APWG.EU Tech 2024 Speakers
Manuel Nicolas Enciso Garcia-oliveros
Director ETS Ingeniería Informática
Universidad de Málaga
Opening Remarks
Manuel Medina
Responsible for Cybersecurity – inLab.FIB-esCERT
APWG.EU Director of Research
Opening Remarks
Professor at the Polytechnic University of Catalonia since 1992, president of the scientific committee of the European chapter of APWG (APWG.EU) and member of the advisory council of ISMS Forum Spain. In 1994 he founded and directed EsCERT-UPC, a Spanish team to respond to security incidents in the network.
Previously, he was an Advisor for Institutional Relations (Stakeholder Relations Advisor) and deputy director of the Department of Technical Competence of ENISA (European Agency for Information Security) (2011-2014). Scientific Adviser of security projects of Barcelona Digital Centro Tecnológico (2008 – 2010). Founder and president of the research center on Internet Applications (CANET-UPC) (2004-2006).
He has been a full member of ESRIF (European Security Research and Innovation Forum) and ESRAB (2006-2009) to advise the European Commission on security research topics for R & D funding programs.
Founder of several spin-off companies:
Safelayer Secure Communications, a PKI software provider, a leader in Europe.
InetSecur and tb-security, information security and audit management.
SeMarket, specializing in digital and biometric identity management services
ReadyPeople, developer of applications for management of identity profiles in social networks and aspects of privacy in geolocation services.
Adriana Freitas
Dir. Responsible for Research Projects
APWG.EU
LAZARUS Project: Update on Horizon Europe funded work
Adriana, a seasoned telecom expert with 20+ years of industry experience, has transitioned into cybersecurity with a passion for safeguarding digital landscapes. As the Director Responsible for Research Projects at APWG.eu, she leads international collaborations, shaping global digital security efforts. Adriana’s journey began with satellite giants Omnitracs and Globalstar, followed by a decade-long tenure at Telefonica, managing international projects in major cities. Her dedication extends to community involvement, actively participating in tech events and supporting startups as a mentor and investor. Adriana’s expertise and leadership are bolstered by her academic background, including an M.S. in Data Science and Big Data, specialized training from ESADE and IE, an MBA from IEDE/Universidad Europea Madrid, M.S. in Marketing from UFGV Sao Paulo, and a Master of Engineering degree from UNB, Brasilia.
Ionuț Şerbǎnicǎ
Senior Analyst
European Cybercrime Centre (EC3)
EUROPOL
Phishing, another type of petty crime?
Ionuț Șerbănică is currently working at Europol as Senior Analyst within the European Cyber Crime Centre.
Ionuț Șerbănică is a graduate of the Law University within the Police Academy in Bucharest, Romania, has a Master’s Degree in Security Studies and a Master’s Degree in Computer Forensic and Cybercrime Investigations. With 21 years’ experience in law enforcement at both national and international level, he has worked for the Romanian National Police in various units, as an Intelligence Analyst and Criminal Investigator, for Europol European Union Agency for Law Enforcement Cooperation (EUROPOL) as senior analyst and European Union Drugs Agency (EUDA) as scientific analyst on security. He gained extensive experience in working with multicultural teams, where he has been providing operational and strategic analytical support to Member States’ law enforcement authorities.
At APWG.EU Tech Summit and Researchers Sync-Up 2024, Ionut Serbanica will be discussing briefly about cyber payment card frauds, crimes that are harming the EU citizens every day.
Alberto López González
VP Financial Crime & Crypto Solutions
Mastercard Europe
Using AI to Identify Money Laundering Activity
Alberto López is, since 2022, the European lead for Cybersecurity Solutions aimed at preventing financial crime. Previously he was the director of Cybersecurity and Digital Solutions for Spain and Portugal. He joined Mastercard in 2015, leading the Digital Payments and Innovation department for the same markets at Mastercard. During his twenty years of experience in the telecommunications sector, he has worked on various projects in the field of mobile payments and digital payments solutions for the ecommerce and the physical stores and also on AI solutions to prevent fraud.
An expert in Cybersecurity, mobile communications, ecommerce and mobile payments, he is a collaborating professor of the Postgraduate Master in Cybersecurity, a program taught by the European University of Madrid, and co-author of the book “GPRS Technology, Services and Business”, published by Telefónica Móviles España .
Alberto López holds a master’s degree in Telecommunication Engineering from Universidad Politecnica de Madrid.
