VB2018 preview: Workshops

Posted by   Martijn Grooten on   Sep 28, 2018

The Virus Bulletin Conference is first and foremost a place to learn: about new threats, about the tools used to detect and fight them, and to learn about (and get to know) the people that matter in the fast-changing world of threat intelligence and research.

This year, you can also learn about some essential techniques that are important for any cybersecurity researcher: kernel-mode malware analysis, Android reverse engineering, and AI in cybersecurity.


Dynamic manual analysis of kernel-mode malware

Though analysis of the vast majority of malware samples found these days is fully automated, manual analysis remains essential for those important and often more interesting edge cases. Cisco Talos researcher Vanja Svajcer, a regular VB speaker, will teach the audience how to perform dynamic manual analysis of kernel-mode malware, in particular using WinDbg.

Vanja says attendees will benefit from the hands-on examples if they are able to bring a laptop set up with Windows debugging tools.


Android reverse engineering

Android malware has become a serious and varied threat in recent years, and thus a workshop by Fortinet researcher Axelle Apvrille (also a regular VB speaker) on Android malware analysis is an exciting addition to the programme. Her workshop is, as the title suggests, 'for the brave', and will consists of several guided labs to cover subjects such as dealing with obfuscated samples and writing Radare2 scripts.

For this workshop, it will be necessary to bring a laptop that has been prepared by following these instructions.


Artificial intelligence in cybersecurity

Finally, artificial intelligence is a hot topic in security and beyond, and it is a particular focus of the city of Montreal that hosts VB2018. It is thus fitting that Benoît Hamelin, from local company Element AI, will host a workshop on AI and how it support efforts towards solving certain classes of cybersecurity problems.

To benefit from Benoît's hands-on examples, participants are recommended to bring a laptop in order to use the cloud-based Colaboratory.

All three workshops last 90 minutes and take place in the Small Talks room. No special registration or additional payment is required, but you must, of course, be registered for VB2018 itself!

VB2018-withdate-325w.jpg

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

The spam that is hardest to block is often the most damaging

We see a lot of spam in the VBSpam test lab, and we also see how well such emails are being blocked by email security products. Worryingly, it is often the emails with a malicious attachment or a phishing link that are most likely to be missed.

Throwback Thursday: We're all doomed

Mydoom turns 15 this month, and is still being seen in email attachments. This Throwback Thursday we look back to March 2004, when Gabor Szappanos tracked the rise of W32/Mydoom.

VB2019 call for papers - now open!

Have you analysed a new online threat? Do you know a new way to defend against such threats? Are you tasked with securing systems and fending off attacks? The call for papers for VB2019 is now open and we want to hear from you!

VB2018 paper: Unpacking the packed unpacker: reversing an Android anti-analysis library

Today, we publish a VB2018 paper by Google researcher Maddie Stone in which she looks at one of the most interesting anti-analysis native libraries in the Android ecosystem. We also release the recording of Maddie's presentation.

VB2018 paper: Draw me like one of your French APTs – expanding our descriptive palette for cyber threat actors

Today, we publish the VB2018 paper by Chronicle researcher Juan Andres Guerrero-Saade, who argues we should change the way we talk about APT actors.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.