| Follow @lancinimarco

Conference Talks

Needle's progress was shown at Black Hat USA, with a live demo of its capabilities.
Conference:
       Black Hat Arsenal USA, Las Vegas, USA.
Media:
       MWR Event
       Arsenal Lineup (Tools Watch)
Pushing the Jesus Phone through the eye of a needle, an introduction to MWR's iOS Security Testing Framework
Conference:
       MWR Briefing, London, UK
Needle's progress was shown at Black Hat EU, with a live demo of its capabilities.
Conference:
       Black Hat Arsenal EU, London, UK.
Media:
       MWR Event
       Arsenal Lineup (Tools Watch)
       Needle Used to Discover Issues Within iOS Applications (MWR - 05 October)
Needle's architecture, capabilities and roadmap have been presented at AppSec USA. During the talk it was also demonstrated how Needle can be used to find vulnerabilities in iOS applications from both a black-box and white-box perspective (with a demo of the tool in action).
Conference:
       OWASP AppSec USA, Washington DC, USA.
Media:
       MWR Event
       MWR LABS Publication
Needle has been publicly released Black Hat USA, with a live demo of its capabilities.
Conference:
       Black Hat Arsenal USA, Las Vegas, USA.
Media:
       MWR Event
       Arsenal Lineup (ToolsWatch)
       Black Hat Promotion, Twitter (Black Hat - 23 July)
       Black Hat Promotion, Facebook (Black Hat - 23 July)
       MWR to Unveil Needle iOS Security Testing Tool at Black Hat Arsenal (MWR - 28 July)
       Needle iOS security testing tool to be unveiled at Black Hat Arsenal (Help Net Security - 01 August)
       Black Hat USA Photo Gallery (Help Net Security - 04 August)
       MWR Launches Needle: An iOS Security Testing Framework (MWR - 11 August)
       A quick intro to Needle (MWR Labs - 17 August)
At BSides Vienna 2014, Roberto Puricelli and me delivered a talk based on Androrat++, a proof-of-concept mobile malware.
Conference:
       BSides Vienna, Vienna, Austria.
At DEEPSEC 2014 I delivered a talk based on my Master Thesis: "Social Authentication: Vulnerabilities, Mitigations, and Redesign". In addition, an excerpt of the work has been published by the Magdeburger Institut für Sicherheitsforschung in the volume "In Depth Security - Proceedings of the DeepSec Conferences" of the Magdeburger Journal zur Sicherheitsforschung.
Conference:
       DEEPSEC, Vienna, Austria
At CYCON 2014 I delivered a talk based on my Master Thesis, for which I won the NATO's Best Thesis Award as the best thesis published on cyber defence topics.
Conference:
       International Conference on Cyber Conflict (CyCon), by NATO CCDCOE (Cooperative Cyber Defence Centre of Excellence), Tallinn, Estonia
Session:
       Student Paper Session with Best Student Thesis Award

Workshops

The first iteration of the "Offensive iOS Exploitation" workshop has been delivered at DEEPSEC 2016.
Conference:
       DEEPSEC, Vienna, Austria
Media:
       MWR Event
       DEEPSEC Promotion (DEEPSEC - 04 September)

Conference Papers

At DEEPSEC 2014 I delivered a talk based on my Master Thesis: "Social Authentication: Vulnerabilities, Mitigations, and Redesign". In addition, an excerpt of the work has been published by the Magdeburger Institut für Sicherheitsforschung in the volume "In Depth Security - Proceedings of the DeepSec Conferences" of the Magdeburger Journal zur Sicherheitsforschung.
Conference:
       DEEPSEC, Vienna, Austria
Conference:
       Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS), Scottsdale, AZ. (acceptance: 19.4%)
Authors:
       Iasonas Polakis, Panagiotis Ilia, Federico Maggi, Marco Lancini, Georgios Kontaxis, Stefano Zanero, Sotiris Ioannidis, Angelos D. Keromytis
Conference:
       Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC), Orlando, FL. (acceptance: 19%)
Authors:
       Iasonas Polakis, Marco Lancini, Georgios Kontaxis, Federico Maggi, Sotiris Ioannidis, Angelos D. Keromytis and Stefano Zanero
Subsequent Talks:
       Hek.SI 2013 (Ljubljana, Slovenia)
       HackCon 2013 (Oslo, Norway)
       Also covered by ComputerWorld

Books

The article I submitted and presented at DEEPSEC 2014 has been published in the "In Depth Security (Proceedings of the DeepSec Conferences)" book.