Just Announced for BSides Luxembourg 2026!𝗞𝗘𝗬𝗡𝗢𝗧𝗘: 𝗜𝗗𝗘𝗡𝗧𝗜𝗧𝗬 𝗦𝗘𝗖𝗨𝗥𝗜𝗧𝗬 𝗝𝗨𝗦𝗧 𝗘𝗫𝗣𝗟𝗢𝗗𝗘𝗗 - Wendy Nather (@wendynather )

Just Announced for BSides Luxembourg 2026!
𝗞𝗘𝗬𝗡𝗢𝗧𝗘: 𝗜𝗗𝗘𝗡𝗧𝗜𝗧𝗬 𝗦𝗘𝗖𝗨𝗥𝗜𝗧𝗬 𝗝𝗨𝗦𝗧 𝗘𝗫𝗣𝗟𝗢𝗗𝗘𝗗 - Wendy Nather (@wendynather )

As identity ecosystems evolve, some challenges never quite get solved—delegation being one of them. But now, the stakes are higher than ever. With the rapid rise of non-human identities that don’t fit traditional system or application roles, organizations are facing a new layer of complexity. Even if you’re not actively using these “agents” yet, they’re already becoming part of the broader digital environment. The question is no longer if—but how you’ll manage them. It’s time to start making deliberate decisions about identity, access, and control in this expanding landscape.

Wendy Nather ( @wendynather ) is a strategist, research director, and former CISO with over 40 years of experience in IT operations and security. Her expertise includes identity and access management, threat intelligence, risk analysis, and security operations, shaped by leadership roles in financial services, government, and industry research.
Conference Dates: 6–8 May 2026 | 09:00–18:00
14, Porte de France, Esch-sur-Alzette, Luxembourg
️ Tickets: https://2026.bsides.lu/tickets/
Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/

#BSidesLuxembourg #IdentityManagement #CyberSecurity #IAM #DigitalIdentity #SecurityLeadership

𝗙𝗥𝗢𝗠 𝗖𝗢𝗗𝗘 𝗧𝗢 𝗖𝗢𝗠𝗣𝗥𝗢𝗠𝗜𝗦𝗘: 𝗧𝗨𝗥𝗡𝗜𝗡𝗚 𝗠𝗢𝗗𝗘𝗥𝗡 𝗗𝗔𝗬 𝗜𝗗𝗘𝗦 𝗜𝗡𝗧𝗢 𝗔𝗧𝗧𝗔𝗖𝗞 𝗩𝗘𝗖𝗧𝗢𝗥𝗦 𝗩𝗜𝗔 𝗠𝗔𝗟𝗜𝗖𝗜𝗢𝗨𝗦 𝗘𝗫𝗧𝗘𝗡𝗦𝗜𝗢𝗡𝗦 (2h Workshop) Debjeet Banerjee ( @whokilleddb )

Visual Studio Code isn’t just a developer favorite — it’s now a high-value target for stealthy supply-chain attacks. This talk dives into real-world hacks, from crypto-stealing Solidity extensions to self-spreading threats like GlassWorm, exposing how attackers hide in plain sight. See how TypeScript and Rust can be fused to create “trusted” extensions that secretly execute native shellcode inside your IDE. Walk away with powerful insights to detect, defend, and stay ahead of this new wave of developer-focused threats.

Debjeet Banerjee is a Malware Developer at Black Hills Information Security, focused on building tools, researching evasion techniques, and advancing offensive security.

Conference Dates: 6–8 May 2026 | 09:00–18:00
14, Porte de France, Esch-sur-Alzette, Luxembourg
️ Tickets: https://2026.bsides.lu/tickets/
Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/

#BSidesLuxembourg #CyberSecurity #InfoSec #Malware #EthicalHacking #SecurityResearch

Want an easy way to navigate the #BSidesLuxembourg2026 schedule?

We realize its complicated to keep track of whats happening at any given time across 5 stages with recording, 2 of these being villages, and multiple different things going on in the Atrium also, plus all the different workshops on the workshops day.

So we've loaded the schedule into Hacker Tracker (the app) with their help!

Get it here: https://hackertracker.app/

ty @aNullValue for the help!

Did you see that @k is running 'Security impress karaoke' at #BSidesLuxembourg2026 after an hour and a half of the drinks reception?

Get on stage, talk about an #infosec slide deck you've never seen - like the Powerpoint karaoke at hack.lu but with infosec slide decks!

Come try it after a full day of fun conference talks and villages!?

