Today, we are very excited to announce the
programme
for
VB2018
, the 28th Virus Bulletin International Conference, which is to take place in Montreal, 3-5 October 2018.
Putting together a conference programme is not an easy task, particularly when you’ve received as many excellent submissions as we did, but I believe we have come up with a very interesting and diverse programme, featuring speakers from all around the world representing many different companies and organizations.
Keynotes
The conference will start with an opening keynote from
Microsoft
‘s
John Lambert
who, as General Manager of
Microsoft
‘s
Threat Intelligence Center
, has analysed many advanced threats. Two and a half days later,
Duo Security
‘s
Wendy Nather
will deliver the closing keynote address. A 30-year industry veteran, Wendy barely needs an introduction, but let me say she is known for her strong, well-informed and often radically nuanced opinions.
Familiar faces
In between the two keynotes, the main conference programme will consist of 52 talks, 36 of which we reveal today.
VB
regulars will recognise several faces among the speakers, such as Juan Andrés Guerrero-Saade, now at
Recorded Future
, who will talk about how to
better describe APT groups
, and Patrick Wardle, now at
Digita
Security
, who will give another
macOS
talk – this time
focusing on firewalls
.
Dhia Mahjoub (
Cisco Umbrella
) and Jason Passwaters (
Intel471
) will also be back to discuss their
observations of cybercriminals’ behaviour
, while
Cisco Talos
researchers Paul Rascagnères and Warren Mercer will speak about the mysterious but high-impact
Olympic Destroyer
malware they discovered earlier this year.
Sophos
‘s Gabor Szappanos, winner of last year’s
Péter Szőr Award
, will return to discuss the timeline of one of the hottest
Microsoft Office
bugs:
CVE-2017-0199
. His colleague, Rowland Yu, one of the world’s leading
Android
malware analysts, is also back to discuss
Android network analysis
, while
Malwarebytes
‘ Jérôme Segura will present a paper on the hot topic of ‘
drive-by mining
‘.
At VB2018 VB regular Patrick Wardle will once again talk on macOS security, this time focusing on firewalls.
New names
We have some very prominent new names on the programme too, including
Internet Hall of Fame
inductee Paul Vixie (
Farsight Security
), who will look at why some
domain names
‘die a premature death’.
Cybereason
Principal Security Researcher Amit Serper will discuss the
OSX/Pirrit adware
and his company’s legal fight with the people behind it, while Joe Slowik from
Dragos Security
will discuss the destructive ‘
CRASHOVERRIDE
‘ malware attack. We are also very honoured to have Masashi Nishihata and John Scott Railton from
CitizenLab
deliver
a talk about their research
.
Young talent
We are just as pleased to have many young talented researchers present their work, including
ESET
‘s Filip Kafka, who will speak about
Hacking Team
;
Google
‘s Maddie Stone, who will show how she reverse-engineered an
Android
anti-analysis library
; Maksim Shudrak (
Salesforce
), who will talk about
dynamic binary instrumentation
; Saher Naumaan (
BAE Systems
), who will discuss the rise of
malicious wipers
; and Thais Moreira Hamasaki (
F-Secure
), who will present a paper on
SMT solvers
.
Broadened scope
Apart from new speakers, we also have a handful of new subjects that may not belong to the core
VB
repertoire, but which we believe will be of great interest to many security professionals: Stefan Tanase (
Ixia
) will discuss the increasing
balkanization of the Internet
, while Lysa Myers (
ESET
) will look at the infosec industry’s
hiring problem
and Zoltan Balasz (
MRG Effitas
) will talk about
hacking smart contracts
. Two papers (
one
by
Argus Cyber Security
‘s Inbar Raz and the
other
by
Trend Micro
researchers Spencer Hsieh and Aaron Luo) will discuss automotive security.
The subject of nation-state attacks linked to the Korean peninsula isn’t very new, but based on the submissions we received, it is still a very hot topic. Three talks on this topic made it onto the programme: researchers from South Korea’s
Financial Security Institute
will discuss
Dokkaebbi
, while
ESET
researchers Peter Kálnai and Michal Poslušný will discuss the various subgroups of the
Lazarus group
.
AhnLab
researcher Minseok (Jacky) Cha will present a paper about previously undiscovered activities by
the same group
.
More to come
At a later stage, we will announce details of presentations by the VB2018
Platinum partners
, as well as three more invited talks. In the summer, we will open a call for ‘last-minute’ papers, to fill the nine remaining slots with papers that cover ‘hot’ and emerging topics.
Small Talks and workshops
Apart from the two main tracks, the ‘Small Talks’ stream will also return – featuring presentations that are longer than those on the main programme and which are delivered in a more informal setting in a bid to encourage discussion.
One
Small Talk, by
The Spamhaus Project
, has already been announced, and we are also pleased to announce that, for the first time, we will have a number of workshops in this stream, two of which we announce today:
Fortinet
‘s Axelle Apvrille, a leading researcher (and regular
VB
speaker), will teach the brave audience
how to reverse engineer
Android
malware
, while
Cisco Talos
researcher Vanja Svajcer will present a workshop on the important skill of
manual kernel mode malware analysis
.
You will find details of all these, and many more not mentioned in this blog post, in the
VB2018 programme
.
Registrations for the conference will open very soon.
A few partnership options are still available; please contact
[email protected]
for details.
We look forward to seeing you in Montreal!
Leave a Reply