whether you're new to the field, expanding your skillset, or mentoring others, this talk will give you actionable ways to integrate AI into your cybersecurity journey.

As a former member of the Canadian Forces, I learned how to define security by conducting aggressive security testing. Transitioning these skills to cybersecurity testing of the corporate world has identified consistent mistakes - on the part of the target networks, and by the red team itself. Using real world "war stories", the talk will review the set-up and operation of red team tests against Canadian-specific targets. What works in setting up a successful team? How do you manage test up-front with the target organization? Most importantly, what are the mistakes we have seen over and over in the past? (And it's not just a lack of patching!). And when it comes to the testers, are they making mistakes that contribute to poor or ineffective testing? The goal of the talk is to understand how to effectively test a network's security and make the most of this type of testing. There has been a reluctance to do red team testing in Canadian networks, but now it's time to move beyond "scans and pokes", and treat a network the way the hackers do!