VB Migration

Tag: presentation

  • VB2021 localhost videos available on YouTube

    Today, VB has made all VB2021 localhost presentations available on VB’s YouTube channel , so you can now watch – and share – any part of the conference freely and without registration. The VB2021 / Live track playlist contains the two live broadcasts presented by our host Angela Lamont, each of which features eight presentations…

  • The Bagsu banker case – presentation

    Some time ago, researchers at CSIS Security Group discovered the infrastructure of a “quiet” banking trojan actor that had been targeting German users since at least 2014. At VB2019 CSIS researcher Benoît Ancel gave a talk in which he provided a technical insight into the whole operation: infrastructure, multi-platform trojans, money laundering schemes, and a…

  • VB2020 localhost videos available on YouTube

    Today, VB has made all VB2020 localhost presentations available on VB’s YouTube channel , so you can now watch – and share – any part of the conference freely and without registration. The VB2020 / Live track playlist contains the three live broadcasts presented by our host Angela Lamont, each of which features seven presentations and live…

  • VB2019 paper: Defeating APT10 compiler-level obfuscations

    Obfuscation in malware has long frustrated analysis, and obfuscation at the compiler level, such as opaque predicates and control flow flattening, has been particularly challenging. One group that has been using this kind of obfuscation is APT10, an APT group made famous through a 2018 indictment by the US government in which two Chinese individuals…

  • VB2019 paper: Attribution is in the object: using RTF object dimensions to track APT phishing weaponizers

    Malicious RTF files, exploiting vulnerabilities in Microsoft Office , have long been a popular way to deliver malware, most often through (spear-)phishing attacks. Such files are often created using exploit builders, which were the subject of a VB2018 presentation by Sophos researcher Gábor Szappanos. One such builder (or weaponizer) is ‘Royal Road’, which has been…

  • VB2019 presentation: Nexus between OT and IT threat intelligence

    Cyber attacks on industrial control systems (ICS) include the well-known stories of Stuxnet and BlackEnergy and such attacks appear to be getting more prevalent. Late last year, a natural gas compression facility at a US pipeline operator was targeted with ransomware . Operational Technology (OT), the mission critical IT in ICS, shares many similarities with…

  • VB2019 presentation: Attor: spy platform with curious GSM fingerprinting

    Attor is a newly discovered cyber-espionage platform, use of which dates back to at least 2014 and which focuses on diplomatic missions and governmental institutions. The modular malware searches specifically for TrueCrypt ‑protected hard drives and the processes of specific VPN applications, suggesting a special interest in security-focused users. The most notable plug-in is one…

  • VB2019 paper: Spoofing in the reeds with Rietspoof

    The Rietspoof malware was first discovered by Avast researchers in August 2018 and publicly disclosed in a blog post in February 2019. The multi-stage malware utilises different file types throughout its infection chain including in one stage a CAB file. Full details of the malware, including later discoveries, were revealed in a VB2019 paper by…

  • VB2019 videos: partner presentations

    With the final day of VB2019 three weeks behind us, we want to thank once again the 21 partners and sponsors of the conference for their support. In supporting the conference, the companies and organisations demonstrated how much they care about the sharing of research on current threats. We especially want to thank Platinum partners…

  • VB2018 paper: Lazarus Group: a mahjong game played with different sets of tiles

    The Lazarus Group, generally linked to the North Korean government, is one of the most notorious threat groups of recent years. It has engaged in digital espionage, destructive attacks and financially motivated attacks, and was probably the most discussed threat group at VB2018 in Montreal. One of the Lazarus-related papers at VB2018 was written by…