VB2019


Wednesday 2 October, 2019

BACK TO CONFERENCE PAGE

Red room

Green room

Small talks

09:00 - 10:30   Wednesday 2 October
E   A   R   L   Y           M   O   R   N   I   N   G           R   E   F   R   E   S   H   M   E   N   T   S
10:30 - 10:50   Wednesday 2 October
VB2019 opening address
Martijn Grooten (Virus Bulletin)

(takes place in the Green room)
10:50 - 11:30   Wednesday 2 October
Keynote address: Tales from the NCSC: the daily battle to defend a country in cyberspace
Paul Chichester (National Cyber Security Centre, UK)

(takes place in the Green room)
11:30 - 12:00   Wednesday 2 October
A vine climbing over the Great Firewall: a long-term attack against China            
Lion Gu (Qi An Xin Threat Intelligence Center)
Bowen Pan (Qi An Xin Threat Intelligence Center)
 
11:30 - 12:00   Wednesday 2 October
From industry report to classroom arrest
Marijn Schuurbiers (NHTCU)
Iris Haenen (NHTCU)
 
11:30 - 12:30   Wednesday 2 October
RetroMal: analysing malware on the earliest computing platforms    
Andrew Brandt (Sophos)
 
12:00 - 12:30   Wednesday 2 October
APT cases exploiting vulnerabilities in region-specific software        
Shusei Tomonaga (JPCERT/CC)
Tomoaki Tani (JPCERT/CC)
Hiroshi Soeda (JPCERT/CC)
Wataru Takahashi (JPCERT/CC)
 
12:00 - 12:30   Wednesday 2 October
Inside Magecart: the history behind the covert card-skimming assault on the e-commerce industry        
Yonathan Klijnsma (RiskIQ)
 
 
12:30 - 14:00   Wednesday 2 October
L   U   N   C   H
14:00 - 14:30   Wednesday 2 October
Absolutely routed!! Why routers are the new bullseye in cyber attacks            
Anurag Shandilya (K7 Computing)
 
14:00 - 14:30   Wednesday 2 October
Domestic Kitten: an Iranian surveillance program            
Aseel Kayal (Check Point)
Lotem Finkelstein (Check Point)
 
 
14:30 - 15:00   Wednesday 2 October
Problem child: common patterns in malicious parent-child relationships    
Bobby Filar (Endgame)
 
14:30 - 15:00   Wednesday 2 October
DNS on fire            
Warren Mercer (Cisco Talos)
Paul Rascagneres (Cisco Talos)
 
 
15:00 - 15:30   Wednesday 2 October
Thwarting Emotet email conversation thread hijacking with clustering        
Pierre-Luc Vaudry (ZEROSPAM Security)
Olivier Coutu (ZEROSPAM Security)
 
15:00 - 15:30   Wednesday 2 October
Geost botnet. The discovery story of a new Android banking trojan from an OpSec error        
Sebastian Garcia (Czech Technical University in Prague)
Maria Jose Erquiaga (UNCUYO University)
Anna Shirokova (Avast)
 
 
15:30 - 16:00   Wednesday 2 October
T   E   A   /   C   O   F   F   E   E
16:00 - 16:30   Wednesday 2 October
Never before had Stierlitz been so close to failure            
Sergei Shevchenko (Sophos)
 
16:00 - 16:30   Wednesday 2 October
Operation Soft Cell - a worldwide campaign against telecommunication providers        
Amit Serper (Cybereason)
Mor Levi (Cybereason)
Assaf Dahan (Cybereason)
 
16:00 - 17:30   Wednesday 2 October
Countering tech abuse together    
Vyacheslav Zakorzhevsky (Kaspersky)
Rachel G. (National Network to End Domestic Violence)
 
16:30 - 17:00   Wednesday 2 October
Static analysis methods for detection of Microsoft Office exploits            
Chintan Shah (McAfee)
 
