- Virus Bulletin 2016 -

 

Wednesday 5 October

Red room

Green room

Small talks

08:30 - 10:00   Wednesday 5 October

E   A   R   L   Y           M   O   R   N   I   N   G           R   E   F   R   E   S   H   M   E   N   T   S

10:30 - 10:50   Wednesday 5 October

Opening address 
Martijn Grooten (Virus Bulletin)
(takes place in the Green room)

10:50 - 11:30   Wednesday 5 October

Opening Keynote 
Christine Whalley (Pfizer)
(takes place in the Green room)

11:30 - 12:00   Wednesday 5 October

Wild Android Collusions 
Prof. Igor Muttik (Intel Security)
Jorge Blasco (London City University)

11:30 - 12:00   Wednesday 5 October

Wave Your False Flags! Deception Tactics Muddying Attribution in Targeted Attacks 
Juan Andrés Guerrero-Saade (Kaspersky Lab)
Brian Bartholomew (Kaspersky Lab)

12:00 - 12:30   Wednesday 5 October

Beware! Zombies are Coming 
Zhi Xu (Palo Alto Networks)
Tongbo Luo (Palo Alto Networks)
Cong Zheng (Palo Alto Networks)

12:00 - 12:30   Wednesday 5 October

APT Reports and OPSEC Evolution, or: These Are Not the APT Reports You Are Looking For 
Gadi Evron (Cymmetria)
Inbar Raz (Perimeter X)

11:30 - 12:30   Wednesday 5 October

Security Challenges in Healthcare 
John Alexander

12:30 - 14:00   Wednesday 5 October

L   U   N   C   H

14:00 - 14:30   Wednesday 5 October

Automating Visibility into User Behaviour Vulnerabilities to Malware Attack 
Ferenc Leitold (Secudit)
Anthony Arrott (Secudit)
Eszter Oroszi (Secudit)
Kálmán Hadarics (Secudit)

14:00 - 14:30   Wednesday 5 October

“$ echo Internet $>_...”: Towards Practical Internet-wide Probing and Crawling 
Zhaoyan Xu (Palo Alto Networks)
Jun Wang (Palo Alto Networks)
Yucheng Zhou (Palo Alto Networks)
Wei Xu (Palo Alto Networks)
Kyle Sanders (Palo Alto Networks)

14:30 - 15:00   Wednesday 5 October

Are They Real? Real-Life Comparative Tests of Anti-Virus Products     
Fanny Lalonde Lévesque (École Polytechnique de Montréal)
Jose M. Fernandez (École Polytechnique de Montréal)
Glaucia Young (Microsoft)
Dennis Batchelder (AppEsteem, and formerly Microsoft)

14:30 - 15:00   Wednesday 5 October

Detecting Man in the Middle Attacks With Canary Requests     
Brian Wallace (Cylance)

15:00 - 15:30   Wednesday 5 October

Breach Detection, Protection and Response Testing: The Next-Gen Approach 
Simon Edwards (SE Labs)

15:00 - 15:30   Wednesday 5 October

Professional Phishers and Their Habits 
Cristian Dantus (Bitdefender)
Marius Tibeica (Bitdefender)

14:00 - 15:30   Wednesday 5 October

Android Security 
Sebastian Porst (Google)
Jason Woloz (Google)

15:30 - 16:00   Wednesday 5 October

T   E   A   /   C   O   F   F   E   E

16:00 - 16:30   Wednesday 5 October

Diving into Malware’s Furtive Plumbing 
Omer Yair (IBM)
Or Safran (IBM)

16:00 - 16:30   Wednesday 5 October

One-Click Fileless Infection     
Himanshu Anand (Symantec)
Chastine Menrige (Symantec)

16:30 - 17:00   Wednesday 5 October

Trusted Code Execution on Untrusted Platform Using Intel SGX 
Prof. Guevara Noubir (Northeastern University)
Amirali Sanatinia (Northeastern University)

16:30 - 17:00   Wednesday 5 October

Great Crypto Failures 
Yaniv Balmas (Check Point Software Technologies)
Ben Herzog (Check Point Software Technologies)

16:00 - 17:00   Wednesday 5 October

IEEE Anti-Malware Support Service 
Mark Kennedy (Symantec)

17:00 - 17:30   Wednesday 5 October

Attack Psychology – Using Behaviour to Identify Threats (sponsor presentation) 
Lindsey Lack (E8 Security)

17:00 - 17:30   Wednesday 5 October

Trusted code signing abuse by malware and their exploitation of the CA verification process (sponsor presentation) 
Geoff McDonald (Microsoft)
Duc Nguyen (Microsoft)

 

