The Black Hat conference has ended, but that means the start of DEFCON! Of the two security conferences, DEFCON is much more laid back and less business. It tends to attract a wider and younger hacker community, and researchers figuratively let their hair down, sometimes releasing more exploit code and proof-of-concepts. Besides that, DEFCON includes many hacking competitions … [Read more...]
Black Hat Briefings 2019: Day 2 – Security Byte
This week, the Threat Lab team is at Black Hat and DEFCON, picking up the latest research at two of the best security conferences all year. To share the love, Marc Laliberte and I summarize the presentations we saw each day, so you might get a taste of the show and some of the new threats researchers have discovered. In today’s recap, we summarize a talk about Apple device … [Read more...]
Black Hat Briefings 2019: Day 1 – Security Byte
Last week, the WatchGuard Threat Lab team was in Las Vegas attending the Black Hat and DEFCON security conferences. In my opinion, these are two of the best cybersecurity research conferences every year. We highly recommend you try to attend them yourself if you can, but if not we’ll bring a taste to you. For the next four days, Marc Laliberte and I summarize some of the best … [Read more...]
Additional WPA3 Dragonblood Vulnerabilities
The same security researchers that disclosed the initial five WPA3 vulnerabilities (referred to as Dragonblood) earlier this year in April, have recently disclosed two additional WPA3 vulnerabilities. Just like the initial five Dragonblood vulnerabilities, these two new ones allow attackers to either downgrade or bypass WPA3 encryption protected networks via brute force … [Read more...]
Kazakhstan Breaks HTTPS… Again
Last week, Kazakhstan implemented a new policy that forces its ISPs to inspect HTTPS traffic, claiming the change was to make their users safer. But this means that all users who want to view HTTPS websites in Kazakhstan must install a certificate signed by the government. In the end, with this certificate, the Kazakhstan government can spy on Kazakh users’ Internet traffic. … [Read more...]