Wednesday 5 October, 2016

Red room

Green room

Small talks

08:30 - 10:00   Wednesday 5 October
E   A   R   L   Y           M   O   R   N   I   N   G           R   E   F   R   E   S   H   M   E   N   T   S
10:30 - 10:50   Wednesday 5 October
Opening address
Martijn Grooten (Virus Bulletin)
(takes place in the Green room)
10:50 - 11:30   Wednesday 5 October
Opening Keynote
Christine Whalley (Pfizer)
(takes place in the Green room)
11:30 - 12:00   Wednesday 5 October
Wild Android Collusions
Prof. Igor Muttik (Intel Security)
Jorge Blasco (London City University)
11:30 - 12:00   Wednesday 5 October
Wave Your False Flags! Deception Tactics Muddying Attribution in Targeted Attacks      
Juan Andrés Guerrero-Saade (Kaspersky Lab)
Brian Bartholomew (Kaspersky Lab)
12:00 - 12:30   Wednesday 5 October
Beware! Zombies are Coming
Zhi Xu (Palo Alto Networks)
Tongbo Luo (Palo Alto Networks)
Cong Zheng (Palo Alto Networks)
12:00 - 12:30   Wednesday 5 October
APT Reports and OPSEC Evolution, or: These Are Not the APT Reports You Are Looking For
Gadi Evron (Cymmetria)
Inbar Raz (Perimeter X)
11:30 - 12:30   Wednesday 5 October
Security Challenges in Healthcare
John Alexander
12:30 - 14:00   Wednesday 5 October
L   U   N   C   H
14:00 - 14:30   Wednesday 5 October
Automating Visibility into User Behaviour Vulnerabilities to Malware Attack
Ferenc Leitold (Secudit)
Anthony Arrott (Secudit)
Eszter Oroszi (Secudit)
Kálmán Hadarics (Secudit)
14:00 - 14:30   Wednesday 5 October
“$ echo Internet $>_...”: Towards Practical Internet-wide Probing and Crawling
Zhaoyan Xu (Palo Alto Networks)
Jun Wang (Palo Alto Networks)
Yucheng Zhou (Palo Alto Networks)
Wei Xu (Palo Alto Networks)
Kyle Sanders (Palo Alto Networks)
14:30 - 15:00   Wednesday 5 October
Are They Real? Real-Life Comparative Tests of Anti-Virus Products   
Fanny Lalonde Lévesque (École Polytechnique de Montréal)
Jose M. Fernandez (École Polytechnique de Montréal)
Glaucia Young (Microsoft)
Dennis Batchelder (AppEsteem, and formerly Microsoft)
14:30 - 15:00   Wednesday 5 October
Detecting Man in the Middle Attacks With Canary Requests   
Brian Wallace (Cylance)
15:00 - 15:30   Wednesday 5 October
Breach Detection, Protection and Response Testing: The Next-Gen Approach
Simon Edwards (SE Labs)
15:00 - 15:30   Wednesday 5 October
Professional Phishers and Their Habits
Cristian Dantus (Bitdefender)
Marius Tibeica (Bitdefender)
14:00 - 15:30   Wednesday 5 October
Android Security
Sebastian Porst (Google)
Jason Woloz (Google)
15:30 - 16:00   Wednesday 5 October
T   E   A   /   C   O   F   F   E   E
16:00 - 16:30   Wednesday 5 October
Diving into Malware’s Furtive Plumbing
Omer Yair (IBM)
Or Safran (IBM)
16:00 - 16:30   Wednesday 5 October
One-Click Fileless Infection   
Himanshu Anand (Symantec)
Chastine Menrige (Symantec)
16:30 - 17:00   Wednesday 5 October
Trusted Code Execution on Untrusted Platform Using Intel SGX
Prof. Guevara Noubir (Northeastern University)
Amirali Sanatinia (Northeastern University)
16:30 - 17:00   Wednesday 5 October
Great Crypto Failures
Yaniv Balmas (Check Point Software Technologies)
Ben Herzog (Check Point Software Technologies)
16:00 - 17:00   Wednesday 5 October
IEEE Anti-Malware Support Service
Mark Kennedy (Symantec)
17:00 - 17:30   Wednesday 5 October
Attack Psychology – Using Behaviour to Identify Threats (sponsor presentation)
Lindsey Lack (E8 Security)
17:00 - 17:30   Wednesday 5 October
Trusted code signing abuse by malware and their exploitation of the CA verification process (sponsor presentation)
Geoff McDonald (Microsoft)
Duc Nguyen (Microsoft)
19:30 - 21:00   Wednesday 5 October
V   B   2   0   1   6           D   r   i   n   k   s           R   e   c   e   p   t   i   o   n

