Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Black Hat posted in July 2017
Iranian Hackers Ensnared Targets via Phony Female Photographer
News  |  7/31/2017  | 
US, Indian, Saudi Arabian, Israeli, Iraqi IT, security, executives in oil/gas and aerospace swept up in elaborate social media ruse used for cyber espionage operations.
Researchers Release Free Tool to Analyze ICS Malware
News  |  7/27/2017  | 
CrashOverride/Industroyer malware used against Ukraine's power grid the inspiration for the reverse-engineering tool.
Broadcom Chipset Bug in Android, iOS Smartphones Allows Remote Attack
News  |  7/27/2017  | 
Security researcher found a common flaw in Android and iOS smartphone chipsets that could allow a remote exploit to be unleashed on millions of devices.
Inside the Investigation and Trial of Roman Seleznev
News  |  7/27/2017  | 
The officials who convicted the credit card thief discussed the investigation, evidence, trial, and challenges involved in his case.
Get Ready for the 2038 'Epocholypse' (and Worse)
News  |  7/27/2017  | 
A leading security researcher predicts a sea of technology changes that will rock our world, including the Internet of Things, cryptocurrency, SSL encryption and national security.
Dark Reading News Desk Live at Black Hat USA 2017
Commentary  |  7/27/2017  | 
Over 40 interviews streaming live right from Black Hat USA, July 26-27, from 2 p.m. - 7 p.m. Eastern Time (11 - 4 P.T.).
How to Build a Path Toward Diversity in Information Security
News  |  7/27/2017  | 
Hiring women and minorities only addresses half the issue for the IT security industry -- the next step is retaining these workers.
How Attackers Use Machine Learning to Predict BEC Success
News  |  7/26/2017  | 
Researchers show how scammers defeat other machines, increase their success rate, and get more money from their targets.
FBI Talks Avalanche Botnet Takedown
News  |  7/26/2017  | 
FBI unit chief Tom Grasso explains the takedown of Avalanche and how the agency approaches botnet infrastructures.
Hacking the Wind
News  |  7/26/2017  | 
A security researcher at Black Hat USA shows how wind turbine systems are susceptible to potentially damaging cyberattacks.
The Wild West of Security Post-Secondary Education
News  |  7/26/2017  | 
Black Hat researchers will show how inconsistent security schooling is at the university level.
Facebook Offers $1 Million for New Security Defenses
News  |  7/26/2017  | 
The social media giant has increased the size of its Internet Defense Prize program in order to spur more research into ways to defend users against the more prevalent and common methods of attack.
How 'Postcript' Exploits Networked Printers
News  |  7/25/2017  | 
At Black Hat 2017, a university researcher will demo how attackers can drill into networked printers by way of the ubiquitous PostScript programming language.
Using AI to Break Detection Models
News  |  7/25/2017  | 
Pitting machine learning bots against one another is the new spy vs. spy battle in cybersecurity today.
7 Hardware & Firmware Hacks Highlighted at Black Hat 2017
Slideshows  |  7/24/2017  | 
Researchers will hammer home potentially devastating attacks, and demo a range of vulnerabilities, techniques and tools.
Using DevOps to Move Faster than Attackers
News  |  7/20/2017  | 
Black Hat USA talk will discuss the practicalities of adjusting appsec tooling and practices in the age of DevOps.
'AVPass' Sneaks Malware Past Android Antivirus Apps
News  |  7/19/2017  | 
Researchers at Black Hat USA will release a toolset that studies and then cheats specific Android AV apps.
Best of Black Hat: 20 Epic Talks in 20 Years
Slideshows  |  7/19/2017  | 
In celebration of Black Hat's 20th birthday, we take a look back at the most memorable presentations and demos since the show's inception in 1997.
Researchers Create Framework to Evaluate Endpoint Security Products
News  |  7/17/2017  | 
Black Hat USA researchers tested more than 30,000 types of malware to learn the effectiveness of endpoint security tools - and they'll demonstrate how they did it.
Cloud AV Can Serve as an Avenue for Exfiltration
News  |  7/14/2017  | 
Black Hat USA researchers show how bad guys can use cloud AV connections to bypass air-gaps and extremely segmented networks to keep stolen data flowing.
Black Hat to Host Discussion on Diversity
Commentary  |  7/13/2017  | 
Panel of diversity pioneers will share their views and firsthand experience on how to make inclusion a priority in security.
How Active Intrusion Detection Can Seek and Block Attacks
News  |  7/12/2017  | 
Researchers at Black Hat USA will demonstrate how active intrusion detection strategies can help administrators detect hackers who are overly reliant on popular attack tools and techniques.
IoT Devices Plagued by Lesser-Known Security Hole
News  |  7/10/2017  | 
Internet of Things devices are security-challenged enough, but they're also being massively exposed on the public Internet this time via MQTT communications, a researcher will show at Black Hat USA.
IoT Physical Attack Exploit to be Revealed at Black Hat
News  |  7/7/2017  | 
Security researcher Billy Rios plans to demonstrate how an exploit can cause an IoT device to launch a physical attack against a human.
Black Hat Survey: Security Pros Expect Major Breaches in Next Two Years
News  |  7/6/2017  | 
Significant compromises are not just feared, but expected, Black Hat attendees say.
Researchers Build Firewall to Deflect SS7 Attacks
News  |  7/5/2017  | 
Security researchers will release an open-source SS7 firewall at Black Hat USA that aims to bolster security of mobile operators' core networks.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/27/2020
Are You One COVID-19 Test Away From a Cybersecurity Disaster?
Alan Brill, Senior Managing Director, Cyber Risk Practice, Kroll,  10/21/2020
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
David Pearson, Principal Threat Researcher,  10/21/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11854
PUBLISHED: 2020-10-27
Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravil...
CVE-2020-11858
PUBLISHED: 2020-10-27
Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility affects: 1.) Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 ...
CVE-2020-23945
PUBLISHED: 2020-10-27
A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php file. This parameter can be used by sqlmap to obtain data information in the database.
CVE-2020-7754
PUBLISHED: 2020-10-27
This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters.
CVE-2020-6023
PUBLISHED: 2020-10-27
Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware.