BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.nsec.io//QXH9CS
BEGIN:VTIMEZONE
TZID:EST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T070000Z
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T080000Z
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-2026-QXH9CS@cfp.nsec.io
DTSTART;TZID=EST:20260514T133000
DTEND;TZID=EST:20260514T140000
DESCRIPTION:5G networks are being opened up at every layer and attackers ar
 e paying attention. On the radio interface\, we assess what operators actu
 ally deploy: is encryption enabled? Is integrity protection enforced on si
 gnaling and user plane? Are null ciphers still accepted? How well is the n
 etwork isolated from external access? These fundamentals still fail more o
 ften than you'd think.\n\nThe 5G core runs on cloud-native REST-based arch
 itectures where a single misconfigured network function can expose subscri
 ber data or provide persistence into critical infrastructure. We demonstra
 te this live using our open-source 5GC API Pentest Burp Suite extension au
 tomating NF discovery\, IMSI enumeration\, credential extraction\, and API
  fuzzing against a 5G core. OpenRAN disaggregates the radio access network
  into open interfaces between O-RU\, O-DU\, O-CU\, and the RIC - creating 
 attack surfaces that didn't exist in monolithic base stations. And now CAM
 ARA\, the industry initiative exposing network capabilities through standa
 rdized APIs\, gives third parties access to device location\, SIM swap\, a
 nd number verification\, with security models still maturing.\n\nThis talk
  walks through real assessments and attacks at each layer from verifying r
 adio protections to exploiting core APIs and examining how some endpoints 
 could enable surveillance and fraud.
DTSTAMP:20260507T211909Z
LOCATION:Salle de bal
SUMMARY:Hacking 5G: From Radio Security to the APIs - Sébastien Dudek
URL:https://cfp.nsec.io/2026/talk/QXH9CS/
END:VEVENT
END:VCALENDAR