Thursday 6 October, 2016

Red room

Green room

Small talks

08:00 - 09:00   Thursday 6 October
E   A   R   L   Y           M   O   R   N   I   N   G           R   E   F   R   E   S   H   M   E   N   T   S
09:00 - 09:30   Thursday 6 October
Last-minute paper: Malicious Proxy auto-configs: An Easy Way to Harvest Banking Credentials   
Jaromir Horejsi (Avast Software)
Jan Sirmer (Avast Software)
09:00 - 09:30   Thursday 6 October
Building a Local PassiveDNS Capability for Malware Incident Response
Kathy Wang (Splunk)
Steve Brant (Splunk)
09:30 - 10:00   Thursday 6 October
Last-minute paper: BGP - From Route Hijacking to RPKI: How Vulnerable is the Internet?
Mike Benjamin (Level 3 Communications)
09:30 - 10:00   Thursday 6 October
Open Source Malware Lab
Robert Simmons (ThreatConnect)
10:00 - 10:30   Thursday 6 October
Last-minute paper: Nymaim: the Untold Story
Jarosław Jedynak (CERT Poland)
Maciej Kotowicz (CERT Poland)
10:00 - 10:30   Thursday 6 October
Debugging and Monitoring Malware Network Activities with Haka   
Benoit Ancel (Stormshield)
Mehdi Talbi (Stormshield)
09:00 - 10:30   Thursday 6 October
The Chinese Underground Economy: the Hook007 Group
Claire Ma (Qihoo 360)
Thomas Tian (Qihoo 360)
10:30 - 11:00   Thursday 6 October
T   E   A   /   C   O   F   F   E   E
11:00 - 11:30   Thursday 6 October
Anti-malware Testing Undercover   
Righard Zwienenberg (ESET)
Luis Corrons (Panda Security)
11:00 - 11:30   Thursday 6 October
Defeating Sandbox Evasion: How to Increase Successful Emulation Rate in your Virtualized Environment         
Stanislav Skuratovich (Check Point Software Technologies)
Aliaksandr Chailytko (Check Point Software Technologies)
11:30 - 12:00   Thursday 6 October
Last-minute paper: On the StrongPity Waterhole Attacks Targeting Italian and Belgian Encryption Users      
Kurt Baumgartner (Kaspersky Lab)
11:30 - 12:00   Thursday 6 October
(In-) Security of Smartphone AntiVirus and Security Apps   
Stephan Huber (Fraunhofer SIT)
Siegfried Rasthofer (Fraunhofer SIT/TU Darmstadt)
11:00 - 12:00   Thursday 6 October
Inside Exploit Kits
John Bambenek (Fidelis Cybersecurity)
12:00 - 12:30   Thursday 6 October
APT discussion
Costin Raiu (Kaspersky Lab)
Morgan Marquis-Boire (First Look Media / Citizen Lab)
Ryan Naraine (Kaspersky Lab)

(takes place in the Green room)
12:30 - 14:00   Thursday 6 October
L   U   N   C   H
14:00 - 14:30   Thursday 6 October
Last-minute paper: Challenges and Approaches of Cracking Ransomware   
hasherezade (Malwarebytes)
14:00 - 14:30   Thursday 6 October
Neverquest: Crime as a Service and On the Hunt for the Big Bucks
Peter Kruse (CSIS)
14:30 - 15:00   Thursday 6 October
Last-minute paper: Getting Duped: Piggybacking on Webcam Streams for Surreptitious Recordings
Patrick Wardle (Synack)
14:30 - 15:00   Thursday 6 October
Modern Attacks on Russian Financial Institutions
Anton Cherepanov (ESET)
Jean-Ian Boutin (ESET)
15:00 - 15:30   Thursday 6 October
Last-minute paper: A Malicious OS X Cocktail Served from a Tainted Bottle   
Peter Kalnai (ESET)
Martin Jirkal (ESET)
15:00 - 15:30   Thursday 6 October
Unveiling the Attack Chain of Russian-Speaking Cybercriminals
Wayne Huang (Proofpoint)
Sun Huang (Proofpoint)
14:00 - 15:30   Thursday 6 October
The Tor Project
David Goulet (The Tor Project)
15:30 - 16:00   Thursday 6 October
T   E   A   /   C   O   F   F   E   E
16:00 - 16:30   Thursday 6 October
Last-minute paper: The Beginning of the End(point): Where we are now and where we'll be in five years   
Adrian Sanabria (451 Research)
16:30 - 17:00   Thursday 6 October
SBDH Espionage Toolkit (sponsor presentation)
Tomas Gardon (ESET)
Peter Stancik (ESET)
19:30 - 23:30   Thursday 6 October
V   B   2   0   1   6           G   a   l   a           D   i   n   n   e   r

