Conference 2024

Program

November 6th to 7th, 2024
La Marive, Yverdon-les-Bains

Cutting Edge Technical Talks... and more!

#BlackAlps24 program has been prepared by an independent, neutral committee of internationally recognized experts. The program committee reviewed many proposals and selected the most appropriate and interesting talks for the conference (except the keynotes and rumps).

Learn more about the Call For Proposal and committee.

Most of the program is at La Marive, Yverdon-les-Bains, except specific side events like the Networking dinner.

Wednesday November 6th, 2024

08:30 - 09:00
LIVE
Welcome and coffee
09:00 - 09:10
LIVE
Opening Words (en)
Sylvain Pasini (HEIG-VD, president of Black Alps )
09:10 - 09:40
LIVE
[Keynote] We’ve not been trained for this: life after the Newag DRM disclosure (en)
Michał Kowalczyk (Dragon Sector / Invisible Things Lab )
Jakub Stepniewicz
q3k
09:40 - 10:25
LIVE
Reach the Nirvana : Hijack, Inject, Sleep (en)
Yoann Dequeker (Wavestone )
10:25 - 10:50
LIVE
Coffee Break
10:50 - 11:35
LIVE
Broken Isolation – Draining your credentials from popular macos password manager (en)
Wojciech Regula (Securing)
11:35 - 12:20
LIVE
Who DAT ? – Sender-Constraining Personal Acces Token (en)
Vitor Meireles (GitLab)
Rohit Shambhuni (GitLab)
12:20 - 14:05
LIVE
Lunch
14:05 - 14:50
LIVE
GlobalConfusion: TrustZone Trusted Application 0-Day By Design (en)
Marcel Busch (EPFL)
Philipp Mao (EPFL)
14:50 - 15:25
LIVE
IDAT Loader: The Malware’s Camouflaged Weapon (en)
Niranjan Jayanand
15:35 - 16:00
LIVE
Coffee Break
16:00 - 16:45
LIVE
GCP CL_WHY: The Hacker’s And The Hero Guide To The CLI (en)
Shannon McHale (Google)
16:45 - 17:30
LIVE
Iconv, Set The Charset To RCE: Exploiting Glibc To Hack The PHP Engine (en)
Charles Fol (Lexfo )
17:45 - 18:15
LIVE
Travel
18:00 - 23:30
LIVE
Corporate event
(La Marive)
Mandatory registration

Welcome at 17:30
Start at 17:45
Aperitif at 19:15
Shuttle to Networking Dinner at 19:15
End at 20:30
LIVE
Networking dinner Salle des quais (Grandson)
Salle des quais (Grandson)
Mandatory registration
Aperitif at 18:00
Dinner at 19:30
23:30 - 00:00
LIVE
Travel

Thursday November 7th, 2024

08:15 - 08:30
LIVE
Travel
08:30 - 09:00
LIVE
Welcome and coffee
09:00 - 09:15

LIVE
Opening
09:15 - 09:45
LIVE
[Keynote] Are We On The Edge Of An AI Cybercrime Armageddon? Separating Hype From Reality (en)
Candid Wüest (xorlab)
09:45 - 10:30
LIVE
Start Them Early And Keep On Keepin’ On. An Industry Perspective On Automated Protocol Analysis For Designing And Iterating Cryptographic Protocols (en)
Marc Ilunga (Trail of Bits )
10:30 - 11:00
LIVE
Coffee Break
11:00 - 11:45
LIVE
The Pitfalls Of Fully Homomorphic Encryption: When IND-CPA Security Is Not Enough (en)
Jean-Philippe Bossuat (Gauss Labs PTE. LTD. )
11:45 - 12:30
LIVE
Unveiling The Offensive Potential Of Group Policy Objects In Active Directory: Old – And New GPO ACLS Attack Vectors (en)
Quentin Roland (Synacktiv )
12:30 - 14:15
LIVE
Lunch
14:15 - 15:00
LIVE
Now I See You: Pwning The Synology BC500 Camera (en)
Emanuele Barbeno (Compass Security )
15:00 - 15:45
LIVE
Crypto Wallet – What Could Go Wrong (en)
Ryan Sauge (Taurus SA )
15:45 - 16:30
LIVE
Coffee Break
16:30 - 17:30
LIVE
Rump Session (fr-en)
Several speakers
17:30 - 19:00
LIVE
Aperitif
19:00 - 00:00
LIVE
Black Dinner
(La Marive)
Free for all
Black Alps participants

Legend

 
Conference
 
Keynote
 
Lightning Talks
 
Side event
 
Evening

Talk selection process

A call for proposal (CFP) was organized. The program committee was in charge to select the talks (except the keynotes and rumps). The submission process is now closed (it was open until July 31, 2024.).

Program committee

The program committee is composed of international renowned experts in the field.

  • Nicolas Oberli , Blackalps (chair)
  • Axelle Apvrille , Fortinet
  • Frank Bitsch , Mandiant
  • Gynvael Coldwind , HexArcana
  • Nicolas Grégoire , Agarri
  • Daniel Le Gall , Blaklis
  • Sylvain Pelissier , Zellic
  • Phillipe Teuwen , Quarkslab

Proposal topics

  • Application security
  • Vulnerability research and exploits development
  • Penetration testing and red teaming
  • Cloud security
  • Security automation
  • Network security
  • Intrusion detection and monitoring
  • Cryptography