VB2010 conference programme

ICAL

Wednesday 29 September

Corporate stream Technical stream
08:00 Registration
10:00 Tea and coffee
10:30 - 10:50 Opening address
10:50 - 11:30 Threats to the Social Web
Nick Bilogorskiy, Facebook
11:30 - 12:00 Case study - successes and failures apprehending malware authors

Raymond A. Pompon, HCL CapitalStream
   The Mariposa effect

Pedro Bustamante, Panda Security
Chris Davis, Defence Intelligence
12:00 - 12:30 How much do you cost? The black market price of your digital data

Dmitry Bestuzhev, Kaspersky Lab
   The Webwail botnet: a reputation-based filter killer

Xu (Kyle) Yang, Fortinet
Lunch
14:00 - 14:30 Cyberterrorism: oh really?

Morton Swimmer, Trend Micro
   Finding rules for heuristic detection of malicious PDFs: with analysis of embedded exploit code

Paul Baccas, Sophos
14:30 - 15:00 Russian cybercriminals on the move: profiting from mobile malware

Denis Maslennikov, Kaspersky Lab
   High speed JavaScript malware sandbox

Rajesh Mony, Webroot
15:00 - 15:30 Targeted malware attacks: then and now

Presented by Ken Dunham on behalf of Kim Gillo, iSIGHT Partners
   Play by the rules? Should AV be enforcing the rules to prevent uncontrolled obfuscation by malware?

Rachit Mathur, McAfee
Aditya Kapoor, McAfee
Tea and coffee
15:50 - 16:20 Victims of friendly fire

Corrado Ronchi, EISST
Shukhrat Zakhidov, EISST
   Blackhat SEO: abusing Google Trends to serve malware

Donald DeBolt, CA - HCL
Kiran Bandla, CA - HCL
16:20 - 16:50 P2P as a corporate persona non grata

John Alexander, Lockheed Martin
   P0isoning the social web

Dan Hubbard, Websense
17:00 - 19:00 Sponsor presentations
(There are still a number of sponsorship opportunities available. Contact Allison Sketchley for more information.)
19.30 Welcome drinks reception

Thursday 30 September

Corporate stream Technical stream
Breakfast
09:30 - 10:00 Categorizing the entire web with autonomous system numbers

Saeed Abu-Nimeh, Websense Security Labs
Dan Hubbard, Websense Security Labs
   SMS spam detection by operating on byte-level distributions using Hidden Markov Models

M. Zubair Rafique, Next Generation Intelligent Networks Research Center
Muddassar Farooq, Next Generation Intelligent Networks Research Center
10:00 - 10:30 Size matters - measuring a botnet operator's pinkie

Gunter Ollmann, Damballa
   Windows 7 impact upon rogue security software

Josh Norris, iSIGHT Partners
Ken Dunham, iSIGHT Partners
Tea and coffee
10:50 - 11:20 Automated targeted attacks: the new age of cybercrime

Stefan Tanase, Kaspersky Lab
   Last-minute paper: Dialers are back, and this time they're on smartphones!

Mikko Hyppönen, F-Secure
11:20 - 11:50 Bypassing defences - when old tricks work in Windows 7

Zarestel Ferrer, CA - HCL
   Last-minute paper: Alureon: the first 64-bit rootkit

Joe Johnson, Microsoft
11:50 - 12:20 'Want my autograph?': The use and abuse of digital signatures by malware

Mike Wood, Sophos
   Last-minute paper: Caution: level Pegel. The ideal computer infecting scheme.

Alexey Kadiev, Kaspersky Lab
Darya Gudkova, Kaspersky Lab
Lunch
14:00 - 14:30 Social engineering trumps a zero-day every time

Bruce Hughes, AVG Technologies
   Last-minute paper: The ROP pack

Kurt Baumgartner, Kaspersky Lab
14:30 - 15:00 Observations and lessons learned from comparing point-in-time cleaning against real-time protection

Scott Wu, Microsoft
   Last-minute paper: Life on stolen land

Jiri Sejtko, Avast Software
Miloslav Korenko, Avast Software
15:00 - 15:30 Why your AV solution is ineffective against today's email-borne threats

