VB2023 programme

The VB2023 programme is still evolving, please check back here for updates!

Wednesday 4 October 2023

Time Green room Red room
Small Talks
10:30 - 10:40

Opening address

10:40 - 11:20 Keynote TBA    
11:20 - 11:50 Targeted attacks using secure USB  Noushin Shabab (Kaspersky) RedStinger: new APT discovered amid Russia-Ukraine conflict Roberto Santos (Malwarebytes) & Hossein Jazi (Fortinet) TBA
11:50 - 12:20 Tales from a cloud CSIRT – let's deep dive into a Kubernetes (k8s) infection  Santiago Abastante (Solidarity Labs) The evolution of TA551 Berk Albayrak (PRODAFT) TBA 
12:20 - 14:00 Lunch 
14:00 - 14:30 Let's go door with KCP Yoshihiro Ishikawa & Takuma Matsumoto (LAC Co) Supply chain attack targeting South Asian government delivers Shadowpad Daniel Lunghi (Trend Micro) TBA
14:30 - 15:00 Last-minute presentation (TBA) TBA TBA 
15:00 - 15:30 Abusing Electron-based applications in targeted attacks Jaromir Horejsi (Trend Micro) Darkbit decoded: analysis of an Iranian-sponsored attack Itay Cohen & Ben Herzog (Check Point) TBA
15:30 - 16:00 Tea/Coffee 
16:00 - 16:30 Lazarus campaigns and backdoors in 2022-2023 Peter Kálnai (ESET)  Sheep's clothing of deep & dark web operators: there are no secrets you can hide forever Youjin Lee, Kyunghee Kim, Jungyeon Lim & Dasom Kim (S2W) TBA 
16:30 - 17:00 Last-minute presentation (TBA)  Partner presentation (TBA) TBA 
17:00 - 17:30 Side loading is not dead: the Chinese and the Korean way Gabor Szappanos (Sophos) Partner presentation (TBA)  TBA 
17:30 - 18:30  Posters will be displayed throughout the day in the conference foyer, with a poster presentation session at the end of the day.
19:30 - 21:00 VB2023 drinks reception

Thursday 5 October 2023

Time Green room Red room
Small Talks / Threat Intelligence Practitioners' Summit
09:00 - 09:30 South Korean Android banking menace – FakeCalls Raman Ladutska (Check Point) The history and tactics of visa-centric scams in search, spam, and social apps Chris Boyd (Malwarebytes) The Threat Intelligence Practitioners' Summit, co-hosted with the Cyber Threat Alliance, will take place on Thurdsay 5 October. Detailed schedule TBA.
09:30 - 10:00 Terror in Peru: the Zanubis banking trojan Fernando Diaz Urbano (VirusTotal)   Last-minute presentation (TBA) 
10:00 - 10:30 Looking into TUT's tomb: the universe of threats in LATAM Camilo Gutiérrez Amaya & Fernando Tavella (ESET) Mac-ing sense of the 3CX supply chain attack: analysis of the macOS payloads Patrick Wardle (Objective-See)
10:30 - 11:00 Tea/Coffee 
11:00 - 11:30 Don’t flatteN yourself: deobfuscating malware with Control-Flow Flattening  Geri Revay (Fortinet) When a botnet cries: detecting botnets infection chains Guillaume Couchard & Erwan Chevalier (SEKOIA.IO)   
11:30 - 12:00 TBA Look out! Outlook's gonna get you! Anurag Shandilya (K7 Computing)   
12:00 - 12:30 "Undocumented"[2:] MSI format. Take it. We are gganbu, aren't we? Daniel (Jinyoung) Choi (Avira, part of Gen) Last-minute presentation (TBA)  
12:30 - 14:00 Lunch 
14:00 - 14:30 R2R stomping – are you ready to run? Jiří Vinopal (Check Point Research)  Stolen cookies, stolen identity: how malware makers are exploiting the insecurity of browser data storage  Joshua Long (Intego)  
14:30 - 15:00 Last-minute presentation (TBA)  May the Shadow Force with Maggie – Shadow Force Group characteristics and relationship to Maggie Minseok (Jacky) Cha, Junseok Kim & Jaejin Lee (AhnLab)  
15:00 - 15:30 Dancing the night away with named pipes Daniel Stepanic (Elastic) Last-minute presentation (TBA)   
15:30 - 16:00 Tea/Coffee 
16:00 - 16:30 Ransoming and clipping for illicit cryptocurrency gains Chetan Raghuprasad (Cisco Talos) Partner presentation (TBA)   
16:30 - 17:00 Into the Cumulus: Scarcruft bolsters arsenal for targeting individual Android devices Sebin Lee, Sojun Ryu, Hyeokju Gwon & Youngjae Shin (S2W)  Partner presentation (TBA)   
17:00 - 18:00  Posters will be displayed throughout the day in the conference foyer, with a poster presentation session at the end of the day.
19:30 - 23:00 VB2023 gala dinner & entertainment

Friday 6 October 2023

Time Green room Red room
Small Talks
09:30 - 10:00 Intent-based approach to detect email account compromise Abhishek Singh & Fahim Abbasi (Cisco) How to develop MoleRats defensive strategies: hunt, counterattack and adversary simulation Shengbin Bao (Zhongfu Info)  TBA 
10:00 - 10:30 Generic script emulation Kurt Natvig (Acronis) Building a cybersecurity AI dataset for a secure digital society Bomin Choi, Juhyuk Kim & Hoseok Ryu (KISA - Korean Internet & Security Agency) TBA 
10:30 - 11:00 Tea/Coffee 
11:00 - 11:30 The Dragon who sold his Camaro: reversing a custom router implant Itay Cohen & Radoslaw Madej (Check Point)  Last-minute presentation (TBA) TBA 
11:30 - 12:00 C2F2: a framework for detecting C2 frameworks at scale Sebastiano Mariani, Oleg Boyarchuk, Stefano Ortolani & Giovanni Vigna (VMware)  MEGALO-(414E)-DON: uncovering data espionage, blackmailing and shell companies in mobile lending apps  Jagadeesh Chandraiah (Sophos) TBA  
12:00 - 12:30 Teasing the secrets from threat actors: malware configuration extractors Mark Lim & Zong-Yu Wu (Palo Alto Networks) Web3 will bite you in the Web 2.0: exploring IPFS threats Morton Swimmer (Trend Micro)  Reserve paper* 
12:30 - 14:00 Lunch 
14:00 - 14:30 The Dropping Elephant never dropped Ye Jin (Kaspersky) Last-minute presentation (TBA)  Reserve paper* 
14:30 - 15:00 Last-minute presentation (TBA)  Corporate users in the crosshairs as malvertising gains momentum again Jérôme Segura (Malwarebytes)  Reserve paper* 
15:00 - 15:30 Tea/Coffee 
15:30 - 16:00 Last-minute presentation (TBA)  Last-minute presentation (TBA)  Reserve paper* 
16:00 - 16:20 Conference closing session    
16:20 - 17:20  Posters will be displayed throughout the day in the conference foyer, with a poster presentation session at the end of the day.

*Reserve papers

Should these papers not be required to replace papers on the main programme, they will be presented in the Small Talks room on Friday 6 October.