Media & Victims Find Common Ground Against Hackers
In a panel at Black Hat 2024, journalists and investigators explain their differing goals when a victim organization is breached.
Explore the latest in cyber threats, hacker techniques, and security defenses on our Black Hat tag page at the forefront of infosec news.
Search across headline titles and summaries.
Background for this topic.
Black hat describes hackers or techniques used to gain unauthorized access, steal information, deploy malware, commit fraud, or disrupt systems. In security news, it usually means malicious activity rather than a legitimate security test; context may instead point to the Black Hat security conference and its research disclosures.
For practitioners, black-hat activity matters because attackers may exploit unpatched vulnerabilities, stolen credentials, exposed services, or insecure applications. Vulnerability management should prioritize flaws that are actively exploited or accessible from the internet, while controls such as strong authentication, least privilege, secure configuration, and detailed logging can limit abuse and support detection. Threat intelligence can help map observed indicators and techniques to defensive actions. When an incident occurs, rapid containment, credential reset, evidence preservation, and assessment of affected data help determine the scope and any privacy or regulatory obligations.
In a panel at Black Hat 2024, journalists and investigators explain their differing goals when a victim organization is breached.
At Black Hat USA, security researcher Michael Bargury released a "LOLCopilot" ethical hacking module to demonstrate how attackers can exploit Microsoft Copilot — and offered advice for defensive tooling.
Black Hat presentation reveals adversaries don't need to complete all seven stages of a traditional kill chain to achieve their objectives.
Election tech is fine – it's all thise idiots buying into the propaganda that's worrying Jen Easterly Black Hat US Cybersecurity and Infrastructure Security Agency (CISA) director Jen Easterly and her counterparts from the UK and EU want the world to know that, when it comes to securing elections, they've never been more prepared.…
Why run your own evil infrastructure when Big Tech offers robust tools hosted at trusted URLs? Black Hat State-sponsored cyber spies and criminals are increasingly using legitimate cloud services to attack their victims, according to Symantec's threat hunters who have spotted three such operations over recent months, plus new data theft and other malware tools in development by these goons.…
During a "Shark Tank"-like final, each startup's representative spent five minutes detailing their company and product, with an additional five minutes to take questions from eight judges from Omdia, investment firms, and top companies in cyber.
Let's get physical, physical ... I don't wanna hear your MMU talk Black Hat Computer security researchers at the CISPA Helmholtz Center for Information Security in Germany have found serious security flaws in some of Alibaba subsidiary T-Head Semiconductor's RISC-V processors.…
Microsoft claims 50,000 organizations are using its new Copilot Creation tool, but researcher Michael Bargury demonstrated at Black Hat USA ways it could unleash insecure chatbots.
The Dark Reading team once again welcomes the world's top cybersecurity experts to the Dark Reading News Desk live from Black Hat USA 2024. Tune into the livestream.
Cybersecurity startup RAD Security, a finalist in this year's Black Hat USA Startup Spotlight competition, looks for "drift events," or events that vary from the baseline.
Cybersecurity startup LeakSignal, a finalists in this year's Black Hat USA Startup Spotlight competition, helps organizations see where data is leaking within their environment.
Cybersecurity startup Knostic, a finalists in this year's Black Hat USA Startup Spotlight competition, adds guardrails to how AI uses enterprise data to ensure sensitive data does not get leaked.