CIRCLE WITH A DOT

What an amazing #BSidesLuxembourg. Huge kudos to the @BSidesLuxembourg organizers who crafted a welcoming space for everyone to learn together. Who made everything work. Who really care about representation and inclusion - it shows. Thanks to all the volunteers for your support. Thanks to my fellow speakers and participants for the insightful exchange. Special shout-out to our lovely sightseeing group for the deep night-time conversations. I love the memories we've built together. ️ #BSides

Looking forward to meeting amazing people at @BSidesLuxembourg#BSidesLuxembourg2026 Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourghttps://2026.bsides.lu

@koehntopp @BSidesLuxembourg Workshops are not getting recorded - in the case of mine, that also wouldn't make sense as its focus is on getting folks hands-on experience through group exercises. That being said, most talks are recorded indeed - like mine tomorrow, in case that would be interesting for you as well https://pretalx.com/bsidesluxembourg-2026/talk/7HCSG3/

BSides Luxembourg 2026 Announcement!𝗟𝗢𝗖𝗞𝗣𝗜𝗖𝗞𝗜𝗡𝗚 𝗩𝗜𝗟𝗟𝗔𝗚𝗘Learn or practice lockpicking in this hands-on village running over 2 days in the Atrium. Guided by experienced volunteers, participants will have access to a wide range of tools and lock setups to practice physical security skills in a safe and controlled environment.A practical space to understand how physical locks work, how they fail, and why physical security still matters in cybersecurity. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: https://2026.bsides.lu/tickets/ Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026#BSidesLuxembourg2026 #Lockpicking #PhysicalSecurity

️ Now Announcing: A New Cybersecurity Session at BSides Luxembourg𝗖𝗢𝗠𝗣𝗥𝗘𝗛𝗘𝗡𝗦𝗜𝗩𝗘 𝗙𝗥𝗔𝗠𝗘𝗪𝗢𝗥𝗞 𝗙𝗢𝗥 𝗔𝗡𝗔𝗟𝗬𝗭𝗜𝗡𝗚 𝗔𝗡𝗗 𝗗𝗘𝗧𝗘𝗖𝗧𝗜𝗡𝗚 𝗠𝗔𝗟𝗜𝗖𝗜𝗢𝗨𝗦 𝗕𝗥𝗢𝗪𝗦𝗘𝗥 𝗘𝗫𝗧𝗘𝗡𝗦𝗜𝗢𝗡𝗦 – Van NguyenTake a closer look at one of the web’s most overlooked threats in this 30-minute lightning talk session feature within the Actionable CTI and Detection Engineering Village. This session dives into the growing risk of malicious browser extensions and how they silently impact millions of users through tracking, redirects, ad injection, data theft, and other unwanted actions.Built on a curated dataset of 460 malicious extensions removed from the Chrome Web Store, this talk presents a practical detection framework combining static and dynamic analysis techniques, including CodeQL and Python-based workflows. A valuable session for analysts, threat hunters, and defenders looking to better understand browser-based threats.Van Nguyen is a Security Analyst with a strong background in Software Engineering, Machine Learning, and IT Security, currently focusing on modern threat analysis and detection methodologies. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: https://2026.bsides.lu/tickets/ Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026 #BSidesLuxembourg2026 #ThreatIntelligence #DetectionEngineering #BrowserSecurity #CyberSecurity #Infosec

