惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

博客园 - 【当耐特】
Help Net Security
Help Net Security
P
Proofpoint News Feed
J
Java Code Geeks
爱范儿
爱范儿
Last Week in AI
Last Week in AI
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
F
Full Disclosure
Google DeepMind News
Google DeepMind News
H
Help Net Security
G
Google Developers Blog
Jina AI
Jina AI
Vercel News
Vercel News
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
L
Lohrmann on Cybersecurity
S
Schneier on Security
Microsoft Azure Blog
Microsoft Azure Blog
IT之家
IT之家
Security Archives - TechRepublic
Security Archives - TechRepublic
阮一峰的网络日志
阮一峰的网络日志
N
News and Events Feed by Topic
GbyAI
GbyAI
B
Blog
O
OpenAI News
博客园_首页
Cisco Talos Blog
Cisco Talos Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Hacker News: Ask HN
Hacker News: Ask HN
TaoSecurity Blog
TaoSecurity Blog
腾讯CDC
MongoDB | Blog
MongoDB | Blog
M
MIT News - Artificial intelligence
C
Cybersecurity and Infrastructure Security Agency CISA
Cyberwarzone
Cyberwarzone
Webroot Blog
Webroot Blog
Simon Willison's Weblog
Simon Willison's Weblog
Y
Y Combinator Blog
C
Cisco Blogs
A
Arctic Wolf
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
T
The Exploit Database - CXSecurity.com
Security Latest
Security Latest
AI
AI
W
WeLiveSecurity
aimingoo的专栏
aimingoo的专栏
The Register - Security
The Register - Security
Project Zero
Project Zero
H
Hackread – Cybersecurity News, Data Breaches, AI and More
N
Netflix TechBlog - Medium
Blog — PlanetScale
Blog — PlanetScale

Vulnerabilities – Threatpost

Ransomware Attacks are on the Rise Cybercriminals Are Selling Access to Chinese Surveillance Cameras Firewall Bug Under Active Attack Triggers CISA Warning iPhone Users Urged to Update to Patch 2 Zero-Days Google Patches Chrome’s Fifth Zero-Day of the Year Xiaomi Phone Bug Allowed Payment Forgery Feds: Zeppelin Ransomware Resurfaces with New Compromise, Encryption Tactics Microsoft Patches ‘Dogwalk’ Zero-Day and 17 Critical Flaws Open Redirect Flaw Snags Amex, Snapchat User Data
Black Hat and DEF CON Roundup
Threatpost · 2022-08-15 · via Vulnerabilities – Threatpost

‘Summer Camp’ for hackers features a compromised satellite, a homecoming for hackers and cyberwarfare warnings.

There was nothing typical this year at BSides LV, Black Hat USA and DEF CON – also known collectively as Hacker Summer Camp. The weeklong collection of cybersecurity conferences featured an eclectic mix of attendees to learn, network, hack and have fun. The week even included a rare Las Vegas flash flood (not a new DDoS technique) on Thursday creating chaos in one casinos.

The past week, while not ‘typical’, was a nod to normalcy for attendees. Attendance for events was up from the previous year, which in 2021 was muted by lower attendance and COVID fears. Here is a roundup of leading research, themes and buzz from this year’s shows.
Infosec Insiders Newsletter

Research of Note

Video conferencing darling Zoom was highlighted at DEF CON by Patrick Wardle, founder of the Objective-See Foundation, for a hacking technique that allowed him, using the macOS version of Zoom, to elevated privileges and gain access to the entire macOS operating system.

Pen Test Partners revealed a flaw in the Electronic Flight Bag tablets used by some Boeing aircraft pilots that could have allowed an adversary to modify data “and cause pilots to make dangerous miscalculations,” according to a Reuters report.

Starlink, the satellite operated by SpaceX that provides internet access to over 36 countries, was shown vulnerable to a hack via a $25 modchip. Belgian researcher Lennert Wouters revealed at Black Hat how he mounted a successful fault injection attack on a user terminal used to manage the satellite.

Researcher James Kettle debuted a new class of HTTP request smuggling attack that allowed him to compromise Amazon and Akamai, break TLS, and exploit Apache servers, according to reporting from Portswigger’s The Daily Swig.

Journalist Eduard Kovacs reported on a high-severity Realtek bug in the company’s eCos SDK. Found by Faraday Security and discussed at DEF CON, the eCos SDK is used in a variety of routers, access points and network repeaters, according to his report.

For fans of FUD, PC Magazine has a nice rundown of “The 14 Scariest Things We Saw at Black Hat 2022“. Things keeping them up are SMS codes flunk MFA, an “invisible finger to take control” of your touchscreen device and a Microsoft hiccup when launching its Early Launch Antimalware (ELAM).

Topics of Discussion

The main Black Hat keynote was from Chris Krebs, former Cybersecurity and Infrastructure Security Agency (CISA), who shared his optimism when it comes to the US approach to information security. However, he did express pessimism that US cyber-defenses were too focused on nation state attackers versus more mundane and pressing concerns, in his estimation, such as ransomware.

Ukraine war and Log4j also were major themes at each of the conferences. ESET provided Black Hat attendees with an update on cyberattacks against Ukraine. Firms such as CyCognito warned that we aren’t out of the Log4j woods. A report by SiliconAngle  quotes Robert Silvers, undersecretary for policy at the Department of Homeland Security, echoed those concerns telling attendees that “[Log4j] is most likely that organizations are going to deal with Log4j issues for at least a decade and maybe longer.”

Victor Zhora, deputy head of Ukraine’s State Special Communications Service, told Black Hat attendees that his country’s infrastructure has experienced a 300 percent uptick in cyber incidents since Russia’s invasion of the country. The visit was unannounced, according to a Voice of America report.

Meanwhile current White House Cyber Director Chris Inglis told journalist Kim Zetter, during a DEF CON session, that he was focused on “‘three waves of attacks’ that have progressed in recent years,” according a Nextgov report.

The first wave “focused on adversaries holding data and systems at risk.” In the second, the attackers “still held data and systems at risk, but they then abstracted that into holding critical functions at risk.” The third is an attack on confidence, as exemplified by the attack on the Colonial Pipeline. – Nextgov.

For DEF CON, it was the event’s 30th anniversary, which events organizers billed as not a birthday but a Hacker Homecoming.

“This has been a crazy couple of years,” according to an official DEF CON forum post.

“A global pandemic turned DEF CON 28 into DEF CON Safe Mode. Some easing of the restrictions and some strict attendance rules gave us a hybrid con for DC29. An improvement, to be sure, but something short of a full DEF CON experience… We want DEF CON 30 to have the energy of a reunion… In honor of all that, we’re calling DEF CON 30 ‘Hacker Homecoming’.”