Incoming shorthand...Tomorrow's #BSidesBoulder25 is sold out! Walk-ins may be available, no guarantee of a shirt, official stickers, or sandwiches. TL;DR topical blurbs:

—🆕 Sticker swap table + mini-lock picking village.

—📢 Day of comms. We will use non-LinkedIn social media and QR codes at the event. @bsidesboulder
@infosec.exchange @bsidesboulder @bsidesboulder.bsky.social

—🅿️ Parking. Lot 414 is the primary. Lots 406 and 415 can be used for overflow. Details with a promo code and parking map available on our website.

—🍻Happy Hour. Location: Sanitas Brewing Company. Sponsored by TenEleven Technology. Please RSVP: https://events.1011vc.com/June132025

—🙏 2025 Sponsors. Thank you!! @rule4 Panther, @ARKA Group, LP, and Ten Eleven Ventures.

—🤝 2025 Partners. #MentalHealthHackers, #Cyversity-denver, @wicysorg, @kc7cyber, #BoulderFoodRescue, @DenverSec #OWASPDenver, #NoCoISSA.

Two days until #BSidesBoulder25 and only 15 tickets remain! Today we highlight, two #BSidesBoulder25 talks: Andrew Brandt's "Smashing Smishing by Quashing Quishing" and Eric Harashevsky's "Firmware Readout Bypass in STM92 (Don't put this in an alarm control panel).

Andrew's talk will examine QR-based phishing attacks, how attackers are exploiting QR codes and SMS to steal credentials and MFA tokens, and how a cross-industry collaboration between mobile vendors, telcos, and the infosec community could finally slam the door on mobile phishing. Think SafeBrowsing, but for QR scans! And we promise that our BSidesBoulder event QR codes will not redirect you to an Andrew-controlled C2 server.

Eric's talk will explore his adventure tinkering with an old STM92's firmware - the talk will explore his findings, reverse engineering the legacy microcontroller, bypassing firmware protections, and what that means for devices still hanging on your wall! Expect a live demo that is sure to excite your future hardware hacking journey.

#BSides #BSidesBoulder #CyberSecurity #Quishing #Smishing #MobileSecurity #PhishingDefense #HardwareHacking #FirmwareSecurity

Check out our full schedule at https://bsidesboulder.org/schedule/

Tickets are available for purchase for our 13 June event here: https://www.eventbrite.com/e/bsides-boulder-2025-registration-1290129274389

We are just days away from our annual #BSidesBoulder event on 13 June and just about 40 tickets are left. Today, we're highlighting an application of AI talk.

⚔️💥 AI is building websites faster than ever — but who's checking the locks? Unlock your potential with Yash Thapliyal's #BSidesBoulder25 talk "Taking Down Websites as Fast as They're Made: Common Vulnerabilities in AI-Generated Sites" that will provide a live, fast-paced walkthrough of how platforms like Wix, Durable, and Cursor Agent are unintentionally publishing XSS, SQLi, and other vulnerabilities by default. Yash will generate a site live with the audience, then hack it! Learn how to spot the cracks, secure your builds, and stay ahead of the script kiddies. 💥⚔️

#BSides #BSidesBoulder #RedTeam #AI #WebSec #AppSec

Check out our full schedule at https://bsidesboulder.org/schedule/

Tickets are available for purchase for our 13 June event here: https://www.eventbrite.com/e/bsides-boulder-2025-registration-1290129274389

💥🖥️ Don't miss Nathan Montierth's #BSidesBoulder25 talk "Navigating the Virtualization Battlefield: A Deep Dive into Hypervisor Attack Vectors", which plans to explore how attackers are breaching hypervisors (think ESXi, Active Directory, and more), and what you can do to fight back! 🛡️💥

Organizations globally have embraced virtualization as a way to scale solutions and centralize network management, but if your hypervisor gets popped, it could cost your organization millions. If you run virtualized infrastructure, this one’s mission-critical. #BSides #BSidesBoulder #CyberSecurity #VirtualizationSecurity #HypervisorHacking #CyberDefense

Check out our full schedule at https://bsidesboulder.org/schedule/

Tickets are available for purchase for our 13 June event here: https://www.eventbrite.com/e/bsides-boulder-2025-registration-1290129274389

🧠💻 Tired of endless hours fighting with obfuscation techniques embedded inside of malware? Check out Anthony Galiette's #BSidesBoulder25 talk "AI-Assisted Reverse Engineering for Enhanced Malware Analysis, Deobfuscation, and Threat Coverage"! Anthony's talk provides a hands on approach to using GenAI to reduce analytic toil while reverse engineering malware, which explores three open-source tools that harness LLMs to supercharge malware triage, reverse engineering, and threat artifact extraction. Whether you're in IR, threat hunting, or detection engineering, this talk will show you how AI can help extract answers faster from binary hell. 🚀🔍 #BSides #BSidesBoulder #IncidentResponse #CyberSecurity #MalwareAnalysis #ReverseEngineering #LLM4Sec #BlueTeamPower

Check out our full schedule at https://bsidesboulder.org/schedule/

Tickets are available for purchase for our 13 June event here: https://www.eventbrite.com/e/bsides-boulder-2025-registration-1290129274389

🎉 It’s that time again! We’re proud to announce that #tenelevenventures is once again sponsoring an inclusive happy hour following #BSidesBoulder25! 🍻

Join us on June 13 at #SanitasBrewing right after the conference to unwind, connect, and celebrate with the local cyber security community. Whether you're a first-timer or a returning face, all are welcome!

📍 Sanitas Brewery
🗓️ June 13 | Post-Event
🎟️ Free for BSides attendees – just bring your badge!

Let’s make this second year even better than the last. See you there! 💥

#CyberSecurity #BSidesBoulder #tenelevenventures

We couldn't be more excited to reveal the logo for this year's BSides Boulder conference! It was designed by amazing Lorena Spelucin. Swag orders are in and we can't wait to share images of those once we receive them.

The 2025 speaker schedule is officially up as well! Please keep in mind that session may shift around around as we get closer to the event.
Schedule: https://bsidesboulder.org/schedule/

We still have tickets left but we sold out last year, don't miss out on this year's event!
Tickets: https://www.eventbrite.com/e/bsides-boulder-2025-registration-1290129274389

Good news everyone! We've decided to extend our CFP an extra week until March 10th. This means that if you have a talk or workshop you'd like to present, we'd love to consider it.

If you're on the fence about submitting we'd encourage you to submit. Several members on our planning committee have been previously accepted to speak at other events from last minute submissions. We're also looking to fill out our schedule with a range of experience and topics! Bottom-line: don't self select out. :)

@jacoblatonis Holy wow! Please teach us how to make a presentation like yours! #full8bitstyle Very cool stuff reverse engineering Gameboy games.

All of Track 1 is being live streamed on YouTube for those that were unable to be here with us in person (https://lnkd.in/g5tW9MSa).