Latest news with #BlackHat
Yahoo
17 hours ago
- Business
- Yahoo
Anchoring Innovation and Community: EC-Council's RSA 2025 Yacht Reception Sets the Stage for Black Hat USA
From RSA's luxury yacht reception to Black Hat's TopGolf Las Vegas event, EC-Council's leadership and community-led conversations shape a more secure and connected digital world. Anchoring Innovation and Community: EC-Council's RSA 2025 Yacht Reception Sets the Stage for Black Hat USA Tampa, Florida, June 05, 2025 (GLOBE NEWSWIRE) -- Against the backdrop of RSA Conference 2025, EC-Council- the global leader in cybersecurity education and training, and creator of the world-renowned Certified Ethical Hacker (CEH) credential; hosted a landmark executive cocktail reception aboard a luxury yacht. This invite-only event brought together a handpicked network of cybersecurity decision-makers from across continents, creating a powerful forum for strategic exchange, global connection, and collective foresight. With its unique setting and high-caliber attendees, the evening served as a catalyst for industry-shaping dialogue at a time when cybersecurity is undergoing one of its most pivotal transformations. The event brought together 150 senior executives from a pool of over 650 registrants, the reception represented a powerful cross-section of sectors, technology, finance, healthcare, consulting, and featured leaders from renowned global powerhouses like Amazon, Bank of America, Cisco, Google, Microsoft, Uber, and Wells Fargo. This diversity reflected the depth of leadership fuelling the evening's high-level discussions. From North America to Europe and Asia, participants From North America to Europe and Asia, this international community of cybersecurity professionals united around a shared mission: defending digital ecosystems amid the rise of AI-driven threats. The yacht setting offered a rare chance to move beyond formal sessions, enabling candid, forward-looking conversations about the rapidly shifting threat landscape and the technologies that will define the future of cyber defense. Jay Bavisi, Group President, EC-Council, shared: 'Cybersecurity cannot remain the domain of a few, it must be accessible to all. At EC-Council, we are building not just certifications, but a movement. One that empowers professionals across geographies and generations through high-impact training, real-world simulation, and community-led collaboration. Events like this reception are a reminder that the future of cybersecurity is collective, and we are proud to nurture the global community that drives it forward.' The reception also marked a defining moment for EC-Council's continued innovation. From the launch of CEH with AI-powered capabilities to the release of CPENT AI, and the introduction of The Hackerverse - a global competition platform that immerses learners in simulated real-world attack scenarios each initiative reflects EC-Council's deep commitment to preparing professionals for tomorrow's threats, today. With its $100 million cybersecurity innovation initiative now underway, EC-Council is accelerating the development of solutions that bridge capability gaps, empower learners, and fuel next-gen defense strategies, creating a future where cybersecurity expertise is scalable, inclusive, and globally accessible. Bavisi concluded, 'By engaging with leaders at RSA and Black Hat, EC-Council continues to build a global movement focused on empowering professionals and democratizing access to critical cybersecurity skills. These conversations are shaping the future of digital defense.' Next Stop: Black Hat USA 2025 at Top Golf Building on the momentum from RSA, EC-Council is set to host its next major gathering during Black Hat USA 2025, this time at Top Golf Las Vegas. This high-energy, immersive experience will blend cybersecurity insights with interactive networking, bringing together industry leaders, innovators, and rising talent for an unforgettable evening of connection and collaboration. For media inquiries or to connect with EC-Council