16:30 - 17:00   Wednesday 2 October
Abusing third-party cloud services in targeted attacks    
Daniel Lunghi (Trend Micro)
Jaromir Horejsi (Trend Micro)
 
 
17:00 - 17:30   Wednesday 2 October
The push for increased surveillance from fiction and its impact on privacy        
Miriam Cihodariu (Heimdal Security)
Andrei Bogdan Brad (Code4Romania)
 
17:00 - 17:30   Wednesday 2 October
Fantastic information and where to find it: a guidebook to open-source OT reconnaissance            
Daniel Kapellmann Zafra (FireEye)
 
 
19:30 - 21:30   Wednesday 2 October
V   B   2   0   1   9           D   R   I   N   K   S           R   E   C   E   P   T   I   O   N

 

Thursday 3 October, 2019

BACK TO CONFERENCE PAGE

Red room

Green room

Small talks

08:00 - 09:00   Thursday 3 October
E   A   R   L   Y           M   O   R   N   I   N   G           R   E   F   R   E   S   H   M   E   N   T   S
09:00 - 09:30   Thursday 3 October
Shinigami's revenge: the long tail of Ryuk malware            
Gabriela Nicolao (Deloitte)
Luciano Martins (Deloitte)
 
09:00 - 09:30   Thursday 3 October
Simjacker - the next frontier in mobile espionage
Cathal Mc Daid (AdaptiveMobile Security)
 
09:00 - 10:00   Thursday 3 October
Threat Intelligence Practitioners' Summit - welcome & opening remarks followed by keynote: Fuelling AI with threat intelligence
Martijn Grooten (Virus Bulletin)
Mika Ståhlberg (F-Secure)
 
09:30 - 10:00   Thursday 3 October
Defeating APT10 compiler-level obfuscations            
Takahiro Haruyama (Carbon Black)
 
09:30 - 10:00   Thursday 3 October
Attor: spy platform with curious GSM fingerprinting        
Zuzana Hromcová (ESET)
 
 
10:00 - 10:30   Thursday 3 October
Buhtrap metamorphosis: from cybercrime to cyber espionage (partner presentation)        
Anton Cherepanov (ESET)
Jean-Ian Boutin (ESET)
 
10:00 - 10:30   Thursday 3 October
Chinese cyber espionage and the Belt & Road Initiative
Thomas Thomasen (Deloitte)
Loucif Kharouni (Deloitte)
 
10:00 - 10:30   Thursday 3 October
Panel: How can you operationalize threat intelligence?
Alex Hinchliffe (Palo Alto Networks)
Selena Larson (Dragos)
Mark Kennedy (Symantec)
Pascal Geenens (Radware)
 
10:30 - 11:00   Thursday 3 October
T   E   A   /   C   O   F   F   E   E
11:00 - 11:30   Thursday 3 October
Catch me if you can: detection of injection exploitation by validating query and API integrity            
Abhishek Singh (Prismo Systems)
Ramesh Mani (Prismo Systems)
 
11:00 - 11:30   Thursday 3 October
Who is SandCat: an unveiling of a lesser-known threat actor
Brian Bartholomew (Kaspersky)
 
11:00 - 11:30   Thursday 3 October
Keynote: Technical developments in sharing – a discussion of STIX 2.0 and MITRE’s ATT&CK Framework
Richard Struse (MITRE)
 
11:30 - 12:00   Thursday 3 October
Spoofing in the reeds with Rietspoof            
Jan Sirmer (Avast Software)
Luigino Camastra (Avast software)
Adolf Støeda (Avast software)
 
11:30 - 12:00   Thursday 3 October
HELO, is that you? New challenges tracking Winnti activity    
Stefano Ortolani (Lastline)
Jason Zhang (Lastline)
 
11:30 - 12:00   Thursday 3 October
Fireside chat: Being a CISO at a cybersecurity company: a view from the hot seat
Chester Wisniewski (Sophos)
Ross McKerchar (Sophos)
 
