Welcome to VB2020 localhost!

The 30th VB Conference is HERE - it’s free, it’s online and it’s packed with features.

Welcome to VB2020 localhost, the annual and world-renowned Virus Bulletin international conference gone virtual!

Like any VB conference, VB localhost features the latest and best research on malware, malicious actors and threat intelligence, but this time we bring you both live streamed and on-demand content for 3 days, as well as the company of your fellow security researchers from around the world, in the comfort of your own home.

The live programme of the conference will be broadcast live from 16:00 to 20:00 UTC each day. You can join anytime, and re-watch, rewind or pause the live stream. Meanwhile, in the on-demand programme you will fine a wide selection of presentations that you can watch at your leisure, and our co-host, CTA, brings you eight presentations in the Threat Intelligence Practitioners' Summit (TIPS).

What's more, you can join us and your fellow attendees on Discord for discussion, networking, QA and fun!

Programme
All Live Day 1 Live Day 2 Live Day 3 On Demand TIPS
CATEGORY TIME (UTC) TITLE SPEAKER(S)
Live Day 1
WEDNESDAY 30 SEPTEMBER
16:00 UTC
16:30 UTC
A new Chinese APT ‘Evasive Panda’ group targets India and Hong Kong using a new variant of MgBot malware Hossein Jazi (Malwarebytes) & Jérôme Segura (Malwarebytes)
Live Day 1
WEDNESDAY 30 SEPTEMBER
16:30 UTC
17:00 UTC
The eye on the Nile: Egypt’s civil society under attack Aseel Kayal (Check Point Software Technologies)
Live Day 1
WEDNESDAY 30 SEPTEMBER
17:00 UTC
17:30 UTC
The fall of Domino – a preinstalled hostile downloader Łukasz Siewierski (Google)
Live Day 1
WEDNESDAY 30 SEPTEMBER
17:45 UTC
18:15 UTC
The days before R-Day: ransomware toolsets Gabor Szappanos (Sophos) & Vikas Singh (Sophos)
Live Day 1
WEDNESDAY 30 SEPTEMBER
18:15 UTC
18:45 UTC
To catch a Banshee: how Kimsuky’s tradecraft betrays its complementary campaigns and mission Sveva Vittoria Scenarelli (PwC)
Live Day 1
WEDNESDAY 30 SEPTEMBER
19:00 UTC
19:30 UTC
Attribution: a puzzle Paul Rascagneres (Cisco Talos) & Vitor Ventura (Cisco Talos)
Live Day 1
WEDNESDAY 30 SEPTEMBER
19:30 UTC
20:00 UTC
Why the security world should take stalkerware seriously David Ruiz (Malwarebytes)
Live Day 2
THURSDAY 01 OCTOBER
16:00 UTC
16:30 UTC
Hunting for Android 1-days: analysis of rooting ecosystem Eugene Rodionov (Google), Richard Neal (Google) & Lin Chen (Google)
Live Day 2
THURSDAY 01 OCTOBER
16:30 UTC
17:00 UTC
Who stole my 100,000 dollars’ worth of Bitcoin wallets – catch them all with new deceptive bait Tan Kean Siong (The Honeynet Project)
Live Day 2
THURSDAY 01 OCTOBER
17:00 UTC
17:30 UTC
SilentFade: unveiling Chinese malware abusing Facebook ad platform Sanchit Karve (Facebook) & Jennifer Urgilez (Facebook)
Live Day 2
THURSDAY 01 OCTOBER
17:45 UTC
18:15 UTC
LATAM financial cybercrime: competitors in crime sharing TTPs Jakub Souček (ESET) & Martin Jirkal (ESET)
Live Day 2
THURSDAY 01 OCTOBER
18:15 UTC
18:45 UTC
Hello from the OT side! Daniel Kapellmann Zafra (FireEye)
Live Day 2
THURSDAY 01 OCTOBER
19:00 UTC
19:30 UTC
Growth and commoditization of remote access trojans Veronica Valeros (Czech Technical University in Prague) & Sebastian García (Czech Technical University in Prague)
Live Day 2
THURSDAY 01 OCTOBER
19:30 UTC
20:00 UTC
A true virus on macOS Patrick Wardle (Jamf)
Live Day 3
FRIDAY 02 OCTOBER
16:00 UTC
16:30 UTC
