Search

These were the best hacks at Black Hat and Def Con this year

1 of 8 NEXT PREV

Famed car hackers hijack a Jeep (again)
If you thought your car wasn't safe the first time around, famed car hackers Charlie Miller and Chris Valasek have once again shown that it's really not. Although this new hack requires physical access to the target Jeep, the team said that other, more remote methods could be used -- and a determined hacker wouldn't have any problem installing one.
Black Hat 2017
Published: August 12, 2016 -- 16:23 GMT (09:23 PDT)
Photo by: Charlie Miller/YouTube

Caption by: Zack Whittaker
This ATM hack could allow thieves to make off with thousands
Anyone in the US knows the pain of chip-and-PIN, the new debit and credit card payment system, after months of bungled rollouts and bad implementations. So here's the worse news: it's not as secure as you might think. A hacker can easily withdraw up to $50,000 from an ATM machine in just 15 minutes, even though card chips are meant to be more secure. The cost of the hack involves a steep investment of about $2,000 worth of equipment though.
Black Hat 2017
Published: August 12, 2016 -- 16:23 GMT (09:23 PDT)
Photo by: file photo

Caption by: Zack Whittaker
Quadrooter flaws affect most Android devices
Another day, another major Android vulnerability. This time, the software that Qualcomm ships with Android phones which is used to connect its chips and hardware to the rest of the phone is to blame. Over 900 million phones and tablets are said to be at risk. Though most of the flaws have been patched, the last outstanding fix won't be issued until early September.
Black Hat 2017
Published: August 12, 2016 -- 16:23 GMT (09:23 PDT)
Photo by: ZDNet/CBS Interactive

Caption by: Zack Whittaker
Samsung Pay used for fraudulent payments
A security researcher has figured out how to steal the payment tokens used in Samsung Pay to make in-store contactless purchases using social engineering methods. Once those tokens are loaded into other hardware, the hacker can make fraudulent transactions. Samsung denied this was a problem, indicating that it wouldn't fix the issue, much to the chagrin of the security community.
Black Hat 2017
Published: August 12, 2016 -- 16:23 GMT (09:23 PDT)
Photo by: Salvador Mendoza/YouTube

Caption by: Zack Whittaker
Severe vulnerabilities discovered in internet protocol
You know it's not going to be a good day when high-profile vulnerabilities threaten the security of over 85 million websites. But that's exactly what happened when researchers discovered four separate flaws in HTTP/2, the new internet protocol, used by nearly one-in-ten websites. The bugs could be used to crash servers and conduct slow-read attacks.
Black Hat 2017
Published: August 12, 2016 -- 16:23 GMT (09:23 PDT)
Photo by: file photo

Caption by: Zack Whittaker
Apple talks iOS security, announces bug bounty
After a tumultuous ride with the FBI earlier this year, Apple took to Black Hat to show off how strong its iPhone and iPad security is, in one of the first ever in-depth talks on the subject. The company also announced a bounty of up to $200,000 for high-severity bugs, but that was quickly upped by one private company offering more than double that.
Black Hat 2017
Published: August 12, 2016 -- 16:23 GMT (09:23 PDT)
Photo by: CNET/CBS Interactive

Caption by: Zack Whittaker
Fake boarding pass app gets hacker into airline lounges
The head of Poland's cyber response team flies dozens of times a year, so he knows his airport lounges well. On one recent trip, he figured out how to bypass the QR code reader to get access, even if he gets rejected (which on one embarrassing occasion, he did). It's not a perfect system, but it does highlight the fragility of boarding pass security.
Black Hat 2017
Published: August 12, 2016 -- 16:23 GMT (09:23 PDT)
Photo by: Przemek Jaroszewski/YouTube

Caption by: Zack Whittaker
This $500 "danger drone" is a flying hacker's laptop
Some hacks are more difficult to carry out than others. Some require getting physically close to a network. When all else fails, strap a laptop to a drone and fly it in. That's exactly what one hacker did. Billed as a drone that "does everything a hacker laptop can do, but one that can fly," it has a 1.2 mile range and can be controlled over the LTE network.
Black Hat 2017
Published: August 12, 2016 -- 16:23 GMT (09:23 PDT)
Photo by: Bishop Fox/Danger Drone

Caption by: Zack Whittaker

1 of 8 NEXT PREV

0

Weren't in Vegas for the heat and hacking? Here's what you need to know.

Read More Read Less

Famed car hackers hijack a Jeep (again)

If you thought your car wasn't safe the first time around, famed car hackers Charlie Miller and Chris Valasek have once again shown that it's really not. Although this new hack requires physical access to the target Jeep, the team said that other, more remote methods could be used -- and a determined hacker wouldn't have any problem installing one.

Black Hat 2017

Published: August 12, 2016 -- 16:23 GMT (09:23 PDT)

Caption by: Zack Whittaker

1 of 8 NEXT PREV

0

| Community Guidelines

Join Discussion

Add Your Comment

Add Your Comment

Related Galleries

1

3

Many of 2018's most dangerous Android and iOS security flaws still threaten your mobile security

Bypassing passcodes, malware-laden apps, and inherent design flaws exposing almost all known mobile devices made up part of the security problems found in iOS and Android. ...
Cybercrime and malware, 2019 predictions

Experts weigh in on what they believe will happen to the world of cybercrime, malware, and botnets in the coming year.
The best VPN services: Our 10 favorite vendors for protecting your privacy

Whether you're in the office or on the road, a VPN is still one of the best ways to protect yourself on the big, bad internet. One of these could be your best bet. ...

Apricorn Aegis Fortress L3 portable storage drive

If you're looking for a fast, ultra-rugged, secure encrypted portable storage drive that's available in both HDD and SSD flavors, look no further than Apricorn's new Aegis Fortress ...
How to secure your iPhone from hackers, snoopers, and thieves (iOS 12.1)

Your iPhone and iPad is likely packed with important, valuable, and even sensitive information that you might not want others to be able to access. Here are the steps you should take ...
Top tips to keep safe around your voice assistant

Voice assistants like Google Home, Amazon Alexa, and Samsung smart TVs are always listening, yet consumers are unaware that their recordings are held online. Here are some ways to ...

These are the worst hacks, cyberattacks, and data breaches of 2018

Millions of records were lost, services were disrupted, and credit card data was stolen as hackers ran amok over the year.