The presentation slides, demos, exploits, code, tools and other bits have been released for download. Do note that the exploit code for Cesar Cerrudo’s presentation (MS advisory 951306) will not be released till the patch has been issued (hopefully soon).

Below are some of the post conference media coverage and blog postings from around the Net. If you attended HITBSecConf2008 - Dubai and have made a posting about your trip to the conference, please let us know and we’ll link the posting here.

Dubai, la nuova Mecca dell’ICT - La Stampa (Italy)

Nuove città e distretti ICT: Dubai Internet City compete con la Silicon Valley. L’Italia al palo. - Webmaster Point

Microsoft (Belatedly) Admits to Windows Server 2008 Token Kidnapping - Security Watch, eWeek

Zero-day bug puts web hosters at risk - Tech World

Last month’s ‘design flaw’ is this month’s security vulnerability - Computer World

Details of privilege escalation hole in Windows - Heise Online

Web-Hosting Providers – Beware! - McAfee AVERT Labs

Wireless hacking course takes off - ITWeb

GSM Security Researcher Targeted in Airport Shakedown - WIRED

Microsoft warns of web server flaw - IT News Australia

Jaringan GSM DUbai Jebol oleh HAcker - Jim Geovedi, DetikNet

Laporan dari Dubai: Ilusi Keamanan Lewat ‘Security Theater’ - Jim Geovedi, DetikNet

Hack In The Box Dubai 2008 - Jeremiah Grossman

GSM Researcher Stopped at Heathrow Airport by UK Government Officials - THC

From the Desert Oasis - SSLGuru (Jeremiah Grossman)

HITBSecConf2008 - Dubai - F-Secure Weblog

Hack In The Box Dubai - Robert E. Lee

HITBSecConf2008 - Dubai Trip Report - spoonfork

HITB Dubai 2008 Wrap Up- geek00l

HITBSecConf 2008 Dubai Write Up - Rufi0 (CTF Overlord 2.0)

HITBSecConf2008 - Dubai - aphesz

HITBSecConf2008 - Dubai - Keynote Speaker 1

1.) Bruce Schneier (Founder & Chief Technology Officer, BT Counterpane Inc.)

HITBSecConf2008 - Dubai - Keynote Speaker 2

2.) Jeremiah Grossman (Founder & Chief Technology Officer, White Hat Security.)

HITBSecConf2008 - Dubai - Speakers (alphabetical order)

1. Adrian ‘pagvac’ Pastor (ProCheckUp Ltd. / GNUCITIZEN)
2. Alessio ‘mayhem’ Pennasillico (Security Evangelist, Alba S.T. s.r.l.)
3. Alexander Kornbrust (Founder, Red Database Security GmbH)
4. Benjamin Hagen (Security Engineer, Motorola Security Services)
5. Cesar Cerrudo (Founder, ArgenISS)
6. Christopher J. Rouland (Chief Technology Officer, IBM ISS)
7. Daniel S. Ingevaldson (Manager, Technology Strategy, IBM ISS)
8. Dino Covotsos (Managing Director, Telspace Systems)
9. Domingo Montanaro (Manager of Research & Development, Scanit Middle East)
10. Ero Carrera (Reverse Engineering Automation Researcher, zynamics GmbH)
11. Jamie Butler (Coauthor of Rootkits: Subverting the Windows Kernel)
12. Jim Geovedi (Member of HERT & Security Consultant, PT. Bellua Asia Pacific)
13. Lee Chin Sheng [geek00l] (Independent Network Security Researcher)
14. Meling Mudin [spoonfork] (Independent Network Security Researcher)
15. Marc Weber Tobias (Investigative Attorney and Security Specialist)
16. Michael Thumann (Chief Security Officer, ERNW GmbH)
17. Petko D. Petkov [pdp] (GNUCITIZEN)
18. Raoul Chiesa (Board of Directors Member @Mediaservice.net, ISECOM Group & TSTF)
19. Rodrigo Rubira Branco (Lead Security Researcher, Scanit Middle East)
20. Shreeraj Shah (Director, BlueInfy)
21. Skyper (ex-Phrack Magazine Editor in Chief / Member, THC)
22. Viviana Basso (Motorola Security Services)
23. Walter Goulet (Network Security Architect, Motorola Security Services)

1st Place

1 x VIP Pass to HITBSecConf2008 - Malaysia (Training + Conference)
1 x VIP Pass to HITBSecConf2009 - Dubai (Training Only)

2nd Place

1 x VIP Pass to HITBSecConf2008 - Malaysia (Training + Conference)
1 x VIP Pass to HITBSecConf2009 - Dubai (Conference Only)

3rd Place

1 x VIP Pass to HITBSecConf2008 - Malaysia (Conference Only)
1 x VIP Pass to HITBSecCon2009 - Dubai (Conference Only)

Hijacking VSAT Connections - Jim Geovedi (Member of HERT & Security Consultant, PT Bellua Asia Pacific)

Defensive Network Security - Practical Methodologies Meling Mudin [spoonfork] and Lee Chin Sheng [geek00l] (Independent Network Security Researchers)

Advances in Intrusion Detection and Prevention - Christopher J. Rouland (IBM)

Virtualization != Security - Daniel S. Ingevaldson (IBM)

In-depth Anti-Forensics - Challenges of Steganography & Discovering Hidden Data - Domingo Montanaro

