ℹ️ Note:
All times are in "Honolulu Time" (HST).
If you are unable to attend in-person, all talks will be live-streamed via our YouTube channel.
Trainings
December 2nd (Monday) - 4th (Wednesday)
ℹ️ Note:
Trainings occur prior to the conference, from December 2nd - 4th. They are separate from general conference attendance (and require separate registration and payment).
More information on the conference trainings can be found on the training page.
.png)
"Practical iOS App, User-, and Kernel-Space Reverse-Engineering" (Jiska Classen & Alex Heinrich)
|
|
|---|---|
|
Training Room: Lahaina 1 |
|
10:00 am - 05:00 pm |
|
"Threat Hunting macOS" (Jaron Bradley)
|
|
|---|---|
|
|
Training Room: Lahaina 2 |
|
|
10:00 am - 05:00 pm |
|
"The Art of Mac Malware: Detection & Analysis" (Patrick Wardle)
|
|
|---|---|
|
|
Training Room: Lahaina 3 |
|
|
10:00 am - 05:00 pm |
|
"iOS Threat Hunting" (Matthias Frielingsdorf)
|
|
|---|---|
|
|
Training Room: Lahaina 4 |
|
|
10:00 am - 05:00 pm |
Talks
December 5th (Thursday) - 6th (Friday)
ℹ️ Note:
Conference talks will be presented from December 5th - 6th.
All talks are presented in the Monarchy Ballroom (or can be freely live-streamed here).
All talks are presented in the Monarchy Ballroom (or can be freely live-streamed here).
Thursday, Dec. 5th
.png)
09:00 am - 09:50 am (50 minutes)
|
|
|---|---|
|
Registration |
|
Come pick up your conference badge. (Note: All that is needed is the email address you registered with). |
|
10:00 am - 10:10 am (10 minutes)
|
|
|---|---|
|
Welcome and opening remarks |
| 10:10 am - 10:50 am (40 minutes) | |
|---|---|
 | "Sweet QuaDreams or Nightmare before Christmas? Dissecting an iOS 0-Day" (Christine Fossaceca & Bill Marczak) |
| 10:55 am - 11:20 am (25 minutes) | |
|---|---|
| "macOS Stealers: Stealing Your Coins, Cookies and Keychains" (Maddie Stewart & Suweera De Souza) |
| 11:25 am - 11:50 am (25 minutes) | |
|---|---|
| "Swift Reversing in 2024 - It's not so bad :)" (Christopher Lopez) |
| 11:50 am - 12:30 pm (40 minutes) | |
|---|---|
| "Trace the Base: Unraveling the iPhone’s Baseband Architecture to Defend Against Cellular Attacks" (Lukas Arnold) |
|
12:30 pm - 02:00 pm (90 minutes)
|
|
|---|---|
|
Lunch |
| 02:00 pm - 02:40 pm (40 minutes) | |
|---|---|
| "Stealer Crossing: New Horizons" (Stuart Ashenbrenner & Alden Schmidt) |
| 02:40 pm - 03:05 pm (25 minutes) | |
|---|---|
| "Patch Different on *OS" (John McIntosh) |
| 03:10 pm - 03:35 pm (25 minutes) | |
|---|---|
| "Mach-O in Three Dimensions" (Jaron Bradley) |
| 03:35 pm - 04:00 pm (25 minutes) | |
|---|---|
| "Broken isolation - draining your credentials from popular macOS password managers" (Wojciech Reguła) |
|
04:00 pm - 04:15 pm (15 minutes)
|
|
|---|---|
|
Afternoon Break |
| 04:15 pm - 04:40 pm (25 minutes) | |
|---|---|
| "iDecompile: Writing a Decompiler for iOS Applications"(Laurie Kirk) |
| 04:40 pm - 05:05 pm (25 minutes) | |
|---|---|
| "Endless Exploits: The Saga of a macOS Vulnerability Exploited Seven Times" (Mickey Jin) |
| 05:05 pm - 05:20 pm (15 minutes) | |
|---|---|
| "How to use ML to detect bad?" (Martina Tivadar) |
| 05:20 pm - 05:35 pm (15 minutes) | |
|---|---|
| "Unraveling Time: Understanding Time Formats in iOS Sysdiagnose for Security Forensics" (Lina Wilske) |
|
07:00 pm - 09:00 pm (120 minutes)
|
|
|---|---|
|
main(); Event |
|
|
Halona Kai |
|
09:30 pm - 11:30 pm
|
|
|---|---|
|
|
#OBTS Capture the Flag (CTF) |
|
|
Maui Suites |
|
|
Come participate in the Apple-themed CTF event and win prizes.
Note: To participate (in this limited-space) event, you must register here! |
Friday, Dec. 6th
|
10:00 am - 10:10 am (10 minutes)
|
|
|---|---|
|
|
Welcome and opening remarks |
| 10:10 am - 10:50 am (40 minutes) | |
|---|---|
| "Triangulating TrueType Fonts On macOS: Reconstructing CVE-2023-41990" (Aleksandar Nikolic ) |
| 10:55 am - 11:20 am (25 minutes) | |
|---|---|
| "Apple's not so Rapid Security Response" (Mykola Grymalyuk) |
| 11:25 am - 11:50 am (25 minutes) | |
|---|---|
| "iPhone Backup Forensics" (Kinga Kieczkowska) |
| 11:50 am - 12:30 pm (40 minutes) | |
|---|---|
| "A Better Way - YARA-X, Mach-O Feature Extraction, and Malware Similarity" (Jacob Latonis & Greg Lesnewich) |
|
12:30 pm - 02:00 pm (90 minutes)
|
|
|---|---|
|
|
Lunch |
| 02:00 pm - 02:40 pm (40 minutes) | |
|---|---|
| "Tripwires in the Dark: Developing Behavior Detections for macOS" (Colson Wilhoit) |
| 02:40 pm - 03:05 pm (25 minutes) | |
|---|---|
| "Mac, where’s my Bootstrap?. What is the bootstrap server and how can you talk to it?" (Brandon Dalton & Fitzl Csaba) |
| 03:05 pm - 03:30 pm (25 minutes) | |
|---|---|
| "From Theory to Practise - Let’s find an iOS Commercial Spyware Sample" (Matthias Frielingsdorf) |
| 03:35 pm - 04:00 pm (25 minutes) | |
|---|---|
| "A Little Less Malware, A Little More Context: Using LLMs to Detect Malicious macOS Activity" (Kimo Bumanglag & Joseph Millman) |
|
04:00 pm - 04:15 pm (15 minutes)
|
|
|---|---|
|
|
Afternoon Break |
| 04:15 pm - 04:40 pm (25 minutes) | |
|---|---|
| "Unveiling the Apple CVE-2024-40834 - A "shortcut" to the bypass road" (Marcio Almeida) |
| 04:40 pm - 05:05 pm (25 minutes) | |
|---|---|
| "Mirror Mirror: Restoring Reflective Code Loading on macOS" (Patrick Wardle) |
|
05:05 pm - 05:30 pm (25 minutes)
|
|
|---|---|
|
Finale (+ prizes!) |
|
06:00 pm - 08:00 pm (120 minutes)
|
|
|---|---|
|
|
exit(); Event |
|
|
Halona Kai |