The presentation slides, demos, exploits, code, tools and other bits have been released for download. Do note that the exploit code for Cesar Cerrudo’s presentation (MS advisory 951306) will not be released till the patch has been issued (hopefully soon).
Below are some of the post conference media coverage and blog postings from around the Net. If you attended HITBSecConf2008 - Dubai and have made a posting about your trip to the conference, please let us know and we’ll link the posting here.
Dubai, la nuova Mecca dell’ICT - La Stampa (Italy)
Nuove città e distretti ICT: Dubai Internet City compete con la Silicon Valley. L’Italia al palo. - Webmaster Point
Microsoft (Belatedly) Admits to Windows Server 2008 Token Kidnapping - Security Watch, eWeek
Zero-day bug puts web hosters at risk - Tech World
Last month’s ‘design flaw’ is this month’s security vulnerability - Computer World
Details of privilege escalation hole in Windows - Heise Online
Web-Hosting Providers – Beware! - McAfee AVERT Labs
Wireless hacking course takes off - ITWeb
GSM Security Researcher Targeted in Airport Shakedown - WIRED
Microsoft warns of web server flaw - IT News Australia
Jaringan GSM DUbai Jebol oleh HAcker - Jim Geovedi, DetikNet
Laporan dari Dubai: Ilusi Keamanan Lewat ‘Security Theater’ - Jim Geovedi, DetikNet
Hack In The Box Dubai 2008 - Jeremiah Grossman
GSM Researcher Stopped at Heathrow Airport by UK Government Officials - THC
From the Desert Oasis - SSLGuru (Jeremiah Grossman)
HITBSecConf2008 - Dubai - F-Secure Weblog
Hack In The Box Dubai - Robert E. Lee
HITBSecConf2008 - Dubai Trip Report - spoonfork
HITB Dubai 2008 Wrap Up- geek00l
HITBSecConf 2008 Dubai Write Up - Rufi0 (CTF Overlord 2.0)
HITBSecConf2008 - Dubai - aphesz
]]>1.) Bruce Schneier (Founder & Chief Technology Officer, BT Counterpane Inc.)
2.) Jeremiah Grossman (Founder & Chief Technology Officer, White Hat Security.)
1. Adrian ‘pagvac’ Pastor (ProCheckUp Ltd. / GNUCITIZEN)
2. Alessio ‘mayhem’ Pennasillico (Security Evangelist, Alba S.T. s.r.l.)
3. Alexander Kornbrust (Founder, Red Database Security GmbH)
4. Benjamin Hagen (Security Engineer, Motorola Security Services)
5. Cesar Cerrudo (Founder, ArgenISS)
6. Christopher J. Rouland (Chief Technology Officer, IBM ISS)
7. Daniel S. Ingevaldson (Manager, Technology Strategy, IBM ISS)
8. Dino Covotsos (Managing Director, Telspace Systems)
9. Domingo Montanaro (Manager of Research & Development, Scanit Middle East)
10. Ero Carrera (Reverse Engineering Automation Researcher, zynamics GmbH)
11. Jamie Butler (Coauthor of Rootkits: Subverting the Windows Kernel)
12. Jim Geovedi (Member of HERT & Security Consultant, PT. Bellua Asia Pacific)
13. Lee Chin Sheng [geek00l] (Independent Network Security Researcher)
14. Meling Mudin [spoonfork] (Independent Network Security Researcher)
15. Marc Weber Tobias (Investigative Attorney and Security Specialist)
16. Michael Thumann (Chief Security Officer, ERNW GmbH)
17. Petko D. Petkov [pdp] (GNUCITIZEN)
18. Raoul Chiesa (Board of Directors Member @Mediaservice.net, ISECOM Group & TSTF)
19. Rodrigo Rubira Branco (Lead Security Researcher, Scanit Middle East)
20. Shreeraj Shah (Director, BlueInfy)
21. Skyper (ex-Phrack Magazine Editor in Chief / Member, THC)
22. Viviana Basso (Motorola Security Services)
23. Walter Goulet (Network Security Architect, Motorola Security Services)
1st Place
1 x VIP Pass to HITBSecConf2008 - Malaysia (Training + Conference)
1 x VIP Pass to HITBSecConf2009 - Dubai (Training Only)
2nd Place
1 x VIP Pass to HITBSecConf2008 - Malaysia (Training + Conference)
1 x VIP Pass to HITBSecConf2009 - Dubai (Conference Only)
3rd Place
1 x VIP Pass to HITBSecConf2008 - Malaysia (Conference Only)
1 x VIP Pass to HITBSecCon2009 - Dubai (Conference Only)
Hijacking VSAT Connections - Jim Geovedi (Member of HERT & Security Consultant, PT Bellua Asia Pacific)
Defensive Network Security - Practical Methodologies Meling Mudin [spoonfork] and Lee Chin Sheng [geek00l] (Independent Network Security Researchers)
Advances in Intrusion Detection and Prevention - Christopher J. Rouland (IBM)
Virtualization != Security - Daniel S. Ingevaldson (IBM)
In-depth Anti-Forensics - Challenges of Steganography & Discovering Hidden Data - Domingo Montanaro
Cracking The GSM A5/1 Encryption in Seconds - Skyper & David Houlton
Hacking ‘Second Life’ - Michael Thumann
VoIP (in)Security - Italians Do It Better - Alessio ‘mayhem’ Pennasilico
How We Cracked Their Codes: A Case Study in Compromising the Most Popular High Security Lock in America - Medeco m3 and Biaxial - Marc Weber Tobias
For My Next Trick… Client-Side Hacking - Petko D. Petkov
Token Kidnapping - Cesar Ceurrudo
Penetration Testing SCADA and National Critical Infrastructure: Real-Life Experiences and Case Studies - Raoul Chiesa & Alessio ‘mayhem’ Pennasilico
Real World Attacks Against 3G Networks Using Subscriber Devices - Walter Goulet, Viviana Basso and Benjamin Hagen (Motorola Security Services)
Malware: Behavior, Tools, Scripting and Advanced Analysis - Ero Carrera
Securing Next Generation Applications – Scan, Detect and Mitigate - Shreeraj Shah
Hacking the Bluetooth Stack for Fun, Fame and Mayhem - Dino Covotsos
Cracking into Embedded Devices and Beyond! - Adrian ‘pagvac’ Pastor
Practical Oracle Forensics - Alexander Kornbrust
Hacking The Cell Architecture - Rodrigo Rubira Branco
Computer Forensics and Incident Response: Bringing Sexy Back - Jamie Butler
Do note that there are only a couple of more days before the early bird registration closes on the 1st of February 2008 so if you haven’t booked your seats, DO SO NOW as prices increase after the 1st… Additional updates to the agenda and conference speaker list will be made towards the end of February.