at Black Hat USA 2025, please contact: press@ About EC-Council: EC-Council is the creator of the world-renowned Certified Ethical Hacker (CEH) program and a leader in cybersecurity education. Founded in 2001, EC-Council's mission is to provide high-quality training and certifications for cybersecurity professionals to keep organizations safe from cyber threats. EC-Council offers over 200 certifications and degrees in various cybersecurity domains, including forensics, security analysis, threat intelligence, and information security. An ISO/IEC 17024 accredited organization, EC-Council has certified over 350,000 professionals worldwide, with clients ranging from government agencies to Fortune 100 companies. EC-Council is the gold standard in cybersecurity certification, trusted by the U.S. Department of Defense, the Army, Navy, Air Force, and leading global corporations. For more information, visit: Attachment Anchoring Innovation and Community: EC-Council's RSA 2025 Yacht Reception Sets the Stage for Black Hat USA CONTACT: EC-Council press@ in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
3 days ago
- Business
- Yahoo
Microsoft, CrowdStrike, other cyber firms collaborate on threat actor taxonomy
This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. Microsoft and CrowdStrike will lead a cooperative effort to map out the overlapping web of hacker groups that their researchers have disclosed and named, the companies said on Monday. Palo Alto Networks and Google and its Mandiant unit have also agreed to join the collaborative effort on streamlining threat group taxonomy. For years, the companies' different naming conventions for various criminal and state-linked threat groups have created unnecessary confusion and delays in the sharing of threat intelligence. Microsoft and CrowdStrike released an initial version of their threat actor matrix on Monday, listing the groups they track and each one's corresponding aliases from other researchers. Palo Alto Networks and Google and its Mandiant unit are joining the collaborative effort on streamlining threat group taxonomy. Vasu Jakkal, corporate vice president of Microsoft Security, said that even delays of a few seconds can make a difference in whether an attack is thwarted or successful. 'One major cause of delayed response is understanding threat actor attribution, which is often slowed by inaccurate or incomplete data as well as inconsistencies in naming across platforms,' Jakkal said in a blog post. Microsoft and CrowdStrike have collaborated on more than 80 adversaries so far, according to Adam Meyers, senior vice president for counter adversary operations at CrowdStrike. "Aligning on naming conventions isn't just a nice-to-have but a game-changer for defenders trying to act fast,' Michael Sikorski, CTO and head of threat intelligence at Palo Alto Networks' Unit 42, told Cybersecurity Dive. 'A shared baseline for threat actor names means faster attribution, improved cyberattack response, and fewer blind spots.' Microsoft, for example, tracks the criminal threat group known widely as Scattered Spider as Octo Tempest, while Palo Alto Networks tracks it as Muddled Libra. Microsoft and CrowdStrike are also working on a plan to create a small, focused group of contributors who will help define a process of updating and maintaining attribution mappings, Meyers said in a blog post. Meyers said there will be no change in how the companies name and identify threat actors, as each company will retain its own methods, telemetry and naming system. Naming conventions in the cybersecurity space have long been a source of controversy, not only because different firms track the same groups slightly differently but also because of how companies sometimes mythologize the capabilities of threat actors. Jen Easterly, former director of the Cybersecurity and Infrastructure Security Agency, criticized some of the naming conventions during a 2024 speech at Black Hat, saying companies have almost made it seem like hacker groups have immortal superpowers.
