VB2019
Wednesday 2 October, 2019
Red room
Green room
Small talks
09:00 - 10:30 Wednesday 2 October
E A R L Y
M O R N I N G
R E F R E S H M E N T S
10:30 - 10:50 Wednesday 2 October
VB2019 opening address
Martijn
Grooten (Virus Bulletin)
(takes place in the Green room)
10:50 - 11:30 Wednesday 2 October
11:30 - 12:00 Wednesday 2 October
A vine climbing over the Great Firewall: a long-term attack against China
Lion Gu (Qi An Xin Threat Intelligence Center)
Bowen Pan (Qi An Xin Threat Intelligence Center)
11:30 - 12:00 Wednesday 2 October
From industry report to classroom arrest
Marijn Schuurbiers (NHTCU)
Iris Haenen (NHTCU)
12:00 - 12:30 Wednesday 2 October
APT cases exploiting vulnerabilities in region-specific software
Shusei Tomonaga (JPCERT/CC)
Tomoaki Tani (JPCERT/CC)
Hiroshi Soeda (JPCERT/CC)
Wataru Takahashi (JPCERT/CC)
12:30 - 14:00 Wednesday 2 October
L U N C H
14:00 - 14:30 Wednesday 2 October
Domestic Kitten: an Iranian surveillance program
Aseel Kayal (Check Point)
Lotem Finkelstein (Check Point)
14:30 - 15:00 Wednesday 2 October
DNS on fire
Warren Mercer (Cisco Talos)
Paul Rascagneres (Cisco Talos)
15:00 - 15:30 Wednesday 2 October
Thwarting Emotet email conversation thread hijacking with clustering
Pierre-Luc Vaudry (ZEROSPAM Security)
Olivier Coutu (ZEROSPAM Security)
15:00 - 15:30 Wednesday 2 October
Geost botnet. The discovery story of a new Android banking trojan from an
OpSec error
Sebastian Garcia (Czech Technical University in Prague)
Maria Jose Erquiaga (UNCUYO University)
Anna Shirokova (Avast)
15:30 - 16:00 Wednesday 2 October
T E A / C O F F E E
16:00 - 16:30 Wednesday 2 October
Never before had Stierlitz been so close to failure
Sergei Shevchenko (Sophos)
16:00 - 16:30 Wednesday 2 October
Operation Soft Cell - a worldwide campaign against telecommunication
providers
Amit Serper (Cybereason)
Mor Levi (Cybereason)
Assaf Dahan (Cybereason)
16:00 - 17:30 Wednesday 2 October
Countering tech abuse together
Vyacheslav Zakorzhevsky (Kaspersky)
Rachel G. (National Network to End Domestic Violence)
16:30 - 17:00 Wednesday 2 October
Abusing third-party cloud services in targeted attacks
Daniel Lunghi (Trend Micro)
Jaromir Horejsi (Trend Micro)
17:00 - 17:30 Wednesday 2 October
The push for increased surveillance from fiction and its impact on privacy
Miriam Cihodariu (Heimdal Security)
Andrei Bogdan Brad (Code4Romania)
19:30 - 21:30 Wednesday 2 October
V B 2 0 1 9
D R I N K S R E C E P T I O N
Thursday 3 October, 2019
Red room
Green room
Small talks
08:00 - 09:00 Thursday 3 October
E A R L Y
M O R N I N G
R E F R E S H M E N T S
09:00 - 09:30 Thursday 3 October
Shinigami's revenge: the long tail of Ryuk malware
Gabriela Nicolao (Deloitte)
Luciano Martins (Deloitte)
09:00 - 09:30 Thursday 3 October
Simjacker - the next frontier in mobile espionage
Cathal Mc Daid (AdaptiveMobile Security)
09:30 - 10:00 Thursday 3 October
Defeating APT10 compiler-level obfuscations
Takahiro Haruyama (Carbon Black)
09:30 - 10:00 Thursday 3 October
Attor: spy platform with curious GSM fingerprinting
Zuzana Hromcová (ESET)
10:00 - 10:30 Thursday 3 October
Buhtrap metamorphosis: from cybercrime to cyber espionage (partner
presentation)
Anton Cherepanov (ESET)
Jean-Ian Boutin (ESET)
10:00 - 10:30 Thursday 3 October
Chinese cyber espionage and the Belt & Road Initiative
Thomas Thomasen (Deloitte)
Loucif Kharouni (Deloitte)
10:00 - 10:30 Thursday 3 October
Panel: How can you operationalize threat intelligence?
