Got a talking point for VB2025?... Why not turn it into a poster?

Title: Malanta.ai: Indicators of Pre-Attack (IoPA) - Get more from your IOCs 

Outline:

• IOCs are a historical record of what happened 
• They’re good for detecting compromised systems
• In a world of AI-Powered attacks - history is not enough 
• Indicators of Pre-Attack tell what’s going to happen
• Using IoPAs can help defenders gain more time and avoid breaches
• Get your API access key now to see what’s going to happen. 

View full poster.

Title: Adaptive Malware Classification Using Hybrid Static-Dynamic Features and Unsupervised Learning

Authors: Ferenc Leitold, Óbuda University, Eszter Kail, Óbuda University

Outline:

The growing volume and diversity of malware poses a major challenge for traditional classification systems that rely on predefined labels. In this work, we present an adaptive malware analysis framework targeting Windows PE executables, using hybrid static and dynamic features combined with unsupervised learning techniques to classify malware into meaningful groups.
Our static analysis relies on two main sources: (1) disassembled assembly code, and (2) heuristic and structural indicators extracted via YARA rules with the PE module. These features capture both low-level instruction patterns and high-level traits commonly used in AV detection. To assess the added value of runtime information, we integrate dynamic behavioral data obtained through sandbox execution. This allows us to compare classification quality and model performance with and without dynamic signals, while considering the significant processing costs involved.

Rather than labeling each sample individually — which becomes infeasible at scale — our approach focuses on identifying clusters that correspond to malware families. This abstraction enables more effective tracking of malicious behavior, evaluation of detection coverage, and prioritization of defenses. Group-level analysis also supports better understanding of threat actor capabilities and code reuse patterns.

The system employs clustering algorithms capable of assigning new samples to existing groups or creating new ones, allowing it to adapt to emerging threats without retraining. We also explore weak supervision by comparing generated clusters to antivirus engine labels, which often encode family-level semantics.
Preliminary results show that hybrid feature sets improve classification consistency and help uncover previously unseen variants. The approach offers a scalable, self-adaptive path to understanding and organizing the malware ecosystem.

View full poster.

Title: Don’t Fear Journalists! Talk to Me Hacks, Exploits & Best Practices for Improving Researcher–Reporter Ties

Author: Omer Benjakob (Haaretz)

As a cyber reporter at Haaretz, I’ve spent years navigating the gap between researchers uncovering complex threats, offensive cyber firms exploiting them, and a public that understands almost nothing about either. Too often, exchanges between cyber reporters and cyber security researchers are filtered through PR pipelines or amplifying blog posts – channels designed for corporate issues, not flagging emerging risks, explaining why they matter and helping to improve cyber literacy among the general public. From spyware to disinformation, today’s threats intersect with national security, democratic governance, and daily life. Researchers are on the front lines of a riveting and fateful world usually hidden behind professional jargon and siloed-off in industry-specific publications. Meanwhile, a growing body of tech reporters are trying to go beyond classic cybersecurity coverage – but without direct collaboration, critical insights are lost, larger societal threats are ignored, and the public remains in the dark.

This session makes the case for a new model: one where researchers and journalists speak directly, collaborate regularly, and form mutual trust. The session will provide an intro into some basic media collaboration models and terminology to help facilitate such communications. I’ll draw on real reporting experiences to show how collaboration can (1) surface trends before they become crises, (2) help frame new attack surfaces in ways the public can grasp and officials can better address, and (3) improve overall cyber literacy. Journalists need researchers' insights; researchers need journalists’ reach. Working together, we can ensure that discoveries don’t just circulate within security circles but inform the societies they aim to defend.

View full poster.