CONFIRMED SPEAKERS

 

Javier Marcos

Javier Marcos is a security architect with experience in both offensive and defensive security positions. He has worked at organizations such as Facebook, Uber, Airbnb, BitMEX, and Chainlink. He is currently engaged in open source development and security consulting for technology companies and financial institutions, focusing on threat detection (external and internal), security engineering, and product security.

Eduardo Garcia

Eduardo Garcia is a cybersecurity specialist and founder of Bounty Security, focused on developing innovative tools for web security testing. With extensive experience as a Pentester at Cobalt.io and Strike, he specialises in web application security, API testing and security process automation. Throughout his career, he has created several open source and commercial security tools, including Burp Bounty, GBounty and AI-powered Bounty Prompt. Currently, he is actively exploring the integration of artificial intelligence technologies in the cybersecurity domain, developing solutions that combine human expertise with advanced AI capabilities to improve web vulnerability detection.

Stephan Berger

Stephan Berger has over a decade of experience in cybersecurity. Currently working with the Swiss-based company InfoGuard, Stephan investigates breaches and hacked networks as Head of Investigation of the Incident Response team. An avid Twitter user under the handle @malmoeb, he actively shares insights on cybersecurity trends and developments. Stephan also authors the blog DFIR.ch, where he provides in-depth analysis and commentary on digital forensics and incident response. Stephan has spoken at numerous conferences, sharing his expertise with audiences worldwide.

Ignacio Brihuega

Nacho is a professional with more than 10 years of experience in the field of cybersecurity. Currently working in offensive security at Telefónica TECH, at the same time he collaborates as a teacher in the masters of UCLM and UCAM. He is also an active co-author of the blog Follow The White Rabbit.

Wouter Bokslag

Wouter Bokslag is a co-founding partner and security researcher at Midnight Blue. He co-authored on the TETRA:BURST research, identifying serious vulnerabilities in a critical and globally used communications standard. Prior to that, he worked for an independent automotive research and development company, publishing on the reverse-engineering and cryptanalysis of several proprietary in-vehicle immobilizer authentication ciphers used by major automotive manufacturers as well as co-developing the world's fastest public attack against the Hitag2 cipher. He holds a Master's Degree in Computer Science & Engineering from Eindhoven University of Technology (TU/e) and designed and assisted in teaching hands-on offensive security classes for graduate students at the Dutch Kerckhoffs Institute for several years.

Carlo Meijer

Carlo Meijer is a co-founding partner and security researcher at Midnight Blue, focusing on the analysis of cryptographic systems deployed in the wild. Known for the TETRA:BURST research, in which Midnight Blue identified serious vulnerabilities in a critical and globally used communications standard. A regular participant to hacking competitions like Pwn2Own, having successfully attacked numerous targets like printers, routers and vehicle charging systems. Academic work, as part of a Radboud University PhD, includes research into vulnerabilities of so-called Self-Encrypting Drives (SEDs). Furthermore, he is known for breaking a hardened variant of Crypto1, the cipher used in the Mifare Classic family of cryptographic RFID tags.

Pedro Candel (s4ur0n)

Cybersecurity professional, known as "s4ur0n" (the all-seeing eye), with over 25 years of experience. He specializes in Offensive Security (Red Team), Malware, Reversing, Secure Development, and Regulatory Compliance. He is currently CEO and Lead Auditor at CS3 Group, with national and international projects in the telecommunications, aerospace, banking, real estate, insurance, and critical infrastructure sectors, among others. He is a university lecturer for master's programs and a regular speaker at numerous specialized cybersecurity conferences worldwide.

Alberto Fernandez de Retana

Alberto Fernandez de Retana, known as bubu in CTFs, focuses his research on web security and privacy, as well as browser internals.

Yago Gutiérrez

At the age of 25, Yago has spent half of his life working on low level: assembler, C, Linux internals... with a special focus on security aspects. He is (almost) a telecommunications engineer and has 3 years of experience in Android device security. He has given several talks at DEFCON and RootedCon on memory-only intrusion techniques using his tools DDexec, memdlopen and memexec.

Jorge Calleja

Jorge has a solid track record in cybersecurity, combining technical and strategic expertise in different areas. He currently works at Seedtag as a Security Engineer, where he contributes to strengthening security infrastructure, risk analysis, and the protection of critical assets. Previously, he has held key roles in incident response for large organizations, developing containment plans, forensic analysis, and remediation strategies for advanced threats. Jorge has also worked on vulnerability analysis, endpoint protection, secure architecture, and regulatory compliance projects. He holds recognized certifications such as GCP Professional Cloud Security Engineer and GEIR Certified Enterprise Incident Response.

