The Box
The videos from the 7th annual Hack in The Box security conference held
in Malaysia last year have been released! On a related note, do keep in
mind that online registration for HITBSecConf2010 - Dubai closes in less
than 4 weeks and the Call for Papers for HITBSecConf2010 - Amsterdam is
still open for submissions (Submissions are due no later than 19th April 2010)!
HITB CFP
http://cfp.hackinthebox.org/
===
Presentation materials from the 4th annual Hack In The Box Security
Conference in Dubai are now available for download!
http://conference.hitb.org/hitbsecconf2010dxb/materials/
KEYNOTE 1 - John Viega - A/V Vendors Aren't As Dumb As They Look
D1 - Daniel Mende - Attacking Cisco WLAN Solutions
D1 - Laurent Oudot - Improving the Stealthiness of Web Hacking
D1 - Dimitri Petropoulos - Attacking ATMs and HSMs **
D1 - Dino Covotsos - Analysis of a Next Generation Botnet
Hack In The Box is proud to announce, a brand new lightning session
called HITB SIGINT (Signal Intelligence/Interrupt)! HITB SIGINT
sessions are designed to provide a quick 15 minute overview for
material and research that's up and coming - stuff that isn't quite
ready for the mainstream tracks of the conference but deserve a mention
nonetheless. Final year students who want to present their projects to
industry experts are also strongly encouraged to submit their papers.
These sessions are held during the conference coffee and lunch breaks.
The papers would be reviewed by the main CFP panel and student
This will be a QUAD TRACK conference featuring 2 dedicated tracks
focusing on cutting edge attack and defense techniques, a track with
dedicated hands-on lab sessions and a brand new lightning talk segment!
HITB CFP: http://cfp.hackinthebox.org/
===
Venue: Crowne Plaza Mutiara Kuala Lumpur
----------------------------------------
After a slight delay, we are pleased to announce that Issue 006 of the
HITB Magazine is now available for download (PDF)! (The slight delay was
to allow us to bring you some post conference coverage!)
http://magazine.hackinthebox.org/issues/HITB-Ezine-Issue-006.pdf
We've got loads of awesome content lined up as always including a
feature article/interview with Joe Sullivan, Chief Security Officer at
social network behemoth Facebook and keynoter at the 2nd annual
HITBSecConf in Europe. Along side Joe, we also sat down with Chris Evans
http://conference.hitb.org/hitbsecconf2012ams/
---
Hafez Kamal
HITB Crew
Hack in The Box (M) Sdn. Bhd.
Suite 26.3, Level 26, Menara IMC,
No. 8 Jalan Sultan Ismail,
50250 Kuala Lumpur,
Malaysia
We are proud to announce the immediate availability of HITB Magazine
Issue 005 - The first HITB Magazine release for 2011!
HITB Magazine
=============
http://magazine.hackinthebox.org/
Direct Link
===========
http://magazine.hackinthebox.org/issues/HITB-Ezine-Issue-005.pdf
http://conference.hitb.org/hitbsecconf2009dubai/
The Call for Papers (CFP) for HITBSecConf2009 - Malaysia (October 5th -
8th) will open in March 2009.
A belated Happy New Year from all of us at Hack in The Box and may all
your exploits result in root shell! :)
The HITB Team.
Talks that are more technical or that discuss new and never before seen
attack methods are of more interest than a subject that has been covered
several times before. Submissions are due no later than 9th August 2010.
HITB CFP: http://cfp.hackinthebox.org/
===
Date: October 11th - 14th 2010
Venue: Crowne Plaza Mutiara Kuala Lumpur
HITB Magazine is currently seeking submissions for our next issue. If you have something interesting to write, please drop us an email at: editorial@hackinthebox.org
TOPICS
Topics of interest include, but are not limited to the following:
* New Attack and Defense Techniques
* Reverse Code Engineering
* Network Security
* Forensics and Incident Response
The Call for Papers (CFP) for HITB2011KUL (October 10th - 13th @
Intercontinental Kuala Lumpur, Malaysia) is still open and submissions
are due before the 15th of July:
http://cfp.hackinthebox.org/
---
On a somewhat related note, we've also recently migrated our old
hackinthebox.org news portal to a new home - HITBSecNews running at
HITBSecConf2010 - Dubai will also feature a HITB Web Hacking. This years contest will once again include an additional binary reversing challenge as well.
http://conference.hackinthebox.org/hitbsecconf2010dxb/agenda.pdf
---
Hafez Kamal
HITB Crew
Hack in The Box (M) Sdn. Bhd.
As always, talks that are more technical or that discuss new and never
before seen attack methods are of more interest than a subject that has
been covered several times before.
HITB CFP: http://cfp.hackinthebox.org/
===
Topics of interest include, but are not limited to the following:
* Cryptography
* Hardware Hacking
* Malware Analysis
* Lock Picking / Physical Security
HITB Magazine is a deep-knowledge technical magazine. Articles that are more technical or that discuss new and never before seen attack methods are of more interest than a subject that has been covered several times before. Please send your article to editorial@hackinthebox.org
Submissions for issue #5 due no later than 3rd January 2011
---
Hafez Kamal
Justin Lundy (Founder & CEO, Subterrain) was replaced by Fyodor Yarochkin & The Grugq. Sorry about that Fyodor! :D
---
Hafez Kamal
HITB Crew
Hack in The Box (M) Sdn. Bhd.
Suite 26.3, Level 26, Menara IMC,
No. 8 Jalan Sultan Ismail,
50250 Kuala Lumpur,
Malaysia
Europe is mid May (stay tuned to our @hitbsecconf twitter stream for all
conference updates).