𝗧𝗛𝗜𝗡𝗚𝗦 𝗙𝗔𝗟𝗟 𝗔𝗣𝗔𝗥𝗧: 𝗔𝗟𝗟𝗬𝗜𝗡𝗚 𝗖𝗬𝗕𝗘𝗥𝗦𝗘𝗖𝗨𝗥𝗜𝗧𝗬 𝗔𝗡𝗗 𝗗𝗜𝗣𝗟𝗢𝗠𝗔𝗖𝗬 𝗔𝗚𝗔𝗜𝗡𝗦𝗧 𝗔𝗨𝗧𝗛𝗢𝗥𝗜𝗧𝗔𝗥𝗜𝗔𝗡 𝗗𝗜𝗦𝗢𝗥𝗗𝗘𝗥

There are over 100 armed conflicts worldwide, all with a technological dimension, as global systems face mounting strain. In this session, Luxembourg’s Cybersecurity and Digitalisation Ambassador offers a clear-eyed look at current challenges in geopolitics and cyberdiplomacy, and how these fields can work together in response. Join the discussion and bring your questions on international relations and order in the digital world

Luc Dockendorf @lucdockendorf : Luxembourg’s Cyber and Digital Ambassador since March 2025, has worked in international relations since 2003, including roles with the Ministry of Foreign Affairs, the UN Security Council, the Human Rights Council, and leading EU cyber policy discussions.

Conference Dates: 6–8 May 2026 | 09:00–18:00
14, Porte de France, Esch-sur-Alzette, Luxembourg
️ Tickets: https://2026.bsides.lu/tickets/
Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/

#BSidesLuxembourg #Cybersecurity #Diplomacy #Geopolitics #CyberDiplomacy #InternationalRelations #BsidesLuxembourg2026

Does anyone know how to get in touch with the team behind the 'Hacker Tracker' app, we'd love to load BSidesLux into it and let the community use it to navigate sessions.

We think @aNullValue is involved, but no response here or on LI

BSides Luxembourg 2026 New Confirmed Session- Hands-On Bomb Defusal Escape Game!

𝗗𝗜𝗦𝗠𝗔𝗡𝗧𝗟𝗘 𝗧𝗛𝗘 𝗕𝗢𝗠𝗕 (2h Workshop) with 𝗦𝗧𝗜𝗝𝗡 𝗧𝗢𝗠𝗠𝗘 https://pretalx.com/bsidesluxembourg-2026/speaker/ZTMXFW/
Defuse the bomb by completing security-themed tasks! Solve ciphers, authenticate with a special flashlight, lockpick, craft a key with a Lishi tool, and more in this thrilling escape-game workshop. Teams collaborate to succeed – pure hands-on fun with real skills.

Conference Dates: 6–8 May 2026 | 09:00–18:00
14, Porte de France, Esch-sur-Alzette, Luxembourg
️ Tickets: https://2026.bsides.lu/tickets/
Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/

#BSidesLuxembourg #EscapeRoom #Cybersecurity #Teamwork #Workshop
Escape the bomb – ciphers, picks, and hacks await! ️

BSides Luxembourg 2026: Next Session Announced!

𝗛𝗢𝗪 𝗧𝗢 𝗥𝗘𝗔𝗗 𝗖𝗢𝗗𝗘 𝗧𝗢 𝗙𝗜𝗡𝗗 𝗩𝗨𝗟𝗡𝗘𝗥𝗔𝗕𝗜𝗟𝗜𝗧𝗜𝗘𝗦 (2h Workshop) with Louis Nyffenegger (@snyff ), 6 May

The industry needs more security code reviewers. Vulnerabilities are getting deeper, not simpler, and modern applications fail in subtle ways that scanners, and even AI, routinely miss. Meanwhile, developers are writing less code and reviewing more of it than ever (hopefully).

This workshop is a fast, hands-on introduction to reading code with a security mindset. Through real CVE-inspired examples, you’ll see how tiny inconsistencies, misplaced assumptions, and misunderstood framework behaviour turn into real, exploitable flaws. You’ll learn how to detect red flags quickly, identify dangerous patterns in small snippets, and build intuition for where vulnerabilities hide. Whether you’re a developer, pentester or security engineer, you’ll walk away with a foundational methodology for performing clear, consistent, and reliable code reviews.

