Mastodawn

💙 Can you believe it’s already been a week since #BSidesBoulder25? We had an absolute blast and hope you did too! From experimenting with NFC badges, lock picking, and sticker swaps, to welcoming #MentalHealthHackers and @Cyversity Denver into the fold — we tried a few new things this year and you helped us raise the bar. With 200 tickets sold (up 50 from last year!), this was our biggest #BSidesBoulder yet. Huge thanks to everyone who came out, especially our friends from BSides Colorado Springs and BSides Denver for showing up and showing love. 💙

We're also proud to share that through our partnership with Boulder Food Rescue, we were able to provide ~50 meals to those in need. 🙌

Help us make next year even better by filling out the feedback form before 30 June: https://forms.gle/n1RgEN8G6NU9nSceA. Two folks will be randomly selected for a small thank-you prize. Don’t miss your chance to help shape the future of BSidesBoulder!🎁

A huge shout out again for our most excellent speakers and workshop hosts. You guys rock! Wendy Nather Andrew Brandt Anthony Galiette Ariel R.. Eric Harashevsky Gil Garcia Jibby Saetang
Nathan M. Natalie Somersall Ryan Thompson @yash Thapliyal John Doyle

BSides Boulder 2025 Feedback Survey

Thank you for participating in our annual BSides event this year. In an effort to help us plan next year's event, we've created a short survey to capture your reflections of the event itself. We are incentivizing feedback capture this year by providing some small prizes to a selected number of randomized individuals who complete it. Completing this survey should take approximately 5-10 minutes. We have broken the survey out into three sections to capture overall sentiment with: 1) logistics, communications, and general sentiment; 2) talks, workshop, and happy hour; 3) potential modifications for next year We kindly ask that when providing feedback for speaker talks or workshops we'd like to hear what works and what didn't. When providing critiques, please attempt to make them constructive.

Google Docs

BSides Boulder Jun 13

We're going on lunch break! See you all again for our afternoon talks starting at 1pm.

BSides Boulder Jun 13

Our stream for today's conference is live! https://www.youtube.com/watch?v=HOG7Q7lI0wA

BSides Boulder 2025 - Main Track

YouTube

BSides Boulder Jun 13

Wendy Nather Jun 13

It’s Friday the 13th, and I’m fixing to draw away all your bad luck to myself by doing the keynote at @bsidesboulder. You’re welcome.

BSides Boulder Jun 13

Our keynote is starting soon! Wendy Nather will be presenting her talk "A Tabletop as Big as the World"

BSides Boulder Jun 12

Incoming shorthand...Tomorrow's #BSidesBoulder25 is sold out! Walk-ins may be available, no guarantee of a shirt, official stickers, or sandwiches. TL;DR topical blurbs:

—🆕 Sticker swap table + mini-lock picking village.

—📢 Day of comms. We will use non-LinkedIn social media and QR codes at the event. @bsidesboulder
@infosec.exchange @bsidesboulder @bsidesboulder.bsky.social

—🅿️ Parking. Lot 414 is the primary. Lots 406 and 415 can be used for overflow. Details with a promo code and parking map available on our website.

—🍻Happy Hour. Location: Sanitas Brewing Company. Sponsored by TenEleven Technology. Please RSVP: https://events.1011vc.com/June132025

—🙏 2025 Sponsors. Thank you!! @rule4 Panther, @ARKA Group, LP, and Ten Eleven Ventures.

—🤝 2025 Partners. #MentalHealthHackers, #Cyversity-denver, @wicysorg, @kc7cyber, #BoulderFoodRescue, @DenverSec #OWASPDenver, #NoCoISSA.

BSides Boulder Jun 11

Two days until #BSidesBoulder25 and only 15 tickets remain! Today we highlight, two #BSidesBoulder25 talks: Andrew Brandt's "Smashing Smishing by Quashing Quishing" and Eric Harashevsky's "Firmware Readout Bypass in STM92 (Don't put this in an alarm control panel).

