⚡ Fresh Talk Alert for BSides Luxembourg 2026!

“𝗦𝗘𝗖𝗨𝗥𝗜𝗧𝗬 𝗙𝗢𝗥 𝗔𝗜: 𝗔𝗜𝗗𝗥 𝗕𝗔𝗦𝗧𝗜𝗢𝗡 𝗔𝗦 𝗢𝗣𝗘𝗡 𝗦𝗢𝗨𝗥𝗖𝗘 𝗟𝗟𝗠 𝗙𝗜𝗥𝗘𝗪𝗔𝗟𝗟 / 𝗔𝗜 𝗣𝗥𝗢𝗠𝗣𝗧𝗦 𝗥𝗘𝗩𝗘𝗥𝗦𝗘 𝗣𝗥𝗢𝗫𝗬” – Andrii Bezverkhyi

As AI adoption accelerates, so do the risks — from prompt injections to malicious AI agents and adversarial abuse. This AI Security Village session explores AIDR Bastion, an open-source GenAI protection system designed to secure AI workloads through layered detection and prompt filtering.

The talk covers how AIDR Bastion acts as an LLM firewall and reverse proxy for AI prompts, using Sigma and Roota rules to detect malicious behavior, harmful content, prompt injection attacks, and AI-assisted malware generation. Attendees will also see how the system integrates with MITRE ATLAS, OWASP LLM Top 10 guidance, and existing detection engineering workflows.

Andrii Bezverkhyi is the founder of SOC Prime and a long-time contributor to the threat detection and cybersecurity community, known for projects such as Uncoder and DetectFlow.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #LLMSecurity #PromptInjection #OWASP #CyberSecurity #DetectionEngineering #OpenSource

⚡ Fresh Village Alert for BSides Luxembourg 2026!

𝗔𝗜 𝗦𝗘𝗖𝗨𝗥𝗜𝗧𝗬 𝗩𝗜𝗟𝗟𝗔𝗚𝗘 – 𝗢𝗣𝗘𝗡 𝗩𝗜𝗟𝗟𝗔𝗚𝗘 / 𝗤&𝗔
🧠 Interactive AI Security Playground • Live Demos • Hands-on Attacks • Real-Time Defense

Step into a live, open-floor AI Security Village dedicated to exploring the real-world security risks of Agentic AI, MCP architectures, LLM workflows, and autonomous systems. Unlike a traditional workshop or talk, this village is designed as a continuously running interactive environment where attendees can freely drop in, attack systems, observe defenses, and shape the direction of the sessions in real time.

Across two days, participants will interact with intentionally vulnerable AI systems, RAG pipelines, MCP servers, and autonomous agents while exploring attack paths such as prompt injection, goal hijacking, instruction manipulation, tool abuse, and trust boundary failures — all aligned with the OWASP LLM Top 10 and AI Security Exchange guidance.

The village includes:
🔹 Live exploitation of LLM and Agentic AI systems
🔹 Interactive walkthroughs from organizers
🔹 Real-time defensive patching and mitigation demos
🔹 Hands-on labs with Dreadnode Crucible, Lakera Gandalf, and Agent Breaker
🔹 Beginner-to-advanced learning paths running in parallel
🔹 Community-driven Q&A and collaborative defense discussions

Parth Shukla is a Senior Security Researcher specializing in AI Security and Adversarial Machine Learning, focusing on the security architecture of Agentic Systems and LLMs. Joining him is Nagarjun Rallapalli, who focuses on automating security and building — and breaking — AI agents to test their limits.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #LLMSecurity #AgenticAI #OWASP #RedTeam #CyberSecurity #PromptInjection #MCP #AIVillage

⚡ Fresh Lightning Talk Alert for BSides Luxembourg 2026!

“𝗥𝗔𝗡𝗦𝗢𝗠-𝗜𝗦𝗔𝗖 𝗟𝗢𝗖𝗞 𝗦𝗧𝗔𝗥 𝗜𝗡𝗜𝗧𝗜𝗔𝗧𝗜𝗩𝗘” – 𝗘𝗟𝗟𝗜𝗦 𝗦𝗧𝗔𝗡𝗡𝗔𝗥𝗗

What if ransomware defenders shared knowledge as effectively as attackers share tactics?

In this fast-paced Main Stage session, Ellis Stannard introduces L.O.C.K. S.T.A.R. — Level of Critical Knowledge in Specialized Techniques on Advancements and Research — a community-driven recognition framework built by Ransom-ISAC to strengthen collaboration across the ransomware defense ecosystem.

From DFIR and reverse engineering to HUMINT, cryptocurrency tracing, AI, and quantum research, the initiative aims to surface and reward the practitioners doing the hard work behind the scenes. Think of it as a “Michelin star” system for ransomware expertise — designed to turn isolated intelligence into actionable community knowledge.

This session explores how structured knowledge sharing, recognition, and collaborative intelligence can help defenders reduce dwell time, accelerate response, and make life harder for ransomware operators.

