Insomnihack logo

Swiss CyberSecurity Conference

March 10-15, 2025
Lausanne, Switzerland

ins-logo-wht
register
about us

🚨 Only a few days left to register!

03 March 2025

🛡️There are only a few days left to register for some of Europe’s biggest cyber events. Tickets for workshops close…

More info

🎉Join Our Exciting Prize Draw!

27 February 2025

Don’t miss your chance to win a PlayStation 5 or a LEGO NASA Artemis launch pad! Simply visit each sponsor…

More info

🚨 CTF tickets are now available!

29 January 2025

🛡️Be part of one of the world’s largest onsite CTFs! Engage in an exciting evening of challenges, with free participation…

More info

About the event

Insomni’hack is a Swiss cybersecurity conference and hacking contest

Founded and organized by Orange Cyberdefense Switzerland (formerly SCRT SA) - since 2008.

What started as a small-scale hacking contest in 2008, has now become one of the largest cybersecurity events in Switzerland and neighboring Europe, as well as one of the largest on-site CTF’s worldwide gathering a wide spectrum of cybersecurity professionals and enthusiasts from all over the globe.

About us

Venue

SwissTech Convention Center
Lausanne, Switzerland

Quartier Nord EPFL
Route Louis-Favre 2
1024 Ecublens
Switzerland

5
Days
5
Workshops
20+
Talks
1
Party
1
CTF

Organized by

Sponsors

Technology partners

Partner events

Talks

Aziz Belkhiria

March 13, 14:30

(Panel) Cyber Innovation

Hugo Flayac

March 13, 14:30

(Panel) Cyber Innovation

Olivier Crochat

March 13, 14:30

(Panel) Cyber Innovation

Laurent Balmelli

March 13, 14:30

(Panel) Cyber Innovation
View all talks

Workshops

Advanced Detection Engineering in the Enterprise

March 10th, 11th & 12th, 2025

Your organization’s recent red teaming exercise revealed critical gaps in detecting advancedattacks, which bypassed the out-of-the-box detections. Now, it’s time…

More info

Web Application Security

March 11th & 12th, 2025

This is a hands-on training which covers a broad scope of vulnerabilities that can be found in Web applications. The objective is…

More info

Attacking Mobile Applications

March 11th & 12th, 2025

This mobile training covers common vulnerabilities that can be discovered in Android & iOS mobile applications. The participants will discover the methodology…

More info
View all workshops

The agenda

Time CAMPUS (AUDITORIUM B) CLOUD (AUDITORIUM C) GARDEN (ROOM 1ABC) SIDE EVENTS (ROOM 2C)
09:00 - 09:50(KEYNOTE) Advanced Android Archaeology: Baffled By Bloated Complexityby Mathias PayerCLOSED
10:00 - 10:30COFFEE
10:30 - 11:20Beyond LSASS: Cutting-Edge Techniques for Undetectable Threat Emulationby Priyank NigamCaptain MassJacker Sparrow: Uncovering the Malware's Buried Treasureby Ari NovickCLOSEDEU-CH Cybersecurity Regulatory Landscape (FR)by Soheila Firouz Kouhi & Gaëtan Senelle-Cojan
11:30 - 12:20You can't touch this: Secure Enclaves for Offensive Operationsby Matteo Malvica & Cedric Van BockhavenGhost in the RaaS: Ransomware-as-a-Service from the perspective of an affiliateby Carlos IshimaruWhat if I told you that Security is here to help? (a.k.a. The 7 habits of Highly Effective Security Leaders)by Sebastian Avarvarei(continued)
12:30 - 13:30LUNCH
13:30 - 14:20Demystifying Automated City Shuttles: Blessing or Cybersecurity Nightmare?by Anastasija CollenCode to Cloud: Exploiting Modern Web Applications to Breach Cloud Environmentsby Christophe Tafani-Dereeper(Panel) Next-Gen Hiring Meets AI, Cybersecurity, and Inclusionby Nathalie Brodard & Line Pillet & Lennig Pedron & Nagib AouiniEU-CH Cybersecurity Regulatory Landscape (EN)by Soheila Firouz Kouhi & Gaëtan Senelle-Cojan
14:30 - 15:20Pioneering zero days at Pwn2Own Automotive 2024by Alex Plaskett & McCaulay HudsonDouble Agent: Exploiting Pass-through Authentication Credential Validation in Azure ADby Ilan Kalendarov & Elad Beber(Panel) Cyber Innovationby Laurent Balmelli & Hugo Flayac & Aziz Belkhiria & Olivier Crochat & Lennig Pedron(continued)
15:30 - 16:00COFFEE
16:00 - 16:50Access Granted: Uncovering RFID Readers Vulnerabilities & Bypassing Physical Access Controlsby Julia ZduńczykEL3XIR: Fuzzing COTS Secure Monitorsby Marcel Busch & Christian LindenmeierStop making nonsense – Cutting through compliance complexityby Mat Caplan16:30 Présentation (avant-première) Offre Micro-SOCby Orange Cyberdefense Switzerland
17:00 - 17:50Unlocking the Cybersecurity Secrets of Modern Vehiclesby YUQIAO NINGHack, Patch, Repeat: Insider Tales from Android’s Bug Bountyby Maria Uretsky & Olivier TuchonCLOSED
Time CAMPUS (AUDITORIUM B) CLOUD (AUDITORIUM C) GARDEN (ROOM 1ABC) SIDE EVENTS (ROOM 2C)
09:00 - 09:50Introduction by Raphaël Conz (SPEI, Canton de Vaud)

(KEYNOTE) The AI Paradox: Safety vs Performance by Rachid Guerraoui		CLOSED
10:00 - 10:30COFFEE
10:30 - 11:20The Rise of AI-Driven Malware: Threats, Myths, and Defensesby Candid WuestThe Spy Who Flashed Me: Exploring and defeating physical access control systemsby Michael Rodger20 years of cybersecurity automation: has AI restored balance to the force?by Raphaël Marichez (Palo Alto Networks)
11:30 - 12:20Good Models Gone Bad: Visualizing Data Poisoningby Maria KhodakCache Me If You Can: Smuggling Payloads via Browser Caching Systemsby Aurélien ChalotCLOSEDPrésentation (avant-première) Offre Micro-SOCby Orange Cyberdefense Switzerland
12:30 - 13:30LUNCH
13:30 - 14:20“A Slice of” Modern Program Analysisby Kyle MartinThe Art of Malware Smuggling (Unmasking SVG-Based Attack Techniques)by Dhiraj MishraCLOSED
14:30 - 15:20Don't let Jia Tan have all the fun: hacking into Fedora and OpenSUSEby Thomas Chauchefoin & Maxime RinaudoMalware analysis with R2AIby Axelle ApvrilleCLOSED
15:30 - 16:00COFFEE
16:00 - 16:50Your Identity is Mine: Techniques and Insights from OS Identity Providers Researchby Maor AbutbulData Sets That Can Make A Difference: Improving Your Hunting and Detection in Entra ID and O365by John StonerCLOSED
17:00 - 17:50Go Parser Footgunsby Vasco FrancoBeyond the Surface: Exploring Attacker Persistence Strategies in Kubernetesby Rory McCuneCLOSED
18:00 - 05:00CTF
(AUDITORIUM A)
View full agenda