Andrew's talk will examine QR-based phishing attacks, how attackers are exploiting QR codes and SMS to steal credentials and MFA tokens, and how a cross-industry collaboration between mobile vendors, telcos, and the infosec community could finally slam the door on mobile phishing. Think SafeBrowsing, but for QR scans! And we promise that our BSidesBoulder event QR codes will not redirect you to an Andrew-controlled C2 server.

Eric's talk will explore his adventure tinkering with an old STM92's firmware - the talk will explore his findings, reverse engineering the legacy microcontroller, bypassing firmware protections, and what that means for devices still hanging on your wall! Expect a live demo that is sure to excite your future hardware hacking journey.

#BSides #BSidesBoulder #CyberSecurity #Quishing #Smishing #MobileSecurity #PhishingDefense #HardwareHacking #FirmwareSecurity

Check out our full schedule at https://bsidesboulder.org/schedule/

Tickets are available for purchase for our 13 June event here: https://www.eventbrite.com/e/bsides-boulder-2025-registration-1290129274389

BSides Boulder Jun 10

We are just days away from our annual #BSidesBoulder event on 13 June and just about 40 tickets are left. Today, we're highlighting an application of AI talk.

⚔️💥 AI is building websites faster than ever — but who's checking the locks? Unlock your potential with Yash Thapliyal's #BSidesBoulder25 talk "Taking Down Websites as Fast as They're Made: Common Vulnerabilities in AI-Generated Sites" that will provide a live, fast-paced walkthrough of how platforms like Wix, Durable, and Cursor Agent are unintentionally publishing XSS, SQLi, and other vulnerabilities by default. Yash will generate a site live with the audience, then hack it! Learn how to spot the cracks, secure your builds, and stay ahead of the script kiddies. 💥⚔️

#BSides #BSidesBoulder #RedTeam #AI #WebSec #AppSec

Check out our full schedule at https://bsidesboulder.org/schedule/

Tickets are available for purchase for our 13 June event here: https://www.eventbrite.com/e/bsides-boulder-2025-registration-1290129274389

BSides Boulder Jun 9

💥🖥️ Don't miss Nathan Montierth's #BSidesBoulder25 talk "Navigating the Virtualization Battlefield: A Deep Dive into Hypervisor Attack Vectors", which plans to explore how attackers are breaching hypervisors (think ESXi, Active Directory, and more), and what you can do to fight back! 🛡️💥

Organizations globally have embraced virtualization as a way to scale solutions and centralize network management, but if your hypervisor gets popped, it could cost your organization millions. If you run virtualized infrastructure, this one’s mission-critical. #BSides #BSidesBoulder #CyberSecurity #VirtualizationSecurity #HypervisorHacking #CyberDefense

Check out our full schedule at https://bsidesboulder.org/schedule/

Tickets are available for purchase for our 13 June event here: https://www.eventbrite.com/e/bsides-boulder-2025-registration-1290129274389

BSides Boulder Jun 9

🧠💻 Tired of endless hours fighting with obfuscation techniques embedded inside of malware? Check out Anthony Galiette's #BSidesBoulder25 talk "AI-Assisted Reverse Engineering for Enhanced Malware Analysis, Deobfuscation, and Threat Coverage"! Anthony's talk provides a hands on approach to using GenAI to reduce analytic toil while reverse engineering malware, which explores three open-source tools that harness LLMs to supercharge malware triage, reverse engineering, and threat artifact extraction. Whether you're in IR, threat hunting, or detection engineering, this talk will show you how AI can help extract answers faster from binary hell. 🚀🔍 #BSides #BSidesBoulder #IncidentResponse #CyberSecurity #MalwareAnalysis #ReverseEngineering #LLM4Sec #BlueTeamPower

Check out our full schedule at https://bsidesboulder.org/schedule/

Tickets are available for purchase for our 13 June event here: https://www.eventbrite.com/e/bsides-boulder-2025-registration-1290129274389

Website	https://bsidesboulder.org
Twitter	https://twitter.com/bsidesboulder
BlueSky	https://bsky.app/profile/bsidesboulder.bsky.social