Talk Schedule - Talk Lineup - Speaker Bios
Jeffrey Bell
Talk: Repercussions from the Absence of Threat Actor Taxonomy (Sunday @ 0930)
Jeffrey Bell is a Senior InfoSec Analyst and Threat Intelligence Lead at Norstella. He graduated from UNC-Charlotte with a B.S. in Computer Science specializing in Cybersecurity. When not working, he writes for his blog catchingphish.com and enjoys skiing!
Hudson Bush
Talk: Informing your ICS Sec Roadmap w/ Threat Modeling (Sunday @ 1000)
Hudson Bush is a Security Architect who has been immersed in hacking and infosec since his teenage years. His experience ranges from consulting for some of the world’s largest companies, managing security for major enterprise mergers and acquisitions, and building a security program from the ground up at a security startup. With this broad expertise and passion for the field, Hudson’s mission is to share his lessons so others can learn from his mistakes.
Gabriel De Conto
Talk: Securing Interconnected IT and OT Systems (Saturday @ 1700)
Major in Computer Engineering with minors in cybersecurity and mathematics at Texas A&M University at College Station. Member of the Texas A&M Cybersecurity Club and participates in various activity groups such as Red Hat Academy, Cisco Academy, and Hack the Box Academy. Has a passion for new technologies and is constantly experimenting with low-level programming using the Windows API, SDL2, and the Linux Kernel. Has an ever-growing repertoire of programming languages including Rust, Go, and Zig. Has taken many cybersecurity-related classes such as Reverse Engineering, Operating Systems, Computer Network and Security, Computer Systems, and other related courses.
Noam Gariani
Talk: Securing Interconnected IT and OT Systems (Saturday @ 1700)
Major in Computing with a concentration and minor in cybersecurity at Texas A&M University at College Station. Has completed ICS-related certifications in Cybersecurity Practices for Industrial Control Systems (100W) and Virtual Industrial Control Systems Cybersecurity (301V) certifications given by the Cybersecurity and Infrastructure Security Agency (CISA). Completed security certifications such as the CompTIA Security+ and the GIAC GFACT. Participates in multiple organizations such as the Texas A&M Cybersecurity Club, US Cyber Games, Red Hat, and others. Completed cybersecurity internship at Johns Hopkins Applied Physics Laboratory. Works at the Texas A&M Cybersecurity Center as the Lead Software Engineer on the Texas CyberRange (TxCR) project.
Daniel Genkin
Talk: Side Channel Attacks: Lessons Learned or Troubles Ahead? (Saturday @ 1500)
Daniel Genkin is an Alan and Anne Taetle Early Career Associate Professor at the School of Cybersecurity and Privacy at Georgia Tech. Daniel’s research interests are in hardware and system security, with particular focus on side channel attacks and defenses. Daniel’s work has been recognized by multiple academic and industry venues, as well as covered by national and scientific press. Recently, Daniel has been part of the team performing the first analysis of speculative and transient execution, resulting in the discovery of Spectre, Meltdown and follow ups. Daniel has a PhD in Computer Science from the Technion - Israel Institute of Technology and has been awarded the 2024 Alfred P. Sloan Research Fellowship.
Daniel Gruss
Talk: SUIT: Secure Undervolting with Instruction Traps (Saturday @ 1130)
Daniel caught our eyes as a student when he published Rowhammer attacks from JavaScript, cache attacks on ARM, and the Flush+Flush leak primitive. His work on keystroke timing attacks and using high-resolution timers from JavaScript showed the practicality of leveraging side-channels without system-level access. After graduation, his work included the legendary Spectre/Meltdown vulnerabilities. Daniel is an associate professor at the Graz University of Technology, leading the CoreSec group in the Secure Systems area. Jonas has focused on Rowhammer attacks and countermeasures such as CSI:Rowhammer and PTGuard. We are thrilled to have Daniel and Jonas Juffinger here to present SUIT.
John Hamilton
Talk: Securing Interconnected IT and OT Systems (Saturday @ 1700)
John A. Hamilton, Jr., Ph.D. is the Director of the Texas A&M University Cybersecurity Center and a professor of computer science & engineering. Dr. Hamilton has a joint appointment with Idaho National Laboratory and is a guest scientist at Los Alamos National Laboratory. Dr. Hamilton has a B.A. in Journalism from Texas Tech University, an M.S. in Systems Management from the University of Southern California, an M.S. in Computer Science from Vanderbilt University and a Ph.D. in Computer Science from Texas A&M University. Dr. Hamilton is a distinguished graduate of the U.S. Naval War College.
Russ Handorf
Talk: Deception & Operations Planning (Saturday @ 1400)
Dr. Russell Handorf currently is an agent of chaos at a big tech company. Just recently he had a front row seat at another facepalm factory that went through a very public and very messy acquisition. And who could forget the time he was a principal threat intelligence hacker where he spent his time making criminal’s curse his very existence. He is also a fed in recovery after ten years of service defending the country in a variety of matters. He’s done a lot of other odd things here and there, but that isn’t important. “Let’s just have a conversation, but you’ll have to endure my dad-jokes.”
