Wednesday 30 September, 2015

Red room

Green room

Small talks

10:50 - 11:30   Wednesday 30 September
Keynote address: The Internet of Bad Things, Observed      
Ross Anderson (University of Cambridge)
(takes place in the Green room)
11:30 - 12:00   Wednesday 30 September
Economic sanctions on malware      
Prof. Igor Muttik (Intel Security)
11:30 - 12:00   Wednesday 30 September
DDoS trojan: a malicious concept that conquered the ELF format         
Peter Kalnai (Avast Software)
Jaromir Horejsi (Avast Software)
11:30 - 12:00   Wednesday 30 September
A timeless watch — ransomware on IoT devices
Candid Wueest (Symantec)
12:00 - 12:30   Wednesday 30 September
Sizing cybercrime: incidents and accidents, hints and allegations         
Stephen Cobb (ESET)
12:00 - 12:30   Wednesday 30 September
Doing more with less: a study of file-less infection attacks         
Benjamin S. Rivera (Trend Micro)
Rhena U. Inocencio (Trend Micro)
12:00 - 12:30   Wednesday 30 September
SSL man-in-the-middle secure solution
Mark Kennedy (Symantec)
Righard Zwienenberg (ESET)
Prof. Igor Muttik (Intel Security)
14:00 - 14:30   Wednesday 30 September
Attack on the drones: security vulnerabilities of unmanned aerial vehicles         
Oleg Petrovsky (HP)
14:00 - 14:30   Wednesday 30 September
It's a file infector... it's ransomware... it's Virlock         
Vlad Craciun (Bitdefender)
Andrei Nacu (Bitdefender)
Mihail Andronic (Bitdefender)
14:30 - 15:00   Wednesday 30 September
Modelling the network behaviour of malware to block malicious patterns. The Stratosphere Project: a behavioural IPS         
Sebastian Garcia (CTU University - Prague)
14:30 - 15:00   Wednesday 30 September
The evolution of ransomware: from CryptoLocker to CryptoWall   
Christy Chung (Fortinet)
Neo Tan (Fortinet)
15:00 - 15:30   Wednesday 30 September
The Kobayashi Maru dilemma         
Morton Swimmer (Trend Micro)
Nick FitzGerald (Independent researcher)
Andrew Lee (ESET)
15:00 - 15:30   Wednesday 30 September
The TAO of .NET and PowerShell malware analysis         
Santiago Pontiroli (Kaspersky Lab)
Roberto Martinez (Kaspersky Lab)
14:00 - 15:30   Wednesday 30 September
Windows 10 and the anti-malware ecosystem   
Dennis Batchelder (Microsoft)
16:00 - 16:30   Wednesday 30 September
Does prevalence matter? Ranking anti-malware products by potential victim impact         
Holly Stewart (Microsoft)
Peter Stelzhammer (AV-Comparatives)
Philippe Rödlach (AV-Comparatives)
Andreas Clementi (AV-Comparatives)
16:00 - 16:30   Wednesday 30 September
Botnet milking: malware freshly served from the source
Moritz Kroll (Avira)
Philipp Wolf (Avira)
Jan-Eric Herting (Avira)
Ayoub Faouzi (Avira)
16:30 - 17:00   Wednesday 30 September
A quantitative examination of the current state of corporate security practices         
Clint Gibler (NCC Group Domain Services)
16:30 - 17:00   Wednesday 30 September
WaveAtlas: surfing through the landscape of current malware packers         
Fanny Lalonde Lévesque (École Polytechnique de Montréal)
Erwann Traourouder (École Polytechnique de Montréal)
François Menet (École Polytechnique de Montréal)
Jean-Yves Marion (Université de Lorraine)
Jose M. Fernandez (École Polytechnique de Montréal)
Joan Calvet (ESET)
16:00 - 17:00   Wednesday 30 September
The Clean Software Alliance, security, and the future of unwanted behaviours
Nav Jagpal (Google)
Barak Shein (Microsoft)

