BSidesNYC
@bsidesnyc.org
The Allure of Go’s Cross-Platform Capability: A Gateway for Threat Actors to Mac and Linux
Anmol Maurya, Staff Malware Reverse Engineer at Palo Alto Networks, examines how threat actors use Go to target Mac and Linux systems and what makes detection and analysis so challenging. #BSidesNYC
Anmol Maurya, Staff Malware Reverse Engineer at Palo Alto Networks, examines how threat actors use Go to target Mac and Linux systems and what makes detection and analysis so challenging. #BSidesNYC
October 18, 2025 at 9:06 PM
The Allure of Go’s Cross-Platform Capability: A Gateway for Threat Actors to Mac and Linux
Anmol Maurya, Staff Malware Reverse Engineer at Palo Alto Networks, examines how threat actors use Go to target Mac and Linux systems and what makes detection and analysis so challenging. #BSidesNYC
Anmol Maurya, Staff Malware Reverse Engineer at Palo Alto Networks, examines how threat actors use Go to target Mac and Linux systems and what makes detection and analysis so challenging. #BSidesNYC
Contribute to Learn: Building DFIR Expertise Through Open Source
Christopher Eng, Independent Digital Forensic Researcher and CIO, shares how contributing to open-source DFIR tools like KAPE and Velociraptor can accelerate hands-on learning and community growth. #BSidesNYC
Christopher Eng, Independent Digital Forensic Researcher and CIO, shares how contributing to open-source DFIR tools like KAPE and Velociraptor can accelerate hands-on learning and community growth. #BSidesNYC
October 18, 2025 at 9:01 PM
Contribute to Learn: Building DFIR Expertise Through Open Source
Christopher Eng, Independent Digital Forensic Researcher and CIO, shares how contributing to open-source DFIR tools like KAPE and Velociraptor can accelerate hands-on learning and community growth. #BSidesNYC
Christopher Eng, Independent Digital Forensic Researcher and CIO, shares how contributing to open-source DFIR tools like KAPE and Velociraptor can accelerate hands-on learning and community growth. #BSidesNYC
Inside Ransomware: Facts and Findings from the BlackBasta and LockBit Leaks
Cory Wolff, Director of Offensive Security at risk3sixty, breaks down leaked data from major ransomware groups to reveal how affiliates collaborate, develop payloads, and profit. #BSidesNYC
Cory Wolff, Director of Offensive Security at risk3sixty, breaks down leaked data from major ransomware groups to reveal how affiliates collaborate, develop payloads, and profit. #BSidesNYC
October 18, 2025 at 8:15 PM
Inside Ransomware: Facts and Findings from the BlackBasta and LockBit Leaks
Cory Wolff, Director of Offensive Security at risk3sixty, breaks down leaked data from major ransomware groups to reveal how affiliates collaborate, develop payloads, and profit. #BSidesNYC
Cory Wolff, Director of Offensive Security at risk3sixty, breaks down leaked data from major ransomware groups to reveal how affiliates collaborate, develop payloads, and profit. #BSidesNYC
Interactive Networking Fingerprinting Walkthrough
Vlad Iliushin, Cybersecurity Expert at ELLIO and President of AMTSO, leads a hands-on workshop on modern passive fingerprinting techniques like JA3, JA4, p0f, and MuonFP. #BSidesNYC
Vlad Iliushin, Cybersecurity Expert at ELLIO and President of AMTSO, leads a hands-on workshop on modern passive fingerprinting techniques like JA3, JA4, p0f, and MuonFP. #BSidesNYC
October 18, 2025 at 7:44 PM
Interactive Networking Fingerprinting Walkthrough
Vlad Iliushin, Cybersecurity Expert at ELLIO and President of AMTSO, leads a hands-on workshop on modern passive fingerprinting techniques like JA3, JA4, p0f, and MuonFP. #BSidesNYC
Vlad Iliushin, Cybersecurity Expert at ELLIO and President of AMTSO, leads a hands-on workshop on modern passive fingerprinting techniques like JA3, JA4, p0f, and MuonFP. #BSidesNYC
Rebooting the Cyber Arsenal of Democracy
Eric Foster, CEO of TENEX.ai, shares hard-earned lessons from building and exiting multiple security companies and what it takes to launch and scale a cybersecurity startup in 2025. #BSidesNYC
Eric Foster, CEO of TENEX.ai, shares hard-earned lessons from building and exiting multiple security companies and what it takes to launch and scale a cybersecurity startup in 2025. #BSidesNYC
October 18, 2025 at 7:34 PM
Rebooting the Cyber Arsenal of Democracy
Eric Foster, CEO of TENEX.ai, shares hard-earned lessons from building and exiting multiple security companies and what it takes to launch and scale a cybersecurity startup in 2025. #BSidesNYC
