VB2013 conference programme

ICAL

Wednesday 2 October

Corporate stream Technical stream
08:00 Registration
10:00 Tea and coffee
10:30 - 10:50 Opening address
10:50 - 11:30 Keynote: Ethics and the AV industry in the age of WikiLeaks
Andrew Lee, ESET
11:30 - 12:00 Surviving 0-days - reducing the window of exposure

Andreas Lindh, I Secure
  Hypervisor-based, hardware-assisted system monitoring

Carsten Willems, Ruhr University Bochum
Ralf Hund, Ruhr University Bochum
12:00 - 12:30 Google and Apple markets: are their applications really secure?!

Vlad Bordianu, Bitdefender
Razvan Benchea, Bitdefender
Dragos Gavrilut, Bitdefender
  Back channels and bitcoins: ZeroAccess' secret C&C communications

James Wyke, Sophos
Lunch
14:00 - 14:30 Can alerting the public about exploitation do more harm than good?

Tom Cross, Lancope
Holly Stewart, Microsoft
  An automatic analysis and detection tool for Java exploits

Xinran Wang, Palo Alto Networks
14:30 - 15:00 Targeted social engineering attacks. Sensitive information, from a theoretical concept to a culturally defined notion

Sabina Raluca Datcu, Independent researcher
  Between an RTF and OLE2 place: an analysis of CVE-2012-0158 samples

Paul Baccas, Independent researcher
Vanja Svajcer, Sophos
15:00 - 15:30 The global impact of anti-malware protection state on infection rates

Joe Blackbird, Microsoft
Bill Pfeifer, Microsoft
  In-memory ROP payload detection

Justin Kim, Microsoft
Tea and coffee
15:50 - 16:20 Big bang theory of CVE-2012-4792

Jindrich Kubec, Avast Software
Eric Romang
  The Real Time Threat List

Righard Zwienenberg, ESET
Richard Ford, Florida Institute of Technology
Thomas Wegele, Avira
16:20 - 16:50 Tinba v2

David Sancho, Trend Micro
Peter Kruse, CSIS
  IEEE clean file metadata exchange

Mark Kennedy, Symantec
Igor Muttik, McAfee
16:50 - 17:20 What can Big Data Security learn from the AV industry? (sponsor presentation)

Stephen Cobb, ESET
  Beyond testing: what really matters (sponsor presentation)

Andreas Marx, AV-TEST
Maik Morgenstern, AV-TEST
19.30 VB2013 drinks reception

Thursday 3 October

Corporate stream Technical stream
Breakfast
09:00 - 09:30 Make it tight, protect with might, and try not to hurt anyone

Michael Johnson, Microsoft
  GinMaster : a case study in Android malware

Rowland Yu, Sophos
09:30 - 10:00 Windows 8 SmartScreen application control - what more could you ask for?

Ilya Rabinovich, SoftSphere
Randy Abrams, NSS
  'I am not the D'r.0,1d you are looking for': an analysis of Android malware obfuscation

Samir Mody, K7 Computing
10:00 - 10:30 Pentesting with live malware

Gunter Ollmann, IOActive
  The Droid Knight: a silent guardian for the Android kernel, hunting for rogue smartphone malware applications

Muhammad Ali Akbar, nexGIN RC, Institute of Space Technology, Islamabad
Farrukh Shahzad, nexGIN RC, Institute of Space Technology, Islamabad
Muddassar Farooq, nexGIN RC, Institute of Space Technology, Islamabad
Tea and coffee
10:50 - 11:20 Analysis of Android in-app advertisement kits

Karine de Pontevès, Fortinet
Axelle Apvrille, Fortinet
  Last-minute paper: Hide and seek - how targeted attacks hide behind clean applications

Gabor Szappanos, Sophos
11:20 - 11:50 Classifying PUAs in the mobile environment

Vanja Svajcer, Sophos
Sean McDonald, Sophos
  Last-minute paper: Reveal the facts behind the DDoS attack

Christy Chung, Fortinet
Kyle Yang, Fortinet
11:50 - 12:20 Malicious redirection of mobile users

Roman Unuchek, Kaspersky Lab
  Last-minute paper: Open DNS resolvers are to DDoS what open SMTP relays are to spam

John Graham-Cumming, CloudFlare
Lunch
14:00 - 14:30 Mac hacking: the way to better testing?