19:30 - 21:00   Wednesday 5 October

V   B   2   0   1   6           D   r   i   n   k   s           R   e   c   e   p   t   i   o   n

Thursday 6 October

Red room

Green room

Small talks

08:00 - 09:00   Thursday 6 October

E   A   R   L   Y           M   O   R   N   I   N   G           R   E   F   R   E   S   H   M   E   N   T   S

09:00 - 09:30   Thursday 6 October

Last-minute paper: Malicious Proxy auto-configs: An Easy Way to Harvest Banking Credentials     
Jaromir Horejsi (Avast Software)
Jan Sirmer (Avast Software)

09:00 - 09:30   Thursday 6 October

Building a Local PassiveDNS Capability for Malware Incident Response 
Kathy Wang (Splunk)
Steve Brant (Splunk)

09:30 - 10:00   Thursday 6 October

Last-minute paper: BGP - From Route Hijacking to RPKI: How Vulnerable is the Internet? 
Mike Benjamin (Level 3 Communications)

09:30 - 10:00   Thursday 6 October

Open Source Malware Lab 
Robert Simmons (ThreatConnect)

10:00 - 10:30   Thursday 6 October

Last-minute paper: Nymaim: the Untold Story 
Jaros³aw Jedynak (CERT Poland)
Maciej Kotowicz (CERT Poland)

10:00 - 10:30   Thursday 6 October

Debugging and Monitoring Malware Network Activities with Haka     
Benoit Ancel (Stormshield)
Mehdi Talbi (Stormshield)

09:00 - 10:30   Thursday 6 October

The Chinese Underground Economy: the Hook007 Group 
Claire Ma (Qihoo 360)
Thomas Tian (Qihoo 360)

10:30 - 11:00   Thursday 6 October

T   E   A   /   C   O   F   F   E   E

11:00 - 11:30   Thursday 6 October

Anti-malware Testing Undercover     
Righard Zwienenberg (ESET)
Luis Corrons (Panda Security)

11:00 - 11:30   Thursday 6 October

Defeating Sandbox Evasion: How to Increase Successful Emulation Rate in your Virtualized Environment     
Stanislav Skuratovich (Check Point Software Technologies)
Aliaksandr Chailytko (Check Point Software Technologies)

11:30 - 12:00   Thursday 6 October

Last-minute paper: On the StrongPity Waterhole Attacks Targeting Italian and Belgian Encryption Users 
Kurt Baumgartner (Kaspersky Lab)

11:30 - 12:00   Thursday 6 October

(In-) Security of Smartphone AntiVirus and Security Apps     
Stephan Huber (Fraunhofer SIT)
Siegfried Rasthofer (Fraunhofer SIT/TU Darmstadt)

11:00 - 12:00   Thursday 6 October

Inside Exploit Kits 
John Bambenek (Fidelis Cybersecurity)

12:00 - 12:30   Thursday 6 October

APT discussion 
Costin Raiu (Kaspersky Lab)
Morgan Marquis-Boire (First Look Media / Citizen Lab)
Ryan Naraine (Kaspersky Lab)

(takes place in the Green room)

12:30 - 14:00   Thursday 6 October

L   U   N   C   H

14:00 - 14:30   Thursday 6 October

Last-minute paper: Challenges and Approaches of Cracking Ransomware     
hasherezade (Malwarebytes)

14:00 - 14:30   Thursday 6 October

Neverquest: Crime as a Service and On the Hunt for the Big Bucks 
Peter Kruse (CSIS)

14:30 - 15:00   Thursday 6 October

Modern Attacks on Russian Financial Institutions 
Anton Cherepanov (ESET)
Jean-Ian Boutin (ESET)

15:00 - 15:30   Thursday 6 October

Last-minute paper: A Malicious OS X Cocktail Served from a Tainted Bottle     
Peter Kalnai (ESET)
Martin Jirkal (ESET)

15:00 - 15:30   Thursday 6 October

Unveiling the Attack Chain of Russian-Speaking Cybercriminals 
Wayne Huang (Proofpoint)
Sun Huang (Proofpoint)

14:00 - 15:30   Thursday 6 October

The Tor Project 
David Goulet (The Tor Project)

15:30 - 16:00   Thursday 6 October

T   E   A   /   C   O   F   F   E   E

16:00 - 16:30   Thursday 6 October

Last-minute paper: The Beginning of the End(point): Where we are now and where we'll be in five years     
Adrian Sanabria (451 Research)

16:00 - 16:30   Thursday 6 October

Mind This Gap: Criminal Hacking and the Global Cybersecurity Skills Shortage, a Critical Analysis     
Stephen Cobb (ESET)

 

 