Kevin Johnson
Talk: Revitalizing Mimir’s Wisdom: PTES Reborn for Modern Pentesting (Saturday @ 1600)
Kevin Johnson, CEO of Secure Ideas, is a security expert with over 30 years of experience. He’s a global board member for OWASP, IANS faculty, and former SANS instructor. Kevin founded Secure Ideas in 2010, focusing on security testing and training. His career spans system administration, application development, incident response, forensics, and penetration testing for government and Fortune 100 clients. Kevin has contributed to open-source projects like OWASP SamuraiWTF and BASE. He’s authored SANS courses on web application security and mobile device security. A frequent keynote speaker at cybersecurity events, Kevin is committed to education and information sharing in infosec.
Jonas Juffinger
Talk: SUIT: Secure Undervolting with Instruction Traps (Saturday @ 1130)
Jonas is a PhD candidate of Daniel Gruss’ at the Institute of Applied Information Processing and Communications at Graz University of Technology. In his work he focuses on Rowhammer attacks and mitigations like Half-Double Rowhammer or CSI:Rowahmmer. He also researches side channels, microarchitectural attacks and power aware computing.
Justin Leiden
Talk: Evolutionary Echos in Modern OT (Saturday @ 1330)
Justin Leiden, MS in Cybersecurity, MBA. OT Engineering & Cybersecurity Program Director. Texas A&M Engineering Experiment Station Cybersecurity Center.
Asher Davila Loranca
Talk: Hunting Privileged File Operation Vulns (Friday @ 1600)
Passionate about binary analysis, binary exploitation, reverse engineering, hardware hacking, retro computing, and music.
Patrick C. Miller
Talk: Closing Keynote (Sunday @ 1100)
As a trusted independent security and regulatory advisor for more than 30 years, Patrick Miller has dedicated his career to the protection and defense of critical infrastructures. In addition to being the CEO of the industrial cybersecurity consulting firm Ampyx Cyber, he was one of the original architects and the first regulator of the NERC CIP Standards in North America and former Principal Investigator for the US Department of Energy’s National Electric Sector Cybersecurity Organization. Patrick is an internationally recognized public speaker, as well as an instructor for the Industrial Cybersecurity Center in Spain, Cyber Information Security Leader (CISL) program in Denmark, and formerly for the SANS Institute in the United States. Mr. Miller’s diverse background spans the Energy, Water, Telecommunications, Financial, and Insurance Services verticals including key positions with regulatory agencies, private consulting firms, utility asset owners and commercial organizations.
Colin O’Flynn
Talk: Phase Modulation Side Channels and Reinventing the Wheel (Friday @ 1500)
Colin is prolific in industry and academia. His most referenced works include attacks on ZigBee IoT systems, ChipWhisperer, an open-source platform supported by NewAE, and a wide array of side channels. When he isn’t working on his startup, NewAE Technology Inc., he is an Assistant Professor at Dalhousie University and a prolific speaker.
Dan Petro
Talk: DNP3 Security: The most important protocol you’ve never heard of (Saturday @ 1030)
Dan is widely known for the tools he creates: Eyeballer (a convolutional neural network pentest tool), the Rickmote Controller (a Chromecast-hacking device), Untwister (pseudorandom number generator cracker), and SmashBot (a merciless Smash Bros noob-pwning machine).
Marc Schoenefeld
Talk: Successfully Fuzzing High-Value Targets with Low Tech Strategies (Friday @ 1700)
22 year record of CVE-classified bugs
- speaker and trainer at numerous conferences (Blackhat, CanSecWest, JavaOne, HackInTheBox, Xcon)
- published Scanapk and undx, by their release time valuable tools for Android reversing
- Google chrome hall of frame, F-Secure hall of fame
Random past non-security achievements:
- https://www.heise.de/select/ct/2016/3/1454567731519206
- worked on omg.org ““CORBA success story”” in banking, also presented at CSMR 2002 in Budapest
- wrote a S390 assembler exit for extended log analysis for MVS
- wrote a 68000 assembler screen blend library for Atari ST
William Tatum
Talk: Securing Interconnected IT and OT Systems (Saturday @ 1700)
Major in Computer Engineering with minors in cybersecurity and mathematics at Texas A&M University at College Station. Completed multiple certifications including CompTIA Security+ and the GIAC GFACT. Has taken relevant courses on topics relating to low-level programming, hardware design, and cybersecurity. A member of the Texas A&M Cybersecurity Club that provides its members with opportunities in cybersecurity that are hard to find elsewhere. Currently works at the Texas A&M Cybersecurity Center as a Software Engineer on the Texas Cyber Range (TxCR) project. Has taken many cybersecurity-related classes including Reverse Engineering, Applied Cryptography, Computer Network and Security, Computer Systems.
Malav Vyas
Talk: Fortifying the Future of OT (Friday @ 1600)
As a seasoned security researcher specializing in Exploit Development and Vulnerability Research, I focus on identifying and exploiting vulnerabilities in Windows and IoT software environments. With a strong commitment to enhancing cybersecurity, I actively contribute to multiple infosec communities.
James Warne
Talk: A More PERFect World: Automated Architecture Agnostic Low Level Performance Instrumentation
James “Jay” Warne has spent his career in different aspects of security, from advanced research projects to running security operations and from tool development to leading software programs. Jay’s time in research has affirmed his commitment to technology, security, and computation. He constantly seeks ways to contribute to his field; one may find him testing his theories, reading and sharing papers, problem-solving with industry, working on RSTCON to feature others’ novel works/supporting its business operations, developing instructive or research presentations, mentoring new industry hopefuls, or outdoors.