]]>
Welcome to the official homepage of HITBSecConf2008 - Dubai. The main aim of the HITBSecConf conference series is to enable the dissemination, discussion and sharing of deep knowledge network security information. Featuring presentations by respected members of both the mainstream network security arena as well as the underground or black hat community, HITBSecConf2008 - Dubai will see over 20 of the world’s leading network security specialists talk about their latest tools and research.
Venue: Sheraton Dubai Creek
Date: 14th April
Time: 0900 - 1700
Item: 5-tracks Hands-On Technical Training (Day 1)
Date: 15th April
Time: 0900 - 1700
Item: 5-tracks Hands-On Technical Training (Day 2)
Date: 16th April
Time: 0800 - 1700
Item:
Dual Track Security Conference
Capture The Flag (CTF)
Zone-H/HITB Hacking Challenge
BZFlag Competition
Date: 17th April
Time: 0800 - 1700
Item:
Dual Track Security Conference
Capture The Flag (CTF)
Zone-H/HITB Hacking Challenge
BZFlag Competition
TECH TRAINING 1 - Web Application Security – Advanced Attacks and Defense
Trainer: Shreeraj Shah (Director, BlueInfy)
TECH TRAINING 2 - Bluetooth & Wireless Hacking
Trainer: Dino Covotsos (Managing Director, Telspace)
TECH TRAINING 3 - Structured Network Threat Analysis and Forensics
Trainers: Meling Mudin (spoonfork) and Lee Chin Sheng (geek00l)
TECH TRAINING 4 - Telecommunication Fraud
Trainer: Carlos Lowie (Unit Manager, Investigations, Belgacom)
TECH TRAINING 5 - Hacking and Hardening Oracle
Trainer: Alexander Kornbrust (Founder, Red Database Security GmbH)
H.E. Mohammed Nasser Al-Ghanim (Director General, UAE Telecommunications Regulatory Authority)
1.) Bruce Schneier (Founder & Chief Technology Officer, BT Counterpane Inc.)
2.) Jeremiah Grossman (Founder & Chief Technology Officer, White Hat Security.)
1. Adrian ‘pagvac’ Pastor (ProCheckUp Ltd. / GNUCITIZEN)
2. Alessio ‘mayhem’ Pennasillico (Security Evangelist, Alba S.T. s.r.l.)
3. Alexander Kornbrust (Founder, Red Database Security GmbH)
4. Benjamin Hagen (Security Engineer, Motorola Security Services)
5. Cesar Cerrudo (Founder, ArgenISS)
6. Christopher J. Rouland (Chief Technology Officer, IBM ISS)
7. Daniel S. Ingevaldson (Manager, Technology Strategy, IBM ISS)
8. Dino Covotsos (Managing Director, Telspace Systems)
9. Domingo Montanaro (Manager of Research & Development, Scanit Middle East)
10. Ero Carrera (Reverse Engineering Automation Researcher, zynamics GmbH)
11. Jamie Butler (Coauthor of Rootkits: Subverting the Windows Kernel)
12. Jim Geovedi (Member of HERT & Security Consultant, PT. Bellua Asia Pacific)
13. Lee Chin Sheng [geek00l] (Independent Network Security Researcher)
14. Meling Mudin [spoonfork] (Independent Network Security Researcher)
15. Marc Weber Tobias (Investigative Attorney and Security Specialist)
16. Michael Thumann (Chief Security Officer, ERNW GmbH)
17. Petko D. Petkov [pdp] (GNUCITIZEN)
18. Raoul Chiesa (Board of Directors Member @Mediaservice.net, ISECOM Group & TSTF)
19. Rodrigo Rubira Branco (Lead Security Researcher, Scanit Middle East)
20. Shreeraj Shah (Director, BlueInfy)
21. Skyper (ex-Phrack Magazine Editor in Chief / Member, THC)
22. Viviana Basso (Motorola Security Services)
23. Walter Goulet (Network Security Architect, Motorola Security Services)