Dear colleagues!
We invite you to participate in the traditional CyberFox Applied Cybersecurity Week, organized by the MEPhI Department of Cryptography and Computer Systems Security and the MEPhI Institute of Intelligent Cybernetic Systems, with the participation of Kaspersky Lab. The event will be held from April 11 to 17, 2026, in a combined in-person and remote format.
The 2026 event will be dedicated to the 35th anniversary of the MEPhI Department of Cryptography and Computer Systems Security. On the final day of the event, April 17, the awards ceremony for the winners and runners-up of the All-Russian Student Olympiad in Cryptography and Computer Security, CryptoFox 2026, will take place.
CyberFox Cybersecurity Week is a unique opportunity to meet renowned speakers. In 2026, the event will once again be international, opening with a lecture by a professor from the University of Applied Sciences of Western Switzerland (HES-SO). The Week will also offer the opportunity to attend lectures by leading experts from the Computer and Information Security departments of the Russian Technical University MIREA and the Cryptography and Computer Systems Security department of the National Research Nuclear University MEPhI, as well as leading employees of Kaspersky Lab and Positive Technologies.
Software architect and systems engineer with a passion for performance and security. Spent over 10 years working on virtual machine kernels, followed by five years focused on distributed services architecture. For the last five years, have been working on Kaspersky OS security. Have taught at MIPT and Innopolis, and have prepared over 50 students for their dissertations.
Roland is a lecturer at the University of Applied Sciences Western Switzerland, teaching courses on networks, Java, cybersecurity, and fuzzing. He previously spent seven years as a security researcher with Kaspersky ICS CERT in Geneva, collaborating with the Moscow-based team. Roland co-founded Winsl0w.io, an educational cybersecurity initiative. He holds a master’s degree in legal aspects, cybercrime, and information security from the University of Lausanne, with a focus on mobile forensics.
A cybersecurity researcher with a strong passion for vulnerability discovery, he specializes in identifying and analyzing security issues in Java and PHP applications, focusing on complex and critical vulnerabilities.
He currently works at Kaspersky and previously held positions at SEC Consult and Amazon, gaining extensive experience in both corporate and consulting environments.
His primary research focus is fuzzing methods, which he uses to discover previously unknown vulnerabilities in modern software systems. In his spare time, he actively participates in bug bounty programs, continually honing his skills and contributing to improving global security.
Information security researcher with over ten years of experience. During this time, worked at Advanced Monitoring and Kaspersky Lab, and currently conducting research at Positive Technologies. His primary focus is hardware reverse engineering and industrial control system (ICS) security. He also teach the course "Introduction to Reverse Engineering" at Department 41 of the Moscow Engineering Physics Institute (MEPhI).And have presented at PHDays, Insomnia Hack, Kaspersky ICS Conf, and other relevant conferences.
Information security and penetration testing specialist
with over 7 years of experience in red teams, R&D, and automation. Focuses on offensive security research, consulting, and secure application architecture design.
Ilya is a graduate of Bauman Moscow State Technical University’s Information Security Department (IU-8). He currently lectures at RTU MIREA’s Department of Computer and Information Security. His interests include electronics, circuit design, and low-level programming for security applications.
PhD in Engineering, co-founder and CTO of Recrypt, reverse engineer, AI specialist, and author of the Recryptorium AI platform for file analysis. He has held leading roles in projects in the field of DRM and automated reverse engineering using AI. In total, he has worked for approximately 20 years on obfuscation, white-box cryptography, deobfuscation, malware analysis, and AI. He has published several publications in international peer-reviewed journals and participated in international conferences.
The IT industry is currently experiencing a real boom from the development and widespread adoption of AI. The creators of virtually every IT product claim that it incorporates AI. This trend hasn't bypassed the world of information security. However, there's a crucial question that's been floating around but rarely addressed: where do all these people get the data they need to properly train their AI models? How do they process the data? Or are they using ready-made, pre-trained open-source models? Or are AI models trained on open datasets? And how high-quality are open datasets? I'll share our experience collecting datasets to train our AI file classifiers and why collecting datasets is a complex and technologically advanced process. I'll explain the downsides of open datasets and why many of them are only suitable for academic research, and not always even then. I'll explain why it's necessary to develop and train your own models when "everything is on GitHub" and there are LLMs that "can do it all."
Commercial service robots have already become a part of everyday life, but they are not just smart home appliances; they are full-fledged IoT platforms with OTA updates and a cloud-based management infrastructure. This architecture makes them particularly interesting from an offensive security perspective. In this report, we will demonstrate how to approach auditing such systems and present the results of a security study on a commercial service robot.