Security news aggregator

Latest coverage for Black Hat

Explore the latest in cyber threats, hacker techniques, and security defenses on our Black Hat tag page at the forefront of infosec news.

170 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Black hat describes hackers or techniques used to gain unauthorized access, steal information, deploy malware, commit fraud, or disrupt systems. In security news, it usually means malicious activity rather than a legitimate security test; context may instead point to the Black Hat security conference and its research disclosures.

For practitioners, black-hat activity matters because attackers may exploit unpatched vulnerabilities, stolen credentials, exposed services, or insecure applications. Vulnerability management should prioritize flaws that are actively exploited or accessible from the internet, while controls such as strong authentication, least privilege, secure configuration, and detailed logging can limit abuse and support detection. Threat intelligence can help map observed indicators and techniques to defensive actions. When an incident occurs, rapid containment, credential reset, evidence preservation, and assessment of affected data help determine the scope and any privacy or regulatory obligations.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 170

Two decades ago Dark Reading posted its first blockbuster — a story from a pen tester who sprinkled rigged thumb drives around a credit union parking lot and let curious employees do the rest. This episode looks back at the history-making column with its author Steve Stasiukonis, Dark Reading senior Editor Becky Bracken and Dark Reading's editor-in-chief Kelly Jackson Higgins.

OpenAI's first security hire, Ari Herbert-Voss, thinks more automated bug finding will improve security without costing jobs Black Hat Asia Open source models can find bugs as effectively as Anthropic's Mythos, according to Ari Herbert-Voss, CEO of AI-powered security startup RunSybil and OpenAI's first security hire.…

FAST16 could be the first cyberweapon, and its effects could be with us today Black Hat Asia Infosec outfit SentinelOne found malware that tries to induce errors in engineering and physics simulation software and therefore represents an attempt at sabotage, and suggests it was created years before the Stuxnet worm that aimed to destroy Iran’s uranium enrichment centrifuges.…

Demonstrated in China, probably applicable elsewhere Black Hat Asia Developers of rented internet of things infrastructure – stuff like public EV chargers and shared e-bikes – are prioritizing user convenience over security, and leaving themselves exposed to wide-scale denial of service attacks on their services.…

Windows Admin Center flaws mean on-prem can attack cloud, and vice-versa Black Hat Asia Israeli researchers found a series of flaws in Microsoft's Windows Admin Center (WAC) and suggest this shows hybrid cloud management tools are a two-way attack surface that users don't spend enough time worrying about.…

Also: macOS Naughty or Nice, Cybercrime Karma, Spoofing Legacy Rail InfrastructureLondon in December: Early to dark, quick to rain but also festive - and a mecca for cybersecurity researchers there for the annual Black Hat Europe conference. This year's event featured nearly 50 briefings that touched on everything from hardware hacking to combing infostealer logs for hidden gems.

Black Hat's Jeff Moss: 'We're in a Political Situation, Whether You Like It or Not'Technology doesn't exist in a vacuum, and by extension neither does cybersecurity. But in recent years, Black Hat founder Jeff Moss said he's been "struggling" with the "uncomfortable truth" that unlike the largely risk-free early days of hacking, today "all tech is political."

Cybersecurity researchers have discovered a fresh set of security issues in the Terrestrial Trunked Radio (TETRA) communications protocol, including in its proprietary end-to-end encryption (E2EE) mechanism that exposes the system to replay and brute-force attacks, and even decrypt encrypted traffic

The bad news? The machines, and their operators, are coming on fast Black Hat/DEF CON At the opening of Black Hat, the largest security shindig in the Hacker Summer Camp week ahead of DEF CON and BSides, the opening keynote speaker suggested the current state of AI slightly favors defenders over attackers, but he warned that was not a given for much longer.…

Loading more headlines...