Led by Louis Nyffenegger: PentesterLab founder, appsec expert (ex-National Bank of Australia, Australia Post, Fitbit), DEFCON/Kawaiicon/BSides speaker, AppSecSchool YouTuber https://pretalx.com/orga/event/bsidesluxembourg-2026/speakers/CZM8Q8/
​
6–8 May 2026 | 09:00–18:00
14, Porte de France, Esch-sur-Alzette, Luxembourg
️ Tickets: https://2026.bsides.lu/tickets/
️ Schedule link: https://pretalx.com/bsidesluxembourg-2026/schedule/

#BSidesLuxembourg2026 #CodeReview #Vulnerabilities #Security

The Return of Malware & Monsters: Collaborative IR Gaming (2h Workshop) on May 6th!

𝗚𝗢𝗧𝗧𝗔 𝗖𝗢𝗡𝗧𝗔𝗜𝗡 '𝗘𝗠 𝗔𝗟𝗟: 𝗖𝗢𝗟𝗟𝗔𝗕𝗢𝗥𝗔𝗧𝗜𝗩𝗘 𝗜𝗡𝗖𝗜𝗗𝗘𝗡𝗧 𝗥𝗘𝗦𝗣𝗢𝗡𝗦𝗘 𝗧𝗥𝗔𝗜𝗡𝗜𝗡𝗚 𝗧𝗛𝗥𝗢𝗨𝗚𝗛 𝗚𝗔𝗠𝗜𝗡𝗚 with Klaus Agnoletti (@klausagnoletti) & Glen Sorensen - 6 May, 9AM - 11AM

Back by popular demand after last year's hit! Ditch dull tabletops for Malware & Monsters – tabletop RPG meets creature-collecting where teams hunt/contain digital threats in story-driven scenarios with MITRE ATT&CK-mapped malware "malmons." Experience real IR chaos: coordination under pressure, incomplete intel, stakeholder drama. Take roles like Hunter, Analyst, Forensicator, Communicator to see how teams actually collaborate. Learn mechanics, build custom scenarios from real malware history, run live sims with "type effectiveness" for defenses and evolution for escalating attacks. Walk away with free, ready-to-use materials for fun, effective IR training.

Led by Klaus Agnoletti https://pretalx.com/orga/event/bsidesluxembourg-2026/speakers/SQVVHK/ (infosec pro since 2004, BSides København co-founder, storytelling cyber advisor, neurodiversity advocate) & Glen Sorensen https://pretalx.com/orga/event/bsidesluxembourg-2026/speakers/J3PRCC/ (Recovering CISO, DeleteMe Solutions Engineer, OSINT/AI expert, HackBack Gaming Incident Master).

Conference dates and time: 6–8 May 2026 | 9AM - 6PM
Venue: 14, Porte de France, Esch-sur-Alzette, Luxembourg
️ Tickets: https://2026.bsides.lu/tickets/
Schedule: https://pretalx.com/bsidesluxembourg-2026/schedule/

Game your way to better IR skills – popular return engagement!

#BSidesLuxembourg2026 #IncidentResponse #CyberSecurityTraining #BlueTeam #GameBasedLearning #MITREATTACK #BSides #DnD #DFIR

Demystify IoT Traffic with Wireshark!

BSides Luxembourg 2026 new confirmed session

𝗣𝗔𝗖𝗞𝗘𝗧 𝗔𝗡𝗔𝗟𝗬𝗦𝗜𝗦 𝗙𝗢𝗥 𝗕𝗘𝗚𝗜𝗡𝗡𝗘𝗥𝗦 – 𝗔𝗡 𝗜𝗢𝗧 𝗧𝗢𝗬, 𝗦𝗢𝗠𝗘 𝗣𝗔𝗖𝗞𝗘𝗧𝗦, 𝗔𝗡𝗗 𝗪𝗜𝗥𝗘𝗦𝗛𝗔𝗥𝗞 (2h Workshop) with 𝗞𝗔𝗧𝗛𝗘𝗥𝗜𝗡𝗘 𝗟𝗘𝗘𝗦𝗘 (@katalyst) - 6 May at 9am and 11am.

Connected devices chat non-stop, even idle. This beginner 2h workshop uses a Wireshark PCAP from a creepy IoT toy to teach reading traffic: device discovery, DNS, connections, encryption handshakes, "phoning home" detection – no crypto breaking needed. Spot patterns, metadata, and relationships visible even in encrypted payloads. Zero experience required – just curiosity!

