Out of eight agencies, four were given D grades in a report for the Senate, while the Feds overall got a C-.
Telegram declined to fix a scenario in which the flaw can be exploited, spurring a Trustwave researcher to decline a bug bounty and to disclose his findings instead.
Researchers show how to circumvent Microsoft’s Windows Hello biometric authentication using a spoofed USB camera.
IBM X-Force detailed the custom-made “LittleLooter” data stealer and 4+ hours of ITG18 operator training videos revealed by an opsec goof.
Black Hat: Researchers created 300 fake identities, signed them up on 185 legit sites, then tracked how much the sites used signup PII to pester the accounts.
A researcher was able to remotely control the lights, bed and ventilation in “smart” hotel rooms via Nasnos vulnerabilities.
We’re selfish if we’re only mitigating our own stuff, said Black Hat USA 2021 keynoter Jeff Moss. Let’s be like doctors battling COVID and work for herd immunity.
Attackers spoof sender addresses to appear legitimate in a crafty campaign that can slip past numerous detections, Microsoft researchers have discovered.
Were we work-from-home clicking zombies? Steganography attacks snagged three out of eight recipients. Nasty CAPTCHAs suckered 50 times more clicks during 2020.
Fake aerobics-instructor profile delivers malware in a supply-chain attack attempt from TA456.