About me
I’m a senior researcher and project leader at the Stratosphere Research Laboratory in the Czech Technical University in Prague, with more than 10 years of experience in cybersecurity. My research strongly focuses on helping people. Currently specializing in threat intelligence, malware traffic analysis, and data analysis. I have made my career in both industry and academia.
In my current position as a project leader, I help drive forward research and development projects, improve processes, and drive the community engagement of the groups I work with. As a senior researcher, I’m responsible for the research, development, and customer support at the Civilsphere project, dedicated to protecting civil society organizations and individuals at risk from targeted digital threats.
I have presented my research at international conferences such as Black Hat, EkoParty, Botconf, Virus Bulletin, Deepsec, and others. I’m the co-founder of the MatesLab hackerspace based in Argentina and co-founder of the Independent Fund for Women in Tech. Additionally, I give specialized hands-on intensive training on network traffic analysis at various conferences around the world, where we have the opportunity to teach students, distilling the knowledge and experience of analyzing more than 18,000 hours of network traffic in the last few years.
Advising
- Master Thesis Co-Supervisor, 2023-2024, Seguridad de un satélite en órbita:
Detección de compromiso mediante técnicas de integridad. Juan Ignacio Bousquet. UBA, Argentina
- Master Thesis Supervisor Specialist, 2022-2023, A Network Dataset of Normal, Malware, Attack and Background Traffic on a Real Network. Štěpán Bendl. FEE, CTU in Prague, Czech Republic
- Master Thesis Supervisor Specialist, 2019-2020, The first comprehensive report on the state of the security of mobile phones of civil society. Jakub Čech. FEE, CTU in Prague, Czech Republic
Teaching
- Fall 2023, Teaching Assistant, Introduction to Computer Security (in English), Open Informatics Master Program, CTU in Prague
- Fall 2022, Teaching Assistant, Introduction to Computer Security (in English), Open Informatics Master Program, CTU in Prague
- Fall 2021, Teaching Assistant, Introduction to Computer Security (in English), Open Informatics Master Program, CTU in Prague
- Fall 2020, Teaching Assistant, Introduction to Computer Security (in English), Open Informatics Master Program, CTU in Prague
Trainings
- 2023 BlackHat USA, trainer, Advanced Malware Traffic Analysis - Defence in Depth 2023 Edition
- 2023 BlackHat Asia, trainer, Advanced Malware Traffic Analysis: Own Your Protection. 2023 Edition
- 2022 BlackHat Europe, trainer, Advanced Malware Traffic Analysis: Smarter Protection - 2022 Edition
- 2022 BlackHat USA, trainer, Advanced Malware Traffic Analysis: Smarter Protection - 2022 Edition
- 2021 BlackHat Europe, trainer, Advanced Malware Traffic Analysis: Smarter Protection - 2021 Edition
- 2021 BlackHat USA, trainer, Advanced Malware Traffic Analysis: Smarter Protection - 2021 Edition
- 2021 NorthSec, trainer, Getting Your Hands Dirty: Understanding & Hunting Down Malware Attacks in Your Network
- 2020 BlackHat Europe, trainer, Advanced Malware Traffic Analysis - Adversarial Thinking - 2020 Edition
- 2020 BlackHat USA, trainer, Advanced Malware Traffic Analysis - Adversarial Thinking - 2020 Edition
- 2020 BlackHat Asia, trainer, Advanced Malware Traffic Analysis - Adversarial Thinking - 2020 Edition
- 2019 Ekoparty, trainer, Getting Your Hands Dirty: Understanding & Hunting Down Malware Attacks in Your Network
- 2019 BlackHat USA, trainer, Advanced Malware Traffic Analysis - Adversarial Thinking
- 2019 OWASP Czech Republic, trainer, Getting Your Hands Dirty: IoT Botnet Analysis
- 2019 Internet Freedom Festival, trainer, Emergency VPN: Analyzing mobile network traffic to detect digital threats
- 2019 BlackHat Asia, trainer, Advanced Malware Traffic Analysis - Adversarial Thinking
- 2019 Troopers, trainer, Machine Learning for Network Security and Malware Detection
- 2018 BlackHat Europe, trainer, Advanced Malware Traffic Analysis - Adversarial Thinking
- 2018 HackLu, trainer, Getting Your Hands Dirty: How to Analyze the Behavior of Malware Traffic and Web Connections
- 2018 Ekoparty, trainer, Advanced Malware Attacks In Your Network
- 2016 Botconf, trainer, Getting your hands dirty: How to Analyze the Behavior of Malware Traffic and Web Connections
Contributions
- Civilsphere AI VPN, Core researcher and developer, 2021-2023, AIC, FEL, CTU in Prague, Czech Republic
Initiatives
- Co-founder of the Independent Fund for Women in Tech, a global initiative to foster the participation of women in cybersecurity conferences, in 2018.
- Co-founder of the MatesLab hackerspace in Mar del Plata, Argentina, in 2009.
Review Boards
- BlackHat Trainings Review Board, 2022-Ongoing
- BlackHat Briefings EU Review Board, 2018
- Ekoparty Security Conference Review Board, 2018-Ongoing
Publications
Peer-reviewed Conferences and Journals
- Hornet 40: network dataset of geographically placed honeypots. Data in Brief, 107795. Valeros, V., & Garcia, S. (2022).
