[ mainpage :: register :: conference :: training :: the venue ]
[ capture the flag (CTF) :: zone-h/hitb hacking challenge :: bzflag ]
[ call for papers (CFP) :: conference agenda :: sponsors :: press/media :: forum ]
[ conference kit (PDF) :: past conferences :: contact us ]

Keynote Videos Now Available for Download

Day 1 Keynote: Bruce Schneier - Schneier on Security
Day 2 Keynote: Jeremiah Grossman - Hacks Happen

Michael Thumann (Chief Security Officer, ERNW GmbH)

Filed under: Main Page — Administrator @ 2:56 pm

Presentation Title: Hacking ‘Second Life’
Presentation Details:

Beyond being an online game SecondLife is a growing marketplace for big companies where lot of money is made. And living and acting in a virtual world gives the people the opportunity to do things they would never do in real life. Therefore, it is not surprising that SecondLife has increasingly attracted real world hackers.

The talk will cover the basic architecture of SecondLife and point out the possible attack vectors against SecondLife itself, but will also demonstrate hacks from the inside of SecondLife against real-life systems in the internet. So watch out what virtualization can do for the “Bad Guys”.

About Michael

Michael Thumann is Chief Security Officer and head of the ERNW “Research” and “Pen-Test” teams. He has published security advisories regarding topics like ‘Cracking IKE Prshared Keys’ and Buffer Overflows in Web Servers/VPN Software/VoIP Software. Michael enjoys sharing his self-written security tools (e.g. ‘tomas?a Cisco Password Cracker’, ‘ikeprobe - IKE PSK Vulnerability Scanner’ or ‘dnsdigger - a DNS information gathering tool’) and his experience with the community.
Besides numerous articles and papers he wrote the first (and only) German Pen-Test Book that has become a recommended reading at German universities.

In addition to his daily pentesting tasks he is a regular conference-speaker and has also contributed exploit code to the Metasploit Framework. In 2007 Michael published the first Proof of Concept tool to access Cisco NAC protected networks. With more than 10 years of experience in computer security Michaels’ main interest is to uncover vulnerabilities and security design flaws from the network to the application level.

Past Conferences as speaker:

Blackhat 2007 Amsterdam
Blackhat 2007 Las Vegas
HITB 2007 Kuala Lumpur
Daycon 2007 Dayton (Ohio)
SecTor 2007 Toronto

Please have a look at our web site for list of papers and publications (www.ernw.de)

Event Organizer

Hack In The Box (M) Sdn. Bhd.

Event Partner



Supported & Endorsed By

UAE Telecommunications Regulatory Authority (TRA)

Malaysian Communications and Multimedia Commission (MCMC)

Malaysian Administrative Modernisation & Management Planning Unit

Platinum Sponsors

Titanium Sponsor (Post Conference Reception)


Gold Sponsors


Microsoft Corporation

Official Media Partner (Magazine)

Network Middle East

Arabian Computer News

ITP Business

Official Airline Partner

Emirates Airlines

Our Speakers are Supported By

Bellua Asia Pacific

Supporting Media:

Virus Bulletin

Virus Bulletin (VB)

InfoSec News

(ISN) InfoSec News

InfoSec News

XAKEP (Russia)

Insecure Magazine

PHRACK Magazine

Hakin9 Magazine

Supporting Organizations


ISECOM - Insititue for Security and Open Methodologies

ISACA Malaysia

IT Underground

X-Focus China

Zone-H Defacement Mirror

Xatrix Security

Special Interest Group in Security & Information InteGrity Singapore