Graphology of an exploit – hunting for exploits by looking for the author’s fingerprints Itay Cohen (Check Point Research) & Eyal Itkin (Check Point Research)
Live Day 3
FRIDAY 02 OCTOBER
16:30 UTC
17:00 UTC
ML Security Evasion Competition 2020 Zoltan Balazs (CUJO AI) & Hyrum Anderson (Microsoft)
Live Day 3
FRIDAY 02 OCTOBER
17:00 UTC
17:30 UTC
Hunting for malware with command line logging and process trees Ivan Vanja Svajcer (Cisco Talos)
Live Day 3
FRIDAY 02 OCTOBER
17:45 UTC
18:15 UTC
Tonto Team: exploring the TTPs of an advanced threat actor operating a large infrastructure Daniel Lunghi (Trend Micro) & Jaromir Horejsi (Trend Micro)
Live Day 3
FRIDAY 02 OCTOBER
18:15 UTC
18:45 UTC
XDSpy: stealing government secrets since 2011 Matthieu Faou (ESET) & Francis Labelle (ESET)
Live Day 3
FRIDAY 02 OCTOBER
19:00 UTC
19:30 UTC
InvisiMole: first-class persistence through second-class exploits Zuzana Hromcová (ESET)
Live Day 3
FRIDAY 02 OCTOBER
19:30 UTC
20:00 UTC
Clippy left some traces Christiaan Beek (McAfee)
On Demand
2030: backcasting the potential rise and fall of cyber threat intelligence Jamie Collier (FireEye)
On Demand
A new open-source hypervisor-level malware monitoring and extraction system – current state and further challenges Michał Leszczyński (CERT Polska) & Krzysztof Stopczański (CERT Polska (Former))
On Demand
Advanced Pasta Threat: mapping threat actor usage of open-source offensive security tools Paul Litvak (Intezer)
On Demand
Anchor, Bazar, and the Trickbot connection Daniel Frank (Cybereason) & Lior Rochberger (Cybereason)
On Demand
Another threat actor day… Paul Jung (Excellium Services)
On Demand
APT Hackers-for-Hire: Time to update your Threat Models (Partner Content) Liviu Arsene (Bitdefender) & Andra Cazacu (Bitdefender)
On Demand
Behind the Black Mirror: simulating attacks with mock C2 servers Scott Knight (VMware)
On Demand
Chasing the digital pirates: unveiling the container threats Tejas Girme (Qualys)
On Demand
Clandestine hunter: two strategies for supply chain attack Byeongjae Kim (Korea Internet & Security Agency), Taewoo Lee (Korea Internet & Security Agency), Sojun Ryu (Korea Internet & Security Agency) & Dongwook Kim (Korea Internet & Security Agency)
On Demand
Compromising IoT C&C panels for unearthing infections Dr Aditya K. Sood (F5 Networks) & Rohit Bansal (SecNiche Security Labs)
On Demand
Context-aware detection: the future of cybersecurity? Rohit Satpathy (The PC Security Channel)
On Demand
Dancing samba with Dolphins: tracking a Brazilian threat actor moving to Europe Carlos Rubio (Blueliv)
On Demand
Dissecting fleeceware apps: the million-dollar money-making machine in Android and iOS Jagadeesh Chandraiah (Sophos)
On Demand
Emerging trends in malware downloaders Dr. Nirmal Singh (Zscaler), Deepen Desai (Zscaler) & Avinash Kumar (Zscaler)
On Demand
Emissary (Pandas) in the Middle East James Shank (Team Cymru) & Jacomo Piccolini (Team Cymru)
On Demand
Evolution of Excel 4.0 macro weaponization James Haughom (VMware), Stefano Ortolani (VMware) & Baibhav Singh (VMware)
On Demand
Ghost Mach-O: an analysis of Lazarus’ Mac-malware innovations Dinesh Devadoss (K7 Computing)
On Demand
GuLoader? No, CloudEyE. Flattening the attack curve of the top malicious dropper Alexey Bukhteyev (Check Point Software Technologies) & Arie Olshtein (Check Point Software Technologies)
On Demand
Hidden risks of advertisements Doina Cosovan (Security Scorecard) & Cătălin Liță (Security Scorecard)
On Demand