Eric Foster, CEO of TENEX.ai, shares hard-earned lessons from building and exiting multiple security companies and what it takes to launch and scale a cybersecurity startup in 2025. #BSidesNYC
P0LR Espresso: Pulling Shots of Cloud Live Response & Advanced Analysis
Art Ukshini, Threat Researcher at Permiso Security, presents P0LR Espresso, a tool built to cut through noisy cloud logs, detect threats in real time, and speed up incident response. #BSidesNYC
Art Ukshini, Threat Researcher at Permiso Security, presents P0LR Espresso, a tool built to cut through noisy cloud logs, detect threats in real time, and speed up incident response. #BSidesNYC
October 18, 2025 at 7:29 PM
P0LR Espresso: Pulling Shots of Cloud Live Response & Advanced Analysis
Art Ukshini, Threat Researcher at Permiso Security, presents P0LR Espresso, a tool built to cut through noisy cloud logs, detect threats in real time, and speed up incident response. #BSidesNYC
Art Ukshini, Threat Researcher at Permiso Security, presents P0LR Espresso, a tool built to cut through noisy cloud logs, detect threats in real time, and speed up incident response. #BSidesNYC
The Log Rings Don’t Lie: Historical Enumeration in Plain Sight
Bleon Proko, Security Engineer, shows how attackers can use logs to perform enumeration, run C2 channels, and exfiltrate data through cloud infrastructure. #BSidesNYC
Bleon Proko, Security Engineer, shows how attackers can use logs to perform enumeration, run C2 channels, and exfiltrate data through cloud infrastructure. #BSidesNYC
October 18, 2025 at 7:22 PM
The Log Rings Don’t Lie: Historical Enumeration in Plain Sight
Bleon Proko, Security Engineer, shows how attackers can use logs to perform enumeration, run C2 channels, and exfiltrate data through cloud infrastructure. #BSidesNYC
Bleon Proko, Security Engineer, shows how attackers can use logs to perform enumeration, run C2 channels, and exfiltrate data through cloud infrastructure. #BSidesNYC
The History of Malware: From Floppies to Droppers
Eliad Kimhy, Senior Security Researcher at Acronis, traces the evolution of malware from its early floppy disk days to modern ransomware, showing what has changed and what has stayed the same. #BSidesNYC
Eliad Kimhy, Senior Security Researcher at Acronis, traces the evolution of malware from its early floppy disk days to modern ransomware, showing what has changed and what has stayed the same. #BSidesNYC
October 18, 2025 at 6:36 PM
The History of Malware: From Floppies to Droppers
Eliad Kimhy, Senior Security Researcher at Acronis, traces the evolution of malware from its early floppy disk days to modern ransomware, showing what has changed and what has stayed the same. #BSidesNYC
Eliad Kimhy, Senior Security Researcher at Acronis, traces the evolution of malware from its early floppy disk days to modern ransomware, showing what has changed and what has stayed the same. #BSidesNYC
Atomic Red Team 101
Gerard Johansen from Red Canary and Ryan Lanciali lead a hands-on workshop on using Atomic Red Team to emulate threats, validate defenses, and strengthen detection and response. #BSidesNYC
Gerard Johansen from Red Canary and Ryan Lanciali lead a hands-on workshop on using Atomic Red Team to emulate threats, validate defenses, and strengthen detection and response. #BSidesNYC
October 18, 2025 at 6:29 PM
Atomic Red Team 101
Gerard Johansen from Red Canary and Ryan Lanciali lead a hands-on workshop on using Atomic Red Team to emulate threats, validate defenses, and strengthen detection and response. #BSidesNYC
Gerard Johansen from Red Canary and Ryan Lanciali lead a hands-on workshop on using Atomic Red Team to emulate threats, validate defenses, and strengthen detection and response. #BSidesNYC
When the Shadow Crosses Over
Ilya Yatsenko, Offensive Security Engineer and OSCE3, explores Remote Desktop shadowing in Windows and how the same techniques can now be used from Linux and macOS systems. #BSidesNYC
Ilya Yatsenko, Offensive Security Engineer and OSCE3, explores Remote Desktop shadowing in Windows and how the same techniques can now be used from Linux and macOS systems. #BSidesNYC
October 18, 2025 at 6:24 PM
When the Shadow Crosses Over
Ilya Yatsenko, Offensive Security Engineer and OSCE3, explores Remote Desktop shadowing in Windows and how the same techniques can now be used from Linux and macOS systems. #BSidesNYC