Just Dropped: A Must-See Talk at BSides Luxembourg 2026!𝗙𝗢𝗥𝗘𝗡𝗦𝗜𝗖 𝗖𝗛𝗔𝗟𝗟𝗘𝗡𝗚𝗘𝗦 𝗜𝗡 𝗥𝗘𝗔𝗟-𝗪𝗢𝗥𝗟𝗗 𝗖𝗔𝗦𝗘𝗦 𝗢𝗙 𝗗𝗜𝗚𝗜𝗧𝗔𝗟 𝗠𝗔𝗡𝗜𝗣𝗨𝗟𝗔𝗧𝗜𝗢𝗡 – Thiago VieiraStep into the growing authenticity crisis in this compelling 40-minute talk, where the surge of AI-generated content is reshaping digital forensics and the justice system. Through real-world cases from Portugal and Brazil, this session uncovers how voice cloning, spoofing, and synthetic media are blurring the line between real and fake—making investigations more complex than ever.From analyzing metadata and spectrographic patterns to understanding evolving legal standards like admissibility of AI-generated evidence, this talk highlights the shift from intuition to technical validation. Discover how investigators can adapt, counter manipulation tactics, and navigate challenges like the “liar’s dividend,” where even genuine evidence risks being dismissed as fake.Thiago Vieira brings a unique blend of technical and legal expertise, with over 15 years spanning development, network engineering, and digital forensics. Now focused on helping cyber startups scale, he works at the intersection of technology and law to strengthen digital resilience against modern threats. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: https://2026.bsides.lu/tickets/ Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026#BSidesLuxembourg2026 #DigitalForensics #AISecurity #Deepfakes #CyberSecurity #ThreatIntelligence

Another Power-Packed 𝗞𝗘𝗬𝗡𝗢𝗧𝗘 Joins BSides Luxembourg 2026!𝗞𝗜𝗟𝗟𝗜𝗡𝗚 𝗞𝗜𝗟𝗟𝗡𝗘𝗧 – Alex HoldenStep inside a gripping 40-minute keynote that uncovers the real story behind one of the most visible hacktivist groups. What appeared to be a decentralized force was, in reality, a tightly controlled operation—until a small team exposed its weak points and brought it down.From uncovering financial ties to dark web markets to dismantling internal trust within the group, this session reveals how targeted investigation, OSINT, and strategic pressure can collapse even high-profile adversaries. A powerful case study in modern cyber disruption and how small teams can take on global threats.Alex Holden is the founder and CISO of Hold Security, LLC, and a leading expert in threat intelligence. His work focuses on understanding cybercriminal operations and helping organizations build stronger defenses against real-world attacks. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: https://2026.bsides.lu/tickets/ Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026 #BSidesLuxembourg2026 #Keynote #ThreatIntelligence #OSINT #CyberSecurity #Infosec

🧠 Another Deep Dive into AI Security at BSides Luxembourg𝗔𝗜 𝗜𝗡 𝗖𝗬𝗕𝗘𝗥𝗦𝗘𝗖𝗨𝗥𝗜𝗧𝗬: 𝗛𝗢𝗪 𝗖𝗔𝗡 𝗪𝗘 𝗠𝗔𝗞𝗘 𝗕𝗘𝗦𝗧 𝗨𝗦𝗘 𝗢𝗙 𝗜𝗧? – Diana WaithanjiJoin a thought-provoking 40-minute session in the AI Security Village exploring how AI is reshaping cybersecurity practices today. This interactive discussion brings together professionals to share real-world experiences on using AI tools for defense, improving team capabilities, and navigating the evolving role of humans in security.From identifying the most effective AI-powered tools to understanding training pathways and the impact on job roles, this session focuses on practical insights and open exchange. Whether you're hands-on or strategic, expect actionable ideas on how to stay relevant and make AI work for you—not against you.Diana Waithanji is a cybersecurity professional at SAP Cloud Infrastructure and a strong advocate for data privacy as a human right. She actively contributes to global tech communities and initiatives supporting diversity and innovation in cybersecurity. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: https://2026.bsides.lu/tickets/ Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026#BSidesLuxembourg2026 #AISecurity #CyberSecurity #AI #Infosec #TechCommunity