Ellis Stannard is a security researcher and core member of the Ransom-ISAC initiative, contributing to collaborative threat intelligence efforts focused on ransomware and APT campaigns.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #Ransomware #ThreatIntelligence #DFIR #CyberSecurity #RansomISAC #ThreatResearch #BlueTeam #APT #InfoSec

⚡ Fresh Workshop Alert for BSides Luxembourg 2026!

“Threat Modeling in DevOps and Cloud using Card Games” – Christoph Niehof

How do you make threat modeling accessible, practical, and actually engaging for developers? This hands-on workshop explores lightweight threat modeling approaches tailored for modern DevOps and cloud-native environments — with a unique twist: gamification.

Participants will learn the fundamentals of threat modeling using STRIDE, discover how card-game based approaches can lower the barrier to security adoption, and get hands-on experience with OWASP Cumulus in a cloud-native scenario. The workshop also covers how to integrate threat modeling into real DevOps workflows and extend it into broader risk and process discussions.

Christoph Niehof is a Senior Consultant at TNG Technology Consulting and the project lead of the OWASP Cumulus threat modeling card game. As a full-stack developer working across the entire DevOps lifecycle, he focuses on building secure software and making security practices approachable for development teams.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #ThreatModeling #DevOps #CloudSecurity #OWASP #CyberSecurity #Workshops

⚡ Fresh Talk Alert for BSides Luxembourg 2026!

𝗕𝗨𝗜𝗟𝗗𝗜𝗡𝗚 𝗧𝗛𝗘 𝗨𝗟𝗧𝗜𝗠𝗔𝗧𝗘 𝗔𝗜 𝗙𝗜𝗥𝗘𝗪𝗔𝗟𝗟: 𝗜𝗡𝗦𝗜𝗗𝗘 𝗦𝗢𝗩𝗘𝗥𝗘𝗜𝗚𝗡𝗦𝗛𝗜𝗘𝗟𝗗, 𝗜𝗡𝗧𝗘𝗡𝗧𝗦𝗛𝗜𝗘𝗟𝗗, 𝗔𝗡𝗗 𝗟𝗢𝗚𝗜𝗖𝗦𝗛𝗜𝗘𝗟𝗗 – Mattijs Moens

As AI agents evolve into autonomous systems capable of executing code and interacting with APIs, traditional security controls are struggling to keep up. This AI Security Village session dives into the architecture behind the SovereignShield ecosystem — a multi-layered framework built to secure modern AI applications against prompt injection, malicious actions, and data exfiltration.

The talk explores how LogicShield enforces semantic boundaries to stop jailbreaks and prompt attacks, how IntentShield audits outbound AI actions before execution, and how the unified SovereignShield Firewall combines both layers into a deterministic defense model for production AI systems.

Mattijs Moens is an AI security researcher and founder of SovereignShield, focused on building semantic firewalls for AI systems. He also contributes to the OWASP AI Security and Privacy Guide (AISVS).

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #LLMSecurity #PromptInjection #OWASP #CyberSecurity #AIAgents

⚡ Fresh Talk Alert for BSides Luxembourg 2026!

𝗪𝗘𝗔𝗣𝗢𝗡𝗜𝗭𝗜𝗡𝗚 𝗣𝗗𝗙 𝗙𝗜𝗟𝗘𝗦: 𝗔𝗗𝗩𝗔𝗡𝗖𝗘𝗗 𝗘𝗫𝗣𝗟𝗢𝗜𝗧𝗔𝗧𝗜𝗢𝗡 𝗧𝗘𝗖𝗛𝗡𝗜𝗤𝗨𝗘𝗦 𝗙𝗢𝗥 𝗥𝗘𝗗 𝗧𝗘𝗔𝗠𝗦 – 𝗙𝗜𝗟𝗜𝗣𝗜 𝗣𝗜𝗥𝗘𝗦

PDFs are everywhere — and attackers know it. This hands-on session explores how malicious actors weaponize PDF files using embedded JavaScript, memory manipulation, and Adobe Reader exploitation techniques to execute malware and exfiltrate data.

Attendees will dive into real-world attack techniques including heap sprays, shellcode injection, buffer overflows, covert data extraction, and malicious payload embedding inside PDFs. The talk also includes live demos, analysis of malicious samples, and practical guidance for safely testing and identifying Indicators of Compromise (IoCs).

Filipi Pires is Head of Technical Advocacy at SCYTHE, Founder of Cross Intelligence, BSides Porto Organizer, and Red Team Village Director at DEF CON. He is an international speaker and educator specializing in red teaming, malware analysis, and application security.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #RedTeam #PDFExploitation #Malware #AppSec #CyberSecurity #OffensiveSecurity

🚀 Looking to grow your cyber security team? BSides Luxembourg 2026 is the place to meet your next hire.

As part of our #GetHired initiative, we’re encouraging attendees to use:
📸 “No Photos” stickers for privacy preferences
💼 “Open To Work” stickers for candidates actively looking for opportunities

We’ll have skilled professionals, researchers, engineers, students, and fresh talent from programs including Luxembourg’s cybersecurity Master’s community — all in one place.

