Area41: Switzerland's Premier Hacker and Security Conference

Area41 Conference 2022
Third time lucky

We are delighted to announce the dates for the Area41 conference 2022.
After long discussions with our venue provider and the committee we have decided to conduct it June 16.-17. 2022.

About Area41 Conference

Established in 2010 under the original name hashdays, Area41 is Switzerland's most well-known technical information security conference. Every two years, international speakers present cutting-edge research from a variety of fields, ranging from software vulnerabilities and malware research to threat hunting and offensive security practices. Area41 attracts a diverse crowd of information security professionals, technical managers, as well as students and enthusiasts interested in the field.

Content First

Content first

Area41 actively curates a lineup consisting of international speakers as well as promising rising stars. Our talk selection focuses on content first. Our speakers, while compensated for their travel expenses, choose to share their knowledge without further compensation.
Our YouTube channel is here.

Small By Choice

Small by Choice

Since our first sold out event in 2016, we have chosen to cap Area41 at a 400 attendees maximum to ensure that the atmosphere and the ability to connect with other attendees and speakers alike remains intact. Get your tickets early or you might end up on the waitlist.

Non-Profit

Non-Profit

Since 2010, Area41 is a community-driven, non-profit event by the Swiss DEF CON group chapter DC4131. It is made possible by the countless hours of volunteers and the sponsors believing in our platform to make great technical content available to everyone.

Latest News

Posted on May 2nd, 2022

Next tickets will go on sale...

... on Sunday May 8th at 18:00 CEST
get them here: https://pretix.eu/DC4131tickets/A41-22/

Posted on Apr 24th, 2022

Tickets on sale soon

The Call For Paper (CFP) has been closed - we are currently reaching out to the speakers to fill the agenda.
Ticket sale will open Friday 29th April @ 19:00 CET (first wave, second wave follows in a few weeks
https://pretix.eu/DC4131tickets/A41-22/

Posted on Feb 19th, 2022

Call For Papers

The Call For Paper (CFP) is now open. We are looking for technical talks in English.

More details and submission page can be found at https://forms.gle/qxrow8W9mcLLeX2c8

Our Speakers

Over the years, we had the pleasure to host many great speakers from all over the world. For the 2022 edition, we strive to live up to the expectations we established in previous years by presenting you with the best line up we can muster.
Below is a selection of some of the speakers we have this year. .

Desiree Sacher-Boldewin

Topic: "The Intelligent Process Lifecycle of Cyber Defenders - The Extended Version"

Tobias Ospelt

Topic: "Improving web application scanning"

Philipp Mao

Topic: "No Passwords more Problems"

Dagmawi Mulugeta

Topic: "Command and Control Freak: Cloud Edition"

Dr. Florian Egloff

Topic: "Pirates, privateers, and mercantile companies in cybersecurity"

Max Moser

Topic: "How a smart conferencing device turned into a security nightmare"

Tamas Jos

Topic: "Hacking from the browser"

Frank Boldewin (Atruvia AG)

Topic: "Subverting ProBase security for fun and profit - A sophisticated ATM blackboxing case"

Conference Schedule

Based on last edition's feedback, we have consolidated the presentation track to a single track. In addition, we will provide a variety of networking opportunities to enable attendees to make optimal use of their time while at Area41.

The schedule is tentative and subject to change. It will be finalized in the week leading up to the event.

You can download the latest digital version here

Day 1 (16 June)
Day 2 (17 June)

08:30

Registration and Coffee

Welcome to Area41! Please keep your barcode ready. Once you got your badge, please help yourself to coffee and grab a seat for the opening ceremony!

09:15

Opening Ceremony

Area41 Organizers

Let Adrian, Candid and Stefan welcome you to Area41 2022 and give you some last-minute info about the event before handing the stage over to this year's keynote speaker!

09:30

Keynote: It’s All About Risk!

John Morgan Salomon (FS-ISAC)

10:00

Coffee Break

10:30

Pirates, privateers, and mercantile companies in cybersecurity

Florian Egloff
Head of Cyber at the Swiss Federal Department of Defence, Civil Protection and Sport

11:20

The Intelligent Process Lifecycle of Cyber Defenders - The Extended Version

Desiree Sacher-Boldewin (Finanz Informatik)

At FIRST 2020, Eireann and Desiree presented the concept of how important it is to analyse operational security defense process and where they do go wrong squeezed into a 20 minutes time frame. Since than, not only a peer reviewed paper around this topic was created and published (https://dl.acm.org/doi/10.1145/3499427), but also the suggested KPIs to measure have been further elaborated (https://github.com/d3sre/IntelligentProcessLifecycle). Now in this exended version of the talk, Desiree more goes into details on how the standard defense fields tie together and have to work together, to create an in depth state of the company security practices and the maturity of it's processes.