The Drive
07-05-2025
- Automotive
- The Drive
Watch Hackers Terrorize a Nissan Leaf, Including Its Steering, Over the Web
Connected cars are great, as they let you communicate with other systems and devices via the internet, but connectivity opens the door to hacking. As it turns out, hacking a Nissan Leaf isn't nearly as difficult as it might sound if you've got the right tools and the right knowledge. Researchers from Budapest-based PCAutomotive traveled to Black Hat Asia 2025 to demonstrate how they managed to hack into a 2020 Nissan Leaf. Luckily, they had good intentions—they simply wanted to show that it could be done. Someone with less -than-good intentions could have caused a great deal of damage with the same tools. Most of the parts used to hack into the car were sourced from eBay or a junkyard. The first part of the project involved building a working test bench around a Leaf touchscreen and the EV's digital instrument cluster. They then bypassed the anti-theft safeguards by implementing a Python script, which is a programming language, and hacked into the system. The steps taken to break in were detailed in a presentation. They look complicated if you don't know what you're dealing with and have no programming experience, but someone with a great deal of programming experience shouldn't find the process terribly daunting. When everything was set up, it was time to launch an attack. One of the researchers connected to the Leaf remotely via a laptop while two others were riding in it. The first step was pretty straight-forward: The man with the laptop tracked the Leaf's movements via GPS. He then recorded the conversation the passengers were having inside the car, downloaded it to his laptop, and played it in the car via the speakers. Next, things got creepier. Using the same laptop, the researcher sounded the horn, folded the door mirrors, turned on the wipers, and even yanked the steering wheel. He was able to perform these tasks even when the car was moving. The team identified a list of 10 vulnerabilities that allowed it to access the Leaf's infotainment system and notified Nissan. The company hasn't responded to the video as of this writing, however. Got tips? Send 'em to tips@
Arabian Business
31-03-2025
- Business
- Arabian Business
GCC
GCC Knight Frank noted a two-tier market has emerged in the apartment rental sector in Qatar GCC The centre's data indicated a slight dip of 0.4% from 2022 GCC GCC-wide inflation rose by 1.7 per cent at the end of October 2024 GCC Healthcare spending in GCC countries will grow by between 4 and 8.8 per cent in the next five years with UAE and Saudi Arabia seeing most growth crude oil Additionally, the bloc ranked second worldwide in natural gas exports and third in marketed natural gas production GCC GCC ranked sixth in the world for trade of goods GCC GCC members are looking to Hong Kong for future investment opportunities says Jasem Albudaiwi GCC The GCC is growing in population size and also as an economic force GCC The agreement, signed at Black Hat – the leading cybersecurity event, is to act as a foundation for a full technology partnership between the two entities Abu Dhabi Gulf-China trade is expected to overtake Gulf-West trade by 2027 Abu Dhabi UAE petrol prices, Eid Al Etihad holiday dates, national lottery announced, Riyadh Metro launch and more top news stories this week GCC London's loss, however, is turning out to be a boon for Dubai as the property sales-spree by GCC investors is leading to an influx of capital returning to the emirate and the wider region EaseMyTrip The integration will help the travel portal to provide a blockchain-based carbon offset programme, enabling travellers to purchase carbon credits directly through the platform GCC GCC countries display strong non-oil growth amid looming uncertainties Bahrain This Gulf visit is part of a broader strategy to secure trade agreements with other countries, including India, Switzerland, and South Korea Abu Dhabi CEO Rob Devereux did not confirm specific projects, but hinted at opportunities for expansion in Abu Dhabi and Saudi Arabia to capitalise on the region's growing demand for premium commercial real estate barratt london London real estate developers target wealthy GCC citizens to buy UK property
Associated Press
05-02-2025
- Business
- Associated Press
Black Hat Announces Content Lineup for Black Hat Asia 2025
