ATLSECCON 2025

Cyber security is a critical concen across all industries, including the maritime sector. This talk will delve into the various regulations and rules that a maritime organzation must navigate. We will highlight moments through our journey in this constantly evolving field. We will explore key questions like what is IMO? What is DNV? What is Voyage Class? By examining these questions we can understand the impact they have on maritime cyber security. We will showcase some potential shortfalls, challenges and strategies involved in protecting maritime organizations from cyber threats.

This presentation will focus on two different aspects through an exploration of projects that we have done using python: encryption and decryption of files with passwords, and using face recognition to secure these sensitive data.


With reference to my own project of encryption and decryption, I will be demonstrating how this technology is related to the field of cybersecurity and how it can effectively protect sensitive files and important information. I will be discussing the potential threats that ordinary methods of data handling can face in today’s digital society, including risks with data breaches and unauthorized access. In exploring the encryption techniques, I will provide a comprehensive overview of the AES, highlighting its significance in protecting data and improving security. I will further describe its symmetric key structure which transforms these files into texts that remain unreadable when trying to open it. Furthermore, I will describe potential methods to improve the security exchange of keys and make this a smooth process for the user. Such a method can be related to facial recognition and that will make the process smoother while allowing the user to give access to the intended receivers of the file.


Drawing from my experience of building a face authentication system using OpenCV and RetinaFace models, I will demonstrate how this technology can effectively enhance security. I will discuss the principles of face authentication and its role in society to make authentication process more convenient, challenges that are currently faced in this technology, especially how my identical twin brother and I are considered the same person in both Apple’s system and the project I built, and ethical considerations and improvements on it. I will explore potential methods to improve security and time, such as refining deep learning models to better distinguish between similar facial features, especially using dataset on people who look alike. Such systems should be developed responsibly to be incorporated in the world for better usage.

Artificial Intelligence (AI) is reshaping industries, enhancing efficiencies, and driving innovation, yet the rapid adoption of AI systems presents new challenges in terms of security. As organizations increasingly rely on AI to make critical decisions, safeguarding these systems becomes paramount. This session explores the dual aspects AI security as well as assessment models. We will delve into the latest AI security assessment models, specifically ISO/IEC 42001, HITRUST, NIST AI RMF, and others; examining their role in establishing frameworks to protect AI systems and secure data integrity, privacy, and functionality.

With AI's rapid integration into business processes, knowledge workers often face the fear of sharing sensitive company or personal information. This presentation will demystify how AI uses data and offer practical strategies for protecting confidential information. Attendees will leave with actionable insights on securely leveraging AI in their day-to-day work. 

This talk will analyze trends in Network Design, specifically related around Privileged Remote Access, Enterprise Browsers and SASE. We will introduce new design patterns based on these technologies and exame how they can enable the building of smarter, simpler and more secure networks of any size. 

Offensive security plays a crucial role in cybersecurity by identifying and exploiting system vulnerabilities. However, current practices often contain gaps that diminish the effectiveness of these assessments. This presentation will examine these gaps and provide strategies to optimize offensive security efforts.

I recently wrote a phishing tool for the ESP32 to educate others on exactly how cheap and easy it would be to get a device like this running. All of the parts can be ordered for less than $15 online, and in less than a couple days a Phisher could be deployed. In my talk I am going to cover the dangers that this kind of technology poses, how easy it is to create and deploy, the worst threat cases, and most importantly how we can avoid and eventually put an end to them.

These are important topics to cover because it brings attention to the surprisingly low barrier to entry into the ever growing cyber crime industry and how malicious devices like these can be scattered around, causing a wide variety of damage. The obvious first step in stopping this kind of cyber attack is understanding how it works, after can start on the second step, locating the devices to physically shut down them down.

This talk offers insights from head to tail, analyzing every aspect of these micro cyber attacks which are becoming more and more prevalent in our modern age.

Artificial Intelligence (AI) has revolutionized industries, but its vulnerabilities have also opened a new frontier for sophisticated cyberattacks. Among these, AI data poisoning and AI-enabled offensive cyberattacks stand out as potent threats capable of undermining the very systems designed to protect us. In this session, we will unravel the dark art of exploiting AI systems, showcasing how attackers manipulate training datasets, deploy deceptive inputs, and weaponize generative AI to compromise security at an unprecedented scale.