VB2019 Programme

 

Wednesday 2 October, 2019

Red room

Green room

Small talks

09:00 - 10:30   Wednesday 2 October
E   A   R   L   Y           M   O   R   N   I   N   G           R   E   F   R   E   S   H   M   E   N   T   S
10:30 - 10:50   Wednesday 2 October
VB2019 opening address
Martijn Grooten (Virus Bulletin)

(takes place in the Green room)
10:50 - 11:30   Wednesday 2 October
Keynote address: Tales from the NCSC: the daily battle to defend a country in cyberspace
Paul Chichester (National Cyber Security Centre, UK)

(takes place in the Green room)
11:30 - 12:00   Wednesday 2 October
A vine climbing over the Great Firewall: a long-term attack against China         
Lion Gu (Qi An Xin Threat Intelligence Center)
Bowen Pan (Qi An Xin Threat Intelligence Center)
11:30 - 12:00   Wednesday 2 October
From industry report to classroom arrest
Marijn Schuurbiers (NHTCU)
Iris Haenen (NHTCU)
11:30 - 12:30   Wednesday 2 October
RetroMal: analysing malware on the earliest computing platforms   
Andrew Brandt (Sophos)
12:00 - 12:30   Wednesday 2 October
APT cases exploiting vulnerabilities in region-specific software      
Shusei Tomonaga (JPCERT/CC)
Tomoaki Tani (JPCERT/CC)
Hiroshi Soeda (JPCERT/CC)
Wataru Takahashi (JPCERT/CC)
12:00 - 12:30   Wednesday 2 October
Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry      
Yonathan Klijnsma (RiskIQ)
 
12:30 - 14:00   Wednesday 2 October
L   U   N   C   H
14:00 - 14:30   Wednesday 2 October
Absolutely routed!! Why routers are the new bullseye in cyber attacks         
Anurag Shandilya (K7 Computing)
14:00 - 14:30   Wednesday 2 October
Domestic Kitten: an Iranian surveillance program         
Aseel Kayal (Check Point)
Lotem Finkelstein (Check Point)
14:30 - 15:00   Wednesday 2 October
Problem child: common patterns in malicious parent-child relationships   
Bobby Filar (Endgame)
14:30 - 15:00   Wednesday 2 October
DNS on fire         
Warren Mercer (Cisco Talos)
Paul Rascagneres (Cisco Talos)
15:00 - 15:30   Wednesday 2 October
Thwarting Emotet email conversation thread hijacking with clustering      
Pierre-Luc Vaudry (ZEROSPAM Security)
Olivier Coutu (ZEROSPAM Security)
15:00 - 15:30   Wednesday 2 October
Geost botnet. The discovery story of a new Android banking trojan from an OpSec error      
Sebastian Garcia (Czech Technical University in Prague)
Maria Jose Erquiaga (UNCUYO University)
Anna Shirokova (Avast)
15:30 - 16:00   Wednesday 2 October
T   E   A   /   C   O   F   F   E   E
16:00 - 16:30   Wednesday 2 October
Never before had Stierlitz been so close to failure         
Sergei Shevchenko (Sophos)
16:00 - 16:30   Wednesday 2 October
Operation Soft Cell - a worldwide campaign against telecommunication providers      
Amit Serper (Cybereason)
Mor Levi (Cybereason)
Assaf Dahan (Cybereason)
16:00 - 17:30   Wednesday 2 October
Countering tech abuse together   
Vyacheslav Zakorzhevsky (Kaspersky)
Rachel G. (National Network to End Domestic Violence)
16:30 - 17:00   Wednesday 2 October
Static analysis methods for detection of Microsoft Office exploits         
Chintan Shah (McAfee)
16:30 - 17:00   Wednesday 2 October
Abusing third-party cloud services in targeted attacks   
Daniel Lunghi (Trend Micro)
Jaromir Horejsi (Trend Micro)
 
17:00 - 17:30   Wednesday 2 October
The push for increased surveillance from fiction and its impact on privacy      
Miriam Cihodariu (Heimdal Security)
Andrei Bogdan Brad (Code4Romania)
17:00 - 17:30   Wednesday 2 October
Fantastic information and where to find it: a guidebook to open-source OT reconnaissance         
Daniel Kapellmann Zafra (FireEye)
 
19:30 - 21:30   Wednesday 2 October
V   B   2   0   1   9           D   R   I   N   K   S           R   E   C   E   P   T   I   O   N

 

Thursday 3 October, 2019

Red room

Green room

Small talks

08:00 - 09:00   Thursday 3 October
E   A   R   L   Y           M   O   R   N   I   N   G           R   E   F   R   E   S   H   M   E   N   T   S
09:00 - 09:30   Thursday 3 October
Shinigami's revenge: the long tail of Ryuk malware         
Gabriela Nicolao (Deloitte)
Luciano Martins (Deloitte)
09:00 - 09:30   Thursday 3 October
Simjacker - the next frontier in mobile espionage   
Cathal Mc Daid (AdaptiveMobile Security)
09:00 - 10:00   Thursday 3 October
Threat Intelligence Practitioners' Summit - welcome & opening remarks followed by keynote: Fuelling AI with threat intelligence
Martijn Grooten (Virus Bulletin)
Mika Ståhlberg (F-Secure)
09:30 - 10:00   Thursday 3 October
Defeating APT10 compiler-level obfuscations         
Takahiro Haruyama (Carbon Black)
09:30 - 10:00   Thursday 3 October
Attor: spy platform with curious GSM fingerprinting      
Zuzana Hromcová (ESET)
 
