VB2017 Programme

 

Wednesday 4 October, 2017

Red room

Green room

Small talks

08:30 - 10:00   Wednesday 4 October
E   A   R   L   Y           M   O   R   N   I   N   G           R   E   F   R   E   S   H   M   E   N   T   S
10:30 - 10:50   Wednesday 4 October
VB2017 opening address

(takes place in the Green room)
10:50 - 11:30   Wednesday 4 October
Keynote address: Inside Cloudbleed
John Graham-Cumming (Cloudflare)

(takes place in the Green room)
11:30 - 12:00   Wednesday 4 October
Have you scanned your BIOS recently?   
Aditya Kapoor (Cylance)
11:30 - 12:00   Wednesday 4 October
BPH exposed - RBN never left they just adapted and evolved. Did you?
Dhia Mahjoub (Cisco Umbrella (OpenDNS))
Jason Passwaters (Intel471)
11:30 - 12:30   Wednesday 4 October
EICAR trustworthiness strategy and minimum standard   
Sachar Paulus (EICAR)
Rainer Fahs (EICAR)
Marcel Eberling (EICAR)
12:00 - 12:30   Wednesday 4 October
Getting under the skin: an in-depth look at MSIL malware obfuscation techniques and strategies for deobfuscation
Kaarthik Muthukrishnan (K7 Computing)
12:00 - 12:30   Wednesday 4 October
Walking in your enemy's shadow: when fourth-party collection becomes attribution hell      
Juan Andres Guerrero-Saade (Kaspersky Lab)
Costin Raiu (Kaspersky Lab)
 
12:30 - 14:00   Wednesday 4 October
L   U   N   C   H
14:00 - 14:30   Wednesday 4 October
Nine circles of Cerber
Stanislav Skuratovich (Check Point Software Technologies)
Or Eshed (Check Point Software Technologies)
Yaniv Balmas (Check Point Software Technologies)
14:00 - 14:30   Wednesday 4 October
Modern reconnaissance phase on APT – protection layer
Paul Rascagneres (Cisco Talos)
Warren Mercer (Cisco Talos)
14:00 - 15:30   Wednesday 4 October
Calling all PUA fighters!
Dennis Batchelder (AppEsteem)
14:30 - 15:00   Wednesday 4 October
Dridex v4 - AtomBombing and other surprises
Magal Baz (IBM)
14:30 - 15:00   Wednesday 4 October
Digital security and human rights: tales and trends from the frontline
Claudio Guarnieri (Amnesty International)
 
15:00 - 15:30   Wednesday 4 October
Browser attack points still abused by banking trojans   
Peter Kalnai (ESET)
Michal Poslusny (ESET)
15:00 - 15:30   Wednesday 4 October
The sprawling market of consumer spyware   
Joseph Cox (The Daily Beast)
 
15:30 - 16:00   Wednesday 4 October
T   E   A   /   C   O   F   F   E   E
16:00 - 16:30   Wednesday 4 October
Hacktivism and website defacement: motivations, capabilities and potential threats
Marco Romagna (The Hague University of Applied Sciences)
Niek Jan van den Hout (The Hague University of Applied Sciences)
16:00 - 16:30   Wednesday 4 October
Offensive malware analysis: dissecting OSX/FruitFly via a custom C&C server
Patrick Wardle (Synack)
16:00 - 17:30   Wednesday 4 October
WHOIS in peril?
Neil Schwartzman (CAUCE)
16:30 - 17:00   Wednesday 4 October
Crypton - exposing malware's deepest secrets         
Julia Karpin (F5 Networks)
Anna Dorfman (F5 Networks)
16:30 - 17:00   Wednesday 4 October
XAgent: APT28 cyber espionage on macOS
Tiberius Axinte (Bitdefender)
 
17:00 - 17:30   Wednesday 4 October
A visit to the dark side (sponsor presentation)
Tony Anscombe (ESET)
 
 
19:30 - 21:00   Wednesday 4 October
V   B   2   0   1   7           d   r   i   n   k   s           r   e   c   e   p   t   i   o   n

 

