A BIG THANK YOU to our sponsors, speakers, media and of course the HITB .MY and .NL volunteers for their help in putting together a kick ass conf! All presentation materials can be downloaded from:
Official conference photos will be available at http://photos.hackinthebox.org in about 2 weeks time. Don’t forget to follow @hitbsecconf on Twitter! This blog posting will also be updated with links to post conference media coverage as and when they get published. If we’ve missed a news article or blog posting, please send us an email.
International Business Times: Cookiejacking: Glitch in Internet Explorer leaks user info, says researcher
http://www.ibtimes.com/articles/153799/20110528/microsoft-cookiejacking-rosario-valotta-facebook-twitter-iframe-windows-google-amsterdam-ie.htm
MyCE: IE “cookiejacking” security hole discovered, affecting all versions
http://www.myce.com/news/ie-cookiejacking-security-hole-discovered-affecting-all-versions-45798/
InfoBAE: Facebook pagará por detectar sus errores
http://america.infobae.com/notas/26281-Facebook-pagara-por-detectar-sus-errores
Playground (Russia) Найдена новая уязвимость всех версий Internet Explorer
http://www.playground.ru/blogs/other/21032/
Overclockers.RU (Russia): Ошибка в браузере Internet Explorer облегчает похищение сессионных куки
http://www.overclockers.ru/softnews/41984/Oshibka_v_brauzere_Internet_Explorer_oblegchaet_pohischenie_sessionnyh_kuki.html
Security.NL (Netherlands): IE-gebruikers kwetsbaar voor cookie-kapers
http://www.security.nl/artikel/37230/1/IE-gebruikers_kwetsbaar_voor_cookie-kapers.html
Terra: Investigadores dicen haber detectado fallas de seguridad en tarjetas bancarias
http://economia.terra.com.co/noticias/noticia.aspx?idNoticia=201105202202_BBM_79722007
Computer World: Microsoft downplays IE ‘cookiejacking’ bug
http://www.computerworld.com/s/article/9217116/Microsoft_downplays_IE_cookiejacking_bug
Net1news: IE: trovata falla in tutti gli Internet Explorer
http://www.net1news.org/ie-trovata-falla-in-tutti-gli-internet-explorer.html
HW Files (Italy) Vulnerabilità cookiejacking in Internet Explorer, risponde Microsoft
http://www.hwfiles.it/news/vulnerabilita-cookiejacking-in-internet-explorer-risponde-microsoft_37013.html
eWeek Europe: Internet Explorer Flaw Allows For Cookie Theft
http://www.eweekeurope.co.uk/news/internet-explorer-flaw-allows-for-cookie-theft-30438
Security.NL (Netherlands): Porno-knop beschermt IE tegen cookiemonsters
http://www.security.nl/artikel/37264/1/Porno-knop_beschermt_IE_tegen_cookiemonsters.html
eWeek: IE Flaw Lets Attackers Steal Cookies, Access User Accounts
http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/
Network World: IE Flaw Could Allow Hackers Access to your Facebook, Gmail, Twitter Accounts
http://www.networkworld.com/community/node/74259
Web News (Italy): Microsoft prepara la patch per il cookiejacking
http://www.webnews.it/notizie/microsoft-prepara-la-patch-per-il-cookiejacking/
IT Home (Taiwan): 研究人員揭露IE含有cookie綁架漏洞
http://www.ithome.com.tw/itadm/article.php?c=67874
Information Week: iOS 4 Hardware Encryption Cracked By Forensics Firm
http://www.informationweek.com/news/229700041
PC Magazin (Germany): IE-Lücke ermöglicht Cookie-Klau
http://www.pc-magazin.de/news/ie-luecke-ermoeglicht-cookie-klau-1142308.html
The Register: Unpatched IE bug exposes sensitive Facebook creds
http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/
Rosbalt.RU (Russian): Итальянец создал новую программу для кражи цифрового удостоверения
http://www.rosbalt.ru/style/2011/05/28/853207.html
XAKEP (Russia): Microsoft: cookiejacking нас не волнует
http://www.xakep.ru/post/55821/
SYS-CON MEDIA: SSL : Implementation Gone Wrong
http://www.sys-con.com/node/1847737
