Panel: Tales from the Old West

Wednesday 24 September 17:00 - 17:30, Green room

Righard Zwienenberg (ESET), Jan Hruska (Virus Bulletin), Pavel Baudis (Gen Digital) & Tjark Auerbach (Lakeside Quants)

As four industry veterans, each with more than 35 years of experience, we find ourselves reflecting on the rich history of our field – a history that seems to be fading from memory. While many focus on the present, fewer people today seem to recognize or appreciate the stories and milestones that shaped the industry into what it is now.

This year's Virus Bulletin Conference in Berlin marks the 35th edition. Over the years, we've noticed a decline in attendance from the original VB "old-timers". Many have retired, moved into other industries, and sadly, some have passed away. As a result, not only the legacy of the Virus Bulletin Conference but also the broader history of our industry risks being forgotten. While some outdated attitudes and practices deserve to be left behind, there are valuable lessons, stories, and insights that must be preserved to inspire new ideas and approaches.

Together, the panel brings a treasure trove of experience and countless stories – both personal and professional – that deserve to be preserved and shared. These stories capture the essence of memorable events, humorous anecdotes, and reflections on the highs and lows of the industry, our companies, and our own journeys. They also offer a perspective on where we see things heading in the future.

We encourage you to participate in this session actively. Once the discussion is open to the floor, don't hesitate to ask about the events or stories from the past that you heard about, and you've always wanted to uncover the details of. Let's ensure that these moments of history are not lost but instead relived and celebrated.

 


Righard-Zwienenberg.jpg

Righard Zwienenberg

Zwienenberg started dealing with computer viruses in 1988 after encountering the first virus problems at the Technical University of Delft. His interest thus kindled and studied virus behaviour and presented solutions and detection schemes ever since. Initially starting as an independent consultant, in 1991 he co-founded CSE Ltd. In November 1995 Zwienenberg joined the R&D department of ThunderBYTE. In 1998 he joined the Norman Development team to work on the scanner engine. In 2005 Zwienenberg took the role of Chief Research Officer. After AMTSO was formed, Zwienenberg was elected as president, later he served as CTO and CEO. He serves on the board of AVAR and on the conference selection committee of Virus Bulletin. In 2012 Zwienenberg joined ESET as a senior Research Fellow. He was also the Vice Chair of the Executive Committee of IEEE ICSG. In 2018, Zwienenberg joined the Europol European Cyber Crime Center (EC3) Advisory Group as an ESET representative. He also runs his on computer security consultancy company (RIZSC).

Zwienenberg has been a member of CARO since late 1991. He is a frequent speaker at conferences – among these Virus Bulletin, EICAR, AVAR, FIRST, APWG, RSA, InfoSec, SANS, CFET, ISOI, SANS Security Summits, IP Expo, Government Symposia, SCADA seminars, etc. – and general security seminars. His interests are not limited to malicious code but have broadened to include general cybersecurity issues and encryption technologies over the past years.

X-thumbnail.jpg@RighardZw

linkedin-small.pngrighard-zwienenberg

FB.jpgrighard.zwienenberg

Insta.jpgrighard.zwienenberg

 

Jan-Hruska.jpg

Jan Hruska

Jan Hruska has an M.A. from Downing College, Cambridge (engineering and computer science) and a D.Phil. from Magdalen College, Oxford (medical engineering). He co-founded Sophos in 1985 and was the technical director 1985-2000, joint CEO 2000-2005, NED 2005-2015, and Board observer 2015-2019. He is the author of several computer security books. He invests in startups and early stage companies, specialising in medical and information technology. His interests are scuba diving (BSAC), flying (PPL, IMC, Night), music and running.

 

 

 

Pavel Baudis

Pavel Baudis is one of Avast's co-founders and has served as one of GEN Digital's directors since the merge of Avast Software and Norton Lifelock in 2022.

In 1988, Mr Baudis wrote the original software program from which Avast's current portfolio of security solutions has developed. Since 1991, Mr Baudis has played a leading role in the development of Avast's business.

Prior to co-founding Avast, Mr Baudis was a graphics specialist at the Czech Computer Research Institute (VUMS). Mr Baudis holds an M.S. in information technology from the Prague School of Chemical Engineering.