10:00 - 10:30   Thursday 3 October
Buhtrap metamorphosis: from cybercrime to cyber espionage (partner presentation)      
Anton Cherepanov (ESET)
Jean-Ian Boutin (ESET)
10:00 - 10:30   Thursday 3 October
Chinese cyber espionage and the Belt & Road Initiative
Thomas Thomasen (Deloitte)
Loucif Kharouni (Deloitte)
10:00 - 10:30   Thursday 3 October
Panel: How can you operationalize threat intelligence?
Alex Hinchliffe (Palo Alto Networks)
Selena Larson (Dragos)
Mark Kennedy (Symantec)
Pascal Geenens (Radware)
10:30 - 11:00   Thursday 3 October
T   E   A   /   C   O   F   F   E   E
11:00 - 11:30   Thursday 3 October
Catch me if you can: detection of injection exploitation by validating query and API integrity         
Abhishek Singh (Prismo Systems)
Ramesh Mani (Prismo Systems)
11:00 - 11:30   Thursday 3 October
Who is SandCat: an unveiling of a lesser-known threat actor
Brian Bartholomew (Kaspersky)
11:30 - 12:00   Thursday 3 October
Spoofing in the reeds with Rietspoof         
Jan Sirmer (Avast Software)
Luigino Camastra (Avast software)
Adolf Středa (Avast software)
11:30 - 12:00   Thursday 3 October
HELO, is that you? New challenges tracking Winnti activity   
Stefano Ortolani (Lastline)
Jason Zhang (Lastline)
11:30 - 12:00   Thursday 3 October
Fireside chat: Being a CISO at a cybersecurity company: a view from the hot seat
Chester Wisniewski (Sophos)
Ross McKerchar (Sophos)
12:00 - 12:30   Thursday 3 October
Webcam interception and protection in kernel mode in Windows (partner presentation)         
Michael Maltsev (Reason Cybersecurity)
12:00 - 12:30   Thursday 3 October
Targeted attacks through ISPs      
Denis Legezo (Kaspersky Lab)
12:00 - 12:30   Thursday 3 October
Keynote: Nexus between OT and IT threat intelligence      
Selena Larson (Dragos)
12:30 - 14:00   Thursday 3 October
L   U   N   C   H
14:00 - 14:30   Thursday 3 October
Finding drive-by rookies using an automated active observation platform      
Rintaro Koike (NTT Security)
Yosuke Chubachi (Active Defense Institute, Ltd / nao_sec)
14:00 - 14:30   Thursday 3 October
The art of the cashout: the evolution of attacks on payment systems
Saher Naumaan (BAE Systems Applied Intelligence)
Irving Méreau (SWIFT)
14:00 - 14:30   Thursday 3 October
Panel: Bursting the myths about threat intelligence sharing
Kathi Whitbey (Palo Alto Networks)
Jeannette Jarvis (Fortinet)
Dan Saunders (NTT)
John Fokker (McAfee)
14:30 - 15:00   Thursday 3 October
Discretion in APT: recent APT attack on crypto exchange employees   
HeungSoo Kang (LINE)
14:30 - 15:00   Thursday 3 October
Exploring Emotet, an elaborate everyday enigma         
Luca Nagy (Sophos)
14:30 - 15:00   Thursday 3 October
Keynote: Building secure sharing systems that treat humans as features not bugs      
Andrea Limbago (Virtru)
15:00 - 15:30   Thursday 3 October
Curious tale of 8.t used by multiple campaigns against South Asia
Niranjan Jayanand (Microsoft)
Ivan Macalintal (Microsoft)
Debalina Ghosh (Microsoft)
15:00 - 15:30   Thursday 3 October
The Bagsu banker case
Benoît Ancel (CSIS)
15:00 - 15:30   Thursday 3 October
Panel: Where is threat intelligence headed?
Derek Manky (Fortinet)
Samir Mody (K7 Computing)
Heather King (CTA)
Warren Mercer (Cisco Talos)
15:30 - 16:00   Thursday 3 October
T   E   A   /   C   O   F   F   E   E
16:00 - 16:30   Thursday 3 October
The cake is a lie! Uncovering the secret world of malware-like cheats in video games         
Santiago Martin Pontiroli (Kaspersky Lab)
16:00 - 16:30   Thursday 3 October
Cyber espionage in the Middle East: unravelling OSX.WindTail      
Patrick Wardle (Jamf)
16:00 - 16:30   Thursday 3 October
A deep dive into iPhone exploit chains      
John Bambenek (University of Illinois at Urbana-Champaign)
16:30 - 17:00   Thursday 3 October
Oops! It happened again!      
Righard Zwienenberg (ESET)
Eddy Willems (G DATA)
16:30 - 17:00   Thursday 3 October
Medical IoT for diabetes and cybercrime         
Axelle Apvrille (Fortinet)
Aamir Lakhani (Fortinet)
19:30 - 23:00   Thursday 3 October
V   B   2   0   1   9           P   R   E   -   D   I   N   N   E   R           D   R   I   N   K   S           F   O   L   L   O   W   E   D           B   Y           G   A   L   A           D   I   N   N   E   R