Thursday 1 October, 2015

Red room

Green room

Small talks

09:00 - 09:30   Thursday 1 October
Solving the (in)security of home networked devices         
Pavel Sramek (Avast Software)
Martin Smarda (Avast Software)
09:00 - 09:30   Thursday 1 October
Last-minute paper: We know what you did this summer: Android banking trojan exposing its sins in the cloud      
Stephan Huber (Fraunhofer SIT)
Siegfried Rasthofer (TU Darmstadt / CASED)
Carlos Castillo (Intel Security)
Eric Bodden (TU Darmstadt / Fraunhofer SIT)
Alex Hinchliffe (Intel Security)
09:30 - 10:00   Thursday 1 October
Ubiquity, security and you - malware, security and the Internet of Things         
Heather Goudey (Independent researcher)
Jasmine Sesso (Microsoft)
09:30 - 10:00   Thursday 1 October
Last-minute paper: From Asia with love? Smartphones with pre-installed malware      
Alexander Burris (G Data Software)
10:00 - 10:30   Thursday 1 October
POS fraud - trends and counter-actions to mass fraud      
Ken Dunham (iSIGHT Partners)
10:00 - 10:30   Thursday 1 October
Last-minute paper: Making a dent in Russian mobile banking phishing   
Sebastian Porst (Google)
09:00 - 10:30   Thursday 1 October
Helping the helpless: targeted threats to civil society
Claudio Guarnieri (Independent researcher)
11:00 - 11:30   Thursday 1 October
Speaking Dyreza protocol. Advantages of 'learning' a new language      
Alexandru Maximciuc (Bitdefender)
Cristina Vatamanu (Bitdefender)
11:00 - 11:30   Thursday 1 October
Last-minute paper: Anonymizing VPN services as a botnet monetization strategy — analysing the Bunitu botnet   
Sergei Frankoff (Sentrant)
hasherezade (Malwarebytes)
11:30 - 12:00   Thursday 1 October
Anonymity is king         
Michael John S. Marcos (Trend Micro)
Anthony Joe Melgarejo (Trend Micro)
11:30 - 12:00   Thursday 1 October
Last-minute paper: Duqu 2.0 Win32k exploit analysis   
Jeong Wook Oh (Microsoft)
Elia Florio (Microsoft)
12:00 - 12:30   Thursday 1 October
How malware eats cookies - an empirical study of cookies in malware's communication
Zhaoyan Xu (Palo Alto Networks)
Wei Xu (Palo Alto Networks)
Kyle Sanders (Palo Alto Networks)
12:00 - 12:30   Thursday 1 October
Last-minute paper: Exposing Gatekeeper   
Patrick Wardle (Synack)
11:00 - 12:30   Thursday 1 October
I am the Cavalry   
Claus Cramon Houmann (I am the Cavalry)
14:00 - 14:30   Thursday 1 October
Mobile banking fraud via SMS in North America: who's doing it and how      
Cathal Mc Daid (Adaptive Mobile Security)
14:00 - 14:30   Thursday 1 October
Last-minute paper: Operation Potao Express: analysis of a cyber-espionage toolkit   
Robert Lipovsky (ESET)
Anton Cherepanov (ESET)
14:30 - 15:00   Thursday 1 October
Will Android trojan, worm or rootkit survive in SEAndroid and containerization?         
William Lee (Sophos)
Rowland Yu (Sophos)
14:30 - 15:00   Thursday 1 October
Last-minute paper: Linux/Moose endangered or extinct? An update on this atypical embedded Linux botnet      
Olivier Bilodeau (ESET)
15:00 - 15:30   Thursday 1 October
Dare 'DEVIL': beyond your senses with Dex Visualizer         
Jun Yong Park (AhnLab)
Seolwoo Joo (AhnLab)
15:00 - 15:30   Thursday 1 October
Last-minute paper: The mysterious case of Linux.Wifatch   
Mario Ballano (Symantec)
14:00 - 15:30   Thursday 1 October
Personnel shortage and diversity in IT: Is it truly a problem?
Stephen Cobb (ESET)
Lysa Myers (ESET)
16:00 - 16:30   Thursday 1 October
Android ransomware: turning CryptoLocker into CryptoUnlocker (live demo)         
Alexander Adamov (NioGuard Security Lab)
16:00 - 16:30   Thursday 1 October
Last-minute paper: TurlaSat: The Fault in our Stars      
Kurt Baumgartner (Kaspersky Lab)
16:30 - 17:00   Thursday 1 October
Malware classification meets crowd sourcing (sponsor presentation)
John Park (HP)

