Tag: conference paper
-
VB2021 localhost videos available on YouTube
Today, VB has made all VB2021 localhost presentations available on VB’s YouTube channel , so you can now watch – and share – any part of the conference freely and without registration. The VB2021 / Live track playlist contains the two live broadcasts presented by our host Angela Lamont, each of which features eight presentations…
-
VB2020 localhost videos available on YouTube
Today, VB has made all VB2020 localhost presentations available on VB’s YouTube channel , so you can now watch – and share – any part of the conference freely and without registration. The VB2020 / Live track playlist contains the three live broadcasts presented by our host Angela Lamont, each of which features seven presentations and live…
-
VB2020 presentation & paper: 2030: backcasting the potential rise and fall of cyber threat intelligence
Backcasting is an analytical technique that establishes an imagined future scenario and then works backwards to understand what caused that outcome. At VB2020, FireEye ‘s Jamie Collier presented a paper in which he applied the technique to imagine the rise and fall of the cyber threat intelligence (CTI) industry over the next 10 years. Not…
-
VB2019 paper: APT cases exploiting vulnerabilities in region-specific software
Software that is endemic to a specific country or region has long been a popular attack vector, in particular among APT groups, who have a history of exploiting vulnerabilities in such software. Past VB conference papers have analysed attacks against InPage , popular in Pakistan, and against Hangul , widely used in South Korea. Japan…
-
VB2019 paper: 2,000 reactions to a malware attack – accidental study
In an illuminating study – possible thanks to a unique perspective on a malicious email campagin – cybercrime journalist and researcher Adam Haertlé ( BadCyber.com / ZaufanaTrzeciaStrona.pl ) read, analysed and classified 1,976 responses sent by victims of a malicious email campaign. In taking revenge for Adam having written about them on his blog, the senders of…
-
VB2019 paper: Why companies need to focus on a problem they do not know they have
It is one of the worst things on the Internet: child sexual abuse material (CSAM), sometimes referred to as ‘child porn’. Many misconceptions exist around CSAM, one of which is that it is only ever accessed from home. In fact, many company networks are used to download and store CSAM, often unbeknownst to network administrators.…
-
VB2019 paper: Defeating APT10 compiler-level obfuscations
Obfuscation in malware has long frustrated analysis, and obfuscation at the compiler level, such as opaque predicates and control flow flattening, has been particularly challenging. One group that has been using this kind of obfuscation is APT10, an APT group made famous through a 2018 indictment by the US government in which two Chinese individuals…
-
VB2019 paper: Attribution is in the object: using RTF object dimensions to track APT phishing weaponizers
Malicious RTF files, exploiting vulnerabilities in Microsoft Office , have long been a popular way to deliver malware, most often through (spear-)phishing attacks. Such files are often created using exploit builders, which were the subject of a VB2018 presentation by Sophos researcher Gábor Szappanos. One such builder (or weaponizer) is ‘Royal Road’, which has been…
-
VB2019 paper: Kimsuky group: tracking the king of the spear-phishing
In September 2013, Kaspersky reported a new APT group it dubbed ‘Kimsuky’, which it linked to North Korea. The group, whose interests include South Korean industry, journalists and North Korean defectors, continues to be active: recent activity was analysed by Yoroi earlier this month . Jaeki Kim. Kyoung-Ju Kwak and Min-Chang Jang from Financial Security…
-
VB2019 paper: Play fuzzing machine – hunting iOS and macOS kernel vulnerabilities automatically and smartly
Apple ’s MacOS and iOS operating systems are often praised for their security. Yet vulnerabilities in both operating systems are regularly being found and exploited, especially by more advanced attackers. In a paper presented at VB2019 in London, Trend Micro researchers Lilang Wu and Moony Li explained how researchers like them hunt for such vulnerabilities…