💡 Security isn’t a collective fear - it’s a shared competence ✅

🎯 𝗗𝗜𝗚𝗜𝗧𝗔𝗟 𝗥𝗜𝗦𝗞𝗦, 𝗧𝗛𝗥𝗘𝗔𝗧 𝗠𝗢𝗗𝗘𝗟𝗦, 𝗔𝗡𝗗 𝗘𝗠𝗣𝗔𝗧𝗛𝗬: 𝗧𝗥𝗔𝗜𝗡𝗜𝗡𝗚𝗦 𝗧𝗛𝗔𝗧 𝗘𝗠𝗣𝗢𝗪𝗘𝗥 - Łukasz Król ✨🔥

Digital and cyber risks don’t always fit into standard risk assessment models. They use different language, involve complex causes, and depend on interlinked systems.

In this talk, Łukasz Król shares how to make digital security feel real, relatable and doable, even for non-technical audiences. He’ll show how to compare digital risks to physical, financial, and legal threats using simple analogies, how to break down the myth of omnipresent surveillance, and how to use storytelling to make threat modelling feel less abstract.

With real examples he’ll prove that empathy, clarity, and simple frameworks can turn fear into action.

Łukasz Król https://pretalx.com/bsidesluxembourg-2026/speaker/NLVVCF/ is a digital security trainer at the ICRC Global Cyber Hub in Luxembourg. He has a background in politics, technology, and international relations. He is particularly interested in digital security pedagogies, selecting secure and sustainable digital tools, and effectively supporting at-risk groups and individuals.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://pretalx.com/bsidesluxembourg-2026/schedule/

#BSidesLuxembourg #DigitalSecurity #RiskAssessment #CyberTraining #OSINT #HackerLife #SecurityEducation

Really enjoyed this scoop from the Financial Times, where a team of reporters identified 48 seemingly independent companies working from different physical addresses that appear to be operating together to disguise the origin of Russian oil, particularly from Kremlin-controlled Rosneft. The kicker: The network was discovered because they all share a single private email server.

From the (paywalled) story:

"The FT was able to identify 442 web domains whose public registrations show they all use a single private server for their email, “mx.phoenixtrading.ltd”, showing that they share back-office functions."

"The FT was then able to identify companies by comparing the names in the domain to those of entities that appear in Russian and Indian customs records as involved in carrying Russian oil."

"For example, Foxton FZCO, a Dubai-based entity listed as the buyer of $5.6bn of oil in Russian export filings, matches “foxton-fzco.com”. Similarly, Advan Alliance, an entity listed in Indian filings as having sold $1.5bn of Russian oil into the country, can be linked to “advanalliance.ltd”. "

"Filings linked by the FT to the domain list show oil exports from Russia amounting to more than $90bn."

https://www.ft.com/content/4310f010-2b3c-493e-ba0a-26dc6d156b2e

When a hacker who goes by the names "Waifu" and "Judische" began posting death threats against security researcher Allison Nixon, she had no idea why he targeted her. So she set out to unmask him. The quest led her to uncover the identity of Connor Riley Moucka, a 25-yr-old Canadian who was ringleader of the infamous Snowflake/AT&T hacks as well as Cameron John Wagenius (aka Kiberphant0m
online), an active-duty US Army soldier, who both were arrested. Here's my story, as well as a free link below that.

https://www.technologyreview.com/2026/02/16/1132526/allison-nixon-hackers-security-researcher

https://archive.is/20260216131016/https://www.technologyreview.com/2026/02/16/1132526/allison-nixon-hackers-security-researcher

I guess the message of this video is very clear...

Apashe & Alina Pash - Kyiv

https://youtu.be/uIfqSTBTJXQ?si=6c3oTCi9sMyzBKvy