Lucía Muñoz

Lucía Muñoz is a mathematician and currently works as a principal investigator in the Digital Security Department at Vicomtech. Her work focuses on the application of cryptographic protocols in various scenarios, including privacy in digital environments, secure communications, and security in artificial intelligence. She also has experience in digital identity management and blockchain technology.

Iván Cabrera

Pentester at Tarlogic, he dedicates his time to researching Windows evasion methods and TTPs for Red Team.

Adrián Díaz

Adrián works as a Red Teamer at Accenture, where he focuses on research, breaking things ("with permission"), and exploring new ways of understanding offensive security. He enjoys spending most of his time researching and developing exploits, especially in Windows environments.

Josep Albors

Josep Albors is the Head of Research and Awareness at ESET Spain. He has over 20 years of experience in the world of computer security, specializing in malware analysis and new threat research. He is also the editor of the ESET Spain security news blog and a contributor to the ESET international blog WeLiveSecurity. As part of ESET's social responsibility, Josep gives awareness and education talks on computer security and privacy in all types of educational centers, from primary schools to universities. He is also a professor on the Master's Program in Cybersecurity and Information Security at the University of Castilla-La Mancha.

Jordi Ubach

Industrial cybersecurity specialist with over 15 years of experience protecting control and automation systems. He is an auditor, consultant, and professor of the Master's program in Cybersecurity. He currently serves as Head of the ANC-AD and CSIRT-AD.

José Manuel Núñez

José Manuel, known in the industry as El Hacker Ético, is a Red Operator at aDvens and creator of the blog elhackeretico.com. He has participated as a speaker at various cybersecurity events and as a professor specializing in ethical hacking.

Igor Pallin

Igor Pallin is a researcher in the Digital Security Department at Vicomtech while pursuing a degree in cybersecurity at UNIR. Throughout his years at Vicomtech, he has worked as head of the laboratory belonging to the Basque Digital Innovation Hub, specializing in different research areas such as digital twins for various sectors and critical infrastructures (Industry 4.0, healthcare, CBRN, and finance), research in 5G and V2X communications, reverse engineering of different industrial devices, and the orchestration and automation of virtual environments.

Santiago García

Santiago García-Jiménez (AKA 4nimanegra) holds a PhD in Computer Engineering and is a researcher and professor at the Public University of Navarra (UPNA), specializing in networks, computer security, and applied artificial intelligence. He has published in high-impact journals and his line of work combines network engineering with artificial intelligence techniques, applied to problems such as early incident detection, analysis of traffic generated by IoT devices, and the identification of ransomware infections in network traffic. He has participated in numerous national and European research projects, as well as held internships at leading international centers. Outside of academia and research, he has contributed to technical cybersecurity journals such as PagedOut! and has been an active contributor to the Spanish-language security community UnderC0de, participating in the Underd0cs magazine.

Asier Rohde

Forged in the trenches of SysAdmin, cross-platform coding, and Ethical Hacking, his definition of a hacker has always been one of playing with intelligence in all its forms. That same insatiable curiosity has led him to specialize as an Intelligence Analyst and to found 5Dev, his own AI consulting and training project. He is a GNU/Linux devotee and a passionate explorer of the OSINT, SOCMINT, and IMINT universes.

Marc Rivero

Marc Rivero López is a cybersecurity expert specializing in advanced threat analysis and malware research. He is currently part of the Global Research & Analysis Team (GReAT) at Kaspersky, where he focuses on detecting new threats, dismantling organized cybercrime groups, and studying malware-as-a-service (MaaS) models.

Koldo Gallostra de Prada

Koldo Gallostra de Prada is a passionate expert whose unique career combines a deep foundation in sociology and social education with an advanced specialization in digital security. After years of work in the social field, he changed course in his professional life and started a project called "Be Root" to offer cybersecurity and digital sovereignty services to various individuals, groups, and companies. He is currently an associate professor at Euneiz University in the Cybersecurity program, and offers his services as a web developer and security auditor to various companies with digital resources.

Hammer

Curious Security Researcher and Bug Bounty Hunter

Miguel Ángel Hernández

Miguel Ángel Hernández is the founder and promoter of EuskalHack. Self-taught with more than 20 years of experience in the sector, he has worked in the area of systems and cybersecurity in various fields, such as specialized consultancies, telecommunications companies, industrial, or public administration. Also, in recent years he has been a specialized teacher of computer security and currently develops his professional activity focused on digital security for the public sector.

EuskalHack Team

We are a non-profit organisation established in the Basque Country in 2015 and made up of various professionals linked to computer security research. Our aim is to promote the community and culture in the field of digital security to any type of interested public, whether public or private, by promoting and disseminating mainly technical knowledge.