| Web | https://www.bsidesprg.cz |
| [email protected] |
🚨 Speaker Announcement – #BSidesPrague2026
🎤 Diogo Machado
LazarOps: APT Tactics Targeting the Developers Supply Chain
Learn how Lazarus used fake GitHub accounts, malicious coding challenges & tooling to target developers and infiltrate software supply chains.
Not every device tells you what it’s for.
This year’s badge explores something new — not just data, but direction.
All attendees get a badge. Some unlock an extended electronic version (touchscreen, more power).
AI isn’t just shaping tools — it’s shaping outcomes.
🚨 Speaker Announcement – #BSidesPrague2026
🎤 Edouard Viot
LLMs for Vulnerability Fixing: Hype or Reality?
Can LLMs really fix security bugs? Learn how context, knowledge bases & inference strategies impact AI-driven vulnerability remediation.
🚨 Speaker Announcement – #BSidesPrague2026
🎤 Nathaniel Jones
Decoding Chinese State-Sponsored Cyber Activity
Learn behavioral models for early detection & threat hunting, with case studies showing persistent patterns across Chinese state-sponsored campaigns.
🚨 Speaker Announcement – #BSidesPrague2026
🎤 Waseem Ajrab
Uncovering SAP BTP Attack Vectors, Before Someone Else Does!
A red team look at breaking SAP BTP via misconfigs, over-permissioned services, vulnerable Kyma flows & Cloud Connector shortcuts.
🚨 Speaker Announcement – #BSidesPrague2026
🎤 Khayal Farzaliyev
Painless iOS App Pentesting
iOS is harder to test than ever—no jailbreaks, stricter entitlements, limited dynamic analysis. This talk shows smarter ways to pentest modern iOS apps.
🚨 Speaker Announcement – #BSidesPrague2026
🎤 Armaan Pathan
1 Click, 0 Warnings: Hijacking Mic, Camera & GPS via Browser UI Blindspots
Hidden iframes can abuse browser UI blind spots to hijack camera, mic & GPS while prompts show a trusted domain—even on Fortune 500 portals.
🚨 Speaker Announcement – #BSidesPrague2026
🎤 Zohar Buber
Hunting Malicious Domains at Scale with AI-Augmented OSINT
Learn how AI + OSINT can detect emerging malicious domains and route high-confidence findings into Slack, SIEM, and SOAR without overwhelming analysts.
🚨 Speaker Announcement – #BSidesPrague2026
🎤 Tejaswini Sandapolla
Blind the Kernel: Subverting Integrity Checks via Semantic Asymmetry
See how modern malware abuses ZwQueryVirtualMemory and the “Twin Patch” evasion to bypass Windows integrity checks.
🚨 Speaker Announcement – #BSidesPrague2026
🎤 Vojtěch Trčka
Harder, Better, Faster, Stronger: Because “FROM ubuntu:latest” Is a Supply-Chain Horror Story
Docker images are often bloated & vulnerable. Learn how to build minimal, hardened containers that cut the attack surface.