Friday 7 October, 2016

Red room

Green room

Small talks

08:30 - 09:30   Friday 7 October
E   A   R   L   Y           M   O   R   N   I   N   G           R   E   F   R   E   S   H   M   E   N   T   S
09:30 - 10:00   Friday 7 October
Smart Outlets. Why We Need Responsible Disclosure!
George Cabau (Bitdefender)
Radu Basaraba (Bitdefender)
Dragos Gavrilut (Bitdefender)
Ciprian Oprisa (Bitdefender)
09:30 - 10:00   Friday 7 October
Locky Strike: Smoking the Locky Ransomware Code   
Roland Dela Paz (Fortinet)
Rommel Joven (Fortinet)
Floser Bacurio (Fortinet)
10:00 - 10:30   Friday 7 October
Mobile Applications: a Backdoor into Internet of Things?         
Axelle Apvrille (Fortinet)
10:00 - 10:30   Friday 7 October
Real-Time Static Analysis: Detecting Zero-Day Ransomware Campaigns
Erdem Aktas (Intel)
Rachit Mathur (Intel)
10:30 - 11:00   Friday 7 October
T   E   A   /   C   O   F   F   E   E
11:00 - 11:30   Friday 7 October
Using Machine Learning to Stop Exploit Kits In-Line in Real-Time
Josiah Hagen (Trend Micro TippingPoint)
Brandon Niemczyk (Trend Micro TippingPoint)
Jonathan Andersson (Trend Micro TippingPoint)
11:00 - 11:30   Friday 7 October
All Your Creds Are Belong To Us   
Santiago Martin Pontiroli (Kasperky Lab)
Bart Parys (PwC)
11:30 - 12:00   Friday 7 October
Uncovering The Secrets Of Malvertising   
Jérôme Segura (Malwarebytes)
Chris Boyd (Malwarebytes)
11:30 - 12:00   Friday 7 October
Diving into Pinkslipbot's Latest Campaign
Sanchit Karve (Intel Security)
Guilherme Venere (Intel Security)
Mark Olea (Intel Security)
12:00 - 12:30   Friday 7 October
The Good, The bad & The Ugly: The Advertiser, the Bot & the Traffic Broker   
Matthieu Faou (École Polytechnique de Montréal)
Joan Calvet (ESET)
Antoine Lemay (École Polytechnique de Montréal)
José Fernandez (École Polytechnique de Montréal)
Pierre-Marc Bureau (Google)
12:00 - 12:30   Friday 7 October
The Elknot DDoS Botnets We Watched   
Ya Liu (Qihoo 360)
Hui Wang (Qihoo 360)
11:00 - 12:30   Friday 7 October
The Clean Software Alliance: the Enforcement Perspective
Adam Agensky (Clean Software Alliance)
12:30 - 14:00   Friday 7 October
L   U   N   C   H
14:00 - 14:30   Friday 7 October
Exploit Millions of Pebble Smartwatches for Fun and Profit
Yulong Zhang (Baidu X-Lab)
Lenx Wei (Baidu X-Lab)
14:00 - 14:30   Friday 7 October
Operation Sentry Stopper: A Long-Standing Cyber Espionage   
Lenart Bermejo (Trend Micro)
Mingyen Hsieh (Trend Micro)
Razor Huang (Trend Micro)
14:30 - 15:00   Friday 7 October
GPS Attacks on a 'Shoe String': Methods of Analysis and Countermeasures
Oleg Petrovsky (HP)
14:30 - 15:00   Friday 7 October
BlackEnergy – What We Really Know About the Notorious Cyber Attacks
Robert Lipovsky (ESET)
Anton Cherepanov (ESET)
14:30 - 15:00   Friday 7 October
Automatic Classifying of Mac OS X Samples
Spencer Hsieh (Trend Micro)
Pin Wu (Trend Micro)
Haoping Liu (Trend Micro)
15:00 - 15:30   Friday 7 October
T   E   A   /   C   O   F   F   E   E
15:30 - 16:10   Friday 7 October
Closing Keynote
Morgan Marquis-Boire (First Look Media / Citizen Lab)
(takes place in the Green room)
16:10 - 16:30   Friday 7 October
Closing address
Martijn Grooten (Virus Bulletin)
(takes place in the Green room)
slide-icon.jpg Slides available to download (PDF format)
paper-icon.jpg Paper available to read in HTML format or download as PDF
recording-icon.jpg Recording uploaded to our YouTube channel

Reserve papers