David Harley, ESET
Lysa Myers, Intego
  Last-minute paper: Android - practical security from the ground up

Adrian Ludwig, Google
Eric Davis, Google
Jon Larimer, Google
14:30 - 15:00 Real-world testing, the good, the bad, and the ugly

Aditya Kapoor, McAfee
Craig Schmugar, McAfee
  Last-minute paper: Lessons learned: sinkholing a peer-to-peer botnet

Ross Gibb, Symantec
Vikram Thakur, Symantec
15:00 - 15:30 A meta-analysis of recent malware tests

Richard Ford, Florida Institute of Technology
Liam Mayron, Florida Institute of Technology
  Last-minute paper: Hassle with Hesperbot: a new, sophisticated and very active banking trojan

Robert Lipovsky, ESET
Anton Cherepanov, ESET
Tea and coffee
15:50 - 16:20 Digging into Facebook ads: finding clues that indicate a scam pattern

Andrei Cristian Serbanoiu, Bitdefender
  Last-minute paper: Working together to defeat attacks against AV automation

Hong Jia, Microsoft
Dennis Batchelder, Microsoft
16:20 - 16:50 The best things in life are free (sponsor presentation)

Milos Korenko, AVAST Software
  Targeted attacks against Chinese online card games (sponsor presentation)

Paul Fan, Qihoo 360
Wenbin Zheng, Qihoo 360
19:30 Pre-dinner drinks followed by gala dinner & cabaret

Friday 4 October

Corporate stream Technical stream
Breakfast
09:30 - 10:00 A panoply of protection: new security and anti-malware measures in AutoCAD

Raymond Roberts, Microsoft
Jakub Kaminski, Microsoft
Eileen Sinnott, Autodesk
  Billion dollar botnets

Cathal Mullaney, Symantec
10:00 - 10:30 Infection vector: cyberspace junk, waste, and zombies

Methusela Cebrian Ferrer, Microsoft
  PAC - the Problem Auto Config (or stealing bank accounts with a 1KB file)

Fabio Assolini, Kaspersky Lab
Andrey Makhnutin, Kaspersky Lab
Tea and coffee
10:50 - 11:20 The ransomware strikes back

Ciprian Oprisa, Bitdefender
George Cabau, Bitdefender
Andrea Takacs, Bitdefender
  Deciphering and mitigating Blackhole spam from email-borne threats

Samir Patil, Symantec
11:20 - 11:50 Statistically effective protection against APT attacks

Jarno Niemela, F-Secure
  Behavioural detection of HTTP-based botnets

Chintan Shah, McAfee
11:50 - 12:20 The Moroccan phishing cluster

Peter Kruse, CSIS
  Using statistical analysis of DNS traffic to identify infections of unknown malware

Brandon J. Niemczyk, Hewlett-Packard
Jonathan Andersson, Hewlett-Packard
Lunch
14:00 - 14:30 Operation Crossbill: how the police cracked an international malware gang

Bob Burls, Independent researcher
Graham Cluley, Independent researcher
  Embedding malware on websites using executable webserver files

Evgeny Sidorov, Yandex
14:30 - 15:00 Hacking Team and Gamma International in 'business-to-government malware'

Sergey Golovanov, Kaspersky Lab
Denis Maslennikov, Kaspersky Lab
  Security research and development framework

Amr Thabet, Q-CERT
Tea and coffee
15:20 - 16:10 Panel discussion: Collateral damage in the age of cyber-warfare
Ryan Naraine, ZDNet
16:10 - 16:20 Conference closing session

Reserve papers

What I learned from 'See Spot, see Spot run' (or the many mistakes I've made publishing malware information for users and how you can avoid them)

Heather Goudey, Hewlett-Packard
Trapping unknown malware in a context web

Numaan Huq, Sophos
Peter Szabo, Sophos
RPZ: defending against malware via DNS

Hugo Connery, Technical University of Denmark
Are Linux desktop systems threatened by trojans?

Peter Kalnai, AVAST Software
Jaromir Horejsi, AVAST Software
Quick Links

Poll
Should software vendors extend support for their products on Windows XP beyond the end-of-life of the operating system?
Yes - it keeps their users secure
No - it encourages users to continue to use a less secure OS
I don't know
Leave a comment
View 24 comments

SMI Oil and Gas Cyber Security 2014

Malware Prevalence
Adware-misc |##########|
Java-Exploit |########|
Autorun |#####|
BHO/Toolbar-misc |####|
Conficker/Downadup |###|
 View this month's full report

Virus Bulletin currently has 231,354 registered users.