The conference agenda and speaker line up for HITBSecConf2007 - Malaysia has been finalized. Below are the list of confirmed presentations:

Day 1 Keynote - 5th September 2007

Honeynet Project: Latest Research - Lance Spitzner (Founder, Honeynet Project)

Online Crime and Crime Online - Mikko Hypponen (Chief Research Officer, F-Secure Corp)

Day 2 Keynote - 6th September 2007

The Rise and Fall of Information Security in the Western World - Mark ‘Phiber Optik’ Abene (Former Member of LOD / MOD)

The Evolution of Hacking - Emmanuel Goldstein (Founder, 2600)

Conference Day 1 - 5th September 2007

Injecting RDS-TMC Traffic Information Signals - How to Freak Out Your Sat Nav System - Andrea Barisani (Chief Security Engineer, Inverse Path Ltd) and Daniele Bianco (Hardware Hacker, Inverse Path Ltd)

State of Security - Andrew Cushman (Senior Director, Microsoft Security Response and Community, Microsoft Corp)

Attacking Cisco Network Admission Control – NAC@ACK - Michael Thumann (Chief Security Officer, ERNW GmbH) and Dror-John Roecher (Senior Security Consultant, ERNW GmbH)

Hacking SCADA – How to 0wn Critical National Infrastructure - Raoul Chiesa (Board of Directors member @Mediaservice.net, ISECOM Group and TSTF) and Alessio L.R. Pennasilico aka Mayhem (Security Evangelist, Alba S.T. s.r.l.)

Exploiting the Intranet With a Webpage - Is JavaScript the New Shellcode? - Martin Johns (University of Hamburg, Faculty of Informatics)

WabiSabiLabi - The Exploit Marketplace - Roberto Preatoni (Director of Strategy, WabiSabiLabi & Founder, Zone-H Defacement Mirror)

Meta Anti Forensics: The HASH Hacking Harness - The Grugq (Independent Network Security Specialist)

Advanced Web Application and Database Threat Analysis with MatriXay - Frank Yuan Fan (Founder and Chief Technology Officer, DBAPPSecurity)

Physical Security: Past, Present and Future - Deviant Olam, Eric Michaud & Q (Members of TOOL USA)

360° Anomaly Based Intrusion Detection - Dr. Stefano Zanero (Politecnico di Milano T.U.

High Security Locks - Illusion or Reality? - Marc Weber Tobias (Investigative Attorney and Security Specialist)

Insider Threat Visualization - Raffael Marty (Manager, Strategic Application Solutions @ ArcSight Inc.)

Conference Day 2 - 6th September 2007

Hacking the Bluetooth Stack for Fun, Fame and Profit - Dino Covotsos (Managing Director, Telespace Systems)

Tools and Strategies for Securing a Large Development Project - Window Snyder (Chief Security Something or Other, Mozilla Corporation)

Hacking Biometric Systems - Starbug (Independent Security Researcher)

Protocol Fuzzing - Luiz Eduardo (Senior Systems & Security Engineer, Mu Security)

Hacking Hardened and Secured Oracle Servers - Alexander Kornbrust (Founder, Red Database Security GmbH)

Enterprise Hacking: Who Needs Exploit Codes? - Fetri Miftach (Principal Consultant, PT Bellua Asia Pacific) and Jim Geovedi (Security Consultant, PT Bellua Asia Pacific)

Slipping Past The Firewall - Billy K. Rios (Senior Researcher, VeriSign) and Nathan McFeters (Senior Security Advisor, Ernst & Young Advanced Security Center)

An End-to-End Analysis of Securing Networked CCTV Systems - Sarb Sembhi (Chief Technology Officer, Securityw0rk5)

Attack Surface of Modern Applications - Felix ‘fx’ Lindner (Founder, Recurity Labs GmbH)

Googling for Malware and Bugs - Dr. Jose Nazario (Senior Security Engineer, Arbor Networks)

The Computer Forensics Challenge and Anti-Forensics Techniques - Domingo Montanaro (Information Security Specialist and Computer Forensics Expert) and Rodrigo Rubira Branco (IBM, Brazil)

Hacking Ajax and Web Services – Next Generation Web Attacks on the Rise - Shreeraj Shah (Director, BlueInfy)

---

Mark ‘Phiber Optik’ Abene has announced the details for his keynote, “The Rise and Fall of Information Security in the Western World” on Day 2. In addition, the Conference Agenda has been updated and the following speakers have been added to our line up:

Nathan McFeters (Senior Security Advisor, Ernst & Young Advanced Security Center) will be presenting with Billy K. Rios (Senior Researcher, Verisign) on Slipping Past the Firewall in which Billy and Nathan will demonstrate some new techniques used by attackers to establish a “staging point” on your internal network to conduct NON-HTTP based client side attacks.

Alessio L.R. Pennasilico aka Mayhem (Security Evangelist, Alba S.T. s.r.l.) has spent the last couple of months working with Raoul Chiesa (Board of Directors Member @Mediaservice.net, ISECOM Group & TSTF) on pen testing various SCADA implementations. In their presentation Hacking SCADA and how to 0wn critical national infrastructure, Raoul and Mayhem have promised to share some insightful demos

The final round of updates and announcements is scheduled for next week. If you have not registered for your seat yet, there are still a couple of days to do so or you could also register on-site however, rates increase after 31st August.

We are excited to announce an exclusive talk on the new exploit marketplace project, WabiSabiLabi. Presented by their Strategic Director, Mr Roberto Preatoni, attendees will be the first in Asia to hear directly from the guys behind the project on the purpose of it’s set up, the project’s direction and to address the controversies surrounding it.

Presentation Title: WABISABILABI: The Exploit Marketplace Project
Presentation Details:

Three days after its launch, the Wabisabilabi project attracted the world’s attention. For the good and for the bad, the press covered the project in all its aspects, generating and endless round of comment threads on specialized forums. The project got the attention of the financial press, hitting the Economist and Forbes. The speech will let you hear directly from WABISABILABI’s Strategy Director the project philosophy, business model and milestones as well as the challenges the project has to overcome in the future.

- history of the research in the security field
- WABISABILABI: a name, a philosophy
- current status of the security market: exploiting the security researcher’s work for free
- the black security market: a myth? A reality?
- the traditional security vendor business model VS Wabisabilabi’s one
- is it ethical? Major criticisms do have ground?
- legal aspects of a security marketplace: the results of one year of legal investigations
- the economical models: auction, dutch auction, exclusive sale
- the big dilemma: to disclose or not to disclose?

For further details please click here. Do note that prices for the dual track conference increases after 31st August…