Attorney Marcia Hofmann will cover aspects of the Computer Fraud and Abuse Act that security researchers need to be aware of during a Black Hat session next week.
Browsing Category: Black Hat
A tool that enables a hacker or penetration tester to capture RFID card data from up to three feet away will be released next week at Black Hat.
LAS VEGAS–An odd thing happened at Black Hat on Thursday: an Apple security official gave a talk. Seats began filling early, 20 minutes before the talk began, and expectations were high, with many people wondering how much the speaker would reveal about the inner workings of iOS security. And then the talk began and it was fairly clear that the answer to that question was, not much.
LAS VEGAS–The Black Hat conference is now officially an adolescent, and like most in that age group, it has gone through some growing pains in its life. Once criticized for giving too much of a platform for offensive research, and then, after its sale a few years ago to a media conglomerate, dinged for being too corporate, Black Hat now seems to have settled into a nice, comfortable spot with high-quality research and talks from top government officials.
The annual Black Hat Briefings hacker conference got off to a rocky start Sunday after thousands of registered attendees received a fishy smelling “account password reset” e-mail that contained a suspicious URL. But a message from conference organizers hours later said the errant e-mail was no phishing attack, but merely an “abuse of functionality” by a bored Black Hat volunteer.
By Andrew Storms[img_assist|nid=2543|title=|desc=|link=none|align=left|width=100|height=100]No doubt breaking things is fun. I remember back when I was 10 years old when
I took apart a squirrel cage fan, flipped some wires and so forth, and then
attempted to plug it back in. Good thing my mom stopped me seconds before I
was about to get a literal jolt of reality. These days, I still keep that
same inquisitive and maniacal mentality. Yes, I was the guy wearing an
assortment of makezine t-shirts at Black Hat, but I also often wore collared
shirts and a belt. Because I keep a foot in both of these worlds, I¹d
like to propose an adjustment to the security community.
UPDATED: The Black Hat Briefings and DEFCON hacker shows hadn’t even gotten under way before making news.
Dillon Beresford used a presentation at the Black Hat Briefings on Wednesday to detail more software vulnerabilities affecting industrial controllers from Siemens, including a serious remotely exploitable denial of service vulnerability, more hard-coded administrative passwords, and even an easter egg program buried in the code that runs industrial machinery around the globe.
LAS VEGAS–Researchers from IBM’s ISS X-Force plan to unveil a new system for running an open wireless network in a secure mode at the Black Hat conference here this week. The system mimics the way that Web sites browsers use digital certificates to establish a trusted connection with one another.
The world moves fast, but much of the world of vulnerability research and exploitation has been stuck in stasis for the last few years. Much of the focus has been on memory-corruption vulnerabilities, application-level bugs and using Java and Flash to get around exploit mitigations and other protections. But that seems to be changing now, if the topics and depth of research at this week’s Black Hat conference are any evidence.