Alex Hinchliffe (Palo Alto Networks)
Selena Larson (Dragos)
Mark Kennedy (Symantec)
Pascal Geenens (Radware)
10:30 - 11:00 Thursday 3 October
T E A / C O F F E E
11:00 - 11:30 Thursday 3 October
Catch me if you can: detection of injection exploitation by validating query
and API integrity
Abhishek Singh (Prismo Systems)
Ramesh Mani (Prismo Systems)
11:00 - 11:30 Thursday 3 October
Who is SandCat: an unveiling of a lesser-known threat actor
Brian Bartholomew (Kaspersky)
11:30 - 12:00 Thursday 3 October
Spoofing in the reeds with Rietspoof
Jan Sirmer (Avast Software)
Luigino Camastra (Avast software)
Adolf Støeda (Avast software)
11:30 - 12:00 Thursday 3 October
HELO, is that you? New challenges tracking Winnti activity
Stefano Ortolani (Lastline)
Jason Zhang (Lastline)
11:30 - 12:00 Thursday 3 October
Fireside chat: Being a CISO at a cybersecurity company: a view from the hot
seat
Chester Wisniewski (Sophos)
Ross McKerchar (Sophos)
12:00 - 12:30 Thursday 3 October
Targeted attacks through ISPs
Denis Legezo (Kaspersky Lab)
12:00 - 12:30 Thursday 3 October
Keynote: Nexus between OT and IT threat intelligence
Selena Larson (Dragos)
12:30 - 14:00 Thursday 3 October
L U N C H
14:00 - 14:30 Thursday 3 October
Finding drive-by rookies using an automated active observation platform
Rintaro Koike (NTT Security)
Yosuke Chubachi (Active Defense Institute, Ltd / nao_sec)
14:00 - 14:30 Thursday 3 October
The art of the cashout: the evolution of attacks on payment systems
Saher Naumaan (BAE Systems Applied Intelligence)
Irving Méreau (SWIFT)
14:00 - 14:30 Thursday 3 October
Panel: Bursting the myths about threat intelligence sharing
Kathi Whitbey (Palo Alto Networks)
Jeannette Jarvis (Fortinet)
Dan Saunders (NTT)
John Fokker (McAfee)
14:30 - 15:00 Thursday 3 October
Exploring Emotet, an elaborate everyday enigma
Luca Nagy (Sophos)
15:00 - 15:30 Thursday 3 October
Curious tale of 8.t used by multiple campaigns against South Asia
Niranjan Jayanand (Microsoft)
Ivan Macalintal (Microsoft)
Debalina Ghosh (Microsoft)
15:00 - 15:30 Thursday 3 October
The Bagsu banker case
Benoît Ancel (CSIS)
15:00 - 15:30 Thursday 3 October
Panel: Where is threat intelligence headed?
Derek Manky (Fortinet)
Samir Mody (K7 Computing)
Heather King (CTA)
Warren Mercer (Cisco Talos)
15:30 - 16:00 Thursday 3 October
T E A / C O F F E E
16:00 - 16:30 Thursday 3 October
A deep dive into iPhone exploit chains
John Bambenek (University of Illinois at Urbana-Champaign)
16:30 - 17:00 Thursday 3 October
Oops! It happened again!
Righard Zwienenberg (ESET)
Eddy Willems (G DATA)
16:30 - 17:00 Thursday 3 October
Medical IoT for diabetes and cybercrime
Axelle Apvrille (Fortinet)
Aamir Lakhani (Fortinet)
19:30 - 23:00 Thursday 3 October
V B 2 0 1 9
P R E - D I N N E R
D R I N K S F O L L O W E D
B Y G A L A D I N N E R
Friday 4 October, 2019
Red room
Green room
Small talks
08:30 - 09:30 Friday 4 October
E A R L Y
M O R N I N G
R E F R E S H M E N T S
09:30 - 10:00 Friday 4 October
2,000 reactions to a malware attack - accidental study
Adam Haertle (BadCyber.com / ZaufanaTrzeciaStrona.pl)
10:00 - 10:30 Friday 4 October
Challenges for young anti-malware products today
Sorin Mustaca (Sorin Mustaca IT Security Consulting)
10:30 - 11:00 Friday 4 October
T E A / C O F F E E
11:00 - 11:30 Friday 4 October
Politically targeted DNS in 2016 and 2020
David Rodriguez (Cisco Umbrella)
John Cunniff (Cisco Umbrella)
Andrea Kaiser (Cisco Umbrella)
Dhia Mahjoub (Cisco Umbrella)
11:00 - 11:30 Friday 4 October
Rich headers: leveraging the mysterious artifact of the PE format
Peter Kalnai (ESET)
Michal Poslusny (ESET)
11:00 - 12:30 Friday 4 October
Call the shots! Let’s fight crime together
Speaker TBA (NHTCU)
11:30 - 12:00 Friday 4 October
A study of Machete cyber espionage operations in Latin America
Veronica Valeros (Czech Technical University in Prague)
Maria Rigaki (Czech Technical University in Prague)
Kamila Babayeva (Czech Technical University in Prague)
Sebastian Garcia (Czech Technical University in Prague)
12:00 - 12:30 Friday 4 October
Joining forces: transforming the Industry through diversity and data
Kathleen Whitbey (Palo Alto Networks)
Heather King (Cyber Threat Alliance)
Jeannette Jarvis (Fortinet)
12:00 - 12:30 Friday 4 October
Asterisk: a targeted VOIPspionage campaign
Lotem Finkelstein (Check Point)
Oded Awaskar (Check Point)
12:30 - 14:00 Friday 4 October
L U N C H
14:00 - 14:30 Friday 4 October
We need to talk - opening a discussion about ethics in infosec
Ivan Kwiatkowski (Kaspersky Lab)
14:00 - 14:30 Friday 4 October
Kimsuky group: tracking the king of the spear-phishing
Jaeki Kim (Financial Security Institute)
Kyoung-Ju Kwak (Financial Security Institute)
Min-Chang Jang (Financial Security Institute)
14:30 - 15:00 Friday 4 October
Different ways to cook a Crab...
John Fokker (McAfee)
Alexandre Mundo (McAfee)
14:30 - 15:00 Friday 4 October
Exploring the Chinese DDoS landscape
Nacho Sanmillan (Intezer)
15:00 - 15:30 Friday 4 October
T E A / C O F F E E