- Growth and commoditization of remote access trojans. In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (pp. 454-462). IEEE. Valeros, V., & Garcia, S. (2020, September).
- Machete: Dissecting the Operations of a Cyber Espionage Group in Latin America. In 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (pp. 464-473). IEEE. Valeros, V., Rigaki, M., & Garcia, S. (2019, June).
- An overview of the WCMS brute-forcing malware landscape. The Journal on Cybercrime & Digital Investigations, 3(1), 20-29. Shirokova, A., & Valeros, V. (2017).
- Make it count: an analysis of a brute-forcing botnet. The Journal on Cybercrime & Digital Investigations, 1(1). Valeros, V. (2016).
- Educarse y divertirse, la Universidad y el Hackspace. V Congreso de Tecnología en Educación y Educación en Tecnología. V. Valeros, S. Garcia (2010).
- De la universidad al hacklab, respetar y divertirse en la educación. World Engineering Congress. V. Valeros, S. Garcia (2010).
Reports
Conferences
- AI VPN: A Free-Software AI-Powered Network Forensics Tool, BlackHat Europe Arsenal (UK), 2023
- Four Key Problems in OSINT for Cyber Threat Intelligence, ENISA CTI (Greece), 2023
- AI VPN: A Free-Software AI-Powered Network Forensics Tool, DIMVA Arsenal (Germany), 2023
- Un análisis global de la privacidad en tráfico celular y cómo estás en riesgo de vigilancia, Ekoparty (Argentina), 2022
- Spy vs. Spy: A Modern Study Of Microphone Bugs Operation And Detection, BSides BUD (Hungary), 2018
- Spy vs. Spy: A Modern Study Of Microphone Bugs Operation And Detection, 34C3 (Germany), 2017
- Knock Knock… Who’s there? admin admin, Get In! An Overview of the CMS Brute-Forcing Malware Landscape, Botconf (France), 2017
- América Latina, blanco de un grupo avanzado de cyber espionaje, TandilSec (Argentina), 2017
- Panel: Mujeres en Tecnología y Ciencia, UNICEN (Argentina), 2017
- Five days in the life of a CMS brute forcing malware, BSides Vienna (Austria), 2017
- An overview of the CMS brute-forcing malware landscape, BruCON (Belgium), 2017
- A new twist on the APT targeting Latin America, GoSec (Canada), 2017
- Spy vs. Spy: A modern study of microphone bugs operation and detection, Hack in the Box (Singapore), 2017
- Are You The Lucky One? Sometimes Luck Can Bring You Malware, Cisco Blogs, 2017
- The Future of Cybersecurity Needs You: Here is Why, PyData Berlin (Germany), 2017
- Threat Hunting En Masse: The 9 Circles of Evil, Copenhagen CyberCrime Conference (Denmark), 2017
- Hunting Them All, Troopers (Germany), 2017
- Closing One Learning Loop: Using Decision Forests to Detect Advanced Threats, Cisco Blogs, 2017
- In plain sight: Credential and data stealing adware, Cisco Blogs, 2016
- Getting your hands dirty: How to Analyze the Behavior of Malware Traffic and Web Connections, Botconf (France), 2016
- 50 Thousand Needles in 5 Million Haystacks: Understanding Old Malware Tricks to Find New Malware Families, BlackHat EU (UK), 2016
- DNS Changer Lighting-talk, Secure PL (Poland), 2016
- Trickeries of a giant: a long term study on malicious adware networks, Secure PL (Poland), 2016
- Network Analysis for Threat Intelligence Workshop, Czech Technical University (Czech Republic), 2016
- Piecing Together Malicious Behavior in Encrypted Traffic, Cisco Blogs, 2016
- Cognitive Threat Analytics: Turn Your Proxy Into Security Device, Cisco Blogs, 2016
- Threat Hunting En Masse: Challenges And Discoveries, Security Automation World (France), 2016
- Adware landscape: what you didn’t want to hear, University of Luxembourg (Luxembourg), 2016
- The Dark Side of Adware: Malware and Data Exfiltration, BSides Tel Aviv (Israel), 2016
- Adware’s new upsell: malware, BSides Calgary (Canada), 2016
- DNSChanger Outbreak Linked to Adware Install Base, Cisco Blogs, 2016
- Insights of a brute-forcing botnet, Security Session (Czech Republic) , 2015
- Make It Count: an Analysis of a Brute-forcing Botnet, Botconf (France), 2015
- Angler for Beginners in 34 Seconds, Cisco Blogs, 2015
- Bad Browser Plug-ins Gone Wild: Malvertising, Data Exfiltration, and Malware, Oh my!, Cisco Blogs, 2015
- How bluetooth may jeopardize your privacy. An analysis of people behavioral patterns in the street, DeepSec (Austria), 2014
- Uncovering your trails Privacy issues of bluetooth devices, Ekoparty (Argentina), 2013
- Análisis de anomalías en protocolos web para la detección de ataques, FASTA University, 2012