SINGAPORE--(BUSINESS WIRE)--Feb 4, 2025-- Black Hat, the cybersecurity industry's most established and in-depth security event series, today announced the release of its content lineup for Black Hat Asia 2025. The live, in-person event will take place at the Marina Bay Sands Expo & Convention Centre in Singapore from April 1 to April 4. The event will feature 43 Briefings hand selected by the Black Hat Asia Review Board, four days of Trainings, a full day of Summits, 10 Sponsored Sessions, and 53 Arsenal tool demos. On April 3 and April 4, attendees will gain insight into the latest in cybersecurity risks, developments, and trends through Briefings presentations. Briefings highlights include: State Manipulation: Unveiling New Attack Vectors in Bluetooth Vulnerability Discovery through Protocol State Machine Reconfiguration – This talk will uncover Bluetooth vulnerabilities by analyzing state machine mechanisms in various applications, including automotive and mobile devices. Researchers will provide in-depth insights into techniques for manipulating Bluetooth state machine interactions, focusing on systematic methods for discovering these vulnerabilities and assessing their impact on the Bluetooth ecosystem. – This talk will present novel attacks and attack techniques that bypass lock screens and user confirmation prompts to gain USB-based file access on state-of-the-art mobile devices. Researchers will uncover the shortcomings of user confirmation prompts and highlight key findings via live demos. – This talk will explore advanced reverse engineering techniques applied to sophisticated proprietary hardware, as well as demonstrate how a unique combination of patent analysis, firmware reverse engineering, and theoretical modeling can unlock the intricacies of undocumented hardware technologies and their application semantics. On April 2, Summits will serve as a space for both attendees and industry leaders to connect through engaging sessions and networking activities. Summits require individual passes to attend and include: The inaugural AI Summit at Black Hat Asia – This Summit will provide an invaluable opportunity for every security professional to engage with leaders, as well as discuss and debate the future of artificial intelligence (AI) in cybersecurity. The AI Summit is sponsored by Trend Micro, Title Sponsor; and Bugcrowd, Platinum Sponsor. For more information, please visit The inaugural Black Hat Financial Services Summit – This Summit will bring together top cybersecurity leaders in the financial sector for a day of candid discussions and expert-led presentations. For more information, please visit Two- and four-day Trainings will take place from April 1 to April 4, and feature a variety of in-person and virtual courses in artificial intelligence (AI), machine learning (ML), and data science; pentesting; defense; industrial control systems (ICS); and more. Trainings highlights include: Business Hall passes, or Business passes, are currently available for the 2025 event. The Business Hall showcases the latest products and technologies from leading cybersecurity solution providers and will take place on April 3 and April 4. Business passes provide access to the Keynotes, Arsenal, Sponsored Sessions, Bricks & Picks, and more. All Black Hat Asia 2025 pass holders will have access to the Business Hall. This year's Black Hat Arsenal at Black Hat Asia will take place from April 3 to April 4 in the Business Hall. Black Hat Arsenal brings together researchers and the cybersecurity community to showcase and demonstrate their latest open-source tools and products in a conversational environment where presenters can interact with the attendees. This year's event will feature 53 in-person tool demos and 3 labs, spanning exploitation and ethical hacking, malware offense, digital forensics and incident response (DFIR), and more. For registration and additional information on Black Hat Asia 2025, please visit Top Sponsors and Partners of Black Hat Asia 2025 include: Platinum Sponsors: Appdome, ManageEngine, and SK Shieldus. Gold Sponsors: Bitdefender, Bugcrowd, Concentric AI, Fortra, HackerOne, Picus Security, and Trend Micro. Sustaining Partners: CrowdStrike, ManageEngine, SentinelOne, Varonis, and Wiz. Global Partners: Concentric AI, Corellium, and HackerOne. About Black Hat Black Hat is the cybersecurity industry's most established and in-depth security event series. Founded in 1997, these annual, multi-day events provide attendees with the latest in cybersecurity research, developments, and trends. Driven by the needs of the community, Black Hat events showcase content directly from the community through Briefings presentations, Trainings courses, Summits, and more. As the event series where all career levels and academic disciplines convene to collaborate, network, and discuss the cybersecurity topics that matter most to them, attendees can find Black Hat events in the United States, Canada, Europe, Middle East and Africa, and Asia. For more information, please visit . Stephanie DeAngelo Black Hat PR & Communications Manager 619.510.1564 INDUSTRY KEYWORD: SECURITY IOT (INTERNET OF THINGS) SOFTWARE ARTIFICIAL INTELLIGENCE NETWORKS INTERNET CONSULTING HARDWARE DATA MANAGEMENT PROFESSIONAL SERVICES CONSUMER ELECTRONICS TECHNOLOGY MOBILE/WIRELESS FINTECH DATA ANALYTICS APPS/APPLICATIONS TRAINING EDUCATION SOURCE: Black Hat Copyright Business Wire 2025. PUB: 02/04/2025 07:00 PM/DISC: 02/04/2025 07:00 PM
