VB2016 'Last-Minute' Papers Announced

Posted by   Martijn Grooten on   Sep 13, 2016

With a little over three weeks to go until VB2016, the conference programme is almost complete. We have a great selection of talks on the main programme, half a dozen Small Talks that we hope will lead to interesting discussions among participants, and a closing keynote from Morgan Marquis-Boire, the hacker, security researcher and journalist, known for his work for Citizen Lab and The Intercept.

We are excited to announce the addition of nine 'last-minute' papers to the programme: presentations covering very hot research topics, which were selected just last week.

Last year's closing keynote speaker, Kaspersky Lab researcher Costin Raiu, is back with a last-minute presentation on unattributed APT groups, which promises to be very exciting. The same holds for a presentation by his colleague Kurt Baumgartner, who will discuss watering hole attacks targeting Italian and Belgian users of encryption.

costinraiuvb2015.png

Not all attacks that affect businesses and individuals are targeted, and one of the most serious threats in the past few years has been ransomware. Though unbreakable when things are done right, fortunately mistakes are often made, allowing researchers to write decryption tools. Malwarebytes researcher hasherezade will talk about her efforts to break recent ransomware families.

If malware doesn't go after your files, then it often goes after your online banking details. Two last-minute presentations will look at banking malware, which remains a serious threat around the world. Jarosław Jedynak from CERT Poland will discuss Nymaim, malware that has targeted more than 270 Polish banks, while Avast's Jaromir Horejsi and Jan Sirmer will discuss how malicious proxy auto-config (PAC) files are used by the Retefe banking trojan.

It's not only Windows users that have to worry about threats these days: malware targeting OS X is increasingly common. ESET researchers Peter Kalnai and Martin Jirkal will discuss how both the KeRanger and the Keydnap malware were distributed as recompiled versions of the legitimate Transmission Bittorrent client. Synack's Patrick Wardle will present a new vector for malware on OS X to stealthily record audio and video, and will also look at the audio/video capture capabilities of the newly discovered Mokes trojan.

patrickwardlevb2015.png

With malware still as big a threat as it was a decade ago, there is understandably a lot of focus on endpoint security. However, the market of endpoint security products is rapidly changing. Adrian Sanabria from 451 Research will discuss these changes and predict how the market may look in five years' time.

Finally, not all attacks take place on the endpoint. The Border Gateway Protocol (BGP) is both an important glue that allows us to route packers over the Internet and a weak point that can (and sometimes is) abused. Mike Benjamin from Level 3 Communications will discuss the current state of BGP and what can be done to improve security.

Want to join us in Denver? Registration for VB2016 is still open and if you're a first time attendee (from a first-time company) you get a 30% discount!VB2016-dates-web.jpg

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

Necurs pump-and-dump spam campaign pushes obscure cryptocurrency

A Necurs pump-and-dump spam campaign pushing the lesser known Swisscoin botnet is mostly background noise for the Internet.

Alleged author of creepy FruitFly macOS malware arrested

A 28-year old man from Ohio has been arrested on suspicion of having created the mysterious FruitFly malware that targeted macOS and used it to spy on its victims.

The threat and security product landscape in 2017

At the start of the new year, Virus Bulletin looks back at the threats seen in the 2017 and at the security products that are available to help mitigate them.

Spamhaus report shows many botnet controllers look a lot like legitimate servers

Spamhaus's annual report on botnet activity shows that botherders tend to use popular, legitimate hosting providers, domain registrars and top-level domains when setting up command-and-control servers.

Tips on researching tech support scams

As tech support scammers continue to target the computer illiterate through cold calling, VB's Martijn Grooten uses his own experience to share some advice on how to investigate such scams.