Cybersecurity News
A Mix of Optimism and Pessimism for Security of the 2020 Election
DHS CISA's Christopher Krebs and Georgetown University's Matt Blaze at Black Hat USA give the lowdown on where things stand and what still needs to happen to protect the integrity of November's election.06 August 2020
Black Hat: Hackers are using skeleton keys to target chip vendors
Operation Chimera focuses on the theft of valuable intellectual property and semiconductor designs.06 August 2020
Where Dark Reading Goes Next
Dark Reading Editor-in-Chief gives a complete rundown of all the Dark Reading projects you might not even know about, his insight into the future of the security industry, and how we plan to cover it.06 August 2020
Black Hat 2020: Mercedes-Benz E-Series Rife with 19 Bugs
Researchers went into detail about the discovery and disclosure of 19 security flaws they found in Mercedes-Benz vehicles, which have all been fixed.
06 August 2020
On 'Invisible Salamanders' and Insecure Messages
Cornell researcher Paul Grubbs discusses how vulnerabilities found in Facebook Messenger encryption could mean trouble for your secure messages.06 August 2020
Exploiting Google Cloud Platform With Ease
Security engineer Dylan Ayrey and Cruise senior infrastructure security engineer Allison Donovan describe fundamental weaknesses in GCP identity management that enable privilege escalation and lateral movement.06 August 2020
Office 365's Vast Attack Surface & All the Ways You Don't Know You're Being Exploited Through It
Mandiant incident response managers Josh Madeley and Doug Bienstock describe how thoroughly Microsoft 365 (formerly known as Office 365) extends into corporate networks, describe both sophisticated and simple attacks they've detected, and suggest mitigations as businesses rely more heavily on the cloud.06 August 2020
Information Operations Spotlighted at Black Hat as Election Worries Rise
From Russia's "best-in-class" efforts at widening social divides in Western democracies to China's blunt attacks on dissidents, information operations are becoming a greater threat, says a Stanford researcher.06 August 2020
Canon Admits Ransomware Attack in Employee Note, Report
The consumer-electronics giant has suffered partial outages across its U.S. website and internal systems, reportedly thanks to the Maze gang.
06 August 2020
OpenText Blends Security, Data Protection for Greater Cyber Resilience
SPONSORED CONTENT: Infosec professionals are taking advantage of technology hybrids to keep users, data, and their networks more safe, according to Hal Lonas of OpenText's Webroot division. And they're also finding new ways to use artificial intelligence and machine learning to improve security management and reduce risk.06 August 2020
Why Satellite Communication Eavesdropping Will Remain A Problem
Oxford PhD candidate James Pavur shows that SATCOM security has still made no progress since previous Black Hat disclosures, and discusses the physical and economic limitations that slow make it unlikely to improve anytime soon.06 August 2020
Beyond KrØØk: Even more Wi‑Fi chips vulnerable to eavesdropping
At Black Hat USA 2020, ESET researchers delved into details about the KrØØk vulnerability in Wi-Fi chips and revealed that similar bugs affect more chip brands than previously thought
The post Beyond KrØØk: Even more Wi‑Fi chips vulnerable to eavesdropping appeared first on WeLiveSecurity
06 August 2020
Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims
A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S. consumer data broker, KrebsOnSecurity has learned.06 August 2020
Using IoT Botnets to Manipulate the Energy Market
Tohid Shekari, phD candidate at Georgia Tech, talks about the session that he and Georgia Tech professor Raheem Beyah gave about a stealthy and adaptable way to use IoT botnets for financial gain or market downfall.06 August 2020
Black Hat 2020: Satellite Comms Globally Open to $300 Eavesdropping Hack
Attackers can listen in on internet traffic for high-value targets a continent away, like shipping fleets and oil installations, using some basic home-television gear.
06 August 2020
Broadcom: Staying Safe with WastedLocker Ransomware Variant on the Prowl
SPONSORED CONTENT: Stealthier and more patient than some predecessors, WastedLocker lingers surreptitiously for as long as it needs to for maximum payoff, says Jon DiMaggio with Broadcom's Symantec division. He explains how Windows servers are at a different risk level than their open-source counterparts, and how WastedLocker identifies "valuable" targets.06 August 2020
Intel investigating breach after 20GB of internal documents leak online
Leak confirmed to be authentic. Many files are marked "confidential" or "restricted secret."06 August 2020
The Long Shadow of Stuxnet: New Microsoft Print Spooler Vulns Revealed
Researchers Peleg Hader and Tomer Bar of SafeBreach share details of the three vulnerabilities they found in Windows Print Spooler that could allow an attacker to sneak into the network through an old printer service mechanism.06 August 2020
Remotely Hacking Operations Technology Systems
Marco Balduzzi senior research scientist with Trend Micro, tells us how the often-overlooked ICS protocol gateways contain serious vulnerabilities that allow attackers to hack OT systems remotely.06 August 2020
New Windows Print Spooler Zero-Day Flaws Harken Back to Stuxnet
Researchers find new flaws in the ubiquitous decades-old printer software in Windows, including one that bypasses a recent Microsoft patch.06 August 2020