12:00 - 12:30   Thursday 3 October
Webcam interception and protection in kernel mode in Windows (partner presentation)            
Michael Maltsev (Reason Cybersecurity)
 
12:00 - 12:30   Thursday 3 October
Targeted attacks through ISPs        
Denis Legezo (Kaspersky Lab)
 
12:00 - 12:30   Thursday 3 October
Keynote: Nexus between OT and IT threat intelligence        
Selena Larson (Dragos)
 
12:30 - 14:00   Thursday 3 October
L   U   N   C   H
14:00 - 14:30   Thursday 3 October
Finding drive-by rookies using an automated active observation platform        
Rintaro Koike (NTT Security)
Yosuke Chubachi (Active Defense Institute, Ltd / nao_sec)
 
14:00 - 14:30   Thursday 3 October
The art of the cashout: the evolution of attacks on payment systems
Saher Naumaan (BAE Systems Applied Intelligence)
Irving Méreau (SWIFT)
 
14:00 - 14:30   Thursday 3 October
Panel: Bursting the myths about threat intelligence sharing
Kathi Whitbey (Palo Alto Networks)
Jeannette Jarvis (Fortinet)
Dan Saunders (NTT)
John Fokker (McAfee)
 
14:30 - 15:00   Thursday 3 October
Discretion in APT: recent APT attack on crypto exchange employees    
HeungSoo Kang (LINE)
 
14:30 - 15:00   Thursday 3 October
Exploring Emotet, an elaborate everyday enigma            
Luca Nagy (Sophos)
 
14:30 - 15:00   Thursday 3 October
Keynote: Building secure sharing systems that treat humans as features not bugs        
Andrea Limbago (Virtru)
 
15:00 - 15:30   Thursday 3 October
Curious tale of 8.t used by multiple campaigns against South Asia
Niranjan Jayanand (Microsoft)
Ivan Macalintal (Microsoft)
Debalina Ghosh (Microsoft)
 
15:00 - 15:30   Thursday 3 October
The Bagsu banker case
Benoît Ancel (CSIS)
 
15:00 - 15:30   Thursday 3 October
Panel: Where is threat intelligence headed?
Derek Manky (Fortinet)
Samir Mody (K7 Computing)
Heather King (CTA)
Warren Mercer (Cisco Talos)
 
15:30 - 16:00   Thursday 3 October
T   E   A   /   C   O   F   F   E   E
16:00 - 16:30   Thursday 3 October
The cake is a lie! Uncovering the secret world of malware-like cheats in video games            
Santiago Martin Pontiroli (Kaspersky Lab)
 
16:00 - 16:30   Thursday 3 October
Cyber espionage in the Middle East: unravelling OSX.WindTail        
Patrick Wardle (Jamf)
 
16:00 - 16:30   Thursday 3 October
A deep dive into iPhone exploit chains        
John Bambenek (University of Illinois at Urbana-Champaign)
 
16:30 - 17:00   Thursday 3 October
Oops! It happened again!        
Righard Zwienenberg (ESET)
Eddy Willems (G DATA)
 
16:30 - 17:00   Thursday 3 October
Medical IoT for diabetes and cybercrime            
Axelle Apvrille (Fortinet)
Aamir Lakhani (Fortinet)
 
 
19:30 - 23:00   Thursday 3 October
V   B   2   0   1   9           P   R   E   -   D   I   N   N   E   R           D   R   I   N   K   S           F   O   L   L   O   W   E   D           B   Y           G   A   L   A           D   I   N   N   E   R

 

Friday 4 October, 2019

BACK TO CONFERENCE PAGE

Red room

Green room

Small talks

08:30 - 09:30   Friday 4 October
E   A   R   L   Y           M   O   R   N   I   N   G           R   E   F   R   E   S   H   M   E   N   T   S
09:30 - 10:00   Friday 4 October
2,000 reactions to a malware attack - accidental study        
Adam Haertle (BadCyber.com / ZaufanaTrzeciaStrona.pl)
 
