The hacker world's most pressing news

Reporting from Black Hat and Defcon last week in Las Vegas. //link.wired.com/click/36364242.26678/aHR0cHM6Ly93d3cud2lyZWQuY29tL3YyL29mZmVycy93aXJfbmw_c291cmNlPUVtYWlsXzBfRURUX1dJUl9ORVdTTEVUVEVSXzBfU1BFQ0lBTF9aWiZ1dG1fc291cmNlPW5sJnV0bV9icmFuZD13aXJlZCZ1dG1fbWFpbGluZz1XSVJfRGFpbHlfMDgxMTI0X1NwZWNpYWxfRGVmY29uJnV0bV9jYW1wYWlnbj1hdWQtZGV2JnV0bV9tZWRpdW09ZW1haWwmdXRtX2NvbnRlbnQ9V0lSX0RhaWx5XzA4MTEyNF9TcGVjaWFsX0RlZmNvbiZieGlkPTViZDY3Y2QzM2Y5MmE0MTI0NWRmODdiYSZjbmRpZD00NjMxOTAyMCZlc3JjPUhlYWRlckFuZEZvb3Rlcg/5bd67cd33f92a41245df87baCf25e4afd[SUBSCRIBE TO WIRED](FOR UNLIMITED ACCESS TO THESE STORIES](//link.wired.com/click/36364242.26678/aHR0cHM6Ly93d3cud2lyZWQuY29tL3YyL29mZmVycy93aXJfbmw_c291cmNlPUVtYWlsXzBfRURUX1dJUl9ORVdTTEVUVEVSXzBfREFJTFlfVE9QX05MX1RFU1RfWlpfUEFORUxCJnV0bV9zb3VyY2U9bmwmdXRtX2JyYW5kPXdpcmVkJnV0bV9tYWlsaW5nPVdJUl9EYWlseV8wODExMjRfU3BlY2lhbF9EZWZjb24mdXRtX2NhbXBhaWduPWF1ZC1kZXYmdXRtX21lZGl1bT1lbWFpbCZ1dG1fY29udGVudD1XSVJfRGFpbHlfMDgxMTI0X1NwZWNpYWxfRGVmY29uJmJ4aWQ9NWJkNjdjZDMzZjkyYTQxMjQ1ZGY4N2JhJmNuZGlkPTQ2MzE5MDIwJmVzcmM9SGVhZGVyQW5kRm9vdGVy/5bd67cd33f92a41245df87baHd214c6a5 [View in browser]( | [Your newsletter preferences]( 08.11.24 Hackers have invaded Las Vegas! But don’t fret—they were invited. OK, maybe fret a little. For tens of thousands of people in the cybersecurity world, the beginning of August means Black Hat and Defcon, two of the world’s biggest security conferences, which take place back-to-back in Vegas each year. That includes those of us on WIRED’s Security desk, where we’ve sifted through hundreds of talks to bring you the biggest news from this week of [vulnerability disclosures](, [clever hardware hacks](, and [tales of the internet’s underworlds](. WIRED’s [Andy Greenberg]( is on the ground in Vegas, navigating the hallucinatory casino carpets to attend talks and meet (and drink) with the hacker world in person, while fellow senior reporters [Lily Hay Newman]( and [Matt Burgess]( have been chained to their phones and laptop (not literally, HR!) to get to the bottom of the avalanche of security news that comes out of Black Hat and Defcon. That is to say, the past week has been a lot. (I doubt most of us have seen sunshine in days.) Which is why I wanted to send you this special-edition newsletter highlighting some of the most pressing stories to emerge from this year’s hacker pilgrimage to the desert. If you want to check out our full coverage of [Black Hat]( and [Defcon](, just click those links for the full list of stories. Otherwise, check out the major news from this year’s conferences below. And stay safe out there. [Portrait of Andrew Couts] [Andrew Couts](, Senior Editor, Security & Investigations   [A close up of a stack of mail with stamps]( [USPS Text Scammers Duped His Wife, So He Hacked Their Operation]( BY MATT BURGESS | 4-MINUTE READ The Smishing Triad network sends up to 100,000 scam texts per day globally. One of those messages went to Grant Smith, who infiltrated their systems and exposed them to US authorities.     [Image may contain: Electronics, Hardware, Computer Hardware, Baby, Person, Mobile Phone, Phone, Body Part, Finger, and Hand]( [‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections]( BY ANDY GREENBERG | 4-MINUTE READ Researchers warn that a bug in AMD’s chips would allow attackers to root into some of the most privileged portions of a computer—and that it has persisted in the company’s processors for decades.   [Two Microsoft laptops on a wooden surface. The left one has ‘Windows 10’ on a blue screen, and the right one says ‘Windows 11’ on a blue screen]( [A Flaw in Windows Update Opens the Door to Zombie Exploits]( BY LILY HAY NEWMAN | 3-MINUTE READ A researcher found a vulnerability that would let hackers strategically downgrade a target’s Windows version to reexpose patched vulnerabilities. Microsoft is working on fixes for the issue.   [Image may contain: Adult, Person, Electronics, Speaker, Accessories, Glasses, Chair, Furniture, and Computer Hardware]( [Watch How a Hacker’s Infrared Laser Can Spy on Your Laptop’s Keystrokes]( BY ANDY GREENBERG | 6-MINUTE READ Hacker Samy Kamkar is debuting his own open source version of a laser microphone—a spy tool that can invisibly pick up the sounds inside your home through a window, and even the text you’re typing.   [Hands taking $20 bills from an ATM with the keypad in view]( [Flaws in Ubiquitous ATM Software Could Have Let Attackers Take Over Cash Machines]( BY LILY HAY NEWMAN | 3-MINUTE READ Six vulnerabilities in ATM-maker Diebold Nixdorf’s popular Vynamic Security Suite could have been exploited to control ATMs using “relatively simplistic attacks.”   [Image may contain: Computer, Electronics, Laptop, Pc, Computer Hardware, Hardware, Monitor, and Screen]( [How Hackers Extracted the ‘Keys to the Kingdom’ to Clone HID Keycards]( BY ANDY GREENBERG | 6-MINUTE READ A team of researchers have developed a method for extracting authentication keys out of HID encoders, which could allow hackers to clone the types of keycards used to secure offices and other areas worldwide.   [Collage with pixelated image of an Identity card with a cursor over it and parts of a dart hitting a dartboard.]( [Inside the Dark World of Doxing for Profit]( BY MATT BURGESS | 5-MINUTE READ From tricking companies into handing over victims’ personal data to offering violence as a service, the online doxing ecosystem is not just still a problem—it’s getting more extreme. - While all eyes were on Vegas, [home security firm ADT disclosed a data breach]( that exposed “some limited customer information, including email addresses, phone numbers, and postal addresses,” according to the company. - [Three teenagers have been arrested]( for plotting to attack Taylor Swift’s Eras Tour shows in Austria on behalf of ISIS. While the attack was thankfully thwarted, Swifties everywhere [are very sad](. - A firm that provides security tools for devices used in education [revealed]( that hackers [wiped some 13,000 student iPads and Chromebooks](. Worse than the breach is the fact that it happened during summer vacation. - Elon Musk’s X has been using people’s posts to train its Grok AI chatbot. However, Ireland’s data regulator took [emergency legal action this week]( to stop the practice in Europe, citing privacy concerns. - Football fans, have fun [getting your face scanned at literally every NFL stadium]( from now on.   ADVERTISEMENT   [WIRED logo image]( Thanks for reading. Was this newsletter forwarded to you? [Sign up here](. Plus, [browse more newsletters]( from WIRED. [(image) WIRED on Facebook]( [(image) WIRED on Twitter]( [(image) WIRED on Instagram]( [TikTok]( [(image) WIRED on LinkedIn]( [(image) WIRED on YouTube]( [Podcasts](   You’re receiving this email because you signed up for the Daily newsletter from WIRED. [Manage your preferences]( | [View our Privacy Policy]( | [Unsubscribe]( Have questions or comments? [Send us a message](mailto:hello@wired.com?subject=Daily newsletter feedback). Need help? [Contact us](. Copyright © Condé Nast 2024. One World Trade Center, New York, NY 10007. All rights reserved.