 

Friday 4 October, 2019

Red room

Green room

Small talks

08:30 - 09:30   Friday 4 October
E   A   R   L   Y           M   O   R   N   I   N   G           R   E   F   R   E   S   H   M   E   N   T   S
09:30 - 10:00   Friday 4 October
2,000 reactions to a malware attack - accidental study      
Adam Haertle (BadCyber.com / ZaufanaTrzeciaStrona.pl)
09:30 - 10:00   Friday 4 October
Play fuzzing machine - hunting iOS and macOS kernel vulnerabilities automatically and smartly         
Lilang Wu (Trend Micro)
Moony Li (Trend Micro)
09:30 - 10:30   Friday 4 October
I'm not going to die during this conference call: reflections on availability and burnout
Jamie Tomasello (Duo Security)
10:00 - 10:30   Friday 4 October
Challenges for young anti-malware products today   
Sorin Mustaca (Sorin Mustaca IT Security Consulting)
10:00 - 10:30   Friday 4 October
Attribution is in the object: using RTF object dimensions to track APT phishing weaponizers         
Michael Raggi (Proofpoint)
Ghareeb Saad (Anomali)
 
10:30 - 11:00   Friday 4 October
T   E   A   /   C   O   F   F   E   E
11:00 - 11:30   Friday 4 October
Politically targeted DNS in 2016 and 2020
David Rodriguez (Cisco Umbrella)
John Cunniff (Cisco Umbrella)
Andrea Kaiser (Cisco Umbrella)
Dhia Mahjoub (Cisco Umbrella)
11:00 - 11:30   Friday 4 October
Rich headers: leveraging the mysterious artifact of the PE format         
Peter Kalnai (ESET)
Michal Poslusny (ESET)
11:00 - 12:30   Friday 4 October
Call the shots! Let’s fight crime together
Speaker TBA (NHTCU)
11:30 - 12:00   Friday 4 October
Why companies need to focus on a problem they do not know they have      
Richard Matti (NetClean)
11:30 - 12:00   Friday 4 October
A study of Machete cyber espionage operations in Latin America      
Veronica Valeros (Czech Technical University in Prague)
Maria Rigaki (Czech Technical University in Prague)
Kamila Babayeva (Czech Technical University in Prague)
Sebastian Garcia (Czech Technical University in Prague)
 
12:00 - 12:30   Friday 4 October
Joining forces: transforming the Industry through diversity and data
Kathleen Whitbey (Palo Alto Networks)
Heather King (Cyber Threat Alliance)
Jeannette Jarvis (Fortinet)
12:00 - 12:30   Friday 4 October
Asterisk: a targeted VOIPspionage campaign
Lotem Finkelstein (Check Point)
Oded Awaskar (Check Point)
 
12:30 - 14:00   Friday 4 October
L   U   N   C   H
14:00 - 14:30   Friday 4 October
Pulling the PKPLUG: the adversary playbook for the long-standing espionage activity of a Chinese nation state adversary         
Alex Hinchliffe (Unit 42, Palo Alto Networks)
14:00 - 14:30   Friday 4 October
We need to talk - opening a discussion about ethics in infosec      
Ivan Kwiatkowski (Kaspersky Lab)
14:00 - 14:30   Friday 4 October
Kimsuky group: tracking the king of the spear-phishing      
Jaeki Kim (Financial Security Institute)
Kyoung-Ju Kwak (Financial Security Institute)
Min-Chang Jang (Financial Security Institute)
14:30 - 15:00   Friday 4 October
Different ways to cook a Crab...         
John Fokker (McAfee)
Alexandre Mundo (McAfee)
14:30 - 15:00   Friday 4 October
King of the hill: nation-state counterintelligence for victim deconfliction      
Juan Andres Guerrero-Saade (Chronicle)
14:30 - 15:00   Friday 4 October
Exploring the Chinese DDoS landscape      
Nacho Sanmillan (Intezer)
15:00 - 15:30   Friday 4 October
T   E   A   /   C   O   F   F   E   E
15:30 - 16:10   Friday 4 October
Keynote address: The security products we deserve      
Haroon Meer (Thinkst)
Adrian Sanabria (Thinkst)

(takes place in the Green room)
16:10 - 16:30   Friday 4 October
Conference closing session
Martijn Grooten (Virus Bulletin)

(takes place in the Green room)

 

VB2019 delegates can access the conference papers, delegate list and assessment form via the VB Extranet.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.