Having been to various conferences, from hack.lu and CTI Summit to botconf, FOSDEM, and SANS events across the EU and the US, I’ve learned that attending a conference is far more than just showing up and taking notes. Each event holds unique opportunities for growth, networking, and skills validation. Here’s how to make the most of them based on what I’ve gathered along the way.

The fourth day of Hack.lu 2024 brought valuable insights into the evolving tactics of cybercriminals, proactive network defense, and innovative threat detection methods. Covering a range of topics from router compromises to firmware analysis, the sessions offered practical knowledge for security professionals focused on anticipating adversary actions, securing network infrastructure, and improving threat detection accuracy.

Day 3 of Hack.lu featured a mix of talks exploring both physical and digital security challenges. From discussions on outdated physical security measures to vulnerabilities in cutting-edge mobile app frameworks and critical infrastructure systems, the day offered valuable insights for cybersecurity professionals. The sessions provided practical demonstrations and real-world examples of how attackers exploit weaknesses in both physical and virtual environments, while also highlighting tools and techniques for enhancing detection and prevention.

The second day of the conference offered a lot of insights, covering topics from incident response to emerging threats in IoT, Kubernetes, and edge-device security. Both morning and afternoon sessions provided practical takeaways, as well as deeper perspectives on evolving attack surfaces and cybersecurity techniques. The talks spanned diverse subjects, from corporate cybersecurity incidents to advanced APT tracking, making for a dynamic and engaging day.

The ongoing edition of Hack.lu, the well-known cybersecurity conference, provided today a wealth of knowledge, with both morning and afternoon sessions delivering insights into emerging threats and advanced defensive strategies. Across the day’s talks, we explored a range of topics—from the evolving nature of botnets and Linux rootkits to unconventional malware persistence techniques and the integration of new tools in threat intelligence workflows. These sessions highlighted not only the sophistication of modern cyber threats but also the innovative methods and tools being developed to counter them. Additionally, a hands-on workshop on Return Oriented Programming (ROP) on ARM64 allowed me to gain practical skills in exploit development, making the day highly valuable. Detailed feedback from each session will be published, in accordance with the sharing rules.