Sean Michael Kerner

LAS VEGAS—Multiple systems on modern airliners are potentially at risk from a series of vulnerabilities that are being publicly discussed here at Black Hat USA and Defcon by researchers from IOActive. The vulnerabilities expose what IOActive sees as supply chain risks, where an embedded software technology puts a larger platform at risk. Researcher Ruben Santamarta […]

LAS VEGAS—IBM will detail at Black Hat USA here on Aug. 8 a new class of attacks dubbed DeepLocker that uses artificial intelligence to bypass cyber-security protections. With DeepLocker, IBM researchers will demonstrate an evasive attack vector that has been developed as a proof of concept. According to IBM, DeepLocker can be used to keep […]

There are a lot of different ways to detect potential intruders on an enterprise network, but what about smaller businesses or consumers? That’s the challenge that Rob Soto, director of security research at Jask wants to help solve with the Chiron project that he is set to demonstrate at the Black Hat USA 2018 conference […]

There are a lot of ways an investor can lose money in the stock market, but having an insecure mobile or desktop trading application shouldn’t be one of them. Alejandro Hernandez, senior consultant at IOActive, will detail multiple vulnerabilities found in the desktop and mobile stock trading applications of major financial institutions at Black Hat […]

As an incident response analyst, John Moran kept on running into challenges finding the right combination of tools to get the forensic information he needed.  To solve this challenge, Moran, who now works as a senior product manager at DFLabs, wrote his own tool called No-Script Automation Tool (NAT), which he will demonstrate on Aug. […]

IBM announced on Aug. 6 that it is expanding its X-Force Red security testing business with four new physical lab locations and a new service for testing the security of ATM banking systems. The locations of the four new X-Force Red Labs are Austin, Texas; Hursley, England; Melbourne, Australia; and Atlanta. The new labs will be […]

Digital Guardian will announce on Aug. 6 that it is bringing user and entity behavior analytics (UEBA) capabilities to its Data Protection Platform. The new UEBA capabilities will complement the data loss prevention (DLP) features in Digital Guardian’s platform, enabling organizations to more closely align identity and user behavior with security policy and enforcement. The […]

Symantec issued a report on Aug. 3 revealing that technical support fraud scammers are using call optimization services to improve their results. The new techniques come as the volume of tech support scams blocked by Symantec continues to grow. Tech support scams come in multiple forms, including malware advertising where an ad shows up on […]

Social networking site Reddit announced on Aug. 1 that it was the victim of a data breach. While the data breach that Reddit publicly disclosed was new, the data that attackers stole was not. After managing to bypass the two-factor authentication (2FA) credential of a Reddit administrator, attackers were able to steal an 11-year-old database […]

Cisco announced on Aug. 2 that it is acquiring identity services provider Duo Security in an all-cash deal valued at $2.35 billion. Cisco expects the deal to close in the first quarter of its fiscal 2019 year. Duo Security has developed a number of technologies, including cloud-delivered identity, multifactor authentication and zero-trust access control technology and […]