If you’re hiring, networking, or looking for future interns and collaborators, keep an eye out for the stickers and start the conversation. The next great addition to your team might be standing right next to you at BSides Luxembourg.

🎯 Hire here. Connect here. Build the future of cyber security here.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #GetHired #CyberSecurityJobs #Hiring #OpenToWork #Luxembourg #InfoSec

⚡ BSides Luxembourg 2026 Announcement!

𝗟𝗢𝗖𝗞𝗣𝗜𝗖𝗞𝗜𝗡𝗚 𝗩𝗜𝗟𝗟𝗔𝗚𝗘

Learn or practice lockpicking in this hands-on village running over 2 days in the Atrium. Guided by experienced volunteers, participants will have access to a wide range of tools and lock setups to practice physical security skills in a safe and controlled environment.

A practical space to understand how physical locks work, how they fail, and why physical security still matters in cybersecurity.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #Lockpicking #PhysicalSecurity

⚡ Fresh Workshop Alert for BSides Luxembourg 2026!

𝗞𝗨𝗡𝗔𝗜 𝗪𝗢𝗥𝗞𝗦𝗛𝗢𝗣: 𝗛𝗔𝗡𝗗𝗦-𝗢𝗡 𝗟𝗜𝗡𝗨𝗫 𝗧𝗛𝗥𝗘𝗔𝗧 𝗗𝗘𝗧𝗘𝗖𝗧𝗜𝗢𝗡 – Quentin Jerome

Ready to get your hands dirty with real-world Linux threat detection? This 4-hour hands-on workshop dives deep into Kunai, an open-source security monitoring tool built to bring powerful detection capabilities to Linux environments.

Starting from the basics, you’ll deploy and configure Kunai, explore its architecture, and learn how to monitor and interpret system activity. Then, level up with advanced techniques—writing custom detection rules, integrating Indicators of Compromise (IoCs), and connecting with MISP for enriched threat intelligence.

Through practical exercises and real-world scenarios, you’ll gain the skills needed to detect, investigate, and respond to threats across Linux systems—whether in production or research environments.

Quentin Jerome is a Rust developer at CIRCL, focused on building open-source security tools for threat detection and incident response, with a passion for solving real-world security challenges.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #Workshop #LinuxSecurity #ThreatDetection #DFIR #OpenSource

⚡ Fresh Talk Alert for BSides Luxembourg 2026!

𝗬𝗢𝗨𝗥 𝗖𝗧𝗜 𝗥𝗘𝗣𝗢𝗥𝗧𝗦 𝗔𝗥𝗘 𝗨𝗦𝗘𝗟𝗘𝗦𝗦 𝗪𝗜𝗧𝗛𝗢𝗨𝗧 𝗦𝗧𝗥𝗨𝗖𝗧𝗨𝗥𝗘: 𝗙𝗥𝗢𝗠 𝗨𝗡𝗦𝗧𝗥𝗨𝗖𝗧𝗨𝗥𝗘𝗗 𝗧𝗛𝗥𝗘𝗔𝗧 𝗜𝗡𝗧𝗘𝗟 𝗧𝗢 𝗦𝗧𝗜𝗫 𝗞𝗡𝗢𝗪𝗟𝗘𝗗𝗚𝗘 𝗚𝗥𝗔𝗣𝗛𝗦 𝗪𝗜𝗧𝗛 𝗟𝗟𝗠𝗦 𝗔𝗡𝗗 𝗠𝗖𝗣 𝗦𝗘𝗥𝗩𝗘𝗥 – Antonio Formato

Turn unstructured threat intelligence into actionable, machine-readable defense logic in this deep dive from the Actionable CTI & Detection Engineering Village. Every week, critical threat reports are published in PDFs and blog posts — rich in insight but unusable for SIEMs, SOARs, or AI agents. This talk shows how to bridge that gap using a hybrid architecture that combines deterministic extraction and LLM-based semantic inference to generate STIX 2.1 knowledge graphs.

You’ll explore how threat reports can be transformed into structured intelligence objects, mapped to MITRE ATT&CK, and visualized as interactive knowledge graphs. The session also introduces TI Mindmap HUB, an independent research platform that converts real-world reports into multi-layered CTI views including ATT&CK heatmaps, Diamond Model structures, and CVE prioritization.

A key focus is the Model Context Protocol (MCP), which exposes structured CTI as tool calls for AI agents—making intelligence directly usable in automated workflows, SOC tooling, and AI copilots. The talk concludes with emerging research into LLM-inferred threat intelligence knowledge graphs and cross-report correlation at scale.

Antonio Formato is a Senior Cybersecurity Solution Engineer at Microsoft and an independent researcher focused on Generative AI for Cyber Threat Intelligence. He is the creator of TI Mindmap HUB and co-author of academic research on automated STIX 2.1 generation currently under peer review.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #CTI #ThreatIntelligence #STIX #MITREATTACK #AISecurity #DetectionEngineering