   

Back to VB2025 Programme page

Back to VB2025 conference page

Other VB2025 papers

Silent killers: unmasking a large-scale legacy driver exploitation campaign

VB2025 presentation: Silent killers: unmasking a large-scale legacy driver exploitation campaign, Jiří Vinopal

Everyday tools, extraordinary crimes: the ransomware exfiltration playbook

VB2025 presentation: Everyday tools, extraordinary crimes: the ransomware exfiltration playbook, María José Erquiaga, Darin Smith, Robert Harris, Raymond McCormick & Josh Pyorre

Practical AWS antiforensics

VB2025 presentation: Practical AWS antiforensics, Santiago Abastante

The Wolf of Wall Steal: inside crypto traffer group operations

VB2025 presentation: The Wolf of Wall Steal: inside crypto traffer group operations, Anna Pham & Joan Garcia

Demystifying the Playboy RaaS

VB2025 presentation: Demystifying the Playboy RaaS, Gijs Rijnders

Evading in plain sight: how adversaries beat user-mode protection engines for over a decade

VB2025 presentation: Evading in plain sight: how adversaries beat user-mode protection engines for over a decade, Omri Misgav

From Latin America to the world: ransomware TTPs, prolonged intrusions, and regional adaptation

VB2025 presentaiton: From Latin America to the world: ransomware TTPs, prolonged intrusions, and regional adaptation, Isabel Manjarrez

Tracking the IoT botnet's bloodline: code footprints don’t lie

VB2025 presentation: Tracking the IoT botnet's bloodline: code footprints don’t lie, Chanbin Jeon, ChangGyun Kim & SeungBeom Lim

Invisible thieves in the front yard -- from an advanced evasive edge-device attack to potential mitigation methods

VB2025 presentation: Invisible thieves in the front yard -- from an advanced evasive edge-device attack to potential mitigation methods, Ting-Wei Hsieh

Google Calendar as C2 infrastructure: a China-nexus campaign with stealthy tactics

VB2025 presentation: Google Calendar as C2 infrastructure: a China-nexus campaign with stealthy tactics, Tim Chen & Still Hsu

Goodbye loaders, hello RMM: the rise of legit software in ecrime campaigns

VB2025 presentation: Goodbye loaders, hello RMM: the rise of legit software in ecrime campaigns, Selena Larson & Ole Villadsen

Silent Lynx: uncovering a cyber espionage campaign in Central Asia

VB2025 presentation: Silent Lynx: uncovering a cyber espionage campaign in Central Asia, Subhajeet Singha & Sathwik Ram Prakki

The dark prescription: inside the infrastructure of illegal online pharmacies

VB2025 presentation: The dark prescription: inside the infrastructure of illegal online pharmacies, Martin Chlumecky & Lubos Bever

Panel: Tales from the Old West

VB2025 presentation: Panel: Tales from the Old West, Righard Zwienenberg, Jan Hruska, Pavel Baudis & Tjark Auerbach

Unmasking the GrassCall campaign: the hackers behind job recruitment cyber scams

VB2025 presentation: Unmasking the GrassCall campaign: the hackers behind job recruitment cyber scams, Dixit Panchal & Soumen Burma

Cracked by the GRU: how Russia’s notorious Sandworm unit weaponizes pirated software usage to target Ukraine

VB2025 presentation: Cracked by the GRU: how Russia’s notorious Sandworm unit weaponizes pirated software usage to target Ukraine, Arda Büyükkaya

Hunting potential C2 commands in Android malware via Smali string comparison and control flow analysis

VB2025 presentation: Hunting potential C2 commands in Android malware via Smali string comparison and control flow analysis, JunWei Song

Vo1d rising: inside the botnet controlling 1.68 M+ Android TVs worldwide

VB2025 presentation: Vo1d rising: inside the botnet controlling 1.68 M+ Android TVs worldwide, Alex Turing

Arachnid alert: Latrodectus loader crawls through defences

VB2025 presentation: Arachnid alert: Latrodectus loader crawls through defences, Albert Zsigovits

When avatars come alive: understanding hybrid threat actors

VB2025 presentation: When avatars come alive: understanding hybrid threat actors, Itay Cohen & Omer Benjakob

Inside Akira ransomware's Rust experiment

VB2025 presentation: Inside Akira ransomware's Rust experiment, Ben Herzog

Rogue hirer, rogue hiree: workplace cyber threats to individuals and businesses

VB2025 presentation: Rogue hirer, rogue hiree: workplace cyber threats to individuals and businesses, Chris Boyd

