BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.nsec.io//2026//XHRVL3
BEGIN:VTIMEZONE
TZID:EST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T070000Z
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T080000Z
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-2026-J8SQXY@cfp.nsec.io
DTSTART;TZID=EST:20260514T163000
DTEND;TZID=EST:20260514T170000
DESCRIPTION:Security researchers push the boundaries of what’s possible. 
 (Nation-state) threat actors push the boundaries of what’s exploitable. 
 In many cases\, threat actors adopt public research for their operations\,
  but there are also many examples where threat actors use novel techniques
  to compromise cloud environments before researchers publish their finding
 s.\n\nIn this talk\, a cloud security researcher and a threat intelligence
  analyst team up to explore how cutting-edge cloud attack research is rapi
 dly weaponized by espionage threat groups. We’ll walk through real-world
  examples where newly published techniques – intended to educate defende
 rs – were adopted and operationalized by nation-state actors targeting c
 loud environments. The focus of the talk will be on Entra ID and Microsoft
  365 attacks\, exploring both the technical mechanics behind the tools and
  techniques\, why threat actors are interested in utilizing them and real-
 world example of research adoption. Examples of techniques cover include d
 evice code phishing\, authorization code phishing (ConsentFix) and the ado
 ption of open source security tools.\n\nThis session highlights how attack
  paths that may seem highly theoretical at first glance can pose a signifi
 cant and immediate threat to organizations operating in the cloud. What st
 arts as a proof-of-concept in a blog can quickly become a part of a threat
  actor’s playbook.
DTSTAMP:20260507T204202Z
LOCATION:Ville-Marie
SUMMARY:Researchers vs. Threat Actors in Cloud Attacks - Dirk-jan Mollema\,
  Sanne Maasakkers
URL:https://cfp.nsec.io/2026/talk/J8SQXY/
END:VEVENT
END:VCALENDAR