Here’s what’s in each package.

HITBSecConf2006 - Malaysia - PACK 1

KEYNOTE 1 - Schneier on Security - Bruce Schneier

Security Engineering in Windows Vista - Ian Hellen and Vishal Kumar
Playing with Botnets for Fun and Profit - Thorsten Holz
Taming Bugs - The Art of Writing Secure Code - Paul Boehm
Application Intrusion Prevention Systems - Fabrice Marie
Attacking the IPV6 Protocol Suite - Van Hauser
Writing Metasploit Plugins - From Vulnerability to Exploit - Saumil Shah
x.805 Standard - Ching Tim Meng
The World Through the Eyes of a Signature Developer - Jonathan Limbo
Client Honeypots - It’s Not Only the Network - Michael Davis
Triple Play; Triple Threats? IPTV Security - Yen-Ming Chen
Firefox Security - Window Snyder
Pentesting Java/J2EE - Discovering Remote Holes - Marc Schoenefeld
Visualizing Source Code for Auditing - Lisa Thalheim

HITBSecConf2006 - Malaysia - PACK 2

KEYNOTE 2: What application security tools vendors don’t want you to know and the holes they will never find - Mark Curphey and John Viega

Scapy and IPV6 Networking - Phil Biondi and Arnaud Ebalard
Finding Secrets in ISAPI - Nish Bhalla
Pentesting Windows Vista BitLocker Drive Encryption from the Inside - Douglas MacIver
HPP - A New Approach to Cybercrime - Raoul Chiesa
The Biggest Brother - Roberto Preatoni and Fabio Ghioni
Towards an Invisible Honeypot Monitoring System - Nguyen Anh Quynh
Hacking a Bird in the Sky - Hijacking VSAT Connections - Jim Geovedi and Raditya Iryandi
Smasing the stack for Profit; period - Rohyt Belani
Using Neural Networks and Statistical Machinery to Improve Remote OS Detection - Javier Burroni and Carlos Sarraute
MOSREF - Using Cryptography and Injectable Virtual Machines in Security - Wes Brown
Hacking Trust - Anthony Zboralski and Dave McKay
Yet Another Web Application Testing Toolkit - Fyodor Yarochkin and Meder Kydyraliev
VoIP Phreaking - SIPhallis Unveiled - The Grugq
Subverting Vista Kernel for Fun and Profit - Joanna Rutkowska

A bonus video of the charity auction is also included on the Day 2 pack! On a related note, the Call for Papers for HITBSecConf2007 - Dubai is now open! See you guys next year!

Presentation Materials:

http://conference.hitb.org/hitbsecconf2006kl/materials/ or http://conference.hackinthebox.org/hitbsecconf2006kl/materials/

Official Photos:

HITBSecConf2006 - Setup and Misc
HITBSecConf2006 - Training Day 1 and Day 2
HITBSecConf2006 - Conference Day 1 and Day 2
HITBSecConf2006 - Post Conference Party

Post Conference Press Coverage:

Computer World: Post-Sept. 11 security measures seen doing more harm than good
Computer World: At hacker conference, Microsoft gets credit for effort
CSO Online: HITB: Technology Outpacing Security Advances
Computer World: HITB - VOIP presents major security risk, expert warns
ARNnet: HITB - Researcher to make Blue Pill even harder to detect
Linux World: HITB - Be prepared, IPv6 is coming sooner than you think
CSO Online: Bruce Schneier: We Are Losing IT Security War
Computer World: Control Charlie
Zone-H: HITB Day 1 - Schneier on Security: 10 Trends
Zone-H: HITB Day 2 - Hackers Ain’t Bad
VoIP Lowdown: VoIP a Hackers Dream
BBC - Security Fears Raised at Conference
BBC (Radio) - Digital Planet
The Star - Delving deep into the hacker culture
BBC - Microsoft engaging with hackers
The Star - Hacking out of the box
BBC Television (Oct 7th) - Click - Microsoft engaging with hackers

Foreign Language

LOO3.com
CSO Online (China)
Microsoft recurre a los piratas
Microsoft se reune con hackers
Detalles del post: Microsoft lanza una nueva versión de Windows
Microsoft busca “hackers” para mejorar su sistema
“Hack in the Box” (Russian)

Blog Posts

Paul Ooi

HITB CTF Team @ Work
HITBSecConf Reports on Nanyang
HITBSecConf2006 - Training
HITBSecConf2006 - Conference Day
Sheep in the Box Source Code Released
HITBSecConf2006 - Finished

