If you want to anticipate a prospective hacker's moves, then you'd better be able to think like one. That's the position of Terry Cutler, an ethical hacker who dedicates his time to testing organization's cybersecurity defenses - and their people.
The annual Black Hat Europe conference this year once again brought together numerous information security aficionados in Amsterdam for the latest training and security insights. Here are visual highlights from the conference.
Flaws highlighted by researchers at Black Hat Europe could be used to bypass self-encrypting drives' crypto, defeat Windows BitLocker, fool self-driving cars, mess with oil and gas ERP systems and more.
The continuous integration tools that many software developers rely on are often misconfigured or lack security controls, thus putting code at risk, security expert Nikhil Mittal claims at Black Hat Europe.
The annual Black Hat Europe conference launched on an introspective note, with security expert Haroon Meer using a best-selling book on individuals' workplace failures to argue that it's time for information security professionals to stop making excuses.
Millions of Android devices are at risk from "Certifi-gate," a flaw that OEMs must patch, Check Point warns. Following Stagefright, Google and some manufacturers have promised to deliver monthly Android patches.
Nothing says "you really screwed up" like receiving the Pwnie Award for "Most Epic Fail" at the annual Black Hat conference. Hence it's no surprise that in the wake of its mega breach, the win goes to the U.S. Office of Personnel Management.
The takedown of Gameover Zeus taught law enforcement and banks many lessons, including that Trojans are being used to steal corporate secrets, not just money, says Eward Driehuis of Fox-IT, which investigated the threat actors behind the Trojan.
The Black Hat conference features presentations that have already led to very public warnings about remotely hackable flaws in everything from Jeep Cherokees and Linux-powered rifles to Android mobile devices and Mac OS X.
As numerous attacks have demonstrated, two-factor authentication systems are not foolproof, says Ryan Lackey, a principal in the security practice at CloudFlare, who offers insights on how today's authentication systems must evolve.
Researchers demonstrate how ATMs could be hacked - without installing malware - by connecting a tiny computer to an inside port, bypassing the ATM's own computer and instructing the cash dispenser to begin issuing money.
Drawing on networking protocols designed to support NASA's interplanetary missions, two researchers have created a networking system that's designed to transmit information securely and reliably in even the worst conditions, such as in an Ebola hot zone.
Government intelligence agencies' information security offensive capabilities may far outstrip businesses' collective defenses, but organizations can still tap a variety of techniques to defend themselves against many types of intrusions.
Apps for wearable devices that are designed to track a user's pulse rate, blood-oxygen level or location may be leaking that data during transmission, Symantec security researcher Candid WÃ¼eest warns in a Black Hat Europe briefing.