Security experts pool ideas at European conferences

Posted by   Virus Bulletin on   May 11, 2009

Research and expertise shared at CARO and AMTSO meetings.

Last week saw two major gatherings of top security and anti-malware experts from across the globe, as the third annual CARO conference was held in Budapest, Hungary, followed by a well-attended meeting of the AMTSO testing standards group, which saw the ratification of several significant documents.

CARO The CARO meeting focused on the major issue of vulnerabilities and exploits, with insights into the latest research and discoveries shared with an audience made up of leading technical staff from most of the major players in the anti-malware industry. Issues with specific software and operating systems, the patching problem, flaws in security solutions and even undocumented features in the PE file format were covered in a wide-ranging programme of talks, and discussed in depth during group Q&A sessions and in the surrounding corridors. The latest research on the notorious Conficker worm were shared, along with analysis of other topical issues such as PDF viewer exploits.

The third outing for this tightly focused conference, hosted this time by Hungarian security firm VirusBuster, proved as successful as the previous meetings, which covered packing and obfuscation in Amsterdam in 2008 and testing in Reykjavik in 2007.

AMTSO Many of the delegates remained in Budapest for the second half of the week, which saw another meeting of the AMTSO group, founded after discussions begun at the Reykjavik conference. Over 40 delegates, representing security vendors, testing labs, publications and academia, debated the future of anti-malware testing, ratifying two new guidelines documents and a process for analysing and commenting on how well tests conform to the principles already laid down.

Insights into testing "in-the-cloud" technologies and validating malware samples were collated into the new guidelines papers, which will support the earlier documents providing advice on dynamic testing and a list of the fundamental principles all testers should abide by. The members also approved plans to provide official support or condemnation of published tests and reviews highlighted by members as worthy of attention. The latest documents should soon be made public on the group's website, a radical redesign of which was also approved of by members. The second part of the meeting saw work commence on a range of new projects.

Many security experts will be staying on in Europe for further discussions, with this week seeing the annual EICAR conference in Berlin and the APWG's 'Counter eCrime Operations' summit in Barcelona. Details of these upcoming events are here and here, while comment on last week's meetings is in blog entries here, here, here and here. A full report will appear in next month's issue of Virus Bulletin (publication date 1 June).

Posted on 11 May 2009 by Virus Bulletin



Latest posts:

VB2019 paper: APT cases exploiting vulnerabilities in region-specific software

At VB2019, JPCERT/CC's Shusei Tomonaga and Tomoaki Tani presented a paper on attacks that exploit vulnerabilities in software used only in Japan, using malware that is unique to Japan. Today we publish both their paper and the recording of their…

New paper: Detection of vulnerabilities in web applications by validating parameter integrity and data flow graphs

In a follow-up to a paper presented at VB2019, Prismo Systems researchers Abhishek Singh and Ramesh Mani detail algorithms that can be used to detect SQL injection in stored procedures, persistent cross-site scripting (XSS), and server‑side request…

VB2020 programme announced

VB is pleased to reveal the details of an interesting and diverse programme for VB2020, the 30th Virus Bulletin International Conference.

VB2019 paper: Cyber espionage in the Middle East: unravelling OSX.WindTail

At VB2019 in London, Jamf's Patrick Wardle analysed the WindTail macOS malware used by the WindShift APT group, active in the Middle East. Today we publish both Patrick's paper and the recording of his presentation.

VB2019 paper: 2,000 reactions to a malware attack – accidental study

At VB2019 cybercrime journalist and researcher Adam Haertlé presented an analysis of almost 2000 unsolicited responses sent by victims of a malicious email campaign. Today we publish both his paper and the recording of his presentation.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.