1Black Hat, DefCon Draw Security Experts to Demo Latest Exploits
Security experts examined modern threats—ranging from car hacking to Flash vulnerabilities—at the Black Hat USA and DefCon 24 conferences.
2Kaminsky Warns of Risks to the Internet
Security researcher Dan Kaminsky, who delivered the only Black Hat keynote this year, said the basic fabric of the internet continues to be at risk. “We have work to do to keep the internet working,” he said. “I’m here to encourage everyone to notice what is wrong, how it can get worse and what we can do about it.”
3Jeep Hackers Return for Third Time
Charlie Miller and Chris Valasek completed their Black Hat car hacking trifeca by delivering their third (and ostensibly final) talk about vehicle flaws that the pair were able exploit. This year, the two researchers demonstrated how they could control a vehicle’s brakes and steering.
4ATM Hacking Returns for EMV
Tod Beardsley, security research manager, and Weston Hecker, senior security engineer, both of Rapid7, demonstrated flaws in how ATM systems could be tampered with to allow an attacker to steal cash.
5Don’t Pick Up Random USB Keys
Will people pick up randomly placed USB keys and stick them in their PCs? Surprisingly, a Google researcher checked this out and found 46 percent of people picking up a key, putting it in a PC and then clicking a link.
6The Year in Flash Vulnerabilities
Google Project Zero security researcher Natalie Silvanovich is among the most prolific bug reporters of Adobe Flash vulnerabilities. In a Black Hat session, she detailed myriad flaws discovered in Flash over the last year, including 79 in December 2015.
7Apple Launches Bug Bounty Program
At Black Hat, Ivan Krstic, head of Apple Security Engineering and Architecture, announced the company’s new security awards program. The bug bounty program, set to launch in September, will offer researchers up to $200,000 in awards for finding iOS software vulnerabilities.
8Vendors Fill Black Hat Exhibit Hall
While Black Hat was originally best known for its security research, in recent years the exhibit hall has expanded to rival the show floor at the neighboring RSA Security conference.
9DARPA Cyber Grand Challenges Finale Comes to DefCon
DefCon played host to the final round of the DARPA’s Cyber Grand Challenge, pitting seven autonomous systems against each other in a security challenge. In total, $3.75 million in prize money was awarded with the Mayhem system winning the top prize of $2 million.
10FTC Wants Hackers
Terrell McSweeny, FTC commissioner, made a plea at DefCon for hackers to work with the government on research that can help improve consumer privacy and data protection.
11Wall of Sheep Nabs Unsuspecting DefCon Attendees
The Wall of Sheep, hosted in the Packet Hacking Village at DefCon, publicly shamed attendees that connected to the network and sent their usernames and passwords in clear text.
12IoT Village Exposes Risks
Among the most popular areas of DefCon this year was the IoT village, which provided visitors with the opportunity to hack popular IoT devices.
13Car Hacking Village Sponsored by Chrysler
Fiat Chrysler America was among the multiple sponsors of the Car Hacking Village at DefCon that encouraged attendees to learn about car hacking and vehicle security.
14Save the Date for 2017
The Black Hat USA 2017 event is scheduled for July 22 to 27, 2017, with DefCon 25 set to follow.