Black Hat: Quick look at hot issues

black hat scenes 2016 1
Credit: Reuters/David Becker
Security subjects

Black Hat includes a variety of security topics from how USB drives are a menace and how drones are fast becoming a threat you need to pay attention to and much more. Here we take a look at just a few of the hot topics presented at the conference.

Related: Getting hackers to notice you

The weirdest, wackiest and coolest sci/tech stories of 2016 (so far!)

black hat scenes 2016 2
Credit: Reuters/David Becker
Nice uniform

Models dressed as “security man” and “cloud woman” interact with attendees at the Gemalto booth during the 2016 Black Hat.

black hat scenes 2016 3
Credit: Reuters/David Becker
Finding flaws

Wesley McGrew, director of cyber operations for HORNE Cyber Solutions, speaks during the 2016 Black Hat. His presentation included a look at security weaknesses in penetration testing tools.

black hat scenes 2016 4
Donald Trump is a troll

Donald Trump is a troll looking to say whatever will stir up the most people, according to security expert Dan Kaminsky who delivered the keynote at Black Hat today. “Don figures out what people don’t want to hear,” and then he says it, Kaminsky said in an interview after his speech.

black hat scenes 2016 6
Credit: Reuters/David Becker
Get off of my grid

A power grid monitor device is displayed at the PFP Cybersecurity booth.

black hat scenes 2016 7
Credit: Reuters/David Becker
The chips have it

Tod Beardsley, senior security research manager for Rapid 7, displays a shimmer, a small device that can record and transmit credit card chip information.

black hat scenes 2016 8
Credit: Reuters/David Becker
Big bucks

Weston Hecker, senior security engineer at Rapid 7, smiles as he watches phony money dispense automatically from an ATM after it was hacked during a demonstration 2016 Black Hat conference.

black hat scenes 2016 9
Credit: Reuters
Unlicensed spectrum and gigantic distances

Mike Cruse, CEO of Definium Technologies, poses with LoRa equipment he designed and built in his laboratory in Launceston, Australia. LoRa (for Long Range) is among a clutch of narrow band technologies that connect devices cheaply over unlicensed spectrum and vast distances, needing very little power, according to a Reuters article.

black hat scenes 2016 10
Credit: Reuters/David Becker
Vulnerable

Felix Wilhelm, security researcher at ERNW, talked about critical vulnerabilities in popular products such as Xen, Hyper-V, IBM GPFS or FireEye's MPS.

black hat scenes 2016 11
Drones: Threat or menace

Jeff Melrose, a presenter at Black Hat 2016, showed how consumer drones could do more than just conduct aerial spying. The flying machines can also carry a transmitter to hack into a wireless keyboard or interfere with industrial controls, he said.   It’s not enough to place a fence around a building to keep intruders out, according to Melrose, who is a principal tech specialist at Yokogawa, an industrial controls provider. Some consumer drones can travel up to 3 miles or more.

black hat scenes 2016 13
POS problems

Millions of point-of-sale systems and hotel room locks can be hacked by temporarily placing a small, inexpensive device several inches away from their card readers. The device is the creation of Weston Hecker, a senior security engineer at Rapid7. It was inspired by MagSpoof, another device created last year by security researcher Samy Kamkar. MagSpoof can trick most standard card readers to believe a certain card was swiped by generating a strong electromagnetic field that simulates the data stored on the card's magnetic stripe.

elie burstzein
Credit: Tim Greene
USB keys are cyber security black hole

USB keys were famously used as part of the Stuxnet attack on the Iranian nuclear program and for good reason: it’s got a high rate of effectiveness, according to Elie Burstzein, a Google researcher. Of 297 keys spread around the University of Illinois Urbana Champaign 45% were not only plugged into victims’ computers but the victims then clicked on links in files that connected them to more malware, said Burstzein. That rate was pretty constant regardless of where the keys were dropped and what they looked like, he says. Keys were left in parking lots, common rooms, hallways, lecture halls and on lawns. Some had no labels but others did that said confidential and exam answers. Some had metal door keys attached on a ring and some had door keys plus a tab with an address and phone number. More than half of those that were opened were opened within the first 10 hours.