Meling Mudin

I pay to be called the boss
HITBSecConf2006 - CTF Summary
HITBSecConf2006 - CTF Winner
Sheep in the Box
Nanyang Article on CTF

Xwings

HITB Day 1
HITB Day 2

Red Dragon - CTF Summary
Prabu -HITBSecConf2006 - 9 Days Away
Geek00l - HITB Conference 2006
Christian Seifert - Client Honeypot presentation at the Hack In The Box Conference
nemesisv - Back from HITB 2006
Fyodor Yarochkin - Another Con
Meder Kydyraliev - HackInTheBox
Nitesh Dhanjani - Hack In The Box 2006
Thorsten Holz - Hack In The Box 2006 Honeypot Summary
F-Secure Weblog - HITB2006
Akram - Enough Said

Day 1

1.) Welcome Address by MCMC
2.) Bruce Schneier - Schneier on Security (WEBCAST SESSION)
3.) Ian Hellen and Vishal Kumar - Security Engineering in Windows Vista

Day 2

1.) Mark Curphey and John Viega - What application security tools vendors don’t want you to know and holes they will never find!

We will also provide LIVE audio streams of the entire conference throughout both days as well. Please click here for the conference agenda.

We have space for 10 teams as always and this year’s line up so far includes:

1.) F1r3wAll burn3r5 - SIG^2 SINGAPORE
2.) Team Zone-H - ITALY
3.) Qb1t - SIG^2 SINGAPORE
4.) Project Tango UITM - MALAYSIA
5.) Stealther - MALAYSIA
6.) FullDupl3x - MALAYSIA
7.) Tango Junior UITM - MALAYSIA
8.) Kickers - SINGAPORE
9.) DOKDO-KOR (PADOCON) - KOREA

Team servers will be configured with Ubuntu 6.06 (FreeBSD option is no longer offered)

Hints

UPDATE: On a related note, we have updated the Press/Media page with all the pre-conference coverage that HITBSecConf has received thus far.

Keynotes:

Schneier on Security

What application security tools vendors don’t want you to know and holes they will never find!

Papers & Presentations:

Firefox Security

The world through the eyes of a signature developer

X.805 Standard

Security Engineering in Windows Vista

Pen Testing Windows Vista BitLocker Drive Encryption from the Inside

Triple Play; Triple Threats? IPTV Security

Pentesting Java/J2EE: Discovering Remote Holes

Subverting Vista Kernel for Fun and Profit

VoIPhreaking: SIPhallis Unveiled

Attacking the IPv6 Protocol Suite

A new approach to Cybercrime: The Hackers Profiling Project (HPP)

Playing with Botnets for Fun and Profit

Taming Bugs: The Art and Science of Writing Secure Code

Application Intrusion Prevention Systems: A new approach to protecting your data

Writing Metasploit Plugins - From Vulnerability to Exploit

Client Honeypots - It’s not only the network

Visualization of Source Code for Auditing

Scapy and IPv6 networking

Finding Secrets in ISAPI

The Biggest Brother

Towards an Invisible Honeypot Monitoring Tool

Smashing the stack for profit - period

Hacking a Bird in The Sky: Hijacking VSAT Connections

Using Neural Networks and Statistical Machinery to Improve Remote OS Detection

Yet Another Web Application Testing Toolkit (YAWATT)

MOSREF: Using Cryptography and Injectable Virtual Machines in Security

If you haven’t registered for your seats, you are strongly encouraged to do so early as places are limited and spaces are going fast!

REGISTER NOW

Welcome to the official homepage of HITBSecConf2006- Malaysia. The main aim of the HITBSecConf conference series is to enable the dissemination, discussion and sharing of deep knowledge network security information. Featuring presentations by respected members of both the mainstream network security arena as well as the underground or black hat community, HITBSecConf2006 - Malaysia will see over 30 of the world’s leading network security specialists down to present their research and findings. Set to take place from September 18th - 21st 2006 at The Westin Kuala Lumpur, the event will feature 7 hands-on technical training sessions and 2-days of deep knowledge presentations.