Davide Ariu
CEO and Co-founder
PLURIBUS ONE
Enhancing the security of Web Applications and APIs with the OWASP WARM project
Davide ARIU is CEO and Co-Founder at PLURIBUS ONE (http://pluribus-one.it), a European cybersecurity provider offering services and solutions for Application Security. In addition to his CEO role, he is responsible for professional services and training activities in the company.
He has a long background as a cybersecurity researcher, having worked for about 15 years on machine learning applications for cybersecurity, including traffic analysis (HTTP, DNS), phishing detection, and malware detection.
He got a Ph.D. from the University of Cagliari, has been a visiting student at the Georgia Tech Information Security Center, and published about 30 papers in international and peer-reviewed conferences and journals.
He is the co-chair of the OWASP Italy Chapter, and among the leaders of the OWASP WARM project for enhancing the capability of Web Application Firewalls to protect Web Applications and APIs.
Davide maintains the “Unboxed AppSec” blog (http://davideariu.substack.com) where he talks about application security.
Finally, he has extensive experience participating in R&D projects, especially actions funded by the European Commission, having participated in more than 20 different projects throughout his career.
He is currently the project coordinator of the APPtake project (http://apptake.eu), which aims to foster the adoption of DevSecOps practices by European SMEs.
Jesús Luna
CEO and Co-founder PLURIBUS ONE
Senior Security Architect – Cloud and IoT
Bosh
Generative AI in the industry: an opportunity or a threat for cybersecurity?
Dr. Jesus Luna Garcia has worked since 1995 in the field of cybersecurity, both in America and Europe. He holds a PhD degree in Computer Architecture from the “Technical University of Catalonia” (Spain), and has co-authored more than 50 cybersecurity-related publications including scientific papers, standards, and a patent. He previously worked as research director for the Cloud Security Alliance EMEA (UK), and currently for Robert Bosch GmbH (Germany) on topics related to security governance for cloud and AI. In 2020, he was nominated by ENISA as one of the 20 experts to develop the new European cybersecurity certification scheme for cloud services. Furthermore, Dr. Luna is the technical manager of the EU-funded MEDINA project on automated certification.
TEMA: Generative AI in the industry: an opportunity or a threat for cybersecurity?
Vinzenz Vogel
DNS Big Data & Security Engineer
SWITCH-CERT
Minority Report and Robocop: Fighting abuse throughout the lifecycle of domains
Originally studying physics, Vinzenz joined Switch in 2022 as a DNS Big Data & Security Engineer. A good part of his work revolves around DNS: He is part of the team running the critical infrastructure for the .ch and .li TLDs and works on several databases like passive DNS. Furthermore, he is a software engineer for the Switch DNS Firewall. Last but not least he runs several programs to protect .ch and .li domains from cyber threats.
Robin Grunewald
Senior Cyber Threat Intelligence Analyst
SWITCH-CERT
Minority Report and Robocop: Fighting abuse throughout the lifecycle of domains
Robin is a Senior Cyber Threat Intelligence Analyst at Switch, specializing in Domain Security and Abuse. He monitors and mitigates threats to .ch and .li domain names, ensuring their security and integrity. As Co-Chair of the European TLD ISAC, Robin co-leads intelligence-sharing efforts across European Top Level Domains. Previously, Robin held analytics and data science roles at Google, working on Google Ads and YouTube.
David Rosado Soria
Threat hunter & Forensics Analyst
Alpine Security
Proactive Threat Hunting: Uncovering and Stopping Phishing Attacks
Passionate about cybersecurity. Experience in Digital Forensics and Incident Response (DFIR). Graduate in telecommunications engineering and master’s degree in cybersecurity.
Threat hunting. GCIH GCFA
Marc Rivero
Senior Security Researcher GReAT
Kaspersky
Linux Under Siege: Analyzing the Latest Cyber Espionage Tactics and Malware Trends
Marc is a well-known intelligence expert who also has a history in reverse engineering, giving him a unique set of skills. Because of his extensive training and expertise in the industry, he has been able to fascinate audiences at both national and international conferences. In his work with CERT/CSIRT teams at top financial institutions, where he has held the respected post of Head of Research, Marc’s education in Intelligence has shown to be extremely helpful and has proven to be essential. He is highly sought after for his knowledge, and he is the driving force behind many research initiatives that are examining the depths of fraud, cybercrime, and targeted attacks. Marc is not only successful in his professional endeavors, but he is also a devoted educator. He currently serves as the coordinator for the Master in Computer Security program offered at La Salle Barcelona. Marc continues to significantly impact the future of the intelligence and security industries thanks to his extraordinary abilities and innovative approach.
