Schedule
...trainings, talks, & events!
ℹ️   Note:
All times are in "Central European Time" (GMT+2).

Talks will be live-streamed via our YouTube channel.


Trainings
October 9th (Monday) - 11th (Wednesday)
ℹ️   Note:
Trainings occur prior to the conference, from October 9th - 11th. They are separate from general conference attendance (and require separate registration and payment).

More information on the conference trainings can be found on the training page.

"Threat Hunting macOS" (Jaron Bradley)
Training Room: Azul
10:00 am - 05:00 pm

Training Room: Cubista
10:00 am - 05:00 pm

Training Room: Minotauro
10:00 am - 05:00 pm




Talks
October 12th (Thursday) - 13th (Friday)
ℹ️   Note:
Conference talks will be presented from October 12th - 13th. They are open to all registered conference trainees and attendees.

All talks are presented in the main Picasso ballroom (or can be freely live-streamed here).


Thursday, Oct. 12th
09:00 am - 10:00 am
Registration
Come pick up your conference badge. (Note: All that is needed is the email address you registered with).

10:00 am - 10:10 am
Welcome and opening remarks

10:10 am - 10:50 am
"In the Realm of Rust: A Journey into Reversing RustBucket on macOS" (Ferdous Saljooki & Jaron Bradley)

10:55 am - 11:20 am
"iObfuscate: Unraveling iOS Obfuscation Techniques" (Laurie Kirk)

11:25 am - 11:50 am
"The Clock is TCCing" (Calum Hall & Luke Roberts)

11:50 am - 12:30 pm
"Lois... Ma... Mommy...: Stewie Talking to Apple's Satellite Network" (Jiska Classen & Alexander Heinrich)


12:30 pm - 02:00 pm
Lunch


02:00 pm - 02:40 pm
"Santa's Got a Brand New Bag" (Matt White & Pete Markowsky)

02:40 pm - 03:05 pm
"ELECTRONizing macOS Privacy - a New Weapon in Your Red Teaming Armory" (Wojciech Regula)

03:05 pm - 03:30 pm
"Snapshot Fuzzing macOS Kernel Via Emulation" (Aleksandar Nikolic)

03:30 pm - 03:55 pm
"Poisoned - How Do We Find Them?" (Matthias Frielingsdorf)


03:55 pm - 04:10 pm
Afternoon Break


04:10 pm - 04:35 pm
"The Various Encryption Implementations in the Palm of Your Hand: Dissecting the Protocols Inside Apple AirTags"(Christine Fossaceca)

04:35 pm - 05:00 pm
"Two More Ways the Quarantine Attribute Can Fail Us" (Arthur Valiev & Rasmus Sten)

05:05 pm - 05:30 pm
"Did Apple Solve Persistence? Demystifying Background Task Management" (Christopher Lopez & Patrick Wardle)


07:00 pm - 09:00 pm
Reception/Party
Bardot


09:00 pm - 11:00 pm
#OBTS Capture the Flag (CTF)
Bardot
Come participate in the Apple-themed CTF event and win prizes.
Note: To participate (in this limited-space) event, you must register here!



Friday, Oct. 13th
10:00 am - 10:10 am
Welcome and opening remarks

10:10 am - 10:50 am
"Don’t Talk All at Once! Elevating Privileges on macOS by Audit Token Spoofing" (Thijs Alkemade)

10:55 am - 11:20 am
"Escaping the Safari Sandbox in iOS 16" (Ian Beer)

11:25 am - 11:50 am
"Modern Threat Hunting" (Karl Hiramoto)

11:50 am - 12:30 pm
"Safari, Hold Still for NaN Minutes!" (Javier Jimenez & Vignesh Rao)


12:30 pm - 02:00 pm
Lunch


02:00 pm - 02:40 pm
"Navigating the LABYRINTH: An In-Depth Examination of Interactive Intrusions by a North Korean APT" (Greg Longo & Ben Wiley)

02:40 pm - 03:20 pm
"The Nightmare of Apple's OTA Update: Bypassing the Signature Verification and Pwning the Kernel" (Mickey Jin)

03:25 pm - 03:50 pm
"Unexpected, Unreasonable, Unfixable: Filesystem Attacks on macOS" (Gergely Kalman)


03:50 pm - 04:05 pm
Afternoon Break


04:05 pm - 04:30 pm
"Dropping Lotus Bombs: ATT&CK in macOS Purple Team Operations" (Cat Self & Megan Carney)

04:35 pm - 05:00 pm
"Airdrop Forensics"(Kinga Kieczkowska)

05:05 pm - 05:30 pm
"From Crash …to trash? cash? or (bin)bash?" (Patrick Wardle)


05:30 pm - 06:00 pm
Finale (+ prizes!)


06:30 pm - 08:30 pm
Farewell party
Veranda Gardens