Tag: conferences

Hacker Summer Camp: Security Cons Blossom In The Desert

The mercury is expected to top 104 degrees Fahrenheit (40 C) in Las Vegas next week. And that could mean only one thing: it’s conference time for some of the world’s top computer hackers.   Indeed, next week brings the 22nd installment of the DEFCON hacker conference in Las Vegas, and the 18th of Black Hat, DEFCON’s younger, more straight-lace sibling. But, while Black Hat and DEFCON are still the main attraction on the Las Vegas strip, they’re hardly the only shows in town. B-Sides Las Vegas, an alternative mini-con, is in its fifth year and is attracting many of the “cool kids” in the security community to do presentations and demos on Tuesday and Wednesday, August 5 and 6th over at the Tuscan Suites and Casino. Running alongside B-Sides is Passwords 14, a conference that started in Norway and is in its second year on U.S. soil. As its name would […]

Continue Reading

EFF wants to make Wi-Fi routers more secure | theguardian.com

Home routers and wi-fi access points are the canaries in the coal mine for security on the Internet of Things. Simply put: they’re ubiquitous, Internet-connected and innocuous. Unlike mobile phones, wi-fi routers aren’t in your pocket – buzzing and ringing and demanding your attention. In fact, it’s safe to be that the vast majority of Internet users are concerned wouldn’t know how to connect- and log in to their router if they had to. But appearances can deceive. Broadband routers are, indeed, mini computers that run a fully featured operating system and are perfectly capable of being attacked, compromised and manipulated. We have already seen examples of modern malware spreading between these devices. In March, the security firm Team Cymru published a report (PDF) describing what it claimed was a compromise of 300,000 small office and home office (SOHO) wireless routers that was linked to cyber criminal campaigns targeting online banking customers. In January, […]

Continue Reading

Yet Another IoT Standards Group: This One For Privacy

Data privacy firm TRUSTe announced that it is forming a group to identify technical standards to ensure consumer privacy in the Internet of Things. Speaking at the Internet of Things Privacy Summit in San Francisco last week, Chris Babel, the CEO of TRUSTe said that the multi-party group will draw up “technical standards to help companies develop the privacy solutions that are needed to protect consumer privacy in the Internet of Things.” [Read Security Ledger’s coverage of privacy issues related to the Internet of Things here.] The group, dubbed the IoT Privacy Tech Working Group will include representatives from TRUSTe as well as online privacy groups The Center for Democracy & Technology, The Future of Privacy Forum and the Online Trust Alliance, according to a statement from TRUSTe.   IoT privacy tech working group announced. “This working group will work to address the mounting security and privacy concerns, while promoting transparency and user […]

Continue Reading

$10,000 Is On Offer For Anyone Who Can Hack A Tesla Car – Forbes

Thomas Brewster over at Forbes has an interesting story this week on a $10,000 bounty that’s being offered for anyone who can hack Tesla’s Model S sedan. The contest is open to all registered attendees of SyScan Conference in Beijing, which takes place later in July. (Conference web site is here.) According to Brewster, the contest is not endorsed by Tesla, nor is the company cooperating in any way. The conference features a number of hacking demonstrations, including at least one on hacking cars: this presentation on strategies for securing Controller Area Network (CAN) based systems – CAN is the most commonly used networking protocol in automobiles. Tesla – which makes the most wired cars on the road – have flirted with both hackers and mod-ers in the past. Notably: this article mentions one car owner’s hack of Tesla’s (really nice) on board touch screen interface. That prompted a warning from […]

Continue Reading

This Week In Security: Poking Holes In Two Factor Authentication

It was another busy week in the security world. There was big news on the legal front, as The U.S. Supreme Court took steps to protect the data stored on mobile devices from warrantless searches by police. (That’s good news.) But the week also plenty of concerning stories about the security of data stored on mobile phones, tablets and the like. One of the stories that gained a lot of attention was DUO Security’s report on a flaw in PayPal’s two factor authentication feature that could expose the accounts of  security-conscious PayPal users. As The Security Ledger reported, DUO researcher Zach Lanier discovered a flaw in mobile APIs published by PayPal that would allow anyone with a valid PayPal user name and password to sidestep two-factor authentication when accessing PayPal accounts that had that option enabled. After DUO went public with information on the flaw, PayPal disabled two factor authentication […]

Continue Reading
1 16 17 18 19 20 31