Black Hat, DefCon Expose Flaws in Voting Machines to Smart Guns

1 of 17

Black Hat, DefCon Expose Flaws in Voting Machines to Smart Guns

The annual week of security conferences—the back-to-back Black Hat USA and DefCon events—colloquially referred to as "hacker summer camp" ran from July 22-30. The Black Hat show that was held at Mandalay Bay celebrated its 20th anniversary and was headlined by a keynote address from Facebook Chief Security Officer Alex Stamos. Perhaps the biggest single flaw detailed at Black Hat was the Broadpwn vulnerability that impacted hundreds of millions of iOS and Android devices. At the DefCon 25 conference, which was held at Caesar's Palace, voting machines were hacked, as were internet of things (iOT) devices, cars, industrial control systems and even smart guns. In this slide show, eWEEK takes a look at some of the highlights of the 2017 Black Hat USA and DefCon conferences.

2 of 17

Black Hat Now 20 Years Old

Jeff Moss, founder of both the Black Hat and DefCon security conferences, used the Black Hat keynote stage to reflect on the 20th anniversary of Black Hat. The Black Hat conference debuted five years after DefCon as a conference for security professionals, while DefCon is more of a hacker convention.

3 of 17

Facebook Chief Security Officer Explains What's Important

While a lot of media attention around security tends to deal with zero-day exploits, Alex Stamos, chief security officer at Facebook, said during his Black Hat keynote that the vast majority of security incidents involve various forms of everyday abuse and not zero-day vulnerabilities.

4 of 17

Christian Slater Poses With Black Hat Attendees

Hollywood actor Christian Slater, who has had multiple roles as a hacker in TV shows and film, was in an HP-sponsored booth taking pictures with attendees.

5 of 17

Understanding Ransomware

Google security researchers detailed how the ransomware payment chain works during a Black Hat session.

6 of 17

Broadpwn Flaw Revealed

Exodus Intelligence security researcher Nitay Artenstein detailed the Broadpwn vulnerability in Broadcom WiFi chips that impacted all iOS and Android devices. Thanks to Artenstein's responsible disclosure to the impacted vendors, the flaws were patched several weeks prior to the Black Hat presentation.

7 of 17

Voting Machines Hacked at DefCon

At DefCon 25, hackers were given the opportunity to legally attempt to attack voting machines, rapidly discovering multiple vulnerabilities in different voting machines.

8 of 17

Hacking All the IoT Things

The internet of things (IoT) village at the DefCon provided hackers with the opportunity to quite literally hack all the things.

9 of 17

FTC Commissioner Explains How the Government Helps Security

U.S. Federal Trade Commissioner Terrell McSweeny explained the various actions the FTC has taken over the years to help protect consumers and privacy.

10 of 17

Hacking Cars at DefCon

The Car Hacking Village at DefCon provided attendees with the opportunity to learn about and test various components of the modern car's electronics systems.

11 of 17

Taking Aim at Industrial Control Systems

The ICS Village at DefCon provided multiple resources and components to help attackers attempt to hack the security of industrial control systems (ICS).

12 of 17

Make Your Own Tin Foil Hat

As a nod to security paranoia, DefCon attendees were able to make their own tin foil hats.

13 of 17

Cabletap Vulnerabilities Revealed

Security researchers at DefCon disclosed the new Cabletap set of flaws. Cabletap is a set of 26 related vulnerabilities that impact wireless gateways and set-top boxes provided to consumers by internet service providers.

14 of 17

Smart Gun Apparently Not So Smart

A security researcher known publicly only as "Plore" detailed a number of vulnerabilities in the Armatix iP1 smart gun. The vulnerabilities could enable a hacker to fire the weapon without the proper authority or to restrict the ability of a user to fire the weapon.

15 of 17

Wall of Sheep Shows Insecure Users

The Wall of Sheep at DefCon was able to catch many unsuspecting users of the open WiFi network that connected to services without proper encryption.

16 of 17

Black Hat Returns in August 2018

The Black Hat 2018 event is scheduled for Aug. 4-9, 2018.

17 of 17

Vendors Use Black Hat Event to Launch New Products, Announce Advances

Gone are the days when Black Hat was just about research; now it's also a place where security vendors launch new products and make big announcements.
Top White Papers and Webcasts