09:30 - 10:00   Friday 4 October
Play fuzzing machine - hunting iOS and macOS kernel vulnerabilities automatically and smartly            
Lilang Wu (Trend Micro)
Moony Li (Trend Micro)
 
09:30 - 10:30   Friday 4 October
I'm not going to die during this conference call: reflections on availability and burnout
Jamie Tomasello (Duo Security)
 
10:00 - 10:30   Friday 4 October
Challenges for young anti-malware products today    
Sorin Mustaca (Sorin Mustaca IT Security Consulting)
 
10:00 - 10:30   Friday 4 October
Attribution is in the object: using RTF object dimensions to track APT phishing weaponizers            
Michael Raggi (Proofpoint)
Ghareeb Saad (Anomali)
 
 
10:30 - 11:00   Friday 4 October
T   E   A   /   C   O   F   F   E   E
11:00 - 11:30   Friday 4 October
Politically targeted DNS in 2016 and 2020
David Rodriguez (Cisco Umbrella)
John Cunniff (Cisco Umbrella)
Andrea Kaiser (Cisco Umbrella)
Dhia Mahjoub (Cisco Umbrella)
 
11:00 - 11:30   Friday 4 October
Rich headers: leveraging the mysterious artifact of the PE format            
Peter Kalnai (ESET)
Michal Poslusny (ESET)
 
11:00 - 12:30   Friday 4 October
Call the shots! Let’s fight crime together
Speaker TBA (NHTCU)
 
11:30 - 12:00   Friday 4 October
Why companies need to focus on a problem they do not know they have        
Richard Matti (NetClean)
 
11:30 - 12:00   Friday 4 October
A study of Machete cyber espionage operations in Latin America        
Veronica Valeros (Czech Technical University in Prague)
Maria Rigaki (Czech Technical University in Prague)
Kamila Babayeva (Czech Technical University in Prague)
Sebastian Garcia (Czech Technical University in Prague)
 
 
12:00 - 12:30   Friday 4 October
Joining forces: transforming the Industry through diversity and data
Kathleen Whitbey (Palo Alto Networks)
Heather King (Cyber Threat Alliance)
Jeannette Jarvis (Fortinet)
 
12:00 - 12:30   Friday 4 October
Asterisk: a targeted VOIPspionage campaign
Lotem Finkelstein (Check Point)
Oded Awaskar (Check Point)
 
 
12:30 - 14:00   Friday 4 October
L   U   N   C   H
14:00 - 14:30   Friday 4 October
Pulling the PKPLUG: the adversary playbook for the long-standing espionage activity of a Chinese nation state adversary            
Alex Hinchliffe (Unit 42, Palo Alto Networks)
 
14:00 - 14:30   Friday 4 October
We need to talk - opening a discussion about ethics in infosec        
Ivan Kwiatkowski (Kaspersky Lab)
 
14:00 - 14:30   Friday 4 October
Kimsuky group: tracking the king of the spear-phishing        
Jaeki Kim (Financial Security Institute)
Kyoung-Ju Kwak (Financial Security Institute)
Min-Chang Jang (Financial Security Institute)
 
14:30 - 15:00   Friday 4 October
Different ways to cook a Crab...            
John Fokker (McAfee)
Alexandre Mundo (McAfee)
 
14:30 - 15:00   Friday 4 October
King of the hill: nation-state counterintelligence for victim deconfliction        
Juan Andres Guerrero-Saade (Chronicle)
 
14:30 - 15:00   Friday 4 October
Exploring the Chinese DDoS landscape        
Nacho Sanmillan (Intezer)
 
15:00 - 15:30   Friday 4 October
T   E   A   /   C   O   F   F   E   E
15:30 - 16:10   Friday 4 October
Keynote address: The security products we deserve        
Haroon Meer (Thinkst)
Adrian Sanabria (Thinkst)

(takes place in the Green room)
16:10 - 16:30   Friday 4 October
Conference closing session
Martijn Grooten (Virus Bulletin)

(takes place in the Green room)