Black Hat

Iran Centrifuge

Researchers use radio to jump air gapped industrial control systems

Researchers at CyberX say they have found a way to sneak sensitive data off of industrial control system networks using radio frequency communications. The attack could be used to compromise so-called “air gapped” networks that are not connected to the Internet.

Information Security has a MeToo Problem

Podcast: Infosec has a #MeToo Problem also TOR-ifying Wikipedia

In this week’s Security Ledger Podcast, we talk with Genevieve Southwick, CEO of the B-Sides Las Vegas hacker conference about the information security industry’s #metoo problem and what steps conference organizers are taking to stem sexual assault and harassment at information security events. Also: researcher Alec Muffet talks with us about making a TOR version of Wikipedia (and why it’s not sticking around). Finally, Martin McKeay of Akamai talks about the state of Internet security one year after Mirai. (Spoiler alert: Mirai is still a problem.)

Hero WannaCry Researcher Charged over Links to Kronos Trojan

In-brief: A British researcher who became a hero after he stopped the WannaCry ransomware from spreading globally has been apprehended in Nevada and charged with distributing the Kronos banking trojan in the U.S. between July 2014 and July 2015.

At BlackHat: Hell is Other People’s Machine Learning

In-brief: Machine learning is all the rage in the information security industry. But a study by Endgame and University of Virginia suggests that it may be vulnerable to manipulation by sophisticated AI-driven tools.

Tripwire Black Hat 2016 Survey: IoT Risks and Cyber War | Tripwire

In-brief: attendees at the recent Black Hat Briefings are concerned about the risks posed by IoT devices, but lack confidence that their employer is properly tracking IoT devices, a survey from Tripwire reveals.