Black Hat

With Black Hat and DefCon comes spike in Vegas-based attacks

By

A recent study found that the number of attacks during the two conferences increased to about 130 times the usual amount.

News briefs: Breaking security news from the Cybersecurity Act to Gauss

News briefs: Breaking security news from the Cybersecurity Act to Gauss

The Cybersecurity Act of 2012 was defeated in the Senate, FinFisher spyware analyzed, nation-state-created espionage malware Gauss, and other breaking security news

Podcast: Inside look at Black Hat 2012

Podcast: Inside look at Black Hat 2012

By

To get a better understanding of how the show is shaping up, we caught up with Trey Ford, the newly appointed general manager of Black Hat, who discussed his transformation from booth babe to conference organizer, how the numbers stack up this year, which sessions are on his can't-miss list and why the parties are just as important to attend as daytime talks.

Black Hat hacker con promises to "ruffle some feathers"

By

The chairs of the five conference tracks taking place later this month at the Black Hat show in Las Vegas took some time Thursday to discuss some of the more riveting sessions that are planned.

9/11 to 9/11/11

Man, myth and the media in the internet age.

Hacking industrial control systems: Dillon Beresford press conference

By

Security researcher Dillon Beresford speaks to the press at the Black Hat conference in Las Vegas following his presentation which demonstrated how to hack into Siemens industrial control systems. Beresford specifically uncovered "replay attack" vulnerabilities in programmable logic controllers, or PLCs, which are used in organizations such as power plants to automate processes. He told the media that part of his motivation for the research was to debunk conventional thinking that SCADA attacks require deep pockets. This week, ICS-CERT issued an advisory warning of the bugs in the Berlin-based Siemens products.

Black Hat: Insulin pumps can be hacked

Black Hat: Insulin pumps can be hacked

By

A Type 1 diabetic said Thursday that hackers can remotely change his insulin pump to levels that could kill him.

Black Hat 2011 notebook

By

Couldn't make it to Black Hat? Don't worry -- we've got you covered with what's making news.

Black Hat: New DARPA program to fund independent hackers

By

The DoD's Cyber Fast Track initiative will fund small hacker groups and independent researchers in the development of cutting-edge solutions that can be created in short intervals for a low cost.

Black Hat: Chrome OS extension vulnerabilities can impact users of any website

By

Two researchers have found a way to take traditional cross-site scripting attacks to a whole new level by attacking vulnerable Google Chrome extensions.

Black Hat: Car unlocked, started via "war texting"

By

Two researchers demonstrated Wednesday how they were able to send commands via a laptop to unlock the doors of a Subaru Outback and actually start the car.

Black Hat: CIA head of counter-terror during 9/11 speaks of new threat

By

Former CIA counter-terror official Cofer Black negotiated a pulled fire alarm to warn conference attendees of the risk posted by cyber.

Black Hat: Find the next, great security technology, and Microsoft will pay you $200,000

By

Microsoft is breaking out the piggy bank to incentivize researchers to develop advanced technologies to defend Windows and the applications that run on top of the world's most popular operating system.

Podcast: Black Hat and DEFCON preview

Podcast: Black Hat and DEFCON preview

By

With the highly anticipated Black Hat and DEFCON hacker conferences set to hit Las Vegas, founder Jeff Moss took some time from his busy schedule to explain why this year's events have a particular buzz to them. He discussed which presentations are on his itinerary, why public vulnerability disclosures are a dying breed, what you need to do to keep your computer secure at the shows and why one particular Wednesday night party has him ready to rock. If you're heading to the desert, you won't want to miss this podcast.

Moss, Black Hat founder, named CSO of ICANN

Moss, Black Hat founder, named CSO of ICANN

By

Jeff Moss, a hacker and the founder of the Black Hat and DEFCON conferences, on Thursday was named chief security officer of the Internet Corp. for Assigned Names and Numbers (ICANN), an internet governance organization that oversees the domain name system and ensure domain names map to the correct IP addresses. Known in hacker circles as "Dark Tangent," Moss was hired for his "insider's knowledge that can only come from fighting in the trenches in the ongoing war against cyberthreats," said Rod Beckstrom, ICANN's president and CEO. Moss will continue his involvement with Black Hat in the new role of conference chairman.

The security industry needs fewer touchdowns, more interceptions

By

There's an old adage in sports that defense wins championships. The information security industry may need to become more familiar with it.

Poachers and gamekeepers

Anti-virus companies and active malware research: a conflict of interest?

Firefox plugs SSL bugs

By

Mozilla has patched two vulnerabilities relating to the way browsers interact with SSL certificates. The flaws, which potentially could permit man-in-the-middle attacks, were disclosed by two researchers, Dan Kaminsky and Moxie Marlinspike, in separate presentations at last week's Black Hat conference in Las Vegas. Marlinspike showed how a heap overflow bug could be exploited to present a specially crafted SSL certificate to the user, while Kaminsky revealed a way to obtain a certificate that would work on a victim site. Users are encouraged to download the latest version of Firefox 3.5. — DK

Apple patches iPhone text message vulnerability

By

A much hyped SMS vulnerability in the Apple iPhone has been fixed -- one day after details of the bug were presented at the Black Hat conference in Las Vegas.

Black Hat: Breaking SSL network transactions

By

By making a simple change, a fake SSL certificate can be created and used to persuade users that it is safe to enter their credit card information on a merchant site.

Black Hat: Hackers crack smart parking meter hole

By

Parking meters -- long thought of as being only susceptible to physical vandalism -- are starting to face the same digital threats as any hardware, a trio of researchers said Thursday.

Black Hat: SMS bug can disable iPhone usage

By

One single malicious text message can knock an iPhone offline, a pair of researchers disclosed Thursday.

Black Hat: Clampi banking trojan spreading rapidly

By

A newly revealed banking trojan is considered one of the biggest threats on the internet because of the way it can quickly spread.

Black Hat: Less gov't involvement would be a good thing

By

The widely anticipated federal cybersecurity coordinator will provide some help, but is unlikely to be a silver bullet for what digitally ails the nation, a Black Hat panel said Wednesday.

Black Hat: Vulnerability mitigation is working, sort of

By

Efforts to reduce security vulnerabilities seem to be paying off, but IT administrators are not paying enough attention to application bugs, a CTO said Wednesday at the Black Hat conference in Las Vegas.

Black Hat: Organizations, security teams must share risk

By

Accountability for IT security shortfalls must extend beyond the security team, a panel of CSOs said Wednesday at the Black Hat conference in Las Vegas.

Sign up to our newsletters

POLL