Ilya Yatsenko, Offensive Security Engineer and OSCE3, explores Remote Desktop shadowing in Windows and how the same techniques can now be used from Linux and macOS systems. #BSidesNYC
Trust at Scale: Lessons Learned from a Decade of Engineering for Identity
Frédéric Rivain, CTO at Dashlane, shares lessons from building secure-by-design systems and scaling trust across millions of users in the evolving world of identity security. #BSidesNYC
Frédéric Rivain, CTO at Dashlane, shares lessons from building secure-by-design systems and scaling trust across millions of users in the evolving world of identity security. #BSidesNYC
October 18, 2025 at 6:12 PM
Trust at Scale: Lessons Learned from a Decade of Engineering for Identity
Frédéric Rivain, CTO at Dashlane, shares lessons from building secure-by-design systems and scaling trust across millions of users in the evolving world of identity security. #BSidesNYC
Frédéric Rivain, CTO at Dashlane, shares lessons from building secure-by-design systems and scaling trust across millions of users in the evolving world of identity security. #BSidesNYC
Living off the (land)cloud: Scattered Spider and the Cloud Control Plane
Shivakumar Buruganahalli, Senior Director of Customer Engineering at Acalvio, breaks down how Scattered Spider exploits cloud identities and IAM to move laterally and evade detection. #BSidesNYC
Shivakumar Buruganahalli, Senior Director of Customer Engineering at Acalvio, breaks down how Scattered Spider exploits cloud identities and IAM to move laterally and evade detection. #BSidesNYC
October 18, 2025 at 6:06 PM
Living off the (land)cloud: Scattered Spider and the Cloud Control Plane
Shivakumar Buruganahalli, Senior Director of Customer Engineering at Acalvio, breaks down how Scattered Spider exploits cloud identities and IAM to move laterally and evade detection. #BSidesNYC
Shivakumar Buruganahalli, Senior Director of Customer Engineering at Acalvio, breaks down how Scattered Spider exploits cloud identities and IAM to move laterally and evade detection. #BSidesNYC
Using Volatility 3 to Detect Sophisticated Malware
Andrew Case, Director of Research at Volexity, shows how new features and plugins in Volatility 3 help detect modern ransomware and APT techniques that evade traditional defenses. #BSidesNYC
Andrew Case, Director of Research at Volexity, shows how new features and plugins in Volatility 3 help detect modern ransomware and APT techniques that evade traditional defenses. #BSidesNYC
October 18, 2025 at 5:52 PM
Using Volatility 3 to Detect Sophisticated Malware
Andrew Case, Director of Research at Volexity, shows how new features and plugins in Volatility 3 help detect modern ransomware and APT techniques that evade traditional defenses. #BSidesNYC
Andrew Case, Director of Research at Volexity, shows how new features and plugins in Volatility 3 help detect modern ransomware and APT techniques that evade traditional defenses. #BSidesNYC
Mastering OWASP Amass v5.0
Jeff Foley, Project Leader at the OWASP Foundation, leads a hands-on workshop on the new graph-powered capabilities in Amass v5.0 for next-level asset discovery and reconnaissance. #BSidesNYC
Jeff Foley, Project Leader at the OWASP Foundation, leads a hands-on workshop on the new graph-powered capabilities in Amass v5.0 for next-level asset discovery and reconnaissance. #BSidesNYC
October 18, 2025 at 5:34 PM
Mastering OWASP Amass v5.0
Jeff Foley, Project Leader at the OWASP Foundation, leads a hands-on workshop on the new graph-powered capabilities in Amass v5.0 for next-level asset discovery and reconnaissance. #BSidesNYC
Jeff Foley, Project Leader at the OWASP Foundation, leads a hands-on workshop on the new graph-powered capabilities in Amass v5.0 for next-level asset discovery and reconnaissance. #BSidesNYC
Essential Marketing for Cyber Founders
Gianna Whitver, Co-Founder and CEO of the Cybersecurity Marketing Society, shares how founders can stretch their budgets and market smarter at every stage of their startup journey. #BSidesNYC
Gianna Whitver, Co-Founder and CEO of the Cybersecurity Marketing Society, shares how founders can stretch their budgets and market smarter at every stage of their startup journey. #BSidesNYC
October 18, 2025 at 3:50 PM
Essential Marketing for Cyber Founders
