By Jack Morse2019-08-08 22:11:33 UTC
Look, we get it: cybersecurity is hard.
Still, you'd think the folks at the Black Hat cybersecurity conference in Las Vegas this week would have a better handle on things. And yet, according to noted French security researcher Baptiste Robert, they still managed to release a conference app that could put attendees' phones at risk.
The conference, which is now in its 22nd year, runs Aug. 3-8, and is ground zero for cybersecurity companies peddling their wares. It's followed by the DEF CON hacking conference, also in Las Vegas, which has a decidedly non-corporate ethos.
"The official Android app of #BHUSA is a joke," wrote Robert, who is in town for both Black Hat and DEF CON. "For an event of this size this is not serious @BlackHatEvents."
Robert, who goes by the handle Elliot Alderson on Twitter, laid bare what he says are the Android app's flaws in no uncertain terms.
"Thanks to the #BlackHat app, an attacker can: - Open a random url in the app browser - Pre dial a number - Create an email - Open Chrome to download a file."
An accompanying video shows the purported vulnerabilities in action.
Now, importantly, Robert added that the Black Hat app alone is not enough for a theoretical attacker to ruin someone's day. Rather, it would ..
Support the originator by clicking the read the rest link below.