Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.

SIGS 4th Threat Intelligence Forum

SIGS 4th Threat Intelligence Forum

Hilton Zürich Airport, Hohenbühlstrasse 10, 8152 Opfikon, Zurich
Wednesday 03 Jun 2026
1:30 PM - 6:30 PM

Sign up Here

1 attending

Event Description

3 Jun 2026 1:30 PM - 6:30 PM

This is a community event specifically for people who are interested in the topic Threat Intelligence, or who are interested in switching to this field or expanding their knowledge.

At this platform, sales people (incl. CEO's and Founders), vendors and all people who just like to sell their products or services are not allowed to take part.

 

Main Sponsors of this Event:

            
 		  

 

 

 

Event Schedule

(We're still working on this agenda)

 

 

1:30 pm

Registration

 

2:00 pm

Welcome & short introduction from Mark Beerends, SIGS Contributor & Cyber Strategy Partner at Prusec GmbH

 

2:00 pm

Patrick Lodder, Global Head of Threat Intelligence Services at NVISO Security

VSHELL - Tracking a State actor used Modern Post-Exploitation Framework in the Wild
VShell is a post-exploitation command and control framework that has increasingly appeared in real world intrusions targeting government and critical sectors. Following NVISO’s initial research and publication, we continued tracking VShell infrastructure globally to better understand how the framework is deployed and operated by threat actors.

This presentation provides a short overview of how VShell works and why it is attractive for adversaries. We will then focus on what happened after disclosure: how VShell infrastructure can still be fingerprinted today, how tracking methods have evolved, and what we have observed in the wild over the past year.

Using practical examples from real world tracking, we demonstrate how network fingerprints, infrastructure patterns, and traffic analysis still allow defenders and investigators to monitor VShell deployments and identify potential victims. The session will also reflect on the broader question of whether public threat research actually changes attacker behaviour, or whether many detection and tracking opportunities remain effective long after publication.

 

2:30 pm

Keynote

(details will follow)

3:00 pm

Short presentation from a sponsor

 

3:10 pm

Short presentation from a sponsor

 

3:20 pm

Break

 

4:00 pm

4 different Breakout Sessions to join - you can choose/attend two of them

 

 

 

Breakout Session 1: (details will follow)

 

 

 

Breakout Session 2: (details will follow)

 

 

 

Breakout Session 3: (details will follow)

 

 

 

Breakout Session 4: (details will follow)

 

 

5:10 pm

Short break and change the room to the next Breakout Session of your choice

 

5:20 pm

Start of the second Breakout Session round

 

6:30 pm

Dinner & Networking till open end

 

 

 

Event Moderator

Mark Beerends
SIGS Contributor & Cyber
Strategy Partner at Prusec GmbH

 

Event Speakers and Roundtable Moderator

   

Patrick Lodder
Global Head of Threat Intelligence Services at NVISO

 

 
     
     

 

    
     
     

 

    

 

image

Contact Us

Security Interest Group Switzerland
c/o Bridge Head AG
Sulzbergstrasse 34
5430 Wettingen
Switzerland

Quick Links

Terms
Contact Us
Privacy Policy
Newsletter

Follow Us

This website is powered by
ToucanTech