Cracking The GSM A5/1 Encryption in Seconds - Skyper & David Houlton

Hacking ‘Second Life’ - Michael Thumann

VoIP (in)Security - Italians Do It Better - Alessio ‘mayhem’ Pennasilico

How We Cracked Their Codes: A Case Study in Compromising the Most Popular High Security Lock in America - Medeco m3 and Biaxial - Marc Weber Tobias

For My Next Trick… Client-Side Hacking - Petko D. Petkov

Token Kidnapping - Cesar Ceurrudo

Penetration Testing SCADA and National Critical Infrastructure: Real-Life Experiences and Case Studies - Raoul Chiesa & Alessio ‘mayhem’ Pennasilico

Real World Attacks Against 3G Networks Using Subscriber Devices - Walter Goulet, Viviana Basso and Benjamin Hagen (Motorola Security Services)

Malware: Behavior, Tools, Scripting and Advanced Analysis - Ero Carrera

Securing Next Generation Applications – Scan, Detect and Mitigate - Shreeraj Shah

Hacking the Bluetooth Stack for Fun, Fame and Mayhem - Dino Covotsos

Cracking into Embedded Devices and Beyond! - Adrian ‘pagvac’ Pastor

Practical Oracle Forensics - Alexander Kornbrust

Hacking The Cell Architecture - Rodrigo Rubira Branco

Computer Forensics and Incident Response: Bringing Sexy Back - Jamie Butler

Do note that there are only a couple of more days before the early bird registration closes on the 1st of February 2008 so if you haven’t booked your seats, DO SO NOW as prices increase after the 1st… Additional updates to the agenda and conference speaker list will be made towards the end of February.

Welcome to the official homepage of HITBSecConf2008 - Dubai. The main aim of the HITBSecConf conference series is to enable the dissemination, discussion and sharing of deep knowledge network security information. Featuring presentations by respected members of both the mainstream network security arena as well as the underground or black hat community, HITBSecConf2008 - Dubai will see over 20 of the world’s leading network security specialists talk about their latest tools and research.

Event Details

Venue: Sheraton Dubai Creek

Date: 14th April
Time: 0900 - 1700
Item: 5-tracks Hands-On Technical Training (Day 1)

Date: 15th April
Time: 0900 - 1700
Item: 5-tracks Hands-On Technical Training (Day 2)

Date: 16th April
Time: 0800 - 1700
Item:

Dual Track Security Conference
Capture The Flag (CTF)
Zone-H/HITB Hacking Challenge
BZFlag Competition

Date: 17th April
Time: 0800 - 1700
Item:

Dual Track Security Conference
Capture The Flag (CTF)
Zone-H/HITB Hacking Challenge
BZFlag Competition

Hands-On Technical Training

TECH TRAINING 1 - Web Application Security – Advanced Attacks and Defense
Trainer: Shreeraj Shah (Director, BlueInfy)

TECH TRAINING 2 - Bluetooth & Wireless Hacking
Trainer: Dino Covotsos (Managing Director, Telspace)

TECH TRAINING 3 - Structured Network Threat Analysis and Forensics
Trainers: Meling Mudin (spoonfork) and Lee Chin Sheng (geek00l)

TECH TRAINING 4 - Telecommunication Fraud
Trainer: Carlos Lowie (Unit Manager, Investigations, Belgacom)

TECH TRAINING 5 - Hacking and Hardening Oracle
Trainer: Alexander Kornbrust (Founder, Red Database Security GmbH)

HITBSecConf2008 - Dubai - Keynote Speaker 1

1.) Bruce Schneier (Founder & Chief Technology Officer, BT Counterpane Inc.)

HITBSecConf2008 - Dubai - Keynote Speaker 2

2.) Jeremiah Grossman (Founder & Chief Technology Officer, White Hat Security.)

HITBSecConf2008 - Dubai - Speakers (alphabetical order)

1. Adrian ‘pagvac’ Pastor (ProCheckUp Ltd. / GNUCITIZEN)
2. Alessio ‘mayhem’ Pennasillico (Security Evangelist, Alba S.T. s.r.l.)
3. Alexander Kornbrust (Founder, Red Database Security GmbH)
4. Benjamin Hagen (Security Engineer, Motorola Security Services)
5. Cesar Cerrudo (Founder, ArgenISS)
6. Christopher J. Rouland (Chief Technology Officer, IBM ISS)
7. Daniel S. Ingevaldson (Manager, Technology Strategy, IBM ISS)
8. Dino Covotsos (Managing Director, Telspace Systems)
9. Domingo Montanaro (Manager of Research & Development, Scanit Middle East)
10. Ero Carrera (Reverse Engineering Automation Researcher, zynamics GmbH)
11. Jamie Butler (Coauthor of Rootkits: Subverting the Windows Kernel)
12. Jim Geovedi (Member of HERT & Security Consultant, PT. Bellua Asia Pacific)
13. Lee Chin Sheng [geek00l] (Independent Network Security Researcher)
14. Meling Mudin [spoonfork] (Independent Network Security Researcher)
15. Marc Weber Tobias (Investigative Attorney and Security Specialist)
16. Michael Thumann (Chief Security Officer, ERNW GmbH)
17. Petko D. Petkov [pdp] (GNUCITIZEN)
18. Raoul Chiesa (Board of Directors Member @Mediaservice.net, ISECOM Group & TSTF)
19. Rodrigo Rubira Branco (Lead Security Researcher, Scanit Middle East)
20. Shreeraj Shah (Director, BlueInfy)
21. Skyper (ex-Phrack Magazine Editor in Chief / Member, THC)
22. Viviana Basso (Motorola Security Services)
23. Walter Goulet (Network Security Architect, Motorola Security Services)