Find Expert Speakers

Andreas Wiegenstein is engaged in SAP cyber security since 2003. He discovered quite a number of zero-day vulnerabilities in SAP software and supported development of a market leading static code analysis tool for the business programming language ABAP. He has spoken at more than 70 conferences world-wide about SAP security, including Black Hat, DeepSec, Hack In The Box, IT Defense, RSA, SAP TechEd and Troopers (alphabetical order). His current research is focused on SAP malware and supply chain attacks.

I'm working as a Security Researcher at Seqrite Labs (Quick Heal), specializing in Advanced Persistent Threat (APT) hunting, cyber threat intelligence, malware reverse engineering, and adversary infrastructure analysis. Actively involved in uncovering sophisticated intrusion campaigns, mapping TTPs aligned with the MITRE ATT&CK framework, analyzing multi-stage malware ecosystems, and tracking nation-state and financially motivated threat actors across diverse attack surfaces.

Moonbeom ParkCPO(Chief Product Officer) @78ResearchLabFormer senior researcher of KrCERT/CC & KISAI'm working at 78ResearchLab(http://www.78researchlab.com) in South Korea, a company specializing in the development of cyber warfare tactics and offensive and attack technologies. They analyze the cyber warfare strategies of Advanced Persistent Threat(APT) groups and conduct research on of attack techniques such as 0-day vulnerabilities and develop various cyber weapons, exploites, Post-Exploitation techniques that can be utilized in cyber warfare operations.

## Investigation and Analysis of Malware Spreading Infection via MSI Package Files (BSides Tokyo 2023)Language: JapaneseAgenda: https://bsides.tokyo/2023/Slide (PDF): https://github.com/mopisec/bsides-tokyo-2023/blob/main/BSidesTokyo2023_MSIanalysis_dist.pdfRecording: Not Available## Reverse Engineering Malware Written in C++ with IDA and Semi-Automated Scripts (Training at GCC 2025 Taiwan)Language: EnglishAgenda: https://gcc.ac/archive/gcc_2025/Slide (PDF): Not AvailableRecording: Not Available## Inside Pandora's Box: dissecting the latest arsenal and tactics of APT27 (VB2025 Berlin)Language: EnglishAgenda: https://www.virusbulletin.com/conference/vb2025/abstracts/inside-pandoras-box-dissecting-latest-arsenal-and-tactics-apt27/Slide (PDF): https://www.virusbulletin.com/uploads/pdf/conference/vb2025/slides/Slides-Inside-Pandoras-box-dissecting-the-latest-arsenal-and-tactics-of-APT27.pdfRecording: https://www.youtube.com/watch?v=TUATnkPEsnc## Continuous Evolution of Tianwu’s Pangolin8RAT and Custom Cobalt Strike Beacon (JSAC2026)Language: EnglishAgenda: https://jsac.jpcert.or.jp/en/timetable.htmlSlide (PDF): https://jsac.jpcert.or.jp/archive/2026/pdf/JSAC2026_1_6_naoki_takayama_en.pdfRecording: TBA (Should be available on YouTube soon)

R.D. Tarun (RDT) is a cybersecurity researcher specializing in malware analysis, reverse engineering, and adversary tradecraft. His work focuses on dissecting real-world attack campaigns, with particular emphasis on multi-stage infection chains, fileless execution, and evolving infostealer ecosystems.He conducts in-depth research on active malware campaigns, tracking their progression from commodity tooling to custom-developed payloads. His analysis has uncovered previously undocumented behavior, including custom infostealers, infrastructure patterns, and techniques used to evade modern defenses. His research has been widely circulated within the security community and covered by multiple security news outlets and industry publications.His work combines static and dynamic analysis with memory-level investigation to trace full execution chains from initial access to data exfiltration. He focuses on understanding attacker tradecraft end-to-end and translating offensive techniques into practical detection strategies for SOC and DFIR teams.He actively publishes technical deep-dives on malware, including infostealers, fileless loaders, and multi-stage attack chains, and has presented his research at reputed security community meetups and forums.

I'm a security researcher with a passion for OS internals and all things low-level. Over the years I have specialised in Android & the Linux kernel, but have dabbled in a number of domains. When I'm not figuring out how things work and breaking them, I love to share my experiences and help others; whether it's via my blog, talks or mentoring.

Vitaly Simonovich is a senior security researcher at Cato Networks and a member of Cato CTRL. Currently, Vitaly focuses on researching topics related to LLM security, with a particular emphasis on jailbreaks and prompt injections, as well as conducting vulnerability research across a wide range of technologies. In addition, he is actively involved in threat intelligence, analyzing emerging threats and attack trends to strengthen organizational defenses.Prior to joining Cato in 2023, Vitaly worked at Incapsula and Imperva, where he led teams of security analysts and researchers. With over nine years of experience in cybersecurity, Vitaly specializes in application security, data security, LLM security, vulnerability research, and threat intelligence.An active contributor to the cybersecurity community, Vitaly regularly publishes research blogs, hosts webinars, and presents at conferences. In addition to his professional work, he teaches cybersecurity at local colleges and enjoys solving CTF challenges in his free time to stay sharp and enhance his skills.