VB2014: more of the same, plus something a little different
Posted by Virus Bulletin on Dec 9, 2013
Hackers, network security researchers encouraged to submit abstracts for the conference.
The issuing of the call for papers for a VB conference is always an important event for us, but some changes to the conference format for VB2014 mean we are even more excited this year than usual.
As the threat landscape has evolved over the years (and the IT security industry with it), we have seen some of those changes reflected in the papers submitted for the VB conference.
The VB conference started in 1991 as a forum for the brains of the anti-virus industry to share their knowledge, and while its objectives remain the same today - to present factual information, demonstrate defensive procedures and discuss future developments and countermeasures - the topics covered have broadened over the years. Recently, VB conference delegates have heard talks on cyber terrorism, social engineering, network-level attacks and pentesting.
Virus Bulletin has always been about sharing knowledge and ideas and we feel that now is the time to broaden the scope of the VB conference a little further.
As usual, VB2014 will be a three-day conference with presentations running in two parallel streams. But whereas in previous years the streams were labelled as 'technical' and 'corporate', this time they will be split into themed sessions covering both traditional AV issues and some slightly broader aspects of IT security:
'Malware & botnets'
Those with an interest in the more traditional anti-malware topics will find plenty to interest them on the programme. In the stream dedicated to 'malware & botnets', presentations will analyse individual malware families and botnets, whether they target a single organization or anyone with a vulnerable device. Talks that take a more broader view and look, for instance, at malware infection rates or the threat landscape, will also fit into this stream.
'Anti-malware tools & methods'
We are proud to be part of an industry in which the sharing of defensive tools and methods among competitors has long been standard. Discussions of such tools and methods will fit within the 'anti-malware tools & methods' stream. Again, papers that take a broader view, for instance those on testing anti-malware solutions, will also be placed here.
The rise of mobile malware in recent years has led to an increase in interest in this topic. The 'mobile devices' stream is for papers on mobile malware and any other aspect of mobile security.
Spam & social networks'
Ten years after VB started to focus on spam, the majority of emails sent continue to be unsolicited, while the rise of social media has also made social networks a prime target for attackers. Papers on both subjects will fit in the 'spam & social networks' stream.
One of the new areas of focus for the conference is 'network security'. Whether you're worried about the NSA tapping your communications, or about large numbers of DNS responses being sent to DDoS your network, the security of Internet and intranet connections cannot be ignored. Among the topics that will fit into this stream are the security of IPv6, the use and abuse of privacy networks like Tor, network encryption, DNS security, DDoS attacks and more.
'Hacking & vulnerabilities'
Finally, we invite hackers and vulnerability researchers to submit papers for the 'hacking & vulnerabilities' stream. Have you been awarded a bug bounty? Have you done research into the vulnerability of medical devices or industrial control systems? Do you have an exciting pentesting story to tell, or one about how your responsible disclosure was received by the affected vendor? Have you hacked your way into an attacker's network to find out how it operates? Or can you demonstrate how vulnerable we all are to your hacking skills? This stream is for these topics.
Of course, we are aware that many presentations won't be 'boxed' so easily, and in the interest of accepting the most interesting and relevant papers we will always be flexible when it comes to assigning papers to the various streams. (So don't be discouraged from submitting an abstract if you don't feel that your paper fits into the streams listed.)
Finally, as in previous years, a section of the program will be set aside for last-minute papers - which will not be categorised in the same way, and which will not be selected until much closer to the conference, with the aim of being able to include much more up-to-the-minute material.
The full call for papers can be found here, and proposals for the conference can now be submitted. You have until 7 March 2014 to do so.
We are looking forward to receiving your abstracts - and to seeing you in Seattle.
Posted on 09 December 2013 by Martijn Grooten
At VB2019, JPCERT/CC's Shusei Tomonaga and Tomoaki Tani presented a paper on attacks that exploit vulnerabilities in software used only in Japan, using malware that is unique to Japan. Today we publish both their paper and the recording of their…
In a follow-up to a paper presented at VB2019, Prismo Systems researchers Abhishek Singh and Ramesh Mani detail algorithms that can be used to detect SQL injection in stored procedures, persistent cross-site scripting (XSS), and server‑side request…
VB is pleased to reveal the details of an interesting and diverse programme for VB2020, the 30th Virus Bulletin International Conference.
At VB2019 in London, Jamf's Patrick Wardle analysed the WindTail macOS malware used by the WindShift APT group, active in the Middle East. Today we publish both Patrick's paper and the recording of his presentation.
At VB2019 cybercrime journalist and researcher Adam Haertlé presented an analysis of almost 2000 unsolicited responses sent by victims of a malicious email campaign. Today we publish both his paper and the recording of his presentation.