Gianna Whitver, Co-Founder and CEO of the Cybersecurity Marketing Society, shares how founders can stretch their budgets and market smarter at every stage of their startup journey. #BSidesNYC
Gianna Whitver, Co-Founder and CEO of the Cybersecurity Marketing Society, shares how founders can stretch their budgets and market smarter at every stage of their startup journey. #BSidesNYC
Understanding Python Bytecode
Rocky Bernstein, Chief Mad Scientist Emeritus, leads a hands-on workshop on disassembling, assembling, and decompiling Python bytecode using tools like xdis, xasm, and uncompyle6. #BSidesNYC
Rocky Bernstein, Chief Mad Scientist Emeritus, leads a hands-on workshop on disassembling, assembling, and decompiling Python bytecode using tools like xdis, xasm, and uncompyle6. #BSidesNYC
October 18, 2025 at 3:36 PM
Understanding Python Bytecode
Rocky Bernstein, Chief Mad Scientist Emeritus, leads a hands-on workshop on disassembling, assembling, and decompiling Python bytecode using tools like xdis, xasm, and uncompyle6. #BSidesNYC
Rocky Bernstein, Chief Mad Scientist Emeritus, leads a hands-on workshop on disassembling, assembling, and decompiling Python bytecode using tools like xdis, xasm, and uncompyle6. #BSidesNYC
The Human-AI Handshake: A Framework to Build Trust and Unlock Innovation in Modern Security Ops
Michael August Raggi, Principal Threat Response Specialist at Crowdstrike, shares how AI can build trust, boost efficiency, and spark innovation in security operations. #BSidesNYC
Michael August Raggi, Principal Threat Response Specialist at Crowdstrike, shares how AI can build trust, boost efficiency, and spark innovation in security operations. #BSidesNYC
October 18, 2025 at 3:28 PM
The Human-AI Handshake: A Framework to Build Trust and Unlock Innovation in Modern Security Ops
Michael August Raggi, Principal Threat Response Specialist at Crowdstrike, shares how AI can build trust, boost efficiency, and spark innovation in security operations. #BSidesNYC
Michael August Raggi, Principal Threat Response Specialist at Crowdstrike, shares how AI can build trust, boost efficiency, and spark innovation in security operations. #BSidesNYC
Spycraft 2.0: Hunting Dead Drops in Web Applications
Jonathan Fuller, CISO and Academy Professor at West Point, explains how attackers hide command and control servers inside public web apps and how defenders can uncover these digital dead drops. #BSidesNYC
Jonathan Fuller, CISO and Academy Professor at West Point, explains how attackers hide command and control servers inside public web apps and how defenders can uncover these digital dead drops. #BSidesNYC
October 18, 2025 at 3:23 PM
Spycraft 2.0: Hunting Dead Drops in Web Applications
Jonathan Fuller, CISO and Academy Professor at West Point, explains how attackers hide command and control servers inside public web apps and how defenders can uncover these digital dead drops. #BSidesNYC
Jonathan Fuller, CISO and Academy Professor at West Point, explains how attackers hide command and control servers inside public web apps and how defenders can uncover these digital dead drops. #BSidesNYC
Inboxfuscation: Out-of-the-Box Mailbox Obfuscation
Andi Ahmeti, Threat Researcher at Permiso Security, shares new findings on unseen obfuscation techniques in Exchange mailboxes that turn Business Email Compromise into business email chaos. #BSidesNYC
Andi Ahmeti, Threat Researcher at Permiso Security, shares new findings on unseen obfuscation techniques in Exchange mailboxes that turn Business Email Compromise into business email chaos. #BSidesNYC
October 18, 2025 at 3:20 PM
Inboxfuscation: Out-of-the-Box Mailbox Obfuscation
Andi Ahmeti, Threat Researcher at Permiso Security, shares new findings on unseen obfuscation techniques in Exchange mailboxes that turn Business Email Compromise into business email chaos. #BSidesNYC
Andi Ahmeti, Threat Researcher at Permiso Security, shares new findings on unseen obfuscation techniques in Exchange mailboxes that turn Business Email Compromise into business email chaos. #BSidesNYC
What It’s Like Being the Only Security Startup in Your YC Batch
SubImage Co-founders Alex Chantavy and Kunaal Sikka share what it was like building a cybersecurity startup in Y Combinator’s Winter 2025 batch surrounded by AI ventures. #BSidesNYC
SubImage Co-founders Alex Chantavy and Kunaal Sikka share what it was like building a cybersecurity startup in Y Combinator’s Winter 2025 batch surrounded by AI ventures. #BSidesNYC