️ Technical Spotlight: New Session at BSides Luxembourg 2026𝗞𝗨𝗡𝗔𝗜: 𝗢𝗣𝗘𝗡-𝗦𝗢𝗨𝗥𝗖𝗘 𝗧𝗛𝗥𝗘𝗔𝗧 𝗗𝗘𝗧𝗘𝗖𝗧𝗜𝗢𝗡 𝗢𝗡 𝗟𝗜𝗡𝗨𝗫 – Quentin JEROMEStep into a practical 40-minute talk exploring how modern threat detection is evolving on Linux systems. This session introduces Kunai, an open-source tool built with eBPF to bring deep visibility, real-time monitoring, and Sysmon-like capabilities to Linux environments—where traditional security tooling often falls short.From architecture to real-world use cases, discover how Kunai enables incident responders and defenders to detect threats, investigate events, and enhance forensic analysis across cloud and containerized systems. A must-attend for anyone working with Linux infrastructure and looking to strengthen detection and response capabilities.Quentin Jerome is a Rust developer at CIRCL, focused on building open-source security tools driven by real-world incident response and threat detection needs. His work centers on improving visibility and empowering the security community. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: https://2026.bsides.lu/tickets/ Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026#BSidesLuxembourg2026 #ThreatDetection #LinuxSecurity #DFIR #CyberSecurity #OpenSource

Another Power-Packed Session Joins BSides Luxembourg 2026!𝗪𝗛𝗬 𝗜 𝗚𝗢 𝗧𝗢 𝗧𝗛𝗘 𝗗𝗔𝗥𝗞 𝗪𝗘𝗕 𝗘𝗩𝗘𝗥𝗬 𝗗𝗔𝗬– Alex HoldenTalk (40 minutes)Venture into a 40-minute talk that takes you beyond the traditional security perimeter and straight into the Dark Web, where cybercriminals plan, collaborate, and operate. This session reveals how understanding attacker behavior, language, and ecosystems can transform the way defenders anticipate and prevent threats before they materialize.Through real-world experiences and practical examples, you’ll explore different threat actor profiles, their motivations, and how they operate in hidden environments. The talk emphasizes defensive intelligence—learning how to safely navigate, observe, and extract insights from the Dark Web to strengthen proactive security strategies.Alex Holden is the founder and CISO of Hold Security, LLC, widely recognized for his work in threat intelligence and cybercrime research. He specializes in studying cybercriminal behavior and using those insights to help organizations build stronger defenses against evolving threats. Conference Dates: 6–8 May 2026 | 09:00–18:00️ Tickets: https://2026.bsides.lu/tickets/ Schedule: https://pretalx.com/bsidesluxembourg-2026/schedule/ Want to navigate the event easily? Check out the full schedule on Hacker Tracker:https://hackertracker.app/schedule?conf=BSIDESLUX2026 #BSidesLuxembourg2026 #CyberSecurity #DarkWeb #ThreatIntelligence #OSINT #BlueTeam

Speaker Spotlight: New Talk at BSides Luxembourg 2026𝗣𝗔𝗡𝗘𝗟 𝗗𝗜𝗦𝗖𝗨𝗦𝗦𝗜𝗢𝗡: 𝗧𝗛𝗘 𝗙𝗨𝗧𝗨𝗥𝗘 𝗢𝗙 𝗗𝗘𝗧𝗘𝗖𝗧𝗜𝗢𝗡 𝗘𝗡𝗚𝗜𝗡𝗘𝗘𝗥𝗜𝗡𝗚 – Diana Waithanji , Ondrej Nekovar, Remi Seguy, Andrii B. Join a dynamic 40-minute panel bringing together leading voices in detection engineering to explore where the field is heading next. Building on insights from the village sessions, this discussion dives into evolving tools, methodologies, and the growing role of AI, pipelines, and collaborative detection strategies.From open-source innovation to multi-SOC collaboration and CTI-driven approaches, this session offers a forward-looking conversation on how detection engineering will adapt to increasing complexity and scale. Expect practical insights, diverse perspectives, and audience-driven discussion on the future of cyber defense.Diana Waithanji, CISSP is a cybersecurity professional at SAP Cloud Infrastructure and an advocate for data privacy as a human right. She is joined by Ondrej Nekovar, an expert in cyber defense and detection engineering; Remi Seguy, lead of the OpenTide initiative; Andrii B., founder of SOC Prime and creator of innovative detection engineering tools. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: https://2026.bsides.lu/tickets/ Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026#BSidesLuxembourg2026 #DetectionEngineering #ThreatIntelligence #SOC #CyberSecurity #Infosec