All conference materials from the event can be downloaded from
http://conference.hitb.org/hitbsecconf2010ams/materials and photos will
be released on http://photos.hackinthebox.org in about 2 weeks time.
==
In conjunction with HITBSecConf2010 - Amsterdam, we are proud to
announce the immediate availability of Issue 003 of the HITB Magazine,
As always, talks that are more technical or that discuss new and never
before seen attack methods are of more interest than a subject that has
been covered several times before.
Submissions are due _no later than 18th February 2011_
HITB CFP: http://cfp.hackinthebox.org/
===
Topics of interest include, but are not limited to the following:
This is a gentle reminder that the Call for Papers for the third annual
HITBSecConf in Europe closes on the 18th of February! Send in your
submissions now!
http://cfp.hackinthebox.org/
---
This year, we're moving to a new, bigger and better venue -- the
award winning Okura Hotel right in middle of Amsterdam with easy access
before seen attack methods are of more interest than a subject that has
been covered several times before. Each non-resident speaker will
receive accommodation for 3 nights / 4 days and travel reimbursement up
to EUR1200.00 / USD1700.00
HITB CFP: http://cfp.hackinthebox.org/
===
Topics of interest include, but are not limited to the following:
conference.
To submit your presentation proposals and for further details on our
submission process, please see:
http://cfp.hackinthebox.org/
On a related note, online registration for HITBSecConf2010 - Dubai is
closing on the 14TH OF APRIL - Walk in registrations are still accepted
thereafter.
The second quarterly HITB eZine (issue 002) has been released! Grab your
copies from here:
https://www.hackinthebox.org/modules.php?op=modload&name=News&file=article&sid=35995
===
3 months ago, our newly 'reborn' ezine was a completely new experience
to our small team and we didn't expect it to have a lot of followers
considering its absence for many years. But to our surprise, we received
Our new blog post describes some recent changes Microsoft introduced to fight against
binary planting exploits. The most recent change was the removal of a vulnerable COM
server on Windows XP which we used in our proof of concept at Hack In The Box
Amsterdam in May.
Read the post to find out what else is hiding in the "COM server binary planting"
closet and what to do to get our PoC back to life.
http://blog.acrossecurity.com/2011/09/microsofts-binary-planting-clean-up.html
The videos from Hack In The Box Security Conference 2007 Malaysia is now
available for download! The files were created in Quicktime, however if
you're having trouble playing them on your platform, please ensure you
have the latest 3IVX codec installed.
Time to fire up your favorite Bit Torrent clients and please remember to
seed!
go to http://video.hitb.org/2007.html to download the torrents
Gents,
TEHTRI-Security was invited to give a talk called "Web In The Middle,
Attacking Clients", at the first Hack In The Box Europe, Amsterdam (
http://conference.hackinthebox.org/hitbsecconf2010ams/ ).
During our talk, we released multiple advisories and we explained many
issues related to some vulnerabilities. You can find more public
information through the slides available online. Here are some related
details that we wanted to share with you through this mailing list :
> introduced to
> >fight against binary planting exploits. The most recent
> change was the
> >removal of a vulnerable COM server on Windows XP which we
> used in our
> >proof of concept at Hack In The Box Amsterdam in May.
> >
> >Read the post to find out what else is hiding in the "COM
> server binary
> >planting"
> >closet and what to do to get our PoC back to life.
Hello from Malaysia!
The Call for Papers (CFP) for the 6th Hack In The Box Security
Conference in Malaysia (27th - 30th October 2008) is now open.
We've got some really cool stuff lined up this year including an
open-hack competition for charity, a third track in the conference
(hitb-labs), 4 keynote speakers + 30 international experts, the usual
team based capture the flag competition, a new wireless (bluetooth,
rfid, 802.11) village and lock picking village!
The videos from Hack In The Box Security Conference 2007 Malaysia is now
available for download! The files were created in Quicktime, however if
you're having trouble playing them on your platform, please ensure you
have the latest 3IVX codec installed.
Time to fire up your favorite Bit Torrent clients and please remember to
seed!
go to http://video.hitb.org/2007.html to download the torrents
>
>
>Our new blog post describes some recent changes Microsoft introduced to
>fight against binary planting exploits. The most recent change was the removal
>of a vulnerable COM server on Windows XP which we used in our proof of
>concept at Hack In The Box Amsterdam in May.
>
>Read the post to find out what else is hiding in the "COM server binary
>planting"
>closet and what to do to get our PoC back to life.
>
UCSB iCTF 2011 winner - We_0wn_You - http://ictf.cs.ucsb.edu/
CodeGate 2012 Winner - Feb 24-26 2012 Online quals -
http://www.codegate.org/Eng/
NCCDC winner - April 20 - 22, 2012 - http://www.nationalccdc.org/
Hack In The Box 2012 Amsterdam - May 21-25, 2012 Amsterdam -
http://conference.hitb.org/hitbsecconf2012ams/pagelist2/capture-the-flag-ban
k0verflow/
Positive Hack Days 2012 - May 30/31, 2012
http://phdays.com/ctf_general.asp
Our new blog post describes in detail how the binary planting exploits we presented
at Hack In The Box Amsterdam work. Watch a user on IE8/XP getting pwned by two single
clicks on a web page, and a user on IE9/Win7 getting pwned by selecting an option
from a context menu.
http://blog.acrossecurity.com/2011/05/anatomy-of-com-server-based-binary.html
or
http://bit.ly/kWe3gw
|