You definitely don’t want to CopyPaste this: FakeCaptcha ecosystem

VB2025 presentation: You definitely don’t want to CopyPaste this: FakeCaptcha ecosystem, Dmitrij Lenz & Roberto Dasilva

The Phantom Circuit: the Lazarus Group’s evolution in supply chain compromise

VB2025 presentation: The Phantom Circuit: the Lazarus Group’s evolution in supply chain compromise, Ryan Sherstobitoff

From p0f to JA4+: modern network fingerprinting for real-world defence

VB2025 paper: From p0f to JA4+: modern network fingerprinting for real-world defence, Vlad Iliushin

DeceptiveDevelopment and North Korean IT workers: from primitive crypto theft to sophisticated AI-based deception

VB2025 presentation: DeceptiveDevelopment and North Korean IT workers: from primitive crypto theft to sophisticated AI-based deception, Matej Havranek

Deep dive into the abuse of DL APIs to create malicious AI models and how to detect them

VB2025 presentation: Deep dive into the abuse of DL APIs to create malicious AI models and how to detect them, Mohamed Nabeel & Alex Starov

Vietnamese hacking group: a rising of information stealing campaigns going global

VB2025 presentation: Vietnamese hacking group: a rising of information stealing campaigns going global, Chetan Raghuprasad & Joey Chen

Stealth over TLS: the emergence of ECH-based C&C in ECHidna malware

VB2025 presentation: Stealth over TLS: the emergence of ECH-based C&C in ECHidna malware, Yuta Sawabe & Rintaro Koike

Prediction of future attack indicators based on the 2024 analysis of threats from malicious app distribution sites in South Korea

VB2025 presentation: Prediction of future attack indicators based on the 2024 analysis of threats from malicious app distribution sites in South Korea, Kyung Rae Noh, Shinho Lee, Eui-Tak Kim, Yujin Shim, Jonghwa Han & Jung-Sik Cho

Unmasking the unseen: a deep dive into modern Linux rootkits and their detection

VB2025 presentation: Unmasking the unseen: a deep dive into modern Linux rootkits and their detection, Ruben Groenewoud & Remco Sprooten

Boosting URL detection with syntactic features in spam emails

VB2025 presentation: Boosting URL detection with syntactic features in spam emails, Antonia Scherz

Dissecting evil twin RATs: tracking the long-term use of TA410's FlowCloud toolset

VB2025 presentation: Dissecting evil twin RATs: tracking the long-term use of TA410's FlowCloud toolset, Hiroshi Takeuchi

Unmasking TAG-124: dissecting a prevalent traffic distribution system in the cybercriminal ecosystem

VB2025 presentation: Unmasking TAG-124: dissecting a prevalent traffic distribution system in the cybercriminal ecosystem, Julian-Ferdinand Vögele

The Bitter end: unravelling 8 years of APT antics

VB2025 presentation: The Bitter end: unravelling 8 years of APT antics, Abdallah Elshinbary, Nick Attfield, Konstantin Klinger & Jonas Wagner

Grandoreiro: sounds like a Clint Eastwood movie but it's not

VB2025 presentation: Grandoreiro: sounds like a Clint Eastwood movie but it's not, Thibault Seret

The attribution story of WhisperGate: an academic perspective

VB2025 presentation: The attribution story of WhisperGate: an academic perspective, Alexander Adamov

Emmenhtal Loader: the silent enabler of modern malware campaigns

VB2025 presentation: Emmenhtal Loader: the silent enabler of modern malware campaigns, Lovely Antonio, Ricardo Pineda & Louis Sorita

Sophistication or missed opportunity? Analysing XE Group’s long-term exploitation of zero-days with limited impact

VB2025 presentation: Sophistication or missed opportunity? Analysing XE Group’s long-term exploitation of zero-days with limited impact, Justin Lentz & Nicole Fishbein

Attacker identity revealed: insights from rogue VMs & BYOVD in EDR evasion

VB2025 presentation: Attacker identity revealed: insights from rogue VMs & BYOVD in EDR evasion, Navin Thomas, Renzon Cruz & Cuong Dinh

Living in the hypervisor: defeating anti-[VM, sandbox, analysis] via patching hypervisor

VB2025 presentation: Living in the hypervisor: defeating anti-[VM, sandbox, analysis] via patching hypervisor, Kağan Işıldak

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.