About my talk:
“Linux Under Siege: Analyzing the Latest Cyber Espionage Tactics and Malware Trends”
In 2023, cybersecurity research sheds light on the increasing targeting of Linux systems. The AppleJeus campaign by the Lazarus Group, highlighted by Volexity and Microsoft, marks a tactical evolution with new malware impacting Linux and macOS, focusing on cryptocurrency theft. The DTrack campaign, a branch of Lazarus, represents a significant development in diverse attacks including ransomware and espionage malware. This campaign has evolved over nearly a decade, expanding knowledge about attacker commands and associated post-exploitation tools.
Further, the MATA cluster malware, attributed to Lazarus, affected defense contractors in Eastern Europe, incorporating sophisticated multi-stage attacks and exploiting security solutions. Investigations also revealed ChinaChopper’s active infections in public servers, employing tactics similar to DragonSpark, such as webshells and RAT deployments. Additionally, the MysterySnail campaign linked to IronHusky targeted Eastern European industries in 2021, using novel backdoors. Lastly, the previously undocumented multi-platform DinodasRAT has been deployed against government and various regional targets, indicating its broad reach and sophistication.
Carlos Fragoso
Principal Subject Matter Expert
Maltego
toADS: Hunting Online Advertisements
Carlos is Principal Subject Matter Expert at Maltego Technologies with over 24 years of professional experience in information security: incident response, digital forensics, and threat intelligence/hunting. He closely works with governments, big companies and LEAs to tackle cybercrime around the world. Carlos is a member of different working groups in ENISA, Europol, Interpol and other agencies.
About my talk:
*toADS: Hunting Online Advertisements*
Email Protection and Security Awareness Programs have raised the bar to make more difficult for offenders to cheat users on clicking over phishing or scam links. Some alternative techniques have arised such as sending them through Direct Messages in Social Media networks. A remarkable technique is being profited to reach them directly thanks to a paid feature, advertisements.
AdTech stack is a complex and dynamic environment composed by providers, brokers and publishers. Transparency regulations have forced providers to share information about advertisements running across their platforms in a database known as AdsLibrary ,providing information about their audience target, impact and requestor.
This talk describes how to collect information about online ads using APIs facing well-known AdsLibraries from Meta, Bing and Google combined with live data collection using scrapping techniques. A new open-source OSINT tool (in beta stage) named “toADS” to support collection and analysis of online ads for hunting and investigative purposes.
Christina Thorpe
Head of Cybersecurity at Technological
University Dublin
GroSafe – A Technology Enabled Solution for Building Societal Resilience against Grooming
Dr Christina Thorpe holds a B.Sc. in Computer Science from University College Dublin, which she completed in 2005. She further pursued her academic journey and obtained a Ph.D. in Computer Science from the same institution in 2011. From 2011 to 2018, Christina worked as a postdoctoral research fellow at the Performance Engineering Lab in UCD.
Currently, Dr Thorpe serves as the Head of Cybersecurity at Technological University Dublin. In this role, she contributes to managing the operations and shaping the vision of the cybersecurity discipline within the university. Additionally, Dr. Thorpe is actively involved in leading and co-leading three research projects that primarily focus on online child safety and leverage the power of AI to address the associated challenges.
Joan Soriano
Threat Hunting coordinator
S2 grupo
Cyberterrain Data Model for Adversary Simulation
Head of Operational Threat Intelligence. He was part of S2 Grupo’s ENIGMA specialised cybersecurity training programme, joining as a cybersecurity analyst. He then took on the position of head of the Threat Hunting team at S2 Grupo from 2019 to 2022. He has been the R&D coordinator in the Special Services division of S2 Grupo since 2020, where he defines and executes cyberintelligence projects that have an impact on the rest of the cybersecurity areas. His publications include his book on the analysis of cyberwarfare ‘Omnium contra Omnes’ and research articles such as ‘Threat Hunting: Probability based model for TTP covering’, ‘Counterinsurgency as an organisational defence model’ or ‘Cyberterrain Data Model for Adversary Simulation’, among others.
Carlos H. Gañán
Principal Security Researcher
ICANN
Carlos Ganan joined the ICANN organization on January 2020. He works as Lead Security, Stability and Resiliency Specialist for the Office of the CTO. Previously, Carlos conducted research around DNS abuse and cybercrime as associate professor at Delft University of Technology. In 2012, he completed his PhD in the field of information security for vehicular ad-hoc networks. Previously, in 2008 he completed a MSc on Telecommunications writing a thesis on the safety and security of wireless sensor networks at Philips Laboratories in Aachen. After that, in 2010 he received an MSc in Telematics during which he studied the secure transmission of video streaming for mobile ad-hoc networks. In the past, he was part of the Information Security Group, with the Department of Telematics Engineering at UPC, Barcelona. He also holds a Diploma in Business Studies and a Degree in Administration and Business Management from the Open University of Catalonia.