12:10

Lunch Break

Enjoy the lunch and networking break

13:40

Improving web application scanning

Tobias Ospelt (Pentagrid)

Testing web applications is a common task in many corporate networks and for many security analysts. However, scanners often work similar to a blind flight, meaning there is a need to work around or fix these things - if you notice them at all. If not stopped, scanners might do unnecessary tests for a very long time and waste resources, from bandwidth to your precious working time. Visibility into the coverage and how well the scans worked are often missing. This talk is about these possible failures. However, we also show how we would like to improve the situation for the Burp Suite Pro Scanner with a new extension that improves scanning with simple approaches.

14:30

Hacking from the browser

Tamas Jos (Porchetta Industries)

Performing internal pentest is not always an easy task, especially in a restricted environment where importing and installing tools can be tricky and will be time consuming. Octopwn aim to fix that problem by providing all you need for your internal pentest directly on your browser. Just fire a lightweight executable on the victim machine and perform all your tasks from Octopwn UI on your browser like dumping LSASS, extracting the SAM database, dump the NTDS from the Domain Controller etc. All powered by embedded python libraries like pypykatz, aiosmb, jackdaw etc Very fast, lightweight, and the ease of use, Octopwn has all the caratestic of a great tool that can solve many headaches. During this talk, I will present Octopwn and the logic behind it !

15:20

Building a Red Team – The Best Defense is a Good Offense

Daniel Fabian (Google)

What does it look like when a sophisticated adversary tries to attack your company? Would you be able to notice? Building an internal Red Team that is able to simulate a wide variety of adversaries can help answer this and many other questions. This talk will go into details on how to build an effective Red Team program, from hiring talent over building out capabilities, all the way to remediating findings surfaced in exercises.

16:10

Coffee Break

take a deep breath and relax

16:40

Subverting ProBase security for fun and profit - A sophisticated ATM blackboxing case(not recorded)

Frank Boldewin

ATM attacks have become increasingly sophisticated in recent years. This talk covers a series of exceptional blackboxing attacks on ATMs carried out by perpetrators in several European countries. It demonstrates how deep the masterminds behind this modus operandi managed to subvert the ATM platform stack to perform a successful attack and even bypassed hardware restrictions.

17:30

Security Content Creator Panel

Robbe Van Roey (@PinkDraconian)
Hacker Manager & Content Creator at Intigriti

Carl Svensson (@ZetaTwo)
Google

Thomas Roth (@ghidraninja)
stacksmashing

18:30

Networking BBQ Dinner

Have some snacks & drinks and network with like-minded people

09:30

Coffee Break

Get ready with a drink

10:00

Develop your own RAT - EDR + AV defense

Dobin Rutishauser (Raiffeisen Schweiz)

As most RAT's are often detected by anti Malware services, it is useful to create your own RAT for RedTeaming engagements. It is important to consider a few key design decisions, or it will end badly. I will show some parts of my RAT, Antnium. It is designed to bypass certain EDR solutions, which requires it to bypass AV. And lastly, what influence does this have on SIEM.

10:50

Command & Control Freak: Cloud Edition

Dagmawi Mulugeta (Netskope)

Why would an attacker operate their own command and control infrastructure when they can abuse something that already exists? Instead of using an attacker-controlled server, attackers are abusing popular cloud applications, including messaging apps, webmail apps, cloud storage apps, and social media apps for command and control (C2). C2 over cloud apps is less likely to be detected since abusing a popular cloud application has the advantage of blending in with everyday traffic and evading traditional command and control defenses. This talk will explore this new threat landscape, show real-world examples of attacks exploiting cloud services, review some of the most abused cloud applications, present novel tactics, and share behavior-based defenses for these attacks. This talk will equip the listener with the information to spot these attacks and strategies to reduce their attack surface.

11:40

Into the Dark - switching off renewable power from everywhere

Stephan Gerling (Kaspersky)

In the european Power Grid are several mechanism and dependencies to stabelize the powergrid. I will talk about how these works in general as a background to understand the effects of the vulnerabilities that i will show. The vulnerabilities in a solar power inverter in combination with other attack methods will bring an different view. Renewable and green energy is good for the environment, if implemented in a secure way. But often, this is not the case.

