Workshops, talks & media

This page lists all the slides from my public workshops and talks in academia and industry, as well as links to the recorded talks (if any). It also summarizes all my participations in the Spanish media (newspapers, radio, or television) that I have made at some point.

If you are interested in the slides of my doctoral thesis, defended at the University of Zaragoza (Spain) in June 2014, 2013, check this link: Performance Analysis and Resource Optimisation of Critical Systems Modelled by Petri Nets.

Workshops

• Applied Memory Forensics: Extracting and Analyzing Malware in Incident Response, DFRWS APAC 2025 (Seoul, South Korea), November 10, 2025.
• Practical Malware Analysis and Memory Forensics for Incident Response, IMF 2025 (Albstadt, Germany), September 16, 2025.
• Memory Forensics for Incident Response, 34th Jyväskylä Summer School (Jyväskylä, Finland), August 4–13, 2025.
• Practical Malware Analysis and Memory Forensics for Incident Response, DFRWS EU 2025 (Brno, Czech Republic), April 1, 2025.
• Advanced Forensic Analysis, Cybersecurity Summer BootCamp 2024 (León, Spain), July 2024.
• Fundamentos de la Gestión de Incidentes (Malware) – in Spanish, Cybersecurity Summer BootCamp 2024 (León, Spain), July 2024.
• Malware Analysis for Incident Response, Cybersecurity Summer BootCamp 2023 (León, Spain), July 2023.
• Advanced Malware Analysis Techniques, Cybersecurity Summer BootCamp 2022 (León, Spain), July 2022.
• Extracción de indicadores de compromiso de malware en forense de memoria (in Spanish), Cybersecurity Summer BootCamp 2022 (León, Spain), July 2022.
• Extracting Malware Indicators of Compromise in Memory Forensics, Cybersecurity Summer BootCamp 2022 (León, Spain), July 2022.
• Análisis exhaustivo de malware en forense de memoria (in Spanish), Cybersecurity Summer BootCamp 2021 (León, Spain), July 2021.

Talks

Academic

• Toward Structured Memory Forensics: A MITRE ATT&CK-Aligned Workflow for Malware Investigation. In ICDF2C 2025 (Miami, FL, USA). November 18, 2025.
• RAM Raiders: At the Edge of Memory and the Law (keynote), GRK 2475 Cybercrime and Forensic Computing Cybercrime-Workshop 2025 (Waischenfeld, Germany). September 19, 2025.
• RAM Raiders: At the Edge of Memory and the Law (keynote). In IMF 2025 (Albstadt, Germany). September 16, 2025.
• Hunting Ghosts in Memory: Challenges in Advanced Malware Analysis. In UPM Cybersecurity Summer School (Cercedilla, Spain). September 8, 2025.
• Welcome Address (Apertura). In JNIC 2025 (Zaragoza, Spain). June 4, 2025.
• Welcome Address. In DFRWS EU 2024 (Zaragoza, Spain). March 20, 2024.
• Module Extraction and DLL Hijacking Detection via Single or Multiple Memory Dumps. In DFRWS EU 2023 (Bonn, Germany). March 23, 2023.
• Quantifying Paging on Recoverable Data from Windows User-Space Modules. In ICDF2C 21 (Singapur). December 7, 2021.
• Evaluation of the Executional Power in Windows using Return Oriented Programming. In WOOT 21 (virtual). May 27, 2021.
• On Challenges in Verifying Trusted Executable Files in Memory Forensics. In DFRWS EU 2020 (virtual). June 3, 2020.
• Formal Security Assessment of Modbus Protocol. In ICITST 2016 (Barcelona, Spain). December 5, 2016.
• Survivability Analysis of a Computer System under an Advanced Persistent Threat Attack. In GraMSec 2016 (Lisbon, Portugal). June 27, 2016.
• On Qualitative Analysis of Fault TreesUsing Structurally Persistent Nets. In JCSD 2015 (Málaga, Spain). June 10, 2015.
• A Peek Under the Hood of iOS Malware. In ARES 2016 (Salzburg, Austria). September 2, 2016.
• Modelling Security of Critical Infrastructures:A Survivability Assessment. In JNIC 2016 (Granada, Spain). June 15, 2016.
• Experiences on NFC Relay Attacks with Android:Virtual Pickpocketing Revisited. In JNIC 2015 (León, Spain). September 14, 2015.
• Practical Experiences on NFC Relay Attacks withAndroid: Virtual Pickpocketing Revisited. In RFIDSec 2015 (New York, USA). June 24, 2015.
• Cost Optimisation in Certificationof Software Product Lines. In WoSoCer 2014 (Naples, Italy). November 3, 2014.
• Model-based Verification of Safety Contracts. In SAFOME 2014 (Grenoble, France). September 1, 2014.
• Model-based Safety Assessment usingOCL and Petri Nets. In SEAA 2014 (Verona, Italy). August 27, 2014.
• From UML State-Machine Diagrams to Erlang. In PROLE 2013 (Madrid, Spain). September 20, 2013.
• PeabraiN: a PIPE extension forPerformance Estimation and Resource Optimisation. In ACSD 2012 (Hamburg, Germany). June 28, 2012.
• Automating Data-Throttling Analysis for Data-Intensive Workflow. In CCGRID 2012 (Ottawa, Canada). May 15, 2012.
• Accurate Performance Estimation for StochasticMarked Graphs by Bottleneck Regrowing. In EPEW 2010 (Bertinoro, Italy). September 24, 2010.
• Integrating Fault-Tolerant Techniquesinto the Design of Critical Systems. In ISARCS 2010 (Prague, Czech Republic). June 23, 2010.
• Modelling and Analysing Resilienceas a Security Issue within UML. In SERENE 2010 (London, United Kingdom). April 15, 2010.