October 18, 2025 at 3:00 PM
What It’s Like Being the Only Security Startup in Your YC Batch
SubImage Co-founders Alex Chantavy and Kunaal Sikka share what it was like building a cybersecurity startup in Y Combinator’s Winter 2025 batch surrounded by AI ventures. #BSidesNYC
SubImage Co-founders Alex Chantavy and Kunaal Sikka share what it was like building a cybersecurity startup in Y Combinator’s Winter 2025 batch surrounded by AI ventures. #BSidesNYC
Syndicate: The Life of a Ransomware Affiliate
Tammy Harper from Flare breaks down the world of ransomware-as-a-service, showing how affiliates evolve from small-time operators to full syndicates and what keeps these underground groups running. #BSidesNYC
Tammy Harper from Flare breaks down the world of ransomware-as-a-service, showing how affiliates evolve from small-time operators to full syndicates and what keeps these underground groups running. #BSidesNYC
October 18, 2025 at 2:56 PM
Syndicate: The Life of a Ransomware Affiliate
Tammy Harper from Flare breaks down the world of ransomware-as-a-service, showing how affiliates evolve from small-time operators to full syndicates and what keeps these underground groups running. #BSidesNYC
Tammy Harper from Flare breaks down the world of ransomware-as-a-service, showing how affiliates evolve from small-time operators to full syndicates and what keeps these underground groups running. #BSidesNYC
From Interview Questions to Cluster Damage: Adventures in k8s Cluster Hacking, presented by Amit Serper, Lead Security Researcher at CrowdStrike.
The talk highlights Kubernetes vulnerabilities found during testing and offers practical ways to secure cluster setups. #BSidesNYC
The talk highlights Kubernetes vulnerabilities found during testing and offers practical ways to secure cluster setups. #BSidesNYC
October 18, 2025 at 2:39 PM
From Interview Questions to Cluster Damage: Adventures in k8s Cluster Hacking, presented by Amit Serper, Lead Security Researcher at CrowdStrike.
The talk highlights Kubernetes vulnerabilities found during testing and offers practical ways to secure cluster setups. #BSidesNYC
The talk highlights Kubernetes vulnerabilities found during testing and offers practical ways to secure cluster setups. #BSidesNYC
Detecting and Preventing Obfuscated Script Execution with Tree-sitter, presented by David McDonald, Software Engineer at Volexity.
This talk shows how tree-sitter can detect and block obfuscated scripts, strengthening defenses against AMSI bypasses and malware attacks. #BSidesNYC
This talk shows how tree-sitter can detect and block obfuscated scripts, strengthening defenses against AMSI bypasses and malware attacks. #BSidesNYC
October 18, 2025 at 2:35 PM
Detecting and Preventing Obfuscated Script Execution with Tree-sitter, presented by David McDonald, Software Engineer at Volexity.
This talk shows how tree-sitter can detect and block obfuscated scripts, strengthening defenses against AMSI bypasses and malware attacks. #BSidesNYC
This talk shows how tree-sitter can detect and block obfuscated scripts, strengthening defenses against AMSI bypasses and malware attacks. #BSidesNYC
Down the Drain: Unpacking TON of Crypto Drainers, presented by Elizaveta Mikheeva, Cybersecurity Researcher at Neplox.
The talk explores how attackers use wallet impersonation and data manipulation on the TON Network to steal coins and NFTs. #BSidesNYC
The talk explores how attackers use wallet impersonation and data manipulation on the TON Network to steal coins and NFTs. #BSidesNYC
October 18, 2025 at 2:29 PM
Down the Drain: Unpacking TON of Crypto Drainers, presented by Elizaveta Mikheeva, Cybersecurity Researcher at Neplox.
The talk explores how attackers use wallet impersonation and data manipulation on the TON Network to steal coins and NFTs. #BSidesNYC
The talk explores how attackers use wallet impersonation and data manipulation on the TON Network to steal coins and NFTs. #BSidesNYC
At BSidesNYC, Lucas Nelson, Founding Partner at Lytical Ventures, shares an inside look at how cybersecurity investors think. His talk highlights common pitching mistakes founders make and what truly captures a VC’s attention.
October 18, 2025 at 2:15 PM
At BSidesNYC, Lucas Nelson, Founding Partner at Lytical Ventures, shares an inside look at how cybersecurity investors think. His talk highlights common pitching mistakes founders make and what truly captures a VC’s attention.