At Black Hat Asia next month, researchers plan to show a palm-sized device that costs less than $20 to build from off-the-shelf, untraceable parts and that, depending on the car model, can screw with windows, headlights and even the truly scary, make-you-crash bits: i.e., steering and brakes.
iPhones and iPads will be vulnerable until they get the iOS 7 update, which is scheduled for release later this year. Until then, you might want to avoid plugging into sleazy charging stations, though truth be told, a successful attack sounds kind of James Bond-ishly esoteric.
Researchers from the Georgia Institute of Technology plan to discuss their attack, dubbed "Mactans", and how it succeeded in compromising the latest generation devices with the latest version of iOS at the Black Hat USA Conference in July.
Peter Szabo, a senior threat researcher with SophosLabs, joins Chet this week to to share what they learned at this year's Black Hat and DEF CON conferences. They discuss NFC, a file disinfection framework, steganography and the dangers of IPv6 and DNSSEC.
Customers build a relationship based on trust with security vendors. After all, customers who buy security solutions like anti-virus or anti-spam grant security companies access to update computers and devices. Question is should security companies open their doors to people known to have dabbled in grey and black-hat hacking?
July and August often produce some intriguing and unusual computer security research.
We've already written about BlackHat and DEFCON. Here's something from the USENIX HotSec workshop to pique your interest.
Researcher Artem Dinaburg presented his paper about memory errors leading to mistaken DNS lookups at last week's Black Hat conference in Las Vegas, Nevada. He showed how attackers could use techniques similar to typosquatting to compromise users as a result of hardware errors.
At this year's Black Hat 2011 conference Jay Radcliffe presented research on the security of consumer medical devices, specifically the hackability of modern insulin pumps. The results are not promising...
Researcher Tavis Ormandy has examined Sophos's anti-virus product - not in terms of possible vulnerabilities - but instead looking at how various components of were implemented.
Having assessed Tavis's report, Sophos can assure customers that their protection is not compromised.
Modern battery packs have their own processor and firmware. Along with many other peripherals in your computer, your battery is field-reprogrammable.
So is an "incendiary" virus really possible for your Macbook battery, as some stories seem to suggest?
At Hack in the Box, we decided to have a bit of fun. My Sophos Malaysia colleagues purchased a veritable flotilla of rubber ducks - in traditional bathtime-duck yellow - and tricked me into an autograph session. Duck signing ducks, geddit?
The past week and a half have been more than a bit crazy. Between the release of our mid-year threat report and attending Black Hat USA 2010 and Defcon I have barely had a moment to think. Fortunately Vanja Svajcer Read more…