16:30 - 17:00   Thursday 6 October

SBDH Espionage Toolkit (sponsor presentation) 
Tomas Gardon (ESET)
Peter Stancik (ESET)

 

19:30 - 23:30   Thursday 6 October

V   B   2   0   1   6           G   a   l   a           D   i   n   n   e   r

Friday 7 October

Red room

Green room

Small talks

08:30 - 09:30   Friday 7 October

E   A   R   L   Y           M   O   R   N   I   N   G           R   E   F   R   E   S   H   M   E   N   T   S

09:30 - 10:00   Friday 7 October

Smart Outlets. Why We Need Responsible Disclosure! 
George Cabau (Bitdefender)
Radu Basaraba (Bitdefender)
Dragos Gavrilut (Bitdefender)
Ciprian Oprisa (Bitdefender)

09:30 - 10:00   Friday 7 October

Locky Strike: Smoking the Locky Ransomware Code     
Roland Dela Paz (Fortinet)
Rommel Joven (Fortinet)
Floser Bacurio (Fortinet)

 

10:00 - 10:30   Friday 7 October

Mobile Applications: a Backdoor into Internet of Things?     
Axelle Apvrille (Fortinet)

10:00 - 10:30   Friday 7 October

Real-Time Static Analysis: Detecting Zero-Day Ransomware Campaigns 
Erdem Aktas (Intel)
Rachit Mathur (Intel)

 

10:30 - 11:00   Friday 7 October

T   E   A   /   C   O   F   F   E   E

11:00 - 11:30   Friday 7 October

Using Machine Learning to Stop Exploit Kits In-Line in Real-Time 
Josiah Hagen (Trend Micro TippingPoint)
Brandon Niemczyk (Trend Micro TippingPoint)
Jonathan Andersson (Trend Micro TippingPoint)

11:00 - 11:30   Friday 7 October

All Your Creds Are Belong To Us     
Santiago Martin Pontiroli (Kasperky Lab)
Bart Parys (PwC)

11:30 - 12:00   Friday 7 October

Uncovering The Secrets Of Malvertising     
Jérôme Segura (Malwarebytes)
Chris Boyd (Malwarebytes)

11:30 - 12:00   Friday 7 October

Diving into Pinkslipbot's Latest Campaign 
Sanchit Karve (Intel Security)
Guilherme Venere (Intel Security)
Mark Olea (Intel Security)

12:00 - 12:30   Friday 7 October

The Good, The bad & The Ugly: The Advertiser, the Bot & the Traffic Broker     
Matthieu Faou (École Polytechnique de Montréal)
Joan Calvet (ESET)
Antoine Lemay (École Polytechnique de Montréal)
José Fernandez (École Polytechnique de Montréal)
Pierre-Marc Bureau (Google)

12:00 - 12:30   Friday 7 October

The Elknot DDoS Botnets We Watched     
Ya Liu (Qihoo 360)
Hui Wang (Qihoo 360)

11:00 - 12:30   Friday 7 October

The Clean Software Alliance: the Enforcement Perspective 
Adam Agensky (Clean Software Alliance)

12:30 - 14:00   Friday 7 October

L   U   N   C   H

14:00 - 14:30   Friday 7 October

Exploit Millions of Pebble Smartwatches for Fun and Profit 
Yulong Zhang (Baidu X-Lab)
Lenx Wei (Baidu X-Lab)

14:00 - 14:30   Friday 7 October

Operation Sentry Stopper: A Long-Standing Cyber Espionage     
Lenart Bermejo (Trend Micro)
Mingyen Hsieh (Trend Micro)
Razor Huang (Trend Micro)

 

14:30 - 15:00   Friday 7 October

GPS Attacks on a 'Shoe String': Methods of Analysis and Countermeasures 
Oleg Petrovsky (HP)

14:30 - 15:00   Friday 7 October

BlackEnergy – What We Really Know About the Notorious Cyber Attacks 
Robert Lipovsky (ESET)
Anton Cherepanov (ESET)

14:30 - 15:00   Friday 7 October

Automatic Classifying of Mac OS X Samples 
Spencer Hsieh (Trend Micro)
Pin Wu (Trend Micro)
Haoping Liu (Trend Micro)

15:00 - 15:30   Friday 7 October

T   E   A   /   C   O   F   F   E   E

15:30 - 16:10   Friday 7 October

Closing Keynote 
Morgan Marquis-Boire (First Look Media / Citizen Lab)
(takes place in the Green room)

16:10 - 16:30   Friday 7 October

Closing address 
Martijn Grooten (Virus Bulletin)
(takes place in the Green room)

 - indicates that slides for that particular presentation are available for downloading 

Reserve papers