Industrial

• Malware Operations Under the Microscope: From Binary Artifacts to Strategic Insights, Journeé de Conférences en Cybersécuritié – Cyb’Air Sud 2025, November 25, 2025.
• Identifying Runtime Libraries in Statically Linked Linux Binaries, NoConName, November 19, 2024.
• Experiencias propias en la contribución a proyectos de software libre: Volatility (in Spanish), esLibre 2023, May 13, 2023.
• Desarrollo de plugins para análisis forense personalizado con Volatility (workshop; in Spanish), esLibre 2023, May 13, 2023.
• Characterization and Evaluation of IoT Protocols for Data Exfiltration, NoConName, November 26, 2022.
• Extracting Malware Indicators of Compromise in Memory Forensics, SummerBootCamp, 2022.
• Advanced Malware Analysis Techniques, SummerBootCamp, 2022.
• Extracción de indicadores de compromiso en forense de memoria, SummerBootCamp, 2022.
• Evasion and Countermeasures Techniques to Detect Dynamic Binary Instrumentation Frameworks, RootedCON, March 10, 2022.
• Análisis exhaustivo de malware en forense de memoria, SummerBootCamp, 2021.
• Unrelocating Windows modules in memory dumps.pdf, NoConName, December 19, 2020.
• Current Issues and Challenges of Malware Detection in Memory Forensics, RootedCON, March 7, 2020.
• Malware Detection in Memory Forensics: Current Issues and Challenges, NoConName, November 16, 2019.
• Technical Considerations and Data Protection in the Catalan independence referendum of 2017, RootedCON, March 30, 2019.
• On Tor Protocol Modeling and Characterization of Hidden Services, CyberCamp, 2018.
• When ROP meets Turing: Automatic Generation of ROP Chains using Turing-Complete Instruction Sets, HITB, April 13, 2018.
• When ROP meets Turing: Automatic Generation of ROP Chains using Turing-Complete Instruction Sets, RootedCON, March 1, 2018.
• Win API hooking by using DBI: log me, baby!, NoConName, 2017.
• DNIe3.0 Security: More Problems Than Solutions?, RootedCON, March 4, 2017.
• Malware de Terminales Punto de Venta: evolución, tipos y características, CyberCamp, 2016.
• Evolution and Characterization of Point-of-Sale RAM Scraping Malware, NavajaNegra, 2016.
• A Journey through iOS Malware Landscape Evolution & Characteriza;on, RootedCON, 2016.
• Qualitative and Quantitative Evaluation of Software Packers, NoConName, December 12, 2015.
• Contactless Payment Cards: Vulnerabilities, Attacks, and Solutions, CyberCamp, November 28, 2015.
• Relay Attacks in EMV Contactless Cards with Android OTS Devices, HITB, May 28, 2015.
• On Relaying NFC Payment Transactions using Android devices, RootedCON, 2015.
• TUPOLLA: Travelling through the NFC Way, NoConName, November 2, 2013.
• One FlAw over the Cuckoo’s Nest, NoConName, November 1, 2013.
• DBI for Computer Security: Uses and Comparative, HackInParis, June 21, 2013.
• Mejora en el Proceso de Desempacado usando Técnicas DBI, RootedCON, March 2, 2012.
• Frameworks DBI para Seguridad Informática: usos y comparativa, NoConName, November 3, 2012.
• On the Secure Software Development in Early Stages within UML Profiles, HackLU, September 19, 2011.