Greg Leah, Symantec Hosted Services (formerly MessageLabs)
   Last-minute paper: Intrusions and inside jobs: lessons from the banking industry

Michael Kalinichenko, SafenSoft
Tea and coffee
15:50 - 16:20 An analysis of real-world effectiveness of reputation-based security

Carey Nachenberg, Symantec
Vijay Seshadri, Symantec
   Last-minute paper: An indepth look into Stuxnet

Liam O'Murchu, Symantec
16:20 - 16:50 Sneaky Mac OS X threats

Methusela Cebrian Ferrer, CA - HCL
   Last-minute paper: Unravelling Stuxnet

Holly Stewart, Microsoft
Peter Ferrie, Microsoft
Alexander Gostev, Kasperksy Lab
19:30 Pre-dinner drinks followed by gala dinner & cabaret

Friday 1 October

Corporate stream Technical stream
Breakfast
09:30 - 10:00 The psychology of spamming

Terry Zink, Microsoft
   Experiences in malware binary deobfuscation

Hassen Saidi, SRI International
Phil Porras, SRI International
Vinod Yegneswaran, SRI International
10:00 - 10:30 Still curious about anti-spam testing? Here's a second opinion

David Koconis, ICSA Labs
   Challenging conventional wisdom on byte signatures

Thomas Dullien, zynamics
Ero Carrera, VirusTotal/zynamics
Christian Blichmann, zynamics
Soeren Meyer-Eppler, zynamics
Tea and coffee
10:50 - 11:20 Waste management: the current state of sample sharing

Dmitry Gryaznov, McAfee
   The Skype is no longer the limit - new ways malware keeps in touch with your friends

David Wood, Microsoft
11:20 - 11:50 Industry testing and telemetry sharing

Tony Lee, Microsoft
Jimmy Kuo, Microsoft
   Gaming the gamers: tricks of the trade in the world of PWS warcraft

Chun Feng, Microsoft
11:50 - 12:20 Standards and policies on packer use

Samir Mody, Sophos
Igor Muttik, McAfee
Peter Ferrie, Microsoft
   On scanning the Internet or the curse of in-the-cloud URL scanning

Alexandru Catalin Cosoi, BitDefender
Lunch
14:00 - 14:30 AV testing exposed

Peter Košinár, ESET
Juraj Malcho, ESET
Richard Marko, ESET
David Harley, ESET
   Zero-day malware

Igor Muttik, McAfee
14:30 - 15:00 Attacks from the inside...

Righard Zwienenberg, Norman
Eddy Willems, G DATA
   Large-scale malware experiments, why, how, and so what?

Joan Calvet, LORIA
Pierre-Marc Bureau, ESET
Jose M. Fernandez, Ecole Polytechnique de Montréal
Jean-Yves Marion, LORIA
Tea and coffee
15:20 - 16:10 Panel discussion: Social networks and computer security
16:10 - 16:20 Conference closing session

Reserve papers

Call of the WildList: last orders for WildCore-based testing?

David Harley, ESET
Andrew Lee, K7 Computing
The age of Russian trojan-ransoms

Timur Biyachuev, Kaspersky Lab
Alexey Malyshev, Kaspersky Lab
Kisswow: the OnlineGames gang

Josh Murray, iSIGHT Partners
The difference between false positives and FALSE POSITIVES

Mark Kennedy, AMTSO
Quick Links

Poll
Do current laws offer enough protection for ethical ('white-hat') hackers?
Yes, the current laws are fine
No, they prevent responsible disclosure of vulnerabilities
The current laws are too lax, we need to be stricter on hacking
I don't know
Leave a comment
View 4 comments

Cybersecurity for Chemical Industry

Virus Bulletin
In this month's magazine:
  • VBSpam comparative review March 2013
  • VB100 comparative review on SUSE Linux Enterprise Server 11
  • Java security in the era of BYOD
  • Ogee whiz
  • A deeper look into the ZeroAccess clickbot
  • Pushdo's new second generation
  • Shellcoding ARM: part 3
  • Phishing and fraud: the make-believe industry
Virus Bulletin 05 2013
Subscribe now!

Virus Bulletin currently has 227,267 registered users.