12:30

Lunch Break

Get the boost you may need

14:00

Counter-Strike: Global Offsets - A Journey into Exploiting the Source Engine

Niklas Brymko, Simon Scannell, Carl Smith (Google)

In this talk, we share our journey into Valve's Source Engine, which powers some of the most popular multiplayer games that attract millions of monthly players. We layout how to find, validate and exploit bugs and share details of a 100 percent reliable, wormable 1-click RCE chain.

14:50

No Passwords more Problems

Philipp Mao (Compass Security)

Passwordless solutions promise greater security and convenience by allowing users to login to Windows systems with only their smartphone. But what's going on behind the scenes and how could a domain's security stance be worsened by such a solution? In this talk I will explain how these solutions are implemented and detail the vulnerabilities and weaknesses discovered in three tested products.

15:40

Coffee Break

Get ready with a drink

16:00

A proprietary security protocol for hearing aids: Why we need one, and how to design, implement and formally verify one

Michael von Tessin (Sonova) & Alexander Maksyagin (Sonova)

Hearing aids are becoming more and more interconnected. They communicate via Bluetooth with mobile phones and PCs. For example, audiologists use their PCs to fit hearing aids to the patient's hearing loss. This even works remotely, routed via internet and the patient's mobile phone. Unfortunately, Bluetooth does not provide the necessary security mechanisms, e.g. neither access control nor cloud-based authentication. To this end, we have developed a proprietary security protocol, because existing security protocols cannot be used due to the limited communication bandwidth and hardware resources. But as we all know, proprietary security protocols have a higher likelihood of containing undetected security flaws. Formal verification allows us to gain confidence in the protocols by formally proving the desired security properties. We take you along in our journey of designing and implementing our protocol, and finally, tell you how a Bachelor's thesis student achieved to also formally verify its security properties.

16:50

How a smart conferencing device turned into a security nightmare

Max Moser (modzero)

When we first inspected the Meeting Owl Pro ( https://owllabs.de/), it appeared like a well-designed video conferencing camera with a meaningful use case and some security measurements in place. A closer look revealed a security nightmare allowing attackers to locate devices, collect sensitive data, and use it as a gateway into corporate networks. h00t! h00t!

17:10

Closing Ceremony

A goodbye with a summary of the Area41 conference, some statistics and some outlook.

Conference Venue

We are proud to present Kaufleuten as our 2022 conference location partner.

Situated in the heart of Zurich, Kaufleuten is a place full of culture with a history reaching back over 100 years. Over this period of time, it hosted Amy Winehouse, Madonna, James Morrison, and many other illustrious people. In 2022 it will provide a platform for some of the important voices of information security

Venue

Kaufleuten.ch
Pelikanpl. 18, 8001 Zürich, Switzerland

Travel

The Kaufleuten is located in the heart of Zurich, just minutes away from Zurich Main Station HB, which can be easily reached by train when arriving from Zurich Airport (ZRH). We recommend using public transport since parking is sparse and expensive.
Nearest Parking is Talgarten 39.-/day
Nearest tram stations are:

Sihlstrasse (Tram 2,9)
Rennweg (Tram 6,7,10,11,13,17)
Paradeplatz (Tram 2,6,7,8,9,10,11,13,17)

Nearby Hotels

There are many hotels in Zurich. For example the following hotels are nearby:

Motel One Zurich (180+/night)
CitizenM Zurich (220+/night)
Glockenhof Zurich (400+/night)

Impressions

Kaufleuten

Kaufleuten

Our Sponsors

We could not dream of putting on an event like Area41 without our generous sponsors, some of which have been with us for the past decade. If you are interested in supporting Area41 2022, please get in touch (sponsoring@defcon-switzerland.org) to receive our current sponsorship opportunities.
We are thankful for our 2022 sponsors and their trust in us!

PLATINUM SPONSORS

GOLD SPONSORS

SILVER SPONSORS

PARTNERS

FAQ

When will the Call For Paper open/close ?

Call For Paper (CFP) is now closed - deadline was April 10th 2022

Are you looking for workshops?

If you have a suggestion for a workshop, then send us details at committee @ defcon-switzerland.org. We are mainly interested in short workshops.

Are you looking for volunteers to help?

All spots for helping have been filled. Thank you!

Where can I find the videos of past conferences?

You can find more videos in our YouTube channel.

Check out previous year's keynote by Costin Raiu