BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.nsec.io//2026//77GMFW
BEGIN:VTIMEZONE
TZID:EST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T070000Z
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T080000Z
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-2026-EEVWC9@cfp.nsec.io
DTSTART;TZID=EST:20260515T104500
DTEND;TZID=EST:20260515T111500
DESCRIPTION:Windows shortcut (.LNK) files have remained a popular attack ve
 ctor over several decades\, yet their underlying format is still largely a
 rchaic and remains the "gift that keeps on giving" by presenting new oppor
 tunities for abuse\, even in 2026.\n \nIf you believe minor bypasses like 
 adding spaces to an LNK's target (CVE-2025-9491) are the limit of LNK expl
 oitation\, this session will change your mind.\n \nWe will show previously
  undocumented LNK techniques that actually allow for more deceptive payloa
 d delivery/command execution. We will look at why these new techniques 'wo
 rk'\, compare them to existing LNK tricks\, and discuss the implications f
 or defenders.\n \nThe research methodology behind these new findings\, whi
 ch involved black-box testing of Microsoft's LNK implementation\, will be 
 discussed during this session\; demonstrating how adopting the "hacker's m
 indset" helped uncover these LNK tricks.\n \nNext to this\, this session w
 ill introduce an open-source tool designed to assist security professional
 s\, red teams\, and researchers in generating and experimenting with advan
 ced LNK payloads. This tool aims to enhance the ability to simulate and de
 fend against shortcut-based attacks\, thereby improving Windows endpoint s
 ecurity.
DTSTAMP:20260507T204337Z
LOCATION:Ville-Marie
SUMMARY:Trust me\, I'm a Shortcut - new LNK abuse methods - Wietze
URL:https://cfp.nsec.io/2026/talk/EEVWC9/
END:VEVENT
END:VCALENDAR