One of the most popular models for analyzing cyberattacks doesn’t focus enough on what to do after adversaries break into networks successfully, which they inevitable will do, Black Hat 2016 attendees were told this week in Las Vegas.“Every attacker will become an insider if they are persistent enough,” says Sean Malone, a security consultant who spoke at the conference. “We need to operate under a presumption of breach.”MORE: 'Mayhem" wins $2M first prize at DARPA Cyber Grand ChallengeTo read this article in full or to leave a comment, please click here
Cyber-reasoning platform Mayhem pulled down the $2 million first prize in a DARPA-sponsored Cyber Grand Challenge competition that pitted entrants against each other in the classic hacking game Capture the Flag, never before played by programs running on supercomputers.A team from Carnegie Mellon University spin-out All Secure entered Mayhem in the competition against six other programs played in front of thousands in the ballroom of the Paris hotel in Las Vegas. Most of the spectators were in town for the DEF CON hacker conference starting Friday at the same site.BLACK HAT: Quick look at hot issuesTo read this article in full or to leave a comment, please click here
USB keys were famously used as part of the Stuxnet attack on the Iranian nuclear program and for good reason: it’s got a high rate of effectiveness, according to a researcher at Black Hat 2016.Of 297 keys spread around the University of Illinois Urbana Champaign 45% were not only plugged into victims’ computers but the victims then clicked on links in files that connected them to more malware, says Elie Burstzein, a Google researcher who presented the results.+More on Network World: Black Hat: 9 free security tools for defense & attacking | Follow all the stories from Black Hat 2016 +To read this article in full or to leave a comment, please click here
USB keys were famously used as part of the Stuxnet attack on the Iranian nuclear program and for good reason: it’s got a high rate of effectiveness, according to a researcher at Black Hat 2016.Of 297 keys spread around the University of Illinois Urbana Champaign 45% were not only plugged into victims’ computers but the victims then clicked on links in files that connected them to more malware, says Elie Burstzein, a Google researcher who presented the results.+More on Network World: Black Hat: 9 free security tools for defense & attacking | Follow all the stories from Black Hat 2016 +To read this article in full or to leave a comment, please click here
Stop right thereAttendees mill about the Black Hat 2016 trade show floor seeking tools they need to do their work. See how vendors make every effort to have them stop by.BeerAlways a favorite, Kaspersky doles out cases of it during the opening conference reception.To read this article in full or to leave a comment, please click here
Stop right thereAttendees mill about the Black Hat 2016 trade show floor seeking tools they need to do their work. See how vendors make every effort to have them stop by.BeerAlways a favorite, Kaspersky doles out cases of it during the opening conference reception.To read this article in full or to leave a comment, please click here
The country needs a federal agency akin to the National Institutes of Health in order to fix the problems with the internet, keynoter Dan Kaminsky yesterday told a record crowd of more than 6,400 at Black Hat 2016.Private companies are dealing with the security problems they face without sharing the solutions or pushing for the underlying engineering changes that are needed to make the internet more secure, says Kaminsky, who famously discovered a serious vulnerability in DNS, which underpins the internet.The solution is a central agency to address those engineering challenges. He says all the money that is spent piecemeal on battling security needs to be channeled to this agency so it has the resources and bureaucratic bulk to escape being derailed by transient public officeholders whose policies can change dramatically and quickly.To read this article in full or to leave a comment, please click here
The country needs a federal agency akin to the National Institutes of Health in order to fix the problems with the internet, keynoter Dan Kaminsky yesterday told a record crowd of more than 6,400 at Black Hat 2016.Private companies are dealing with the security problems they face without sharing the solutions or pushing for the underlying engineering changes that are needed to make the internet more secure, says Kaminsky, who famously discovered a serious vulnerability in DNS, which underpins the internet.The solution is a central agency to address those engineering challenges. He says all the money that is spent piecemeal on battling security needs to be channeled to this agency so it has the resources and bureaucratic bulk to escape being derailed by transient public officeholders whose policies can change dramatically and quickly.To read this article in full or to leave a comment, please click here
Donald Trump is a troll looking to say whatever will stir up the most people, according to security expert Dan Kaminsky who delivered the keynote at Black Hat today.“Don figures out what people don’t want to hear,” and then he says it, Kaminsky said in an interview after his speech.+More on Network World: Black Hat: Be wary of HTTP/2 on Web servers | Follow all the stories from Black Hat +“It’s not that Donald Trump is the worst troll ever, it’s just that the American public has never been trolled so effectively. The reaction is the point.”To read this article in full or to leave a comment, please click here
Donald Trump is a troll looking to say whatever will stir up the most people, according to security expert Dan Kaminsky who delivered the keynote at Black Hat today.“Don figures out what people don’t want to hear,” and then he says it, Kaminsky said in an interview after his speech.+More on Network World: Black Hat: Be wary of HTTP/2 on Web servers | Follow all the stories from Black Hat +“It’s not that Donald Trump is the worst troll ever, it’s just that the American public has never been trolled so effectively. The reaction is the point.”To read this article in full or to leave a comment, please click here
