Small Talks return to the Virus Bulletin Conference

Posted by   Martijn Grooten on   Aug 26, 2016

VB2015 was the 25th Virus Bulletin conference and, to celebrate the occasion, we added a third stream to the programme. Dubbed "Small Talks", these talks were longer than those on the regular programme and took place in a smaller room, which allowed for a more informal discussion. Various subjects were covered, ranging from targeted attacks on civil society to the security changes in the then new Windows 10 operating system.

The Small Talks proved to be very popular and as a result, we decided to keep them on the VB2016 programme in the same format as last year.

ST-Porst.jpg

Sebastian Porst presented at VB2015 and will return to VB2016 with a Small Talk on Android security.

  • As the most widely used mobile operating system, Android is a popular target for malware authors. Sebastian Porst and Jason Woloz from Google's Android Security Team will lead a discussion, aiming to create a dialogue with the security community with the goal of establishing opportunities for collaborative problem solving.

  • The IEEE's Anti-Malware Support Service is one of many collaborative efforts that have sprung from Virus Bulletin talks (in this case, talks at VB2011 and VB2012). Symantec researcher Mark Kennedy, one of the driving forces behind the AMSS, will provide an update on the Taggant system and the Clean-file Metadata eXchange, and will also discuss with the audience where the IEEE might concentrate its efforts in the future.

  • Though it is the country with the largest online population, language and cultural barriers make the Chinese Internet a terra incognita for many security experts. Researchers from Qihoo 360's Helios team will help overcome this problem by discussing their findings on the 'Hook007 Group', possibly the country's largest and oldest cybercrime group.

  • Earlier this week, we wrote about the vast amount of research dedicated to exploit kits. Many of the researchers who carry out this work will be in Denver, and they should be keen to join a session led by Fidelis researcher John Bambernek, where the latest research into exploit kits, including collaborative efforts to tackle them, will be discussed.

  • torlogothumb.pngThere are few security professionals who do not occasionally use the Tor network. But most of them will also have seen how the network is commonly used by cybercriminals to hide their infrastructure. We invited David Goulet, a core member of Tor's development team, to explain to delegates how the network and its 'hidden services' work, after which he will engage in a discussion with the malware research community to find out how the research community and the Tor Project can help each other.

  • Finally, the Clean Software Alliance returns to present a Small Talk. The CSA aims to codify and operationalize industry best practices among the software distribution ecosystem. This Small Talk will be aimed primarily at members of the security community and will focus on the enforcement perspective.

We will also use the Small Talks room to give the authors of the three reserve papers an opportunity to present their research (unless we need them to step in to fill a space on the main programme!).

The call for last-minute papers  presentations that address up-to-the-minute and emerging topics and research – remains open until 4 September, soon after which we will be announcing the final additions to the conference programme.

In the meantime, don't forget to register for VB2016!

VB2016-dates-web.jpg

 

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

Necurs pump-and-dump spam campaign pushes obscure cryptocurrency

A Necurs pump-and-dump spam campaign pushing the lesser known Swisscoin botnet is mostly background noise for the Internet.

Alleged author of creepy FruitFly macOS malware arrested

A 28-year old man from Ohio has been arrested on suspicion of having created the mysterious FruitFly malware that targeted macOS and used it to spy on its victims.

The threat and security product landscape in 2017

At the start of the new year, Virus Bulletin looks back at the threats seen in the 2017 and at the security products that are available to help mitigate them.

Spamhaus report shows many botnet controllers look a lot like legitimate servers

Spamhaus's annual report on botnet activity shows that botherders tend to use popular, legitimate hosting providers, domain registrars and top-level domains when setting up command-and-control servers.

Tips on researching tech support scams

As tech support scammers continue to target the computer illiterate through cold calling, VB's Martijn Grooten uses his own experience to share some advice on how to investigate such scams.