VB2017: nine last-minute papers announced

Posted by   Martijn Grooten on   Sep 11, 2017

At Virus Bulletin we try not to follow the daily security hype, focusing instead on the bigger trends. This means that the topics covered on the VB2017 conference programme – the majority of which was published in April – are still as relevant now as they were five months ago.

Still, security is constantly evolving, and for this reason we have long followed the practice of setting aside a number of conference speaking slots for "last-minute" papers, with the aim of presenting very hot research. Today, we are pleased to announce nine such papers which have just been added to the programme.

If there is one country that knows about the ever-changing threat landscape all too well it is Ukraine, which has been targeted in a number of prominent cyber-attacks recently. Alexander Adamov (NioGuard Security Lab) and Anders Carlsson (Blekinge Institute of Technology) will look at patterns behind those attacks, while regular VB speakers Anton Cherepanov and Robert Lipovsky (ESET) will discuss possibly the most advanced of these attacks: Industroyer, which in December 2016 attacked the country's power grid.

antoncherepanov_robertlipovsky_vb2015.pngAnton Cherepanov and Robert Lipovsky, here pictured at VB2015, have given various conference presentations, most of which had something to do with attacks against Ukraine.

 

Brazil is another country with a long history of cyber attacks, and the recently discovered 'Client Maximus' trojan is a good demonstration of how malware targeting the country has evolved in recent years. IBM Trusteer researcher Omer Agmon will present an analysis of the malware.

TrickBot is another financial trojan that has risen to prominence recently – notable for its recent targeting of the crypto-currency exchange. Symantec researcher Andrew Brandt ran the malware in a research environment, allowing him to record and analyse its network traffic. He will share the details of this experiment in Madrid.

Perhaps even more damaging than financial malware, ransomware is the main scourge of the Internet. Having written various decryptors, Avast's Jakub Kroustek is one of the leading researchers when it comes to ransomware. At VB2017, he and Előd Kironský (ESET) will discuss one of the most prevalent ransomware families, Spora, and will describe how their initial research into the family was "ruined" by an overhaul of the malware's code.

Moving from desktop PCs to web servers, web shells represent one of the main threats. Web shells give a successful attacker easy access to a server, allowing them to really own it. VULNEX's Simon Roses Femerling will present an update on the current state of web shells.

Less prevalent, but certainly very worrying, is the subject of car hacking, a prominent topic at many a security conference these days. Trend Micro researchers Spencer Hsieh and Aaron Luo analysed the HTC device that can be used to control and monitor various parts of recent Volkswagen models. At VB2017, they will discuss various weaknesses they found.

The recent discovery of the WireX DDoS botnet highlighted the possibilities of Android's Webview, used by many Android apps to display content, but also providing various opportunities to those with less benign intentions. Sophos researcher Rowland Yu took a closer look at how Webview can help attackers and will present his findings at the conference.

rowlandyu_vb2015.pngRowland Yu (here pictured at VB2015) is also a returning conference speaker.

 

Finally, few would claim that Android malware isn't something to worry about, and the members of Google's Android Security team certainly don't make such claims. Senior Program Manager Jason Woloz will share Google's latest Android malware statistics and also discuss how the company's partners, including AV companies, can share details about malware families.

Registration for the conference is still open, so don't hesitate to book your ticket now to join us in Madrid, 4-6 October 2017!

VB2017-325w.jpg

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VB2019 paper: Fantastic Information and Where to Find it: A guidebook to open-source OT reconnaissance

A VB2019 paper by FireEye researcher Daniel Kapellmann Zafra explained how open source intelligence (OSINT) can be used to learn crucial details of the inner workings of many a system. Today we publish Daniel's paper and the recording of his…

VB2019 paper: Different ways to cook a crab: GandCrab Ransomware-as-a-Service (RaaS) analysed in depth

Though active for not much longer than a year, GandCrab had been one of the most successful ransomware operations. In a paper presented at VB2019 in London, McAfee researchers John Fokker and Alexandre Mundo looked at the malware code, its evolution…

VB2019 paper: Domestic Kitten: an Iranian surveillance program

At VB2019 in London, Check Point researchers Aseel Kayal and Lotem Finkelstein presented a paper detailing an Iranian operation they named 'Domestic Kitten' that used Android apps for targeted surveillance. Today we publish their paper and the video…

VB2019 video: Discretion in APT: recent APT attack on crypto exchange employees

At VB2019 in London, LINE's HeungSoo Kang explained how cryptocurrency exchanges had been attacked using Firefox zero-days. Today, we publish the video of his presentation.

VB2019 paper: DNS on fire

In a paper presented at VB2019, Cisco Talos researchers Warren Mercer and Paul Rascagneres looked at two recent attacks against DNS infrastructure: DNSpionage and Sea Turtle. Today we publish their paper and the recording of their presentation.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.