The AppSec Contractual Sins
In this talk, based on years of practical experience in dealing with supply chain security and IT contracts, I am sharing techniques and methods for ensuring that security requirements are properly incorporated into IT contracts, and that business risks are properly assessed – and addressed. The talk will present a number of real-life examples of […]
Inside NCSC’s CTI Team: Tracking Threat Actors Targeting the Netherlands
“From covert state-backed espionage to financially motivated cybercrime, from politically charged hacktivism to digital sabotage—threat actors targeting the Netherlands come in many forms, and their tactics are constantly evolving. In this talk, the Cyber Threat Intelligence (CTI) team of the Dutch National Cyber Security Centre (NCSC) offers a rare behind-the-scenes look at how they investigate […]
Hunting at scale, identifying Internet connected OT devices
Have you ever been on an Internet safari? Join us on an expedition into the world of internet-connected OT-devices! We’ll introduce you to our OT Big Five and share fascinating cases we have encountered. We’ll also explore the motivations behind our research, how the NCSC identifies OT-devices at scale using repeatable methods, and the legal […]
Beware of your belongings: Prying eyes in China
Our presentation will discuss the threats of cyber attacks, device tampering and we will dive into a case study and how these threats look like. We will share tips on how to protect your devices and data from unauthorized access.
Safeguarding national security in government contracts – ABRO (session in Dutch)
Supply has been and increasingly will be a target for cybercrime and state actors. Our changing world also requires the Dutch government to change the way it protects its key interests across the vast network of suppliers. Many government suppliers provide essential products and services that intersect with the core processes and assets of government […]
You’re not secure by design, if you’re not memory safe!
What if 70% of all vulnerabilities in the critical infrastructure of tomorrow could be prevented with one simple decision? Memory safety is not just an implementation detail that only engineers should talk about; it is a crucial requirement for building software that is safer and more secure by design. In this talk, we’ll explore what […]
Vulnerability Disclosure in the Energy Sector
The European electricity network has become a ‘smart grid.’ This offers many opportunities for sustainability but also makes our energy system more vulnerable to digital attacks. In a time of increasing threat of hybrid warfare, the government and the energy sector realize that we as a society must prepare for possible disruption of the energy […]
Turning Malware Against Itself for Proactive Defense
What if the key to stopping malware was hidden inside the malware itself? In this talk, we will explore the concept of malware vaccines—leveraging the techniques malware uses for self-preservation to turn the tables on attackers. By analyzing how malware checks its execution environment—whether through sandbox evasion, mutex creation, process enumeration, or infection markers—we can […]
Tracking the North Korean B-Team Persistent Threat (BPT)
Since early 2025, Fox-IT has been tracking a cluster of activity linked to the Contagious Interview campaign, involving the malware families known as BeaverTail, InvisibleFerret, and OtterCookie. This talk provides a behind-the-scenes look at our threat intelligence methodology for tracking this campaign and actor. We’ll demonstrate our investigation approach, showing how we first manually investigate […]
Threat From The Inside: eBPF Used by Malware
eBPF (extended Berkeley Packet Filter) is a powerful and mysterious technology in the Linux kernel. As its name suggests, it was originally created for network packet filtering. However, it evolved into a more general-purpose mechanism to observe and manipulate kernel behavior. What could go wrong? We will not pick on eBPF because it is not […]