Inside the Tech: New Talk Added to BSides Luxembourg𝗠𝗔𝗦𝗧𝗘𝗥𝗜𝗡𝗚 𝗜𝗡𝗖𝗜𝗗𝗘𝗡𝗧 𝗥𝗘𝗦𝗣𝗢𝗡𝗦𝗘 𝗪𝗜𝗧𝗛 𝗞𝗔𝗡𝗩𝗔𝗦 – Ardit BeuBring clarity to chaos in this hands-on 40-minute talk focused on modern incident response workflows. Discover how Kanvas transforms scattered investigations into structured, visual timelines—replacing messy spreadsheets with a unified, collaborative workspace.From case management and attack chain mapping to threat intelligence lookups and reporting, this session showcases how open-source tooling can streamline IR, improve team collaboration, and accelerate investigations. Whether you're mapping MITRE ATT&CK or leveraging LLM-assisted workflows, this is a practical deep dive into making incident response faster and smarter.Ardit Beu is an Information Security Specialist at ESET with expertise in incident response, threat hunting, and security monitoring. His work focuses on improving real-world investigation workflows and empowering teams with practical, effective tooling. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: https://2026.bsides.lu/tickets/ Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026 #BSidesLuxembourg2026 #IncidentResponse #ThreatIntelligence #DFIR #CyberSecurity #OpenSource

@BSidesLuxembourg It's refreshing to see a cybersecurity conference session directly address mental health and team culture, moving beyond purely technical topics. This focus on the human element is crucial for sustainable security.

Added to the BSides Luxembourg 2026 Lineup️ 𝗢𝗨𝗧 𝗢𝗙 𝗦𝗘𝗖𝗨𝗥𝗜𝗧𝗬 𝗘𝗫𝗖𝗘𝗣𝗧𝗜𝗢𝗡: 𝗪𝗛𝗔𝗧 𝗧𝗢 𝗗𝗢 𝗪𝗜𝗧𝗛𝗢𝗨𝗧 𝗔𝗡 𝗘𝗫𝗣𝗘𝗥𝗧 𝗧𝗢 𝗦𝗘𝗖𝗨𝗥𝗘 𝗬𝗢𝗨𝗥 𝗦𝗢𝗙𝗧𝗪𝗔𝗥𝗘 — Lisi Hocke ( @lisihocke ) Take control in this Talk (40 min) and learn how development teams can build secure software even without dedicated security experts.Security shouldn’t be a blocker waiting on experts. This session shows how everyday engineering activities—like planning features, collaborating across teams, and maintaining code—can be leveraged to significantly improve your product’s security posture without slowing down delivery.Discover how to integrate threat modeling into regular workflows, catch vulnerabilities earlier through collaboration, and use production insights to detect malicious behavior. This talk empowers teams to shift from dependency on security teams to building “secure enough” systems through practical, developer-driven approaches.Lisi Hocke (@lisihocke ) is a security engineer focused on product security, with a passion for quality, collaboration, and continuous learning. A strong advocate for whole-team approaches, she shares her experiences to help teams build resilient and secure software while delivering real value. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: https://2026.bsides.lu/tickets/ Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/ View full schedule & build your agenda: https://hackertracker.app/schedule?conf=BSIDESLUX2026 #BSidesLuxembourg2026 #SecureDevelopment #AppSec #DevSecOps #SoftwareSecurity #CyberSecurity