Just-in-time deception to detect credential-stuffing bots Abhishek Singh (Prismo Systems), Manish Sardiwal (Prismo Systems) & Ramesh Mani (Prismo Systems)
On Demand
Lightweight emulation based IoC extraction for Gafgyt botnets Ya Liu (Qihoo 360)
On Demand
Like bees to a honeypot – a journey through honeypots Matthias Meidinger (VMRay)
On Demand
Most sophisticated technique of the year goes to… Kalpesh Mantri (Quick Heal)
On Demand
NetWalking on sunshine Thibault Seret (McAfee) & Jeffrey Sman (McAfee)
On Demand
One year later: challenges for young anti-malware products today Sorin Mustaca (Endpoint Cybersecurity)
On Demand
Operation LagTime IT: colourful Panda footprint Fumio Ozawa (NTT Security), Shogo Hayashi (NTT Security) & Rintaro Koike (NTT Security)
On Demand
Payment required: rare HTTP statuses and air-gaps avoidance from the authors of COMPFun Denis Legezo (Kaspersky)
On Demand
Ramsay: a cyber-espionage toolkit tailored for air-gapped networks Ignacio Sanmillan (ESET)
On Demand
She sells root shells by the C(++) shore Costin Ionescu (Broadcom)
On Demand
Standardized reporting with the Malware Behavior Catalog Desiree Beck (MITRE)
On Demand
Stealthy WastedLocker: eluding behaviour blockers, but not only Alexander Adamov (NioGuard Security Lab)
On Demand
TA505: attacking industries around the world Minhee Lee (Financial Security Institute) & Daegyu Kang (Financial Security Institute)
On Demand
Take care, spyware is slipping into your phones through Operation Poisoned News Nelson William Gamazo Sanchez (Trend Micro), Lilang Wu (Trend Micro), Elliot Cao (Trend Micro) & Ecular Xu (Trend Micro)
On Demand
The (f)utility of indicators Gabriela Nicolao (Deloitte)
On Demand
The NExt Big Sur(ge) on macOS Abhijit Kulkarni (Incrux Technologies) & Prakash Jagdale (Incrux Technologies)
On Demand
The rise of the info stealers Shai Alfasi (Reason Security) & Dana Yosifovich (Reason Security)
On Demand
Tracking rapid evolution? Copycat? Of an APT RAT in Asia Hiroshi Takeuchi (Macnica Networks)
On Demand
Transparency, trust and intention: what dismantling the heart of cyberattack public attribution reveals about warring minds Monica Lopez (LPNP)
On Demand
Unveiling the CryptoMimic Hajime Takai (NTT Security), Shogo Hayashi (NTT Security) & Rintaro Koike (NTT Security)
TIPS
TIPS #1 Opening Keynote: Collaborating with Competitors: A Better Strategy to Beat Adversaries Joe Levy (Sophos)
TIPS
TIPS #2 Business Email Compromise – Scalable Attribution Powering Industry and Law Enforcement Collaboration Pete Renals (Palo Alto Networks)
TIPS
TIPS #3 Creating Network Effects: Intelligence Sharing for Supply Chain Security Andrea Little Limbago (Interos)
TIPS
TIPS #4 Fireside Chat: Comfortably Numb Kathi Whitbey (Palo Alto Networks), Jeannette Jarvis (CTA) & Selena Larson (Dragos)
TIPS
TIPS #5 German Angst : Cybercrime Ecosystem in the DACH Region Abdelkader Cornelius (Recorded Future)
TIPS
TIPS #6 Panel: Flattening the Curve of Cyber-Risks Kathi Whitbey (Palo Alto Networks), Derek Manky (Fortinet), Righard Zwienenberg (ESET) & Noortje Henrichs (NCSC)
TIPS
TIPS #7 Ransomware Evolution in LATAM Fernando Cajeme Acosta Zertuche (TELMEX Scitum) & Imelda Flores (TELMEX Scitum)
TIPS
TIPS #8 Closing Keynote: Threatscaping like a CERT Noortje Henrichs (NCSC)
Day 1
16:00-16:30 UTC
Hossein Jazi (Malwarebytes) & Jérôme Segura (Malwarebytes)
Day 1
16:30-17:00 UTC
Aseel Kayal (Check Point Software Technologies)
Day 1
17:00-17:30 UTC
Łukasz Siewierski (Google)
Day 1
17:45-18:15 UTC