Thursday 5 October, 2017

Red room

Green room

Small talks

08:00 - 09:00   Thursday 5 October
E   A   R   L   Y           M   O   R   N   I   N   G           R   E   F   R   E   S   H   M   E   N   T   S
09:00 - 09:30   Thursday 5 October
The life story of an IPT - Inept Persistent Threat actor
Adam Haertlé (BadCyber.com)
09:00 - 09:30   Thursday 5 October
Last-minute paper: Publishing our malware stats   
Jason Woloz (Google)
09:00 - 10:00   Thursday 5 October
The CCleaner security incident
Jakub Křoustek (Avast)
Jiří Bracek (Avast)
09:30 - 10:00   Thursday 5 October
Operation Orca - a cyber espionage diving in the ocean for at least six years
Chia-Ching Fang (Trend Micro)
Shih-Hao Weng (Trend Micro)
09:30 - 10:00   Thursday 5 October
Last-minute paper: Webview is far more than a 'view'   
Rowland Yu (Sophos)
 
10:00 - 10:30   Thursday 5 October
Linking Xpaj and Nymaim
Doina Cosovan (Security Scorecard)
Catalin Valeriu Lita (Security Scorecard)
10:00 - 10:30   Thursday 5 October
Last-minute paper: FinFisher: New techniques and infection vectors revealed
Filip Kafka (ESET)
10:30 - 11:00   Thursday 5 October
T   E   A   /   C   O   F   F   E   E
11:00 - 11:30   Thursday 5 October
Last-minute paper: Spora: the saga continues a.k.a. how to ruin your research in a week
Jakub Kroustek (Avast)
Előd Kironský (ESET)
11:00 - 11:30   Thursday 5 October
Android reverse engineering tools: not the usual suspects   
Axelle Apvrille (Fortinet)
11:00 - 12:30   Thursday 5 October
The (testing) world turned upside down      
David Harley (ESET)
John Hawes (AMTSO)
11:30 - 12:00   Thursday 5 October
Last-minute paper: The shell in the web
Simon Roses Femerling (VULNEX)
11:30 - 12:00   Thursday 5 October
The router of all evil: more than just default passwords and silly scripts   
Himanshu Anand (Symantec)
Chastine Menrige (Symantec)
 
12:00 - 12:30   Thursday 5 October
Last-minute paper: Turning Trickbot: decoding an encrypted command-and-control channel      
Andrew Brandt (Symantec)
12:00 - 12:30   Thursday 5 October
Mariachis and jackpotting: ATM malware from Latin America
Thiago Marques (Kaspersky Lab)
Fabio Assolini (Kaspersky Lab)
 
12:30 - 14:00   Thursday 5 October
L   U   N   C   H
14:00 - 14:30   Thursday 5 October
Consequences of bad security in health care   
Jelena Milosevic (Independent security researcher)
14:00 - 14:30   Thursday 5 October
Last-minute paper: Client Maximus raises the bar
Omer Agmon (IBM Trusteer)
14:00 - 15:30   Thursday 5 October
The encryption vs. inspection debate
Nick Sullivan (Cloudflare)
14:30 - 15:00   Thursday 5 October
Minimum viable security: reaching a realistic SMB security maturity?
Claus Cramon Houmann (Peerlyst)
14:30 - 15:00   Thursday 5 October
Last-minute paper: Industroyer: biggest threat to industrial control systems since Stuxnet
Anton Cherepanov (ESET)
Robert Lipovsky (ESET)
 
15:00 - 15:30   Thursday 5 October
The state of cybersecurity in Africa: Kenya
Tyrus Kamau (Euclid Consultancy)
15:00 - 15:30   Thursday 5 October
Last-minute paper: Battlefield Ukraine: finding patterns behind summer cyber attacks   
Alexander Adamov (NioGuard Security Lab)
Anders Carlsson (Blekinge Institute of Technology)
 
15:30 - 16:00   Thursday 5 October
T   E   A   /   C   O   F   F   E   E
16:00 - 16:30   Thursday 5 October
Inside Netrepser – a JavaScript-based targeted attack
Cristina Vatamanu (Bitdefender)
Adrian Schipor (Bitdefender)
Alexandru Maximciuc (Bitdefender)
16:00 - 16:30   Thursday 5 October
Exploring the virtual worlds of advergaming
Chris Boyd (Malwarebytes)
16:30 - 17:00   Thursday 5 October
Habo SecBox: run and monitor malware on real Android device (sponsor presentation)
Song Lanqi (Tencent)
Wang Bin (Tencent)
19:30 - 23:30   Thursday 5 October
P   r   e   -   d   i   n   n   e   r           d   r   i   n   k   s           f   o   l   l   o   w   e   d           b   y           g   a   l   a           d   i   n   n   e   r

 