Inside the Tech: New Talk Added to BSides Luxembourg 𝗧𝗛𝗘 𝗙𝗢𝗥𝗚𝗢𝗧𝗧𝗘𝗡 𝗙𝗜𝗡𝗚𝗘𝗥𝗣𝗥𝗜𝗡𝗧: 𝗗𝗡𝗦 𝗕𝗔𝗦𝗘𝗗 𝗢𝗦𝗜𝗡𝗧 𝗧𝗘𝗖𝗛𝗡𝗜𝗤𝗨𝗘𝗦 𝗙𝗢𝗥 𝗣𝗥𝗢𝗗𝗨𝗖𝗧 & 𝗦𝗘𝗥𝗩𝗜𝗖𝗘 𝗗𝗜𝗦𝗖𝗢𝗩𝗘𝗥𝗬 – Rishi ( @rxerium ) Reveal hidden infrastructure in a Talk (40 min) using DNS TXT records to map technologies, dependencies, and external services at scale.DNS is often treated as infrastructure plumbing, but TXT records quietly expose far more than most defenders realize. This session introduces a DNS-based OSINT methodology that leverages large-scale TXT record analysis to uncover embedded service dependencies such as cloud platforms, SaaS integrations, and identity providers.By programmatically scanning DNS zones and integrating the technique into tools like Nuclei and OWASP Amass, this approach enables security teams to build detailed maps of organizational technology stacks and attack surfaces. A real-world case study from the Salesloft breach demonstrates how these signals translate into actionable intelligence for both offensive and defensive use cases.Rishi ( @rxerium ) is a London-based security researcher focused on vulnerability research, threat intelligence, and OSINT-driven attack surface discovery. He contributes to open-source security tooling, supports the UK OSINT community, and focuses on building scalable reconnaissance and detection methodologies. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: https://2026.bsides.lu/tickets/ Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/ View full schedule & build your agenda: https://hackertracker.app/schedule?conf=BSIDESLUX2026 #BSidesLuxembourg2026 #OSINT #DNS #AttackSurface #ThreatIntelligence #CyberSecurity

New Talk Dropped for BSides Luxembourg 2026!️ 𝗪𝗛𝗔𝗧’𝗦 𝗢𝗟𝗗 𝗜𝗦 𝗡𝗘𝗪: 𝗘𝗫𝗣𝗟𝗢𝗜𝗧𝗜𝗡𝗚 𝗖𝗟𝗔𝗦𝗦𝗜𝗖 𝗩𝗨𝗟𝗡𝗘𝗥𝗔𝗕𝗜𝗟𝗜𝗘𝗦 𝗜𝗡 𝗚𝗥𝗔𝗣𝗛𝗤𝗟 𝗔𝗣𝗜𝗦 – Aleksa ZatezaloModern tech doesn’t mean modern security. This session walks through a real-world penetration test where a production GraphQL API backed by PostgreSQL was compromised using classic attack techniques—from schema enumeration to identifying vulnerable resolvers and injection points.Follow the full exploitation chain from blind SQL injection to database superuser access, and uncover how broken authentication logic in GraphQL can expose sensitive data. With a live demo of GrapeQL, attendees will gain practical testing workflows and defensive strategies to properly secure GraphQL APIs.Aleksa Zatezalo is a security engineer and offensive security researcher with experience in cloud security, penetration testing, and exploit development. A contributor to projects like Metasploit and an active member of the security community, he focuses on building practical tools and techniques to uncover and fix real-world vulnerabilities. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: [https://2026.bsides.lu/tickets/](https://2026.bsides.lu/tickets/) Schedule Link: [https://pretalx.com/bsidesluxembourg-2026/schedule/](https://pretalx.com/bsidesluxembourg-2026/schedule/) View full schedule & build your agenda: [https://hackertracker.app/schedule?conf=BSIDESLUX2026](https://hackertracker.app/schedule?conf=BSIDESLUX2026) #BSidesLuxembourg2026 #GraphQL #AppSec #WebSecurity #SQLInjection #CyberSecurity