Black Hat
Latest Stories
At Black Hat, Feds Push Tech Firms to Adopt 'Radical Transparency'
'Security needs to be seen as a priority, because if it's not, speed to market always wins,' a senior technical advisor at the Cybersecurity and Infrastructure Security Agency says at Black Hat.
Here’s How to Get Tesla’s $300 Seat Warming for Free Via Hotwiring
A Black Hat briefing unpacks how a voltage-glitch attack unlocks a $300 feature.
‘Defender-Pretender’: How Researchers Undermined Windows Malware Security
A Black Hat briefing on a now-fixed vulnerability underscores an old lesson: ‘Trust no one.’
Uncle Sam Needs Your AI Help, and DARPA Will Hand Out $20M to Make it Happen
Responsible AI has 'remarkable potential to secure our code,' the agency says, so DARPA's two-year AIxCC program offers almost $20 million in prizes for applications that can get it done.
What to Expect at Black Hat 2023
The annual Black Hat conference brings together hackers and researchers from all over the world, eager to share their latest discoveries. We have some tantalizing guesses about what we'll learn this year.
The 14 Scariest Things We Saw at Black Hat 2022
Every year, Black Hat features the most startling security research. Here's what our PCMag reporters saw, and what's keeping them up at night.
Are You Being Followed? Use a Raspberry Pi to Find Out
Using inexpensive components, a Black Hat presenter built a device that sniffs the airwaves to check for people on your tail.
It's Coming From Inside the House: Subverting Deep Security in Windows
When you create a security system with unlimited power, you'd better be very sure you have it under control. If not, that power could be used against you.
Security Bug Hunters Could Expose Your Personal Data
White-hat hackers seeking to identify bugs before the bad guys do need to gather proof of their findings. When that proof includes your personal information, there’s a chance for exposure.
Global Threat Actors Use the 'Great Resignation' to Target Job Seekers
If you’re looking to get out of the office and adopt the remote-work lifestyle, a pair of cybersecurity experts at Black Hat warn that nation-state criminals may try to scam you with phishing links.
Why Is Web3 Security Such a Garbage Fire? Let Us Count the Ways
A Black Hat talk unpacks how blockchain-based projects can break so easily and inflict such catastrophic damage.
Is Your Car Key Fob Vulnerable to This Simple Replay Attack?
At Black Hat 2022, security researchers show they can unlock some vehicles by replaying old key fob commands. It's not supposed to be this easy.
Your Macs Aren't as Secure as You Think
MacOS was built with security in mind, and updates keep adding security enhancements. Even so, one researcher discovered an attack that cuts through all the security layers.
Turns Out Zoom Is Great for Remote Work and Remote Code Execution
Zoom rose to prominence during the COVID-induced WFH revolution, but one researcher found the video-conferencing software could be used to infect computers with malware.
How a US Govt Board Helped the Open-Source Community Leap to Patch Log4j
'I think what surprised a lot of people was how deep the fact-finding could go,' Cyber Safety Review Board Chair Robert Silvers says at Black Hat about the response to the Log4j exploit.
SMS-Based Multi-Factor Authentication: What Could Go Wrong? Plenty
At Black Hat, a research duo from FYEO demonstrate a technique they call smishmash to prove that using text messaging for your second factor is very risky.
This 'Invisible Finger' Can Take Over Your Touch Screen
Controlling your phone or tablet with a touch screen seems very direct and intimate. Nobody could manipulate your display without touching it, right? Wrong.
Researchers Stalk and Impersonate Tracking Devices (for Safety)
UWB RTLS technology, found in devices like AirTags, also keeps industrial workers safe and can even be used to perform contact tracing. But weak standards open it up to bad actors.
WTF Just Happened? Why Your Org Needs a Cybersecurity Incident Review Board
Researchers at Black Hat 2022 urge organizations to create their own 'Cyber NTSBs.'
Researchers Look Inside Russian Malware Targeting Ukrainian Power Grid
ESET security researchers share findings on the Industroyer2 malware designed to cause a mass blackout in Ukraine. One official calls it 'the biggest challenge for the world since World War II.'