Gabor Szappanos (Sophos) & Vikas Singh (Sophos)
Day 1
19:00-19:30 UTC
Paul Rascagneres (Cisco Talos) & Vitor Ventura (Cisco Talos)
Day 1
19:30-20:00 UTC
David Ruiz (Malwarebytes)
Day 2
16:00-16:30 UTC
Eugene Rodionov (Google), Richard Neal (Google) & Lin Chen (Google)
Day 2
17:00-17:30 UTC
Sanchit Karve (Facebook) & Jennifer Urgilez (Facebook)
Day 2
17:45-18:15 UTC
Jakub Souček (ESET) & Martin Jirkal (ESET)
Day 2
18:15-18:45 UTC
Daniel Kapellmann Zafra (FireEye)
Day 2
19:00-19:30 UTC
Veronica Valeros (Czech Technical University in Prague) & Sebastian García (Czech Technical University in Prague)
Day 2
19:30-20:00 UTC
Patrick Wardle (Jamf)
Day 3
16:00-16:30 UTC
Itay Cohen (Check Point Research) & Eyal Itkin (Check Point Research)
Day 3
16:30-17:00 UTC
Zoltan Balazs (CUJO AI) & Hyrum Anderson (Microsoft)
Day 3
17:00-17:30 UTC
Ivan Vanja Svajcer (Cisco Talos)
Day 3
17:45-18:15 UTC
Daniel Lunghi (Trend Micro) & Jaromir Horejsi (Trend Micro)
Day 3
18:15-18:45 UTC
Matthieu Faou (ESET) & Francis Labelle (ESET)
Day 3
19:00-19:30 UTC
Zuzana Hromcová (ESET)
Day 3
19:30-20:00 UTC
Christiaan Beek (McAfee)
On Demand
Michał Leszczyński (CERT Polska) & Krzysztof Stopczański (CERT Polska (Former))
On Demand
Daniel Frank (Cybereason) & Lior Rochberger (Cybereason)
On Demand
Paul Jung (Excellium Services)
On Demand
Liviu Arsene (Bitdefender) & Andra Cazacu (Bitdefender)
On Demand
Byeongjae Kim (Korea Internet & Security Agency), Taewoo Lee (Korea Internet & Security Agency), Sojun Ryu (Korea Internet & Security Agency) & Dongwook Kim (Korea Internet & Security Agency)
On Demand
Dr Aditya K. Sood (F5 Networks) & Rohit Bansal (SecNiche Security Labs)
On Demand
Rohit Satpathy (The PC Security Channel)
On Demand
Dr. Nirmal Singh (Zscaler), Deepen Desai (Zscaler) & Avinash Kumar (Zscaler)
On Demand
James Shank (Team Cymru) & Jacomo Piccolini (Team Cymru)
On Demand
James Haughom (VMware), Stefano Ortolani (VMware) & Baibhav Singh (VMware)
On Demand
Alexey Bukhteyev (Check Point Software Technologies) & Arie Olshtein (Check Point Software Technologies)
On Demand
Doina Cosovan (Security Scorecard) & Cătălin Liță (Security Scorecard)
On Demand
Abhishek Singh (Prismo Systems), Manish Sardiwal (Prismo Systems) & Ramesh Mani (Prismo Systems)
On Demand
Kalpesh Mantri (Quick Heal)
On Demand
Thibault Seret (McAfee) & Jeffrey Sman (McAfee)
On Demand
Sorin Mustaca (Endpoint Cybersecurity)
On Demand
Fumio Ozawa (NTT Security), Shogo Hayashi (NTT Security) & Rintaro Koike (NTT Security)
On Demand
Costin Ionescu (Broadcom)
On Demand
Alexander Adamov (NioGuard Security Lab)
On Demand
Minhee Lee (Financial Security Institute) & Daegyu Kang (Financial Security Institute)
On Demand
Nelson William Gamazo Sanchez (Trend Micro), Lilang Wu (Trend Micro), Elliot Cao (Trend Micro) & Ecular Xu (Trend Micro)
On Demand
Gabriela Nicolao (Deloitte)
On Demand
Abhijit Kulkarni (Incrux Technologies) & Prakash Jagdale (Incrux Technologies)
On Demand
Shai Alfasi (Reason Security) & Dana Yosifovich (Reason Security)
On Demand
Hiroshi Takeuchi (Macnica Networks)
On Demand
Hajime Takai (NTT Security), Shogo Hayashi (NTT Security) & Rintaro Koike (NTT Security)
TIPS
Kathi Whitbey (Palo Alto Networks), Jeannette Jarvis (CTA) & Selena Larson (Dragos)
TIPS
Abdelkader Cornelius (Recorded Future)
TIPS
Kathi Whitbey (Palo Alto Networks), Derek Manky (Fortinet), Righard Zwienenberg (ESET) & Noortje Henrichs (NCSC)
TIPS
Fernando Cajeme Acosta Zertuche (TELMEX Scitum) & Imelda Flores (TELMEX Scitum)