Friday 2 October, 2015

Red room

Green room

Small talks

09:30 - 10:00   Friday 2 October
The Volatility Bot-Excavator         
Martin Korman (IBM Trusteer)
09:30 - 10:00   Friday 2 October
The ethics and perils of APT research: an unexpected transition into intelligence brokerage         
Juan Andrés Guerrero-Saade (Kaspersky Lab)
10:00 - 10:30   Friday 2 October
Labeless - no more         
Aliaksandr Chailytko (Check Point)
Aliaksandr Trafimchuk (Check Point)
10:00 - 10:30   Friday 2 October
Effectively testing APT defences         
Simon PG Edwards (Dennis Technology Labs)
Richard Ford (Florida Institute of Technology)
Gabor Szappanos (Sophos)
09:30 - 10:30   Friday 2 October
Lightning talks
Various people ()
11:00 - 11:30   Friday 2 October
Inside recent FQDN (Fully Qualified Domain Name) surges on the Internet   
Erik Wu (Nominum)
11:00 - 11:30   Friday 2 October
Digital 'Bian Lian' (face changing): the skeleton key malware         
Chun Feng (Microsoft)
Michael Cherny (Microsoft)
Tal Be'ery (Microsoft)
Stewart McIntyre (Dell SecureWorks)
11:30 - 12:00   Friday 2 October
Breaking the bank(er): automated configuration data extraction for banking malware         
James Wyke (Sophos)
11:30 - 12:00   Friday 2 October
Catching the silent whisper: understanding the Derusbi family tree      
Neo Tan (Fortinet)
Micky Pun (Fortinet)
Eric Leung (Fortinet)
12:00 - 12:30   Friday 2 October
ROSCO: Repository Of Signed COde         
Dorottya Papp (CrySyS Lab)
Balázs Kócsó (CrySyS Lab)
Tamás Holczer (CrySyS Lab)
Levente Buttyán (CrySyS Lab)
Boldizsár Bencsáth (CrySyS Lab)
12:00 - 12:30   Friday 2 October
C&C-as-a-Service: abusing third-party web services as C&C channels         
Artturi Lehtiö (F-Secure Corporation)
11:00 - 12:30   Friday 2 October
Operation Safety-Net: global best practices provide a secure path forward
Neil Schwartzman (Messaging - Mobile & Malware Anti-Abuse Working Group)
14:00 - 14:30   Friday 2 October
Dead and buried in their crypts: defeating modern ransomware         
Samir Mody (K7 Computing)
Gregory Panakkal (K7 Computing)
14:00 - 14:30   Friday 2 October
The elephant in the room         
Marion Marschalek (Cyphort)
14:00 - 14:30   Friday 2 October
Cross-platform mobile malware: write once run everywhere      
William Lee (Sophos)
Xinran Wu (Sophos)
14:30 - 15:00   Friday 2 October
Building a malware lab in the age of Big Data      
Vanja Svajcer (HP)
14:30 - 15:00   Friday 2 October
The Unbearable Lightness of APTing         
Yaniv Balmas (Check Point Software Technologies)
Shahar Tal (Check Point Software Technologies)
Ron Davidson (Check Point Software Technologies)
14:30 - 15:00   Friday 2 October
Stego-malware in Google Play. Findings and limitations
Alfonso Muñoz (11paths - Telefonica)
Antonio Guzmán (11paths - Telefonica)
15:30 - 16:10   Friday 2 October
Keynote address: One man's anti-malware researcher is...   
Costin Raiu (Kaspersky Lab)
(takes place in the Green room)

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.