Event Details

Venue: The Westin Kuala Lumpur
199 Jalan Bukit Bintang
55100 Kuala Lumpur

Date: 18th September
Time: 0900 - 1800
Item: 7-tracks Hands-On Technical Training (Day 1)

Date: 19th September
Time: 0900 - 1800
Item: 7-tracks Hands-On Technical Training (Day 2)

Date: 20th September
Time: 0900 - 1800
Item: Dual Track Security Conference & Capture The Flag ‘Live Hacking’ Competition (Day 1)

Date: 21st September
Time: 0900 - 1800
Item: Dual Track Security Conference & Capture The Flag ‘Live Hacking’ Competition (Day 2)

Hands-On Technical Training

TECH TRAINING 1 - Advanced Web Application & Services Hacking
Trainer: Umesh Nagori (Vice President, Net-Square) & Lyra Fernandes (Principal Analyst, Net-Square)

TECH TRAINING 2 - Attacking & Defending Networks (Advanced Linux Edition)
Trainer: Nish Bhalla (VP Consulting Solutions, Security Compass)

TECH TRAINING 3 - The Exploit Laboratory
Trainers: Saumil Shah (Director, Net-Square) & SK Chong (Scan Associates)

TECH TRAINING 4 - Tactical VoIP : Applied VoIPhreaking
Trainer: The Grugq (Independent Network Security Researcher)

TECH TRAINING 5 - War Driving .Gov
Trainers: Anthony Zboralski (Founder HERT & PT Bellua Asia Pacific) with Jim Geovedi (Member HERT & Security Consultant PT Bellua Asia Pacific).

TECH TRAINING 6 - Structured Network Threat Analysis and Forensics
Trainers: Meling Mudin (spoonfork) & Lee Chin Sheng (geek00l)

TECH TRAINING 7 - Yin and Yang of Java Security Programming
Trainer: Marc Schonefeld

HITBSecConf2006 - Keynote Speakers

1.) Bruce Schneier (Chief Technology Officer, Counterpane Internet Security)
2.) Mark Curphey (Vice President, Foundstone Professional Services - A division of McAfee Inc.)
3.) John Viega (Chief Security Architect, McAfee Inc.).

HITBSecConf2006 - Speakers (alphabetical order)

1.) Anthony Zboralski (Founder, HERT & PT. Bellua Asia Pacific)
2.) Arnaud Ebalard (Security Research Engineer, EADS Corporate Research Center)
3.) Carlos Sarraute (Senior Researcher, Core Security Technologies)
4.) Ching Tim Meng (Regional Security Consultant, Lucent Worldwide Services)
5.) Douglas MacIver (Penetration Engineer, Microsoft Penetration Team, Microsoft Corporation)
6.) Fabio Ghioni (Independent Advisor to various MNCs and Government organizations)
7.) Fabrice Marie (Manager, FMA-RMS Singapore/Malaysia)
8.) Fyodor Yarochkin (Co-Author, XProbe)
9.) Ian Hellen (Security Program Manager, Windows Security Engineering Team, Microsoft Corporation)
10.) Javier Burroni (Senior Developer of Core Impact, Core Security Technologies)
11.) Jim Geovedi (Member of HERT & Security Consultant, PT Bellua Asia Pacific)
12.) Joanna Rutkowska (Senior Security Researcher, COSEINC)
13.) Jonathan Limbo (Security Researcher, Cisco Systems)
14.) Lisa Thalheim (Independent Network Security Consultant)
15.) Marc Schonefeld (Independent Network Security Consultant)
16.) Meder Kydyraliev (Co-Author, XProbe)
17.) Michael Davis (Member, The Honeynet Project.)
18.) Nguyen Anh Quynh (PhD student of Keio university, Japan)
19.) Nish Bhalla (VP Consulting Solutions, Security Compass)
20.) Paul Boehm (Founding member of TESO Security, Security Consultant, SEC Consult)
21.) Philippe Biondi (Research Engineer at EADS Corporate Research Center)
22.) Raditya Iryandi (Information Security Consultant, Bellua Asia Pacific)
23.) Raoul Chiesa (Board of Directors Member@ Mediaservice.net ISECOM Group & TSTF)
24.) Roberto Preatoni (Founder, Zone-H Defacement Mirror)
25.) Rohyt Belani (Director, Mandiant)
26.) Saumil Shah (Director, Net-Square)
27.) Thorsten Holz (HoneyNet Project Germany, Independent Network Security Researcher)
28.) The Grugq (Independent Network Security Researcher)
29.) Van Hauser (Founder, THC.org and Security Consultant at n.runs GmbH)
30.) Vishal Kumar (Security Program Manager, Secure Windows Initiative Team, Microsoft Corporation)
31.) Wes Brown (Founder, Ephemeral Security)
32.) Window Snyder (Chief Security Something-or-Other, Mozilla Foundation)
33.) Yen Ming Chen (Senior Managing Consultant, Foundstone - A division of McAfee Inc.)