black hat

  • The Thin Black-Clad Line Crunch Network

    The Thin Black-Clad Line

    We live in a cyberpunk novel. Every major nation-state clandestinely develops (and/or purchases) carefully targeted malware, and constantly probes—or penetrates—other nations’ defenses while desperately evaluating their offensive capabilities. Criminal undergrounds ransom ordinary users’ computers for bitcoin. Fortune 500 companies are breached almost monthly. Read More

  • Hack The Planet! (Before It’s Too Late)

    Hack The Planet! (Before It’s Too Late)

    Greetings from the gaudy hellscape of Las Vegas, and that overcrowded maelstrom of surly hackers known as DEF CON! What follows is a brief rundown of the talks here (and its big corporate sister Black Hat) that seemed particularly interesting. Short version: software is eating the world; software can be hacked; ergo, the world can be hacked. Be afraid. Read More

  • New Zero-Day Exploit Can Completely Brick Your Mac

    New Zero-Day Exploit Can Completely Brick Your Mac

    It’s Black Hat season, meaning that we are getting a new batch of zero-day exploits showing how insecure our gadgets are. Xeno Kovah and Trammell Hudson found a serious zero-day vulnerability in OS X letting malware creators completely brick your Mac without any way to reset it to its factory status. Apple told The Guardian that it is working on a fix for both Yosemite and El Capitan. Read More

  • Notes From Crazytown, Day Three: Black Hat Breakdown Crunch Network

    Notes From Crazytown, Day Three: Black Hat Breakdown

    So far this week, at Black Hat, I have learned to deeply mistrust: passwords, chip-and-PIN cards, USB devices, HTTPS connections, more than two billion phones, governments worldwide, all human societies, and my sense of the ridiculous. You should mistrust all those too! Sorry. What follows is a summary of the most eyebrow-raising talks I attended or heard about: Read More

  • Notes From Crazytown, Day One: The Business Of Fear Crunch Network

    Notes From Crazytown, Day One: The Business Of Fear

    Can your computer be hacked? Yep. Can your phone be hacked? Yep. Have your passwords been harvested? Very possibly. (The NYT just reported that one Russian group has more than a billion, though it’s unclear how many are salted and hashed.) So how worried should you be, exactly? …Good luck getting a real answer to that. Almost nobody has a strong incentive to give you one. Read More

  • What Happens At Def Con Stays With Us All

    What Happens At Def Con Stays With Us All

    There’s nothing like attendance at the annual Black Hat and DefCon security/hacker conferences to hike your paranoia into the red zone and keep it there forever. You come away with the sense that nothing, anywhere, ever, is safe–and that’s just from talks given by people willing to publicize their work. Compared to the secret legions of the NSA and other governments’… Read More

  • NSA Director: Don’t Worry, Trust Us

    NSA Director: Don’t Worry, Trust Us

    General Keith Alexander, head of the NSA, gave the keynote speech at the Black Hat security conference in Las Vegas today. It was more interesting than I expected. Not for the speech itself, which contained zero bombshells–a transcript and video should be up on the Black Hat site fairly soon, for those interested–or for the questions. There was exactly one non-pre-filtered… Read More

  • Think your satellite dish is secure? It's not.

    From TV to internet, most people think that their satellite dish connection is secure and unhackable. Well, it’s not. Using equipment that he built himself for under $1000, UK resident Adam Laurie has discovered a way to intercept everything from email to closed circuit broadcasts. Read More

  • French journalists steal passwords at security conference, get kicked out

    Three French journalists were kicked out of the Black Hat security conference in Las Vegas yesterday. They were caught sniffing the press room’s Wi-Fi network. The journalists were from the magazine Global Security, and said they’re hacking was merely a “joke.” They were able to obtain login information from several journalists, including one from eWeek. I only mention… Read More