Hack mobile point-of-sale systems? Researchers count the ways
Security researchers uncovered widespread vulnerabilities in mobile point-of-sale readers offered by Square, SumUp, PayPal and iZettle.
By Karen Epper Hoffman | 16 Aug | Read more
Security researchers uncovered widespread vulnerabilities in mobile point-of-sale readers offered by Square, SumUp, PayPal and iZettle.
By Karen Epper Hoffman | 16 Aug | Read more
Kevin Mitnick, arguably the world’s most famous hacker, is coming to Australia as part of a conference tour of the region later this month.
Andrew Colley | 09 Nov | Read more
What should a CISO be doing in today's business and security environment?
Paul Wallbank | 12 Aug | Read more
Using AWS’s API software developer’s kit or its command line interface, customers can write their own tools for imaging disk instances that have been compromised, say Andrew Krug and Alex McCormack. The pair if researchers presented four tools at Black Hat 2016 that they wrote specifically to deal with incident response in AWS.
Tim Greene | 12 Aug | Read more
Samsung said that reports of a vulnerability in Samsung Pay mobile payments were "simply not true" -- but also admitted that token skimming was, in fact, possible but difficult enough that the potential risk was acceptable
Maria Korolov | 11 Aug | Read more
Hundreds of millions of Android devices based on Qualcomm chipsets are likely exposed to at least one of four critical vulnerabilities that allow non-privileged apps to take them over.
Lucian Constantin | 09 Aug | Read more
As the Rio Olympics neared the opening ceremony, cybercriminals were also lacing up their running shoes with the establishment of many malicious domains and servers in Brazil. Real-world crime was also a risk, with warnings that stealing payment-card data is easy and an inexpensive bit of electronics able to hack hotel room locks and point-of-sale systems.
David Braue | 08 Aug | Read more
A hacker showed that high-security electronic safe locks are susceptible to power and timing side-channel attacks like those used to defeat cryptosystems.
Lucian Constantin | 07 Aug | Read more
One of the most popular models for analyzing cyberattacks doesn’t focus enough on what to do after adversaries break into networks successfully, which they inevitable will do, Black Hat 2016 attendees were told this week in Las Vegas.
Tim Greene | 06 Aug | Read more
A new technique allows attackers to hide malicious code inside digitally signed files without breaking their signatures and then to load that code directly into the memory of another process.
Lucian Constantin | 06 Aug | Read more
USB keys were famously used as part of the Stuxnet attack on the Iranian nuclear program and for good reason: it’s got a high rate of effectiveness, according to a researcher at Black Hat 2016.
Tim Greene | 05 Aug | Read more
The country needs a federal agency akin to the National Institutes of Health in order to fix the problems with the internet, keynoter Dan Kaminsky told a record crowd of more than 6,400 at Black Hat.
Tim Greene | 04 Aug | Read more
Industrial facilities should be on guard against drones. Even off-the-shelf versions of the unmanned aircraft could be used to disrupt sensitive systems.
Michael Kan | 04 Aug | Read more
Donald Trump is a troll looking to say whatever will stir up the most people, according to security expert Dan Kaminsky who delivered the keynote at Black Hat today.
Tim Greene | 04 Aug | Read more
Researchers at Black Hat describe finding four flaws – now fixed - in the way the major server vendors implemented HTTP/2, but warn that the year-old Web protocol remains fertile ground for hackers seeking weaknesses in the way it’s rolled out.
Tim Greene | 04 Aug | Read more