VB2018 preview: Workshops

Posted by   Martijn Grooten on   Sep 28, 2018

The Virus Bulletin Conference is first and foremost a place to learn: about new threats, about the tools used to detect and fight them, and to learn about (and get to know) the people that matter in the fast-changing world of threat intelligence and research.

This year, you can also learn about some essential techniques that are important for any cybersecurity researcher: kernel-mode malware analysis, Android reverse engineering, and AI in cybersecurity.


Dynamic manual analysis of kernel-mode malware

Though analysis of the vast majority of malware samples found these days is fully automated, manual analysis remains essential for those important and often more interesting edge cases. Cisco Talos researcher Vanja Svajcer, a regular VB speaker, will teach the audience how to perform dynamic manual analysis of kernel-mode malware, in particular using WinDbg.

Vanja says attendees will benefit from the hands-on examples if they are able to bring a laptop set up with Windows debugging tools.


Android reverse engineering

Android malware has become a serious and varied threat in recent years, and thus a workshop by Fortinet researcher Axelle Apvrille (also a regular VB speaker) on Android malware analysis is an exciting addition to the programme. Her workshop is, as the title suggests, 'for the brave', and will consists of several guided labs to cover subjects such as dealing with obfuscated samples and writing Radare2 scripts.

For this workshop, it will be necessary to bring a laptop that has been prepared by following these instructions.


Artificial intelligence in cybersecurity

Finally, artificial intelligence is a hot topic in security and beyond, and it is a particular focus of the city of Montreal that hosts VB2018. It is thus fitting that Benoît Hamelin, from local company Element AI, will host a workshop on AI and how it support efforts towards solving certain classes of cybersecurity problems.

To benefit from Benoît's hands-on examples, participants are recommended to bring a laptop in order to use the cloud-based Colaboratory.

All three workshops last 90 minutes and take place in the Small Talks room. No special registration or additional payment is required, but you must, of course, be registered for VB2018 itself!

VB2018-withdate-325w.jpg

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VB2019 paper: Fantastic Information and Where to Find it: A guidebook to open-source OT reconnaissance

A VB2019 paper by FireEye researcher Daniel Kapellmann Zafra explained how open source intelligence (OSINT) can be used to learn crucial details of the inner workings of many a system. Today we publish Daniel's paper and the recording of his…

VB2019 paper: Different ways to cook a crab: GandCrab Ransomware-as-a-Service (RaaS) analysed in depth

Though active for not much longer than a year, GandCrab had been one of the most successful ransomware operations. In a paper presented at VB2019 in London, McAfee researchers John Fokker and Alexandre Mundo looked at the malware code, its evolution…

VB2019 paper: Domestic Kitten: an Iranian surveillance program

At VB2019 in London, Check Point researchers Aseel Kayal and Lotem Finkelstein presented a paper detailing an Iranian operation they named 'Domestic Kitten' that used Android apps for targeted surveillance. Today we publish their paper and the video…

VB2019 video: Discretion in APT: recent APT attack on crypto exchange employees

At VB2019 in London, LINE's HeungSoo Kang explained how cryptocurrency exchanges had been attacked using Firefox zero-days. Today, we publish the video of his presentation.

VB2019 paper: DNS on fire

In a paper presented at VB2019, Cisco Talos researchers Warren Mercer and Paul Rascagneres looked at two recent attacks against DNS infrastructure: DNSpionage and Sea Turtle. Today we publish their paper and the recording of their presentation.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.