Back to VB2026 conference page
Register your interest for VB2026
| Time | Green room | Red room |
Small Talks |
| 10:30 - 10:40 |
Conference opening session |
||
| 10:40 - 11:20 | Opening keynote: TBA (takes place in the Green room) |
||
| 11:25 - 11:55 | I will find you and I will flag you: hunting malicious packages at scale Christophe Tafani-Dereeper (Datadog) | Gorbag: Orcs at the border Damien Schaeffer (ESET) | From dead malware to living adversaries: AI-powered digital twins for adaptive APT modelling Alexander Adamov (Blekinge Institute of Technology, NioGuard Security Lab) & Anders Carlsson (Blekinge Institute of Technology) |
| 11:55 - 12:25 | Snap, trigger, steal: SnappyClient and the art of trigger-based intrusions Muhammed Irfan V A, Avinash Kumar & Nirmal Singh (Zscaler) | The other side of the front: hunting Paper Werewolf's operations against Russia Nicole Fishbein (Intezer) | |
| 12:25 - 14:00 | Lunch | ||
| 14:00 - 14:30 | Tracing the bloodline of LLM-driven polymorphic malware: do GHOSTs leave footprints? Chanbin Jeon, SeungBeom Lim & SuhMahn Hur (SANDS Lab) | The invisible warzone: competing botnets fighting over your smart TV Asher Davila, Chris Navarrete & Doel Santos (Palo Alto Networks) | BEAST: binary emulation and analysis simulation technology for advanced malware analysis and anti-forensic countermeasures Bramwell Brizendine, Alexander Wood, Jared Sheldon & William Lochte (University of Alabama in Huntsville) |
| 14:30 - 15:00 | The edge is the enemy: hunting Chinese router relay networks Ryan Sherstobitoff (Shadowgrid) | Spec-driven malware: turning markdown into threats Sven Rath (Check Point Research) | |
| 15:00 - 15:30 | Unravelling Lumma Stealer’s protection stack: pushing static deobfuscation to its practical limit Yuki Umemura (Kobe University) | Free games, costly consequences: unravelling PiviGames’ hidden treasure malware John Rey Dador (G Data) | |
| 15:30 - 16:00 | Tea/Coffee | ||
| 16:00 - 16:30 | Reverse engineering a multi-stage implant targeted Vietnamese organizations Minh Anh Luong (VNPT Cyber Immunity) | Last-minute presentation (TBA) | Workshop: Collaborative attack modelling across CTI, Red Team, and SOC Mike Cunningham & Suneel Sundar (MITRE) |
| 16:30 - 17:00 | Khmer Shadow: uncovering a targeted cyber espionage campaign against Cambodian military intelligence Subhajeet Singha (Acronis) | From exclusive to widespread: the shifting exploitation dynamics of (zero-day) vulnerabilities before and after their (public) disclosure Kerstin Zettl-Schabath & Kritika Roy (Deutsche Cyber-Sicherheitsorganisation (DCSO) GmbH) | |
| 17:00 - 17:30 | Break the silence: tracking Silent Lynx through exposed infrastructure Julian-Ferdinand Vögele (Recorded Future) & Chi En (Ashley) Shen (Cisco Talos) | Partner presentation | |
| 17:30 - 18:30 | Posters will be displayed throughout the day in the conference foyer, with a poster presentation session at the end of the day. | ||
| 19:30 - 21:00 | VB2026 drinks reception | ||
| Time | Green room | Red room |
Small Talks |
| 09:30 - 10:00 | Kimwolf’s claws loom over 1.8 million firewalled Android devices worldwide Alex Turing (Qi-Anxin) | AI in malware: evolution and predicting the future of AI-driven attacks Eli Smadja (Check Point) | The silent threat in your enterprise: SAP security Anita Cwynar (Independent researcher) |
| 10:00 - 10:30 | Polling is the vulnerability: a case for event-driven cloud detection Santiago Abastante (dbnz) | Practical ransomware detection on macOS (via math, not AI) Patrick Wardle (Objective-See Foundation) | |
| 10:30 - 11:00 | Tea/Coffee | ||
| 11:00 - 11:30 | Defeating indirect branching obfuscations in malware with Hex-Rays Decompiler Georgy Kucherin (Kaspersky) | Last-minute presentation (TBA) | Notoriously reluctant: continuing conversations with FBI and private sector defenders about disrupting cybercriminals through collaboration Sara Eberle (Sara Eberle Consultin) & DeLynn Bettencourt Hammell (FBI) |
| 11:30 - 12:00 | Operation FalseProof: PoC that bites back Jiho Kim & Minyeop Choi (S2W) | Hunting LANDFALL: from overlooked images to state-linked mobile spyware Itay Cohen (Palo Alto Networks' Unit 42) | |
| 12:00 - 12:30 | Last-minute presentation (TBA) | Last-minute presentation (TBA) | *Reserve paper |
| 12:30 - 14:00 | Lunch | ||
| 14:00 - 14:30 | Otter encyclopedia: deep analysis of Otter family Rintaro Koike, Yuta Sawabe & Masaya Motoda (NTT Security (Japan) KK) | Transparency wars: exposing hidden biases in testing Righard Zwienenberg (ESET) & Luis Corrons (Gen) | *Reserve paper |
| 14:30 - 15:00 | Discerning the invisible: a heuristic engine for behavioural inference in nation-state covert networks Madeline Sedgwick (Palo Alto Networks) | When malware talks back: real-time interaction with a threat actor during the analysis of Kiss Loader Marvin Castillo & Arvin Jay Bandong (G Data) | *Reserve paper |
| 15:00 - 15:30 | Tea/Coffee | ||
| 15:30 - 16:10 | Closing keynote (TBA) (takes place in the Green room) |
||
| 16:10 - 16:20 | Conference closing session (takes place in the Green room) |
||
| 16:20 - 17:20 | Posters will be displayed throughout the day in the conference foyer, with a poster presentation session at the end of the day. | ||
*Should these papers not be required to replace papers on the main programme, they will be presented in the Small Talks room on Friday 16 October.