Led by Katherine Leese: retrained in her 40s as Computer Expert (System Integration), now at SevenShift IoT cybersecurity (Cologne), Haecksen/CCC member, Cologne OWASP leader. https://www.linkedin.com/in/katleese/

6–8 May 2026 | 09:00–17:00
14, Porte de France, Esch-sur-Alzette, Luxembourg
️ Tickets: https://2026.bsides.lu/tickets/

Beginner-friendly Wireshark magic and sneaky IoT!

#BSidesLuxembourg2026 #BSides #IoT #networkanalysis #Wireshark

We're discussing arranging a 'future of detection engineering' panel at #BSidesLuxembourg2026, but unfortunately the only pureplay-DE submissions we have on the topic are from men. And 'manels' are stinky by nature.

DOES ANYONE KNOW SOMEONE NOT-white-male who is planning to (or would be interested in) attending BSidesLux and who is on the cutting edge of Detection Engineering?

We tried to ask around, but so far no success. Please boost for reach.

𝗬𝗢𝗨𝗥 𝗖𝗔𝗥 𝗜𝗦𝗡'𝗧 𝗝𝗨𝗦𝗧 𝗔 𝗩𝗘𝗛𝗜𝗖𝗟𝗘 — 𝗜𝗧'𝗦 𝗔 𝗖𝗢𝗠𝗣𝗨𝗧𝗘𝗥 𝗢𝗡 𝗪𝗛𝗘𝗘𝗟𝗦. 𝗔𝗡𝗗 𝗔𝗧 𝗕𝗦𝗜𝗗𝗘𝗦 𝗟𝗨𝗫𝗘𝗠𝗕𝗢𝗨𝗥𝗚 𝟮𝟬𝟮𝟲, 𝗪𝗘'𝗥𝗘 𝗛𝗔𝗖𝗞𝗜𝗡𝗚 𝗜𝗧.

We’re excited to present our 𝗙𝗜𝗥𝗦𝗧 𝗖𝗢𝗡𝗙𝗜𝗥𝗠𝗘𝗗 𝗦𝗘𝗦𝗦𝗜𝗢𝗡 𝗔𝗡𝗡𝗢𝗨𝗡𝗖𝗘𝗠𝗘𝗡𝗧 For bsides luxembourg ⅵⅳⅵⅹ — the 𝘾𝘼𝙍 𝙃𝘼𝘾𝙆𝙄𝙉𝙂 𝙑𝙄𝙇𝙇𝘼𝙂𝙀 with 𝗥𝗢𝗔𝗟𝗗 𝗡𝗘𝗙𝗦 . This is just the beginning of the lineup we’re preparing for you.

A fully hands-on, immersive space where you get to dig into the real attack surfaces of modern vehicles:

Interact with live CAN bus traffic
Reverse engineer in-vehicle messages
Craft spoofed signals to manipulate instrument clusters
️ Explore vulnerabilities — and the defenses against them

Whether you're a complete beginner or a seasoned researcher, this village is built for you. All hardware and tooling provided — and if logistics work out, 𝗪𝗘 𝗠𝗜𝗚𝗛𝗧 𝗘𝗩𝗘𝗡 𝗕𝗥𝗜𝗡𝗚 𝗔 𝗙𝗨𝗟𝗟 𝗖𝗔𝗥.

𝟲–𝟴 𝗠𝗔𝗬 𝟮𝟬𝟮𝟲 | 09:00–17:00
14, Porte de France, Esch-sur-Alzette, Luxembourg
️ Tickets: 𝟮𝟬𝟮𝟲.𝗕𝗦𝗜𝗗𝗘𝗦.𝗟𝗨/𝗧𝗜𝗖𝗞𝗘𝗧𝗦/

#BSidesLuxembourg #CarHacking #AutomotiveSecurity #CyberSecurity #CANbus #VehicleSecurity #BsidesLuxebourg2026

Folks, we're proud to announce that @wiz has chosen to sponsor #BSidesLuxembourg2026 and they're our Silver sponsor!

We are proud to have you here, guys!

122 submissions (workshops, talks, villages) and 2 days a few hours to go on the CFP deadline.

Rumor is that some of our CFP reviewers are HOPING that no more submissions come in.

We're overwhelmed with the love and support from the community. Thank you, from all of us to all of you.

from the BSidesLux team

@gunstick no Ai involved!

@gunstick sending this to our social media volunteer

#BsidesLuxebourg2026 is happy to announce a partnership with Digital Learning Hub Luxembourg.

Ladies and Gentlemen, you are amazing!