Andreas De Sousa
Software Engineer & Data Analyst
Eclexys
Analysis and Anomaly Detection in Windows Environments Using LP and Machine Learning Techniques; from Theory to Validation on the Field.
Andreas De Sousa is a passionate data scientist and data analyst with a strong background in machine learning and deep learning algorithms using Python. He is the founder and CEO of Dayna Cookies, a startup he has been managing since October 2020. Andreas holds a Master’s degree in Computer Science with a specialization in Cyber Security from the University of Applied Sciences and Arts of Southern Switzerland (SUPSI), where he also completed a Master’s in RF, Microwave Sensors, and Communication Systems. Currently, he works as a Software Engineer and Data Analyst at Eclexys in Switzerland. Andreas is driven by intellectual curiosity and a commitment to continuous learning, always seeking innovative solutions to complex problems. In his free time, he enjoys traveling, 3D printing, sports, and stock trading. Andreas is eager to connect with like-minded professionals and share his insights as a speaker.
Enrique Rando González
Consejero Técnico
Agencia Digital de Andalucía
Enrique Rando González holds a Degree in Computer Science from the University of Málaga. He has carried out investigation and communication activities in the Cybersecurity and Open Source Intelligence fields, writing books and articles on these subjects and taking part in the development of tools like FOCA or OOMetaExtractor. He has given presentations in events such as Black Hat Europe or the Open Source World Conference, being also coauthor of works presented in congresses such as the Spanish Meeting on Cryptography and Information Security (Reunión Española sobre Criptografía y Seguridad de la Información – RECSI)) or the Ibero American Conference WWW/Internet (Conferencia Ibero Americana WWW/Internet – IADIS). He is currently in charge of the Andalusian Cybersecurity Center.
Foy Shiver
Deputy Secretary-General
APWG
APWG.EU Strategic Direction and Challenges in 2024
Foy Shiver is Deputy Secretary-General of APWG (Anti-Phishing Working Group) and a founding Trustee of APWG.EU. In 2004 Mr. Shiver assumed operations management for the nascent non-profit Anti-Phishing Working Group. Since then the organization has grown into a global industry, law enforcement and research focused group dedicated to countering the growing threat of electronic crime. In 2006, Mr. Shiver accepted the appointment as Deputy Secretary-General of APWG, charged with cultivating membership around research, data-sharing and policy issues fighting cybercrime and electronically mediated fraud. In 2013 Mr. Shiver worked with APWG and CaixaBank to found the new European Foundation APWG.EU. This foundation focuses on cybercrime research and education within the European Union and globally. Mr. Shiver has previously worked in Lotus Notes Product Management, and founded a clinical research company: Woodstock Clinical Data. He is a proud veteran of the US Army 82nd Airborne Division.
Isaac Agudo
CEO and Founder
Decentralized Security
Professor and Researcher
NICS Lab
Cryptocurrency in Cybercrime
Isaac Agudo is a professor at the University of Malaga and a member of the cybersecurity research group NICS Lab (www.nics.uma.es). In 2020 he founded Decentralized Security (https://decentralizedsecurity.es/), a university spin-off that focuses its efforts on improving the security of the blockchain ecosystem, with a focus on the implementation of new cryptographic schemes. In academia, he is working at the intersection of secure multiparty computing protocols and blockchain technologies.
Aoki Minoru
Assistant Director,
Cyber Policy Planning Division Cyber Affairs Bureau
National Police Agency Japan
Cybercrime Trends and Police Countermeasures in Japan
In 1998, he joined the Saitama Prefectural Police. After serving as an assistant director in the Criminal Affairs Division, the Community Safety Division, and the Cybercrime Division, he joined the National Police Agency (NPA) of Japan in 2023. In the Cyber Policy Planning Division of the NPA, he is primarily in charge of measures against phishing and credit card fraud. (current position)
Stefan Kitzler
PhD Candidate
Complexity Science Hub Vienna
Researchers Chalk-Talk: Future of Cybercrime Research
Stefan Kitzler’s research interests center around data analysis on cryptoasset, especially in Decentralized Fiance. In 2023, he did a research stay at University of Montreal at the EconCrime Lab. Currently, he works in the team of Financial Innovation and is doing his PhD thesis in computer science at TU Wien. In addition, he is a Junior Scientist at AIT Austrian Institute of Technology.
