At Black Hat and Defcon, hackers talk shop

roundup This week's gatherings in Las Vegas are for those who know how to hack--and for those who want to stop them.

This week's gatherings in Las Vegas are for those who know how to hack--and for those who want to stop them.

Hacking the Defcon badges

Defcon badges, designed to be hacked, get turned into a polygraph, blue box dialer, sound sensitive blimp navigator and a device for defeating facial recognition systems.
• Photos: Defcon badge inspires hacks
(Posted in InSecurity Complex by Elinor Mills)
August 5, 2009 4:00 AM PDT

Hanging with hackers can make you paranoid

Compromised ATMs, virus-infected USB drives, badges with built-in microphones and security experts getting hacked--no wonder it's scary going to Black Hat and Defcon.
• Defcon: What to leave at home and other do's and don'ts
(Posted in InSecurity Complex by Elinor Mills)
August 4, 2009 4:00 AM PDT

Using software updates to spread malware

Researchers warn that attackers could put malware on machines by intercepting software updates on Wi-Fi networks.
(Posted in InSecurity Complex by Elinor Mills)
August 1, 2009 4:17 PM PDT

Researchers offer tools for eavesdropping, video hijacking

UCSniff can be used to spy on video conference calls while VideoJak allows for hijacking of video streams.
(Posted in InSecurity Complex by Elinor Mills)
July 31, 2009 5:51 PM PDT

Apple fixes iPhone SMS flaw

Vulnerability in iPhone software allowed hackers to take control of the device via an SMS message, as demonstrated at Black Hat.
• Apple cautions iPhone users about jailbreaking
(Posted in Security by Jim Dalrymple)
July 31, 2009 11:50 AM PDT

An SMS can force a URL or app on smartphones

The onslaught of SMS attacks continues at Black Hat with the third of a handful of mobile-related talks.
(Posted in InSecurity Complex by Elinor Mills)
July 30, 2009 7:28 PM PDT

Hackers claim to bypass S.F. e-parking meters

A trio of programmers and engineers say they can bypass the security mechanisms of the city's electronic parking meters and create "prepaid" cards with a value of $999.99.
(Posted in Security by Declan McCullagh)
July 30, 2009 2:15 PM PDT

Researchers can attack mobile phones via spoofed SMS messages

Phones that support MMS on GSM networks are vulnerable to new SMS spoofing attacks, researchers say at Black Hat.
(Posted in InSecurity Complex by Elinor Mills)
July 30, 2009 1:53 PM PDT

Flaws in domain name verification uncovered

Dan Kaminsky and Moxie Marlinspike explain how flaws in the way domain names are verified on the Internet could allow attackers to impersonate a site and steal information from unsuspecting Web surfers.
(Posted in InSecurity Complex by Elinor Mills)
July 30, 2009 1:14 AM PDT

Researchers attack my iPhone via SMS

Two security researchers prove to a reporter during Black Hat that they can indeed "Pwn" her iPhone by just sending a text message.
(Posted in InSecurity Complex by Elinor Mills)
July 29, 2009 8:51 PM PDT

Ex-Google CIO breaks his own security rules

Douglas Merrill talks about being CIO at Google and an exec at EMI, and how more companies need to foster innovation, letting employees use Google Calendar if they want.
(Posted in InSecurity Complex by Elinor Mills)
July 29, 2009 5:11 PM PDT

Security experts' sites hacked on eve of conference

Attackers post e-mails, passwords, and other sensitive data stolen from security experts and others on hacked site of Dan Kaminsky.
(Posted in InSecurity Complex by Elinor Mills)
July 29, 2009 3:13 PM PDT

Clampi Trojan stealing online bank data

Security researcher warns that two-year-old Trojan has infected hundreds of thousands of PCs and is stealing log-in credentials when victims log into bank and other Web sites.
• Spam and malware at all-time highs
• Report finds fake antivirus on the rise
(Posted in InSecurity Complex by Elinor Mills)
July 29, 2009 11:30 AM PDT

Microsoft offers patches to ward off ActiveX attacks

In rare out-of-cycle security update, Microsoft fixes hole that put IE users at risk of attacks via ActiveX and other controls.
• Single misplaced '&' caused latest IE exploit
(Posted in InSecurity Complex by Elinor Mills)
July 28, 2009 11:04 AM PDT

Microsoft says security programs are paying off

Company releases progress report on three programs launched a year ago to identify security holes and patch them faster.
(Posted in InSecurity Complex by Elinor Mills)
July 27, 2009 1:17 PM PDT

From iPhones to smart grids at Black Hat, Defcon

Security pros to swap data on hacking everything from phones to critical infrastructure at Black Hat and its less corporate sister show Defcon, where geek games and mayhem rule.
(Posted in InSecurity Complex by Elinor Mills)
July 27, 2009 4:00 AM PDT

HP researchers develop browser-based darknet

Darknets, encrypted peer-to-peer networks, are normally difficult to set up and maintain. But two researchers plan to demonstrate a less complicated one at Black Hat.
(Posted in Security by Tom Espiner)
July 25, 2009 3:58 PM PDT

Researchers to offer tool for breaking into Oracle databases

Free tools for breaking into Oracle databases will be released at Black Hat and Defcon next week.
(Posted in InSecurity Complex by Elinor Mills)
July 23, 2009 12:04 PM PDT

previous coverage

ATM vendor gets security talk pulled from conferences

Juniper Networks cancels researcher's talk at Black Hat and Defcon about ATM insecurities after a vendor complains.
(Posted in InSecurity Complex by Elinor Mills)
July 1, 2009 12:30 PM PDT

Hacker named to Homeland Security Advisory Council

Hacker and Defcon founder Jeff Moss joins former FBI, CIA directors on Homeland Security Advisory Council.
(Posted in InSecurity Complex by Elinor Mills)
June 5, 2009 5:27 PM PDT
 

ARTICLE DISCUSSION

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

Hot on CNET

The Next Big Thing

Consoles go wide and far beyond gaming with power and realism.