HITB-Phuket
On 26th and 27th August 2023, I’ve attended my first HITBSec conference in Phuket,Thailand. HITBSec Conf or the Hack In The Box Security Conference is an annual security event that security researchers and professionals around the world will come together to share their latest findings through research or experience. The conference was firsly founded in Malaysia, but then had evolved into a bigger scaled conference where it is held internationally in such that the conference held commonly at Amsterdam.
The reason that I gained the opportunity to join HITB this year as I tried to apply for volunteer at the conference this year. Although I was rejected to be part of the volunteer, but the team was nice enough to provide me a free entrance ticket to visit the conference as a participant. Understanding that this is a rare opportunity, I had planned my trip to Thailand almost immediately. Along with 5 other friends that were given the same opportunity, and 2 ex-HITB crew members, we pay a visit to the conference and enjoy the time being at Thailand.
As the conference is being held at 4 Points by Sheraton Hotel, which is located next to our hotel (The Charm Resort), once we arrived there, we pay a visit to the conference area. Upon arrival, we met a few of the crew members, which are very welcoming to us, as they know that we came from Malaysia just to visit the conference. They introduced us to some of the legendary hackers that had been been pioneers of the field. One of the legends that been the first one that showed POC of Airplane Hacking, Hugo Teso, had shared his experience with us on how he got to his current success.
On the main event day itself, we were given an entrance gift and had been able to join different security tracks within the conference. All the topics of the tracks are as shown here: https://conference.hitb.org/hitbsecconf2023hkt/conference/
As the timeline of the tracks crash each others, each participant can only be able to join one of the tracks. But not to worry, as all the topics within the tracks will be uploaded to youtube and be available for everyone. Hence, we split up among ourselves, attending different tracks and share the understanding of the talks after that. One of the most interesting content within the conference is the IOS vulnerability finding, which enables the threat actor to exploit a certain version of IOS system device that are connected within the same WAN to ring at the same time. This vulnerability opens up the possibility of scammers being able to simultaneously distribute phishing link out to users. The content is really interesting and had attracted attention of many cybersecurity enthuasist.
If you want the slides & materials shared within HITB, here’s the link: https://conference.hitb.org/hitbsecconf2023hkt/materials/
At the end of the conference, an afterparty was held at the nearby bar (i can’t recall the name). Everyone were given with free booze and opportunity to connect with each others. We get to meet lots of people that had been in the field for many years, chill and hangout with these people throughout the night.
There are a lot to talk about about these 2 days, it’s better to experience in person to actually understand the experience. I would advice if any conference is accessible, especially international conference like HITBSecConf, please do take a visit and enjoy your time being there. You will gain lots of inspiration and be able to know a lot of great people.