Friday 6 October, 2017

Red room

Green room

Small talks

08:30 - 09:30   Friday 6 October
E   A   R   L   Y           M   O   R   N   I   N   G           R   E   F   R   E   S   H   M   E   N   T   S
09:30 - 10:00   Friday 6 October
VirusTotal tips, tricks, and myths
Randy Abrams (Independent security analyst)
09:30 - 10:00   Friday 6 October
The story of one geographically and industrially targeted zero-day
Denis Legezo (Kaspersky Lab)
10:00 - 10:30   Friday 6 October
Chkrootkit: eating APTs for breakfast since 1997
Nelson Murilo Rufino (Pangeia)
10:00 - 10:30   Friday 6 October
When worlds collide - the story of the Office exploit builders
Gabor Szappanos (Sophos)
10:00 - 10:30   Friday 6 October
Record and replay debugging against in-the-wild exploit kits and other practical cases
Jarkko Turkulainen (F-secure)
Jarno Niemelä (F-secure)
10:30 - 11:00   Friday 6 October
T   E   A   /   C   O   F   F   E   E
11:00 - 11:30   Friday 6 October
Malware deobfuscation: symbolic analysis to the rescue!   
Sébastien Bardin (CEA LIST)
Robin David (CEA LIST)
Jean-Yves Marion (LORIA)
11:00 - 11:30   Friday 6 October
Stuck between a ROC and a hard place   
Holly Stewart (Microsoft)
11:00 - 12:30   Friday 6 October
Lessons learned from the WannaCry outbreak
Razvan Gavrila (ENISA)
11:30 - 12:00   Friday 6 October
Say hi to malware - using a deep learning method to understand malicious traffic
Zhaoyan Xu (Palo Alto Networks)
Tongbo Luo (Palo Alto Networks)
Wei Xu (Palo Alto Networks)
Kyle Sanders (Palo Alto Networks)
Xin Ouyang (Palo Alto Networks)
11:30 - 12:00   Friday 6 October
Knock, knock, knocking on PwC's door
Bart Parys (PwC)
 
12:00 - 12:30   Friday 6 October
Still a lot to learn: bypassing machine-learning AV solutions
Gilbert Sison (Trend Micro)
Brian Cayanan (Trend Micro)
12:00 - 12:30   Friday 6 October
From insider threat to insider asset: a practical guide
Kristin Leary (Forcepoint)
Richard Ford (Forcepoint)
 
12:30 - 14:00   Friday 6 October
L   U   N   C   H
14:00 - 14:30   Friday 6 October
Beyond lexical and PDNS: using signals on graphs to uncover online threats at scale
Dhia Mahjoub (Cisco Umbrella (OpenDNS))
David Rodriguez (Cisco Umbrella (OpenDNS))
14:00 - 14:30   Friday 6 October
The rise and fall of Bayrob
Ryan MacFarlane (FBI)
Liam O Murchu (Symantec)
14:00 - 14:30   Friday 6 October
Peering into spam botnets
Maciej Kotowicz (CERT Poland)
Jarosław Jedynak (CERT Poland)
14:30 - 15:00   Friday 6 October
A new technique for detecting and blocking the installation of a malicious software based on the reputation of loadpoint n-grams
Sujit Magar (Symantec)
Prachi Jhanwar (Symantec)
Nitin Shekokar (Symantec)
14:30 - 15:00   Friday 6 October
Your role in child abuse
Mick Moran (An Garda Síochána)
14:30 - 15:00   Friday 6 October
Malware on the Go
Angel Villegas (Cisco Systems)
15:00 - 15:30   Friday 6 October
T   E   A   /   C   O   F   F   E   E
15:30 - 16:10   Friday 6 October
Keynote address: Failure is an option
Brian Honan (BH Consulting)

(takes place in the Green room)
16:10 - 16:30   Friday 6 October
Conference closing session

(takes place in the Green room)

Reserve papers

VB2017 was sponsored by the following organizations:

 

Platinum sponsors:

ESET-130.jpg Tencent    

 

Gold sponsors:

PC Matic      

 

Silver sponsors:

OPSWAT Qihoo-360-web.png Symantec.jpg  cisco_umbrella3.jpg

 

Sponsor of the VB2017 delegate Internet service:

Secudit

 

Sponsor of the VB2017 early morning refreshments:

AppEsteem_175.png

 

VB2017 was supported by:

SE Labs CSA_FINAL_RGB.jpg  

 

 

For more details on sponsorship of the VB Conference please contact Allison Sketchley by email or call +44 1235 544034.