![]() ![]() The DefCon 25 hacker conference follows Black Hat USA this year it has found a new home at Caesar’s Palace in Las Vegas and is running from July 27-30. “The Broadcom BCM43xx family of Wi-Fi chips is found in an extraordinarily wide range of mobile devices-from various iPhone models, to HTC, LG, Nexus and practically the full range of Samsung flagship devices.” “Meet Broadpwn, a vulnerability in Broadcom’s Wi-Fi chipsets which affects millions of Android and iOS devices, and can be triggered remotely, without user interaction,” Artenstein’s session abstract states. Nitay Artenstein, vulnerability researcher at Exodus Intelligence, responsibly reported the Broadpwn vulnerabilities to the impacted vendors, and they have already patched the issue. Patrick Wardle, chief security researcher at Synack, will demonstrate his macOS security tools at the Arsenal tools display section of Black Hat and will also be presenting in a session where he will discuss the recent macOS Fruitfly malware.Īmong the most impactful and widespread security vulnerabilities to be detailed at Black Hat USA 2017 is Broadpwn, a flaw in the widely deployed Broadcom WiFi chipset that affects hundreds of millions of mobile devices, including those running Android and iOS, as well as desktop macOS. Alex Radocea, founder of Longterm Security, will detail flaws in Apple’s iCloud keychain that were fixed in iOS and macOS in March. It was at Black Hat USA 2007 where security researcher Charlie Miller publicly discussed the very first hack of Apple’s iPhone, which debuted that same year.Īt Black Hat USA 2017, there are four talks planned where different elements of Apple security will be detailed. Colin O’Flynn, CEO/CTO at NewAE Technology, will detail in a session how easy it is to bypass and hack modern consumer electronic locks.Īnother popular topic of discussion at Black Hat USA events is the security of Apple’s software. How to break various types of locks is an oft-repeated topic at Black Hat, and the 2017 edition of the event is no exception. Not to be outdone, Ruben Santamarta, principal security consultant at IOActive, will detail vulnerabilities with radiation monitoring equipment used at nuclear power plants. Security researchers from ESET and Dragos will provide more details about the CrashOveride/Industroyer attack that hit Ukraine last month. ![]() ![]() Wind power isn’t the only type of critical infrastructure at risk. At this year’s event, researchers will detail multiple types of attacks against various forms of critical infrastructure. Jason Staggs, security researcher at the University of Tulsa, will detail how he was able to attack wind power stations in his talk titled “Adventures in Attacking Wind Farm Control Networks.” His topic will be “Stepping Up Our Game: Re-focusing the Security Community on Defense and Making Security Work for Everyone.” Stamos is no stranger to the Black Hat stage in 2014, when he was the chief information security officer (CISO) of Yahoo, he spoke on a similar topic of how the security industry was failing to meet user needs.īlack Hat has long been the place where researchers choose to disclose and discuss some of the most impactful security risks. This year there is only one keynote speech, which Facebook’s Chief Security Officer Alex Stamos will deliver. The main part of the conference is Black Hat Briefings, which runs July 26-27. ![]() The most enterprise-friendly event of the week is the annual Black Hat USA security conference, which is taking place at the Mandalay Bay in Las Vegas, with security researchers demonstrating the latest threats to critical infrastructure, servers, mobile and desktop operating systems, internet of things (IoT) and everything in between. On the information security calendar, this week is known by many as “hacker summer camp,” with a trio of security conferences ongoing: Black Hat USA, BSides LV and the DefCon. ![]()
0 Comments
Leave a Reply. |