Invited talks

• SBOM y la transparencia digital: ¿Sabemos realmente qué llevan nuestras máquinas?, Jornada Alimak Group, February 17, 2026.
• De IoCs a ATT&CK: detección de malware en memoria con Volatility3, Jornadas STIC CCN-CERT, 2025.
• Investigación en Respuesta a Incidentes, Jornadas de investigación en ciberseguridad EUPT “Retos y tendencias en investigación en ciberseguridad”, June 19, 2025.
• Inteligencia Artificial generativa: entre la magia aparente y la realidad técnica, Aula formativa Gobierno Aragón, June 18, 2025.
• Transformando la respuesta a incidentes con búsqueda de similitud aproximada en datos masivos, Jornadas STIC CCN-CERT, 2024.
• Ciberseguridad en IoT Industrial: Desafíos y Soluciones, Jornada Transformación Industrial, June 27, 2024.
• Buenas prácticas en el uso del correo electrónico, Jornada ISOC-ARA CEEI, June 20, 2024.
• Cuando ROP conoce a Turing: de BOF a LOL en 4 sencillos pasos, SIE, November 11, 2021.
• Malware Detection in Memory Forensics, CEA-LIST, October 11, 2021.
• 50 años conviviendo con los virus informáticos: Una breve historia del malware, RetroEuskal, July 23, 2021.
• 1472: la tormenta perfecta, Jornadas STIC CCN-CERT, 2020.
• Taller de reversing: “Introducción a Ghidra”, Jornadas STIC CCN-CERT, 2019.
• Common software vulnerabilities: causes and consequences, Jornadas OWASP - ZGZ, March 14, 2019.
• Capturando similitudes entre procesos de Windows usando Bytewise Approximation Matching Algorithms, Jornadas STIC CCN-CERT, 2018.
• Protocolo Near Field Communication: Vulnerabilidades, ataques y contramedidas, Ciclo: “Ciberseguridad y defensa en Infraestructuras Críticas”, May 8, 2018.
• Navegando por Internet de forma segura: riesgos, buenas prácticas y herramientas, Jornadas Internet Segura (FCST, UNIZAR), February 7, 2018.
• Relay attacks in EMV contactless cards with Android OTS devices, Escuela de Doctorado UVA, March 31, 2017.
• DNIe3.0: vulnerabilidades, ataques y contramedidas, Jornadas STIC CCN-CERT, 2016.
• Ataques a sistemas de pago: pasado, presente, y… ¿futuro?, Jornadas STIC CCN-CERT, 2015.
• Buffer Overflows: What They Are, and How to Avoid Them, Mundo Hacker Day, April 28, 2015.
• Ataques de relay en tarjetas EMV NFC con dispositivos Android, Jornadas STIC CCN-CERT, 2014.
• Ingeniería inversa: aplicaciones e investigación, invited lecture in “IT Security” and “Secure App Design” in BSc. in Informatics Engineering and MSc. in Informatics Engineering, UNIZAR, December 12, 2013.
• Hacking the NFC cards for fun and honor degrees, invited seminar in MSc. Informatics Engineering, UNIZAR, November 15, 2013.
• Buffer overflows: qué son y cómo evitarlas, BetaBeers, November 29, 2013.
• Introducción a la Ingeniería Inversa: aplicaciones e investigación, invited lecture in “Secure App Design” in MSc. in Informatics Engineering, December 17, 2012.
• Avoiding to be infected by malware. We are not alone…: watch your back!, Ethical Hacking and Cyber Security, June 3, 2012.
• Introducción a la Ingeniería Inversa: Diseño de Aplicaciones Seguras, invited lecture in “Secure App Design” in MSc. in Informatics Engineering, January 19, 2012.
• El Arte de la Ingeniería Inversa, HackMeeting, October 23, 2010.