The Guardian (UK): Hacking conference sees ‘enemies’ break boundaries
http://www.guardian.co.uk/technology/blog/2011/may/23/hack-in-the-box-security-conference
Softpedia News: Exclusive Interview: Facebook Chief Security Officer, Joe Sullivan
http://news.softpedia.com/news/Softpedia-Exclusive-Interview-Facebook-Chief-Security-Officer-Joe-Sullivan-201935.shtml
Terra: Investigadores dicen haber detectado fallas de seguridad en tarjetas bancarias
http://economia.terra.com.ve/noticias/noticia.aspx?idNoticia=201105202202_BBM_79722007
El Nuevo Dia: Tarjetas con fallas de seguridad
http://www.elnuevodia.com/tarjetasconfallasdeseguridad-971686.html
PC-Facile: Facebook prepara i soldi per le segnalazioni di vulnerabilità
http://www.pc-facile.com/news/facebook_soldi_segnalazioni_vulnerabilita/69554.htm
Softpedia News: Facebook to Offer Rewards for Security Vulnerabilities
http://news.softpedia.com/news/Facebook-Prepares-to-Launch-Bug-Bounty-Program-201405.shtml
BBC Mundo: Investigadores dicen haber detectado fallas de seguridad en tarjetas bancarias
http://www.bbc.co.uk/mundo/ultimas_noticias/2011/05/110520_ultnot_tecnologia_tarjetas_sao.shtml
NRC Handelsblad: Zelf laptop- en telefoondieven vangen met Prey
http://weblogs.nrc.nl/hebben/2011/05/17/zelf-laptop-en-telefoondieven-vangen-met-prey/
NOS News (Radio): ‘Hacker is ontzettend vasthoudend’
http://nos.nl/audio/242046-hackers-is-ontzettend-vasthoudend.html
Tweakers.net: Nieuwe creditcard-beveiliging is te omzeilen
http://tweakers.net/nieuws/74574/nieuwe-creditcard-beveiliging-is-te-omzeilen.html
Security.NL: “Hacker kan hardware permanent saboteren”
http://www.security.nl/artikel/37173/1/%22Hacker_kan_hardware_permanent_saboteren%22.html
Tweakers.net: Onderzoeker waarschuwt voor gevaarlijke SAP-configuraties
http://tweakers.net/nieuws/74562/onderzoeker-waarschuwt-voor-gevaarlijke-sap-configuraties.html
Security.NL: Facebook: Verbod anoniem account is innovatie
http://www.security.nl/artikel/37154/1/Facebook%3A_Verbod_anoniem_account_is_innovatie.html
CHIP Online (CZ): Facebook bude hackery odměňovat
http://www.chip.cz/clanky/bezpecnost/2011/05/facebook-bude-hackery-odmenovat
SYS-CON Media: SSL : Implementation Gone Wrong
http://www.sys-con.com/node/1847737
Acros Security: The Anatomy of COM Server-Based Binary Planting Exploits
http://blog.acrossecurity.com/2011/05/anatomy-of-com-server-based-binary.html
SecureList: Hack in The Box Security Conference 2011 Amsterdam / NL
http://www.securelist.com/en/blog/208188077/Hack_in_The_Box_Security_Conference_2011_Amsterdam_NL
/dev/random: HITB2011Ams Wrap-up Day #1
http://blog.rootshell.be/2011/05/19/hitb2011ams-wrap-up-day-1/
/dev/random: HITB2011Ams Wrap-up Day #2
http://blog.rootshell.be/2011/05/20/hitb2011ams-wrap-up-day-2/
CupFighter: HitB2011AMS: Credit Card Skimming and PIN Harvesting in an EMV World
http://www.cupfighter.net/index.php/2011/05/hitb2011ams-emv/
CupFighter: HitB2011AMS: iPhone Data Protection in-Depth
http://www.cupfighter.net/index.php/2011/05/hitb2011ams-iphone/
CupFighter: HitB2011AMS: Let met Stuxnet You
http://www.cupfighter.net/index.php/2011/05/hitb2011ams-pdos/
CupFighter: HitB2011AMS: A Real-Life Study of What Really Breaks SSL
http://www.cupfighter.net/index.php/2011/05/hitb2011ams-what-breaks-ssl/
CupFighter: HitB2011AMS: WebShells: A Framework for Penetration Testing
http://www.cupfighter.net/index.php/2011/05/hitb2011ams-webshells/
CupFighter: HitB2011AMS: A Million Little Tracking Devices
http://www.cupfighter.net/index.php/2011/05/hitb2011ams-100000-tracking-devices/
CupFighter: HitB2011AMS: Beyond Botnets – Dissecting the Ecosystem
http://www.cupfighter.net/index.php/2011/05/hitb2001ams-beyond-botnets/