Researchers at Black Hat describe finding four flaws – now fixed - in the way the major server vendors implemented HTTP/2, but warn that the year-old Web protocol remains fertile ground for hackers seeking weaknesses in the way it’s rolled out.+More on Network World: IRS warns on super summer scam scourge | Follow all the coverage from Black Hat +A team at security vendor Imperva says they found nothing vulnerable about the protocol itself, but that they created distributed denial-of-service attacks that took advantage of openings left by how servers support the protocol.To read this article in full or to leave a comment, please click here
Researchers at Black Hat describe finding four flaws – now fixed - in the way the major server vendors implemented HTTP/2, but warn that the year-old Web protocol remains fertile ground for hackers seeking weaknesses in the way it’s rolled out.+More on Network World: IRS warns on super summer scam scourge | Follow all the coverage from Black Hat +A team at security vendor Imperva says they found nothing vulnerable about the protocol itself, but that they created distributed denial-of-service attacks that took advantage of openings left by how servers support the protocol.To read this article in full or to leave a comment, please click here
Kaspersky Lab is using Black Hat’s hacker-rich environment as the launch pad for its first bug-bounty program that seeks talent to hack the company’s anti-malware software.It’s dipping its toe into the program by staking an initial $50,000 kitty for a six-month effort to find flaws in its two most popular products, Kaspersky Internet Security and Kaspersky Endpoint Security.+More on Network World: Hot products at Black Hat 2016 | Follow all the stories from Black Hat +To read this article in full or to leave a comment, please click here
Kaspersky Lab is using Black Hat’s hacker-rich environment as the launch pad for its first bug-bounty program that seeks talent to hack the company’s anti-malware software.It’s dipping its toe into the program by staking an initial $50,000 kitty for a six-month effort to find flaws in its two most popular products, Kaspersky Internet Security and Kaspersky Endpoint Security.+More on Network World: Hot products at Black Hat 2016 | Follow all the stories from Black Hat +To read this article in full or to leave a comment, please click here
Demisto Free EditionKey features: The free edition of Demisto’s ChatOps platform automates and streamlines security operations and incident management processes. It includes the ability to create playbooks that can be shared to collaborate among organizations to combat cybercrime and imported to other products. orchestration and automation, advanced investigations, improved collaboration and much more. More info.To read this article in full or to leave a comment, please click here
Demisto Free EditionKey features: The free edition of Demisto’s ChatOps platform automates and streamlines security operations and incident management processes. It includes the ability to create playbooks that can be shared to collaborate among organizations to combat cybercrime and imported to other products. orchestration and automation, advanced investigations, improved collaboration and much more. More info.To read this article in full or to leave a comment, please click here
Black Hat has disabled features of its mobile application because attackers could have logged in as legitimate attendees, posted messages in their names and spied on the messages they sent.The problem was discovered by mobile security vendor Lookout who detail the problem in a blog that says the method of registration and password resets were flawed.“[W]e've removed user-to-user messaging functionality and activity feed updates out of an abundance of caution,” a spokesperson for the conference organizer UBM said in an email.The problems stemmed from the fact that new accounts were created without email verification, and that even when users reset their passwords, authentication tokens weren’t revoked. So attackers logged in already could stay logged in.To read this article in full or to leave a comment, please click here
Black Hat has disabled features of its mobile application because attackers could have logged in as legitimate attendees, posted messages in their names and spied on the messages they sent.The problem was discovered by mobile security vendor Lookout who detail the problem in a blog that says the method of registration and password resets were flawed.“[W]e've removed user-to-user messaging functionality and activity feed updates out of an abundance of caution,” a spokesperson for the conference organizer UBM said in an email.The problems stemmed from the fact that new accounts were created without email verification, and that even when users reset their passwords, authentication tokens weren’t revoked. So attackers logged in already could stay logged in.To read this article in full or to leave a comment, please click here
When Black Hat convenes next week in Las Vegas, it will be a rich environment for gathering tools that can be used to tighten security but also - in the wrong hands - to carry out exploits.Researchers presenting generally point out the value these releases hold for researchers like themselves who operate in experimental environments as well as for enterprise security pros who want to build better defenses against such attack tools.Presenters will detail a broad range of exploits they’ve carried out against devices, protocols and technologies from HTTP to internet of things gear to the techniques penetration testers use to test the networks of their clients.To read this article in full or to leave a comment, please click here
When Black Hat convenes next week in Las Vegas, it will be a rich environment for gathering tools that can be used to tighten security but also - in the wrong hands - to carry out exploits.Researchers presenting generally point out the value these releases hold for researchers like themselves who operate in experimental environments as well as for enterprise security pros who want to build better defenses against such attack tools.Presenters will detail a broad range of exploits they’ve carried out against devices, protocols and technologies from HTTP to internet of things gear to the techniques penetration testers use to test the networks of their clients.To read this article in full or to leave a comment, please click here
Tim Greene