News
News
- August 17, 2018
17 Aug'18
DHS cybersecurity rhetoric offers contradictions at DEF CON
The Vote Hacking Village at Defcon 26 in Las Vegas was an overwhelming jumble of activity -- a mock vote manipulated, children hacking election results websites, machines being disassembled -- and ...
- August 17, 2018
17 Aug'18
Intel disclosed Spectre-like L1TF vulnerabilities
News roundup: Intel disclosed L1TF vulnerabilities with similarities to Spectre, but with a focus on data. Plus, the NIST Small Business Cybersecurity Act is now a law, and more.
- August 17, 2018
17 Aug'18
ICS security fails the Black Hat test
Industrial control systems hit the mainstream at Black Hat this year, with over two dozen program sessions tackling different angles of the subject. The takeaway: Vendors still aren't really trying.
-
- August 16, 2018
16 Aug'18
Finalized TLS 1.3 update has been published at last
The finalized TLS 1.3 update has been published after a four-year process. The new protocol promises to be faster and more secure than its predecessor, TLS 1.2.
- August 15, 2018
15 Aug'18
Infosec mental health support and awareness hits Black Hat 2018
While burnout, depression and PTSD can affect anyone, infosec mental health still doesn't often get the attention it deserves, but Black Hat 2018 attempted to change that.
- August 14, 2018
14 Aug'18
Google location tracking continues even when turned off
New research has discovered mobile apps may still store where users have been even after Google location-tracking services have been turned off.
- August 14, 2018
14 Aug'18
Amanda Rousseau on becoming a cybersecurity researcher
Cybersecurity researcher Amanda Rousseau discusses the relationship between the infosec community and law enforcement and how to create the next generation of white hat hackers.
- August 14, 2018
14 Aug'18
Amanda Rousseau talks about computer forensics investigations
Amanda Rousseau, aka Malware Unicorn, discusses her time in computer forensics investigations with the DoD, as well as the joys of reverse engineering malware encryption by hand.
- August 13, 2018
13 Aug'18
Lessons learned from Meltdown and Spectre disclosure process
During a Black Hat 2018 session, Google, Microsoft and Red Hat offered a behind-the-scenes look at the disclosure and response effort for Meltdown and Spectre.
- August 10, 2018
10 Aug'18
2018 Pwnie Awards cast light and shade on infosec winners
The Meltdown and Spectre research teams won big at the Pwnie Awards this year at Black Hat, while the late-entry Bitfi Wallet team overwhelmingly won for Lamest Vendor Response.
-
- August 10, 2018
10 Aug'18
Web cache poisoning attacks demonstrated on major websites, platforms
PortSwigger's James Kettle doesn't believe web cache poisoning is theoretical and to prove it, he demonstrated several attacks on major websites and platforms at Black Hat 2018.
- August 10, 2018
10 Aug'18
WhatsApp vulnerabilities let hackers alter messages
News roundup: New WhatsApp vulnerabilities enabled hackers to alter messages sent in the app. Plus, the PGA was hit with a ransomware attack, and more.
- August 09, 2018
09 Aug'18
Irregularities discovered in WinVote voting machines
At Black Hat 2018, security researcher Carsten Schuermann unveiled the results of a forensic analysis of eight WinVote voting machines that had been used in Virginia elections.
- August 09, 2018
09 Aug'18
Risk & Repeat: Can Disclose.io help protect vulnerability researchers?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Disclose.io project and what it could mean for the future of security research and vulnerability disclosure.
- August 09, 2018
09 Aug'18
Meltdown and Spectre disclosure suffered "extraordinary miscommunication"
During a panel discussion at Black Hat 2018 on Meltdown and Spectre, Google explained how miscommunication left the company's incident response out of the early disclosure process.