Security researchers and hackers gathered in Las Vegas over the past week to show off and learn about the latest vulnerabilities that affect devices and software that the world relies on every day. Black Hat and DEF CON, the world's top security conferences, did not disappoint.
With their own dedicated processor and operating system, LTE/3G modems built into new business laptops and tablets could be a valuable target for hackers by providing a stealthy way to maintain persistent access to an infected device.
A talk about a radio-based privacy device dubbed ProxyHam that promised to allow hackers to connect to Wi-Fi networks from as far as 2.5 miles away was abruptly pulled from the DEF CON schedule by its creator a few weeks ago.
Dropcam, the popular video monitoring camera, bills itself as "super simple security." But a pair of researchers plan to show at the Defcon hacking conference later this week how having a Dropcam could get a lot more complicated.
Who do you trust? That's a question asked increasingly by a security industry with a growing sense that the National Security Agency (NSA) has sought to weaken encryption or get backdoors into computers, based on documents leaked by Edward Snowden to the media. Now, trust is also the theme of a new conference called TrustyCon that will vie for attention on Feb. 27 in San Francisco while the big RSA Conference for security pros is also taking place in that city.
CIO.com goes undercover (sort of) at GrrCon, the Midwest's premier conference on penetration testing and software security, to learn about cloud security, hacking, lock picking and more.
A single group of hackers using spearphishing has stolen industrial drawings, contracts and more from at least 10 oil, gas and defense companies in Norway, according to a published report.
A sizeable spike in <a href="http://www.networkworld.com/news/2011/051811-microsoft-one-in-14-downloads.html">malicious email attachments</a> is just subsiding, but if history is any indicator, several smaller spikes are about to follow that use even more deceptive means than their predecessors.
Denizens of the malware underworld who sell access to <a href="http://www.networkworld.com/news/2011/080911-defcon-voip.html">compromised computers</a> do so at varying rates depending on where the machines are located, researchers told the Usenix <a href="http://www.networkworld.com/topics/security.html">Security</a> Symposium this week.
Not unlike the <a href="http://www.networkworld.com/news/2011/080511-security-rundown.html">week before</a>, this past week saw hacking once again grab everyone's attention. This time it was <a href="http://www.networkworld.com/news/2011/081011-anonymous-allegedly-threatens-to-kill.html">an alleged threat</a> from the shadowy group <a href="http://www.itworld.com/security/192665/rumor-anonymous-trying-kill-facebook-fake">Anonymous</a> to "kill" the social-networking site Facebook. The reason given? Anonymous supposedly thinks Facebook abuses people's privacy and cooperates with authoritarian governments.
The Payment Card Industry <a href="http://www.networkworld.com/topics/security.html">Security</a> Standards Council today published guidelines aimed at helping merchants and others processing payment cards make effective use of what's known as "tokenization" technologies to conceal sensitive account information.
LAS VEGAS -- Botnets and their masters can communicate with each other by calling into the same VoIP conference call and swapping data using touch tones, researchers demonstrated at Defcon.
LAS VEGAS -- Anonymous has run up quite a score against corporations, governments and law enforcement agencies, but for all these warnings corporate executives are turning their heads from the real problem -- their network security is terrible, a panel of experts concluded at Defcon.
LAS VEGAS -- The relationship between CISOs and <a href="http://www.networkworld.com/topics/security.html">security</a> penetration testers is anything but clear-cut and raises ethical issues for both parties, a Defcon crowd heard from a former CISO.
LAS VEGAS -- Two security researchers Wednesday unveiled a remote controlled, unmanned aerial vehicle (UAV) that is capable of cracking Wi-Fi passwords, exploiting weak wireless access points and mimicking a GSM tower to intercept cell phone conversations.