Media (in Spanish)

Newspapers

• Los robots se vuelven ’listos’, El Periódico (El Estudiante), March 14, 2023.
• En la última – «Vamos a una sociedad donde la interacción va a ser virtual», Heraldo de Aragón (back cover), February 3, 2022.
• El poder de los algoritmos, El Periódico (El Estudiante), November 9, 2021.
• Criptomonedas: ¿el dinero del mañana?, El Periódico (El Estudiante), April 6 2021.
• La empresa fue avisada en el 2013 de que la tarjeta bus era vulnerable, El Periódico de Aragón, May 20, 2019.
• Un experto ya alertó en el 2013 del fallo de la tarjeta, El Periódico de Aragón (cover), May 20, 2019.
• Un ‘hacker’ de los buenos para frenar virus en Windows, Diario de Valladolid (El Mundo), February 6, 2018.
• La última del domingo – «El universo cibernético, como el físico, no tiene fin», Heraldo de Aragón (back cover), June 4, 2017.
• 3.000 cuentas bancarias al descubierto: si un ‘hacker’ te avisa de un fallo, hazle caso, El Confidencial, April 18, 2017.
• Por qué las nuevas tarjetas ‘contactless’ no son tan seguras como crees, El Confidencial, March 28, 2016.
• Ricardo J. Rodríguez: “Soy un enamorado del ensamblador”, CIGTR, March 20, 2016.
• La democratización tecnológica llega al robo de tarjetas de crédito, bez, March 15, 2016.
• Los ‘cibercarteristas’ pueden robar de tu tarjeta NFC colando un ‘app’ en tu Android, El Diario, March 6, 2015.

Radio

• Radio Ebro (Pilar Sopeséns) interview, January 12, 2026.
• Radio Ebro (Pilar Sopeséns) interview, July 18, 2025.
• Aragón Radio (LaCadeira, with Lorenzo Río) interview, June 4, 2025.
• Radio Ebro (Pilar Sopeséns) interview, June 3, 2025.
• Onda Cero interview, February 28, 2025.
• Cadena SER (Hoy por Hoy Aragón) interview, January 9, 2025.
• Onda Cero (Aragón en la Onda) interview, March 18, 2024.
• Aragón Radio (Ágora) interview, March 18, 2024.
• Radio Ebro (Pilar Sopeséns) interview, March 8, 2024.
• I3A Podcast interview, May 3, 2022.
• RNE (Nunca es Tarde) interview, February 1, 2022.
• Cadena SER (SER consumidor) interview, 2016.

TV

• Aragón TV (Objetivo) interview, February 1, 2026.
• Aragón TV (Conexión Aragón) interview, January 9, 2025.
• Aragón TV (Buenos días Aragón) interview, November 11, 2024.
• Aragón TV (news) interview, March 21, 2024.
• Aragón TV (Conexión Aragón) interview, March 18, 2024.
• Aragón TV (Objetivo) interview, February 19, 2024.
• Aragón TV (news) interview, August 26, 2023.
• Aragón TV (Objetivo: Ciberprotegidos) interview, March 23, 2023.
• Aragón TV (news) interview, January 2, 2023.
• Aragón TV (news) interview, May 14, 2022.
• Aragón TV (news) interview, May 6, 2022.
• Aragón TV (Aquí y Ahora) interview, May 4, 2022.
• Aragón TV (Buenos días Aragón) interview, November 6, 2020.
• Aragón TV (news) interview, September 28, 2019.
• Aragón TV (news) interview, October, 2017.