Black Hat, DefCon Draw Security Experts to Demo Latest Exploits

1 - Black Hat, DefCon Draw Security Experts to Demo Latest Exploits
2 - Kaminsky Warns of Risks to the Internet
3 - Jeep Hackers Return for Third Time
4 - ATM Hacking Returns for EMV
5 - Don't Pick Up Random USB Keys
6 - The Year in Flash Vulnerabilities
7 - Apple Launches Bug Bounty Program
8 - Vendors Fill Black Hat Exhibit Hall
9 - DARPA Cyber Grand Challenges Finale Comes to DefCon
10 - FTC Wants Hackers
11 - Wall of Sheep Nabs Unsuspecting DefCon Attendees
12 - IoT Village Exposes Risks
13 - Car Hacking Village Sponsored by Chrysler
14 - Save the Date for 2017
1 of 14

Black Hat, DefCon Draw Security Experts to Demo Latest Exploits

Security experts examined modern threats—ranging from car hacking to Flash vulnerabilities—at the Black Hat USA and DefCon 24 conferences.

2 of 14

Kaminsky Warns of Risks to the Internet

Security researcher Dan Kaminsky, who delivered the only Black Hat keynote this year, said the basic fabric of the internet continues to be at risk. "We have work to do to keep the internet working," he said. "I'm here to encourage everyone to notice what is wrong, how it can get worse and what we can do about it."

3 of 14

Jeep Hackers Return for Third Time

Charlie Miller and Chris Valasek completed their Black Hat car hacking trifeca by delivering their third (and ostensibly final) talk about vehicle flaws that the pair were able exploit. This year, the two researchers demonstrated how they could control a vehicle's brakes and steering.

4 of 14

ATM Hacking Returns for EMV

Tod Beardsley, security research manager, and Weston Hecker, senior security engineer, both of Rapid7, demonstrated flaws in how ATM systems could be tampered with to allow an attacker to steal cash.

5 of 14

Don't Pick Up Random USB Keys

Will people pick up randomly placed USB keys and stick them in their PCs? Surprisingly, a Google researcher checked this out and found 46 percent of people picking up a key, putting it in a PC and then clicking a link.

6 of 14

The Year in Flash Vulnerabilities

Google Project Zero security researcher Natalie Silvanovich is among the most prolific bug reporters of Adobe Flash vulnerabilities. In a Black Hat session, she detailed myriad flaws discovered in Flash over the last year, including 79 in December 2015.

7 of 14

Apple Launches Bug Bounty Program

At Black Hat, Ivan Krstic, head of Apple Security Engineering and Architecture, announced the company's new security awards program. The bug bounty program, set to launch in September, will offer researchers up to $200,000 in awards for finding iOS software vulnerabilities.

8 of 14

Vendors Fill Black Hat Exhibit Hall

While Black Hat was originally best known for its security research, in recent years the exhibit hall has expanded to rival the show floor at the neighboring RSA Security conference.

9 of 14

DARPA Cyber Grand Challenges Finale Comes to DefCon

DefCon played host to the final round of the DARPA's Cyber Grand Challenge, pitting seven autonomous systems against each other in a security challenge. In total, $3.75 million in prize money was awarded with the Mayhem system winning the top prize of $2 million.

10 of 14

FTC Wants Hackers

Terrell McSweeny, FTC commissioner, made a plea at DefCon for hackers to work with the government on research that can help improve consumer privacy and data protection.

11 of 14

Wall of Sheep Nabs Unsuspecting DefCon Attendees

The Wall of Sheep, hosted in the Packet Hacking Village at DefCon, publicly shamed attendees that connected to the network and sent their usernames and passwords in clear text.

12 of 14

IoT Village Exposes Risks

Among the most popular areas of DefCon this year was the IoT village, which provided visitors with the opportunity to hack popular IoT devices.

13 of 14

Car Hacking Village Sponsored by Chrysler

Fiat Chrysler America was among the multiple sponsors of the Car Hacking Village at DefCon that encouraged attendees to learn about car hacking and vehicle security.

14 of 14

Save the Date for 2017

The Black Hat USA 2017 event is scheduled for July 22 to 27, 2017, with DefCon 25 set to follow.

Top White Papers and Webcasts