News & Commentary
Latest Content tagged with Black Hat
|
Toyota Prepping 'PASTA' for its GitHub Debut
Carmaker's open source car-hacking tool platform soon will be available to the research community.
Researchers Dig into Microsoft Office Functionality Flaws
An ongoing study investigating security bugs in Microsoft Office has so far led to two security patches.
New Zombie 'POODLE' Attack Bred from TLS Flaw
Citrix issues update for encryption weakness dogging the popular security protocol.
Security Matters When It Comes to Mergers & Acquisitions
The recently disclosed Marriott breach exposed a frequently ignored issue in the M&A process.
The Coolest Hacks of 2018
In-flight airplanes, social engineers, and robotic vacuums were among the targets of resourceful white-hat hackers this year.
2018 In the Rearview Mirror
Among this year's biggest news stories: epic hardware vulnerabilities, a more lethal form of DDoS attack, Olympic 'false flags,' hijacked home routers, fileless malware — and a new world's record for data breaches.
'PowerSnitch' Hacks Androids via Power Banks
Researcher demonstrates how attackers could steal data from smartphones while they're charging.
Toyota Builds Open-Source Car-Hacking Tool
‘PASTA’ testing platform specs will be shared via open-source.
Windows 10 Security Questions Prove Easy for Attackers to Exploit
New research shows how attackers can abuse security questions in Windows 10 to maintain domain privileges.
Former Estonian Foreign Minister Urges Cooperation in Cyberattack Attribution, Policy
Nations must band together to face nation-state cyberattack threats, said Marina Kaljurand.
‘London Blue’ BEC Cybercrime Gang Unmasked
Security firm turned the tables on attackers targeting its chief financial officer in an email-borne financial scam.
Black Hat: European Security Pros Wrestling With Potential Breaches, Privacy Issues
Black Hat Europe attendee survey shows European cybersecurity leaders are uncertain of their ability to protect end user data – and are fearful of a near-term breach of critical infrastructure.
7 Cool New Security Tools to be Revealed at Black Hat Europe
Black Hat Europe's Arsenal lineup will include demoes of new security tools, from AI malware research to container orchestration.
Finding Gold in the Threat Intelligence Rush
Researchers sift through millions of threat intel observations to determine where to best find valuable threat data.
New Bluetooth Vulnerabilities Exposed in Aruba, Cisco, Meraki Access Points
'BleedingBit' could give attackers control of the wireless network from a remote vantage point.
Hardware Cyberattacks: How Worried Should You Be?
How to fit hardware threats into your security model as hardware becomes smaller, faster, cheaper, and more complex.
DeepPhish: Simulating Malicious AI to Act Like an Adversary
How researchers developed an algorithm to simulate cybercriminals' use of artificial intelligence and explore the future of phishing.
Side-Channel Attack Exposes User Accounts on Facebook, XBox, Other Social Sites
Researcher will demonstrate at Black Hat Europe his team's recent discovery: a way to exploit popular user-blocking feature on social media and other sites.
New Security Woes for Popular IoT Protocols
Researchers at Black Hat Europe will detail denial-of-service and other flaws in MQTT, CoAP machine-to-machine communications protocols that imperil industrial and other IoT networks online.
IBM Builds 'SOC on Wheels' to Drive Cybersecurity Training
A tractor trailer housing a Cyber Tactical Operation Center will travel throughout the US and Europe for incident response training, security support, and education.
4 Practical Measures to Improve Election Security Now
It's more critical than ever for states to protect our democratic system and voting infrastructure from foreign cyber espionage.
Lessons From the Black Hat USA NOC
The conference's temporary network operations center provides a snapshot of what is possible when a variety of professionals work together.
Miller & Valasek: Security Stakes Higher for Autonomous Vehicles
Car hacking specialists shift gears and work on car defense in their latest gigs - at GM subsidiary Cruise Automation.
2018 Pwnie Awards: Who Pwned, Who Got Pwned
A team of security experts round up the best and worst of the year in cybersecurity at Black Hat 2018.
New PHP Exploit Chain Highlights Dangers of Deserialization
PHP unserialization can be triggered by other vulnerabilities previously considered low-risk.
Hacker Unlocks 'God Mode' and Shares the 'Key'
At Black Hat USA and DEF CON, researcher Christopher Domas showed how he found backdoors that may exist in many different CPUs.
NSA Brings Nation-State Details to DEF CON
Hackers were eager to hear the latest from the world of nation-state cybersecurity.
IoT Malware Discovered Trying to Attack Satellite Systems of Airplanes, Ships
Researcher Ruben Santamarta shared the details of his successful hack of an in-flight airplane Wi-Fi network – and other findings – at Black Hat USA today.
Cloud Intelligence Throwdown: Amazon vs. Google vs. Microsoft
A closer look at native threat intelligence capabilities built into major cloud platforms and discussion of their strengths and shortcomings.
Dark Reading News Desk Live at Black Hat USA 2018
Watch here Wednesday and Thursday, 2 p.m. - 6 p.m. ET to see over 40 live video interviews straight from the Black Hat USA conference in Las Vegas.
No, The Mafia Doesn't Own Cybercrime: Study
Organized crime does, however, sometimes provide money-laundering and other expertise to cybercriminals.
Researchers Release Free TRITON/TRISIS Malware Detection Tools
Team of experts re-creates the TRITON/TRISIS attack to better understand the epic hack of an energy plant that ultimately failed.
Google Engineering Lead on Lessons Learned From Chrome's HTTPS Push
Google engineering director Parisa Tabriz took the Black Hat keynote stage to detail the Chrome transition and share advice with security pros.
|
White Papers
Video
10 Comments
Current Issue
5 Emerging Cyber Threats to Watch for in 2019Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2019-8419
PUBLISHED: 2019-02-17
PUBLISHED: 2019-02-17
PUBLISHED: 2019-02-17
PUBLISHED: 2019-02-17
PUBLISHED: 2019-02-17
From DHS/US-CERT's National Vulnerability Database CVE-2019-8419
PUBLISHED: 2019-02-17
VNote 2.2 has XSS via a new text note.
CVE-2019-8421PUBLISHED: 2019-02-17
upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter.
CVE-2019-8422PUBLISHED: 2019-02-17
A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php.
CVE-2019-7649PUBLISHED: 2019-02-17
global.encryptPassword in bootstrap/global.js in CMSWing 1.3.7 relies on multiple MD5 operations for password hashing.
CVE-2019-8418PUBLISHED: 2019-02-17
SeaCMS 7.2 mishandles member.php?mod=repsw4 requests.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2019 UBM, All rights reserved
Tweet This