Stefan received a bachelor’s and a master’s degree in technical physics from TU Wien. During his studies, he did an internship in the Center for Energy at the AIT and continued the cooperation with the AIT for his master’s thesis.
After his graduation in 2018, Stefan worked in the Austrian energy market on computational projects for the power and gas clearing
.
Mark van Staalduinen
Managing Director
CFLW Cyber Strategies
Researchers Chalk-Talk: Future of Cybercrime Research
November 2019. He obtained his MSc (2003) and PhD (2010) degrees in Electrical Engineering from Delft University of Technology (DUT)’s Department of Information and Communication Theory. Subsequently, Dr. Van Staalduinen worked at The Netherlands Organization for Applied Scientific Research (TNO) between 2007 and 2019 as Consultant and Innovation Manager focusing on cybercrime and national security. From January 2016 to December 2019, he was posted to Singapore to strengthen international cooperation and partnerships in Southeast Asia, as well as seconded as a cybercrime expert to the INTERPOL Global Complex for Innovation. From April 2022 to June 2024, he was also appointed member of the Dutch Blockchain Coalition (DBC) to lead the Digital Trust NL Program.
Righard Zwienenberg
Senior Research Fellow
ESET
Researchers Chalk-Talk: Future of Cybercrime Research
Zwienenberg began his work with computer viruses in 1988 after encountering his first virus issues at the Technical University of Delft. This experience sparked his interest in virus behavior, leading him to study and present solutions and detection methods ever since. Over nearly four decades, he has worked for various companies, including CSE Ltd., ThunderBYTE, Norman, and ESET. He has also held or continues to hold positions in several industry organizations, such as AMTSO, AVAR, the WildList, IEEE ICSG, and serves on the Advisory Board for Europol’s European Cyber Crime Center (EC3) and Virus Bulletin. He also runs his on computer security
consultancy company (RIZSC).
Zwienenberg has been a member of CARO since late 1991. He is a frequent speaker at conferences, including Virus Bulletin, EICAR, AVAR, FIRST, APWG, RSA, InfoSec, SANS, CFET, ISOI, SANS Security Summits, IP Expo, government symposia, SCADA seminars, and other general security events. Beyond his professional work in security, his hobbies include playing drums, performing magic, modeling balloons, restoring ancient computers, and much more.
Marta Gomez Macías
Software Engineer
Google Cloud Security
Ciberamenazas dirigidas a programadores Python
Marta is software engineer at VirusTotal, an online threat analysis platform which is part of Google Cloud Security. She has more than 7 years of experience in the cybersecurity industry and she coded in Python for 10 years.
Josep Albors Gomez Maícas
Head of Awareness & Research at ESET Spain
ESET
Two years later, has artificial intelligence really revolutionized phishing as we know it?
Josep Albors is the Head of Awareness & Research at ESET Spain. He has more than 19 years’ experience in cybersecurity and now specializes in security awareness. He is also the editor at the ESET Spain blog and one of the contributors to the international ESET blog WeLiveSecurity. He participated as a speaker at the AVAR 2019 international conference in Osaka (Japan), CARO Workshop 2023 in Bochum (Germany), FIRST 2024 in Fukuoka (Japan) and at many important local security conferences in Spain.
He specializes in malware campaigns analysis, specially on those targeting Spanish customers, but he has also worked along with researchers and Police units from other countries and regions such as Latin America, the US, Europe and Japan. Josep is a teacher in cybersecurity courses at several Spanish universities. He collaborates with the Spanish Guardia Civil, Spanish National Police and the Spanish Army, and teaches their units how to fight cybercrime.
Carlos Abellan
Co-founder and CEO
Quside
How are quantum technologies shaping cybersecurity?
Carlos Abellan (Co-founder and CEO) leads the strategic and go-to-market development of the company. He got his PhD in quantum photonics from ICFO, where he developed the quantum randomness technologies that were transferred to Quside. Carlos brings 10 years of experience in quantum and photonics development, is
co-inventor of 8+ patent and patent-pending families and co- author of 15+ papers in top journals. He has received multiple awards for his work.
Silvia Portesi
ENISA
CSIRTs and Law Enforcement Cooperation Silvia Portesi
Silvia Portesi is a Cybersecurity Expert at ENISA, the European Union Agency for Cybersecurity. She manages ENISA’s projects on the cooperation between computer security incident response teams (CSIRTs) and law enforcement agencies (LEAs). Before joining ENISA in 2005, Silvia worked as a researcher at the University of Edinburgh and at the European Commission’s Joint Research Centre (JRC). She studied law in Italy and Belgium and holds a PhD in criminology.