Articles about black hat

Caesars

Destination PWND: Safes, ATMs, phones all fall to Vegas hax0rs

Analysis BSides, Black Hat, DEF CON... For the last six days, Las Vegas has been home to the top brains in the computer security industry and the business menagerie that follows them – causing some panic among locals. We've seen the pathetic state of the US electronic voting system exposed, claims of advanced eavesdropping at the …
Iain Thomson, 31 Jul 2017

Hackers can turn web-connected car washes into horrible death traps

Black Hat Forget hijacking smart light bulbs. Researchers claim they can hack into internet-connected car wash machines from the other side of the world and potentially turn them into death traps. In a presentation at the Black Hat conference in Las Vegas on Wednesday, Billy Rios, founder of security shop Whitescope, and Jonathan Butts …
Iain Thomson, 27 Jul 2017
segway

Segway hoverboard hijack hack could make hipsters eat pavement

The latest two-wheel transporter toy from Segway was disturbingly easy to hack, with miscreants requiring just seconds to take control of a vehicle, we're told. Researchers at hacking house IOActive probed the Chinese Segway miniPro, and said they found the wireless link between the machine and its accompanying mobile app was …
Iain Thomson, 19 Jul 2017

Discredit a journo? Easy, that'll be $55k. Fix an election? Oh, I can do that for just $400k

Fake news has come to be associated with political intrigue but the same propaganda techniques are also abused by cybercriminals, according to a study by Trend Micro. The techniques and methods used to spread fake news and manipulate public opinion have a wide range of objectives and even a price list. Cybercriminals produce …
John Leyden, 13 Jun 2017
Switch

Homebrew crypto SNAFU on electrical grid sees GE rush patches

Updated General Electric is pushing patches for protection relay bugs that, if exploited, could open up transmission systems to a grid-scale attack. The company hasn't published much by way of detail, but spoke to Reuters after this Black Hat abstract was published (the talk will be delivered to the July conference in Les Vegas). The …
Samsung Pay

Samsung: Hackers can't pwn our NFC payment kit. No way, nuh-uh, not true (Well, OK, maybe)

A war of words has broken out after a security researcher claimed last week that Samsung's contactless mobile payment system is vulnerable to skimming and spoofing attacks. In talks at both the Black Hat and DEF CON security conferences, held last week in Las Vegas, Salvador Mendoza claimed that he was able to intercept a …
Iain Thomson, 10 Aug 2016
Image by Maksim Kabakouhttp://www.shutterstock.com/pic-362745248/stock-photo-privacy-concept-broken-shield-on-wall-background.html

Stealthy malware infects digitally-signed files without altering hashes

Black Hat Deep Instinct researcher Tom Nipravsky has undermined the ubiquitous security technique of digitally-signed files by baking malicious code into headers without tripping popular security tools. Nipravsky inserted malicious code into the small header attribute certification table field which contains information about digital …
Darren Pauli, 8 Aug 2016

Kazakhstan accused of hacking journos, activists by EFF

Black Hat The Electronic Frontier Foundation (EFF) has accused the Kazakhstan Government of sending malware-laced phishing emails to two investigative journalists in the country, along with activists, and family members to help spy, locate and extradite targets. The group revealed their detailed technical findings at the Black Hat …
Darren Pauli, 5 Aug 2016
image by Leonardo Gonzalez http://www.shutterstock.com/gallery-650461p1.html

Hackers unleash smart Twitter phishing tool that snags two in three users

Black Hat Twitter scammers have a new weapon with the release of an effective spear phishing tool that lands a victim almost two thirds of the time, dwarfing the usual five-to-fifteen-per-cent-open-rate for spam tweets. The SNAP_R machine learning spear phishing Twitter bot is a data-driven menace unleashed at the Black Hat security …
Darren Pauli, 5 Aug 2016

How the HTTPS-snooping, email addy and SSN-raiding HEIST JavaScript code works

Black Hat Malicious ads can potentially masquerade as people online and grab their personal information from HTTPS-protected websites, two boffins have shown. The technique is dubbed HEIST – HTTP Encrypted Information can be Stolen through TCP-Windows – and it was devised by Tom Van Goethem and Mathy Vanhoef, both PhD researchers at the …
Iain Thomson, 5 Aug 2016
Ivan Krstić

Apple joins the bug bounty party with $200,000 top prize

Black Hat Security researchers can win up to US$200,000 in Apple's new bug bounty program, announced by the company on Thursday at the Black Hat security convention in Las Vegas. “We’ve had great help from researchers like you and the security mechanisms we build have gotten stronger,” said Apple’s head of security engineering and …
Iain Thomson, 5 Aug 2016
Miller and Valasek

Jeep hackers: How we swerved past Chrysler's car security patches

Black Hat Last year, the Black Hat presentation by Charlie Miller and Chris Valasek caused Chrysler to recall 1.4 million vehicles to install a software update after they proved they could remotely hack Jeeps. This year, in Las Vegas, the pair showed us how to defeat that update. The dynamic duo praised Chrysler's efforts to secure …
Iain Thomson, 4 Aug 2016
pwnie

Top infosec top bods praise and damn in Pwnie Awards

Black Hat It’s Black Hat time and that means the Pwnie Awards ceremony, honoring the highlights and bottom feeders of the IT security industry. The ceremony - which hands out gold and technicolored toy ponies that would make a brony salivate - was held on Wednesday night at the Black Hat convention in Las Vegas. The judges that included …
Iain Thomson, 4 Aug 2016

Hackers detail the blood and guts of the 2016 Pwn2Own exploit expo

Black Hat Zero Day Initiative researchers have detailed the winning hacks of this year's Pwn2Own competition, painting a picture of broken browsers and owned systems. The quartet of Matt Molinyawe, Abdul-aziz Hariri, Jasiel Spelman, and Jason Smith of Trend Micro's Zero Day Initiative vulnerability clearing house detailed and …
Darren Pauli, 4 Aug 2016
spy_eye_648

Users of secure chat app Telegram popped after possible nation-state attack

Black Hat An attack group known for rudimentary phishing scams and having operational security so bad their servers were popped by Check Point has compromised a dozen Telegram accounts and gained phone numbers for a further 15 million, possibly with state assistance. Telegram is a well-regarded end-to-end encrypted chat client used by …
Darren Pauli, 4 Aug 2016

Forget security training, it's never going to solve Layer 8 (aka people)

Black Hat Research by German academics has shown there's very little that can be done to prevent people spreading malware by clicking on dodgy links in messages, particularly where Facebook is involved. In a presentation at Black Hat 2016 in Las Vegas today, Zinaida Benenson, leader of the Human Factors in Security and Privacy Group at …
Iain Thomson, 3 Aug 2016

Black Hats control Jeep's steering, kill brakes

Black Hat video Car hackers Charlie Miller and Chris Valasek have again hacked a 2014 Jeep Cherokee, this time by physically linking a laptop to commandeer its steering and kill the brakes. The duo have captured the hack to be presented at Black Hat Las Vegas this week in video proof-of-concept demonstrations. The compromise requires …
Darren Pauli, 2 Aug 2016

Google, Facebook's CAPTCHAs vanquished by security researchers

Black Hat Asia Google's and Facebook's CAPTCHA services have been defeated in research that successfully designed an automated system to solve the "are-you-human?" verification challenges. CAPTCHAS are designed to make life easier for trusted users and painful for bots, by presenting challenges that are difficult for software to crack. …
Darren Pauli, 7 Apr 2016

Create a news alert about black hat, or find more stories about black hat.

Biting the hand that feeds IT © 1998–2017