The 7 most fascinating research findings revealed at

the Black Hat security conference

IoT threats — Via a Printer?A researcher who works at Red Balloon Security worked with Columbia University to show how the Internet of Things could be used to steal data by rapidly turning on and off the outputs from I/O pins on chips within the printer. The resulting signal strong enough to pass through a concrete wall and beyond to a receiver, Ang Cui said.

Hack First, Shoot LaterIndependent security researcher Runa Sandvik and her husband Michael Augur discussed how they hacked a Wi-Fi connected TrackingPoint rifle, misdirecting the targeting system so that the wrong person might get shot. The effort took more than a year, though they concluded the risk of such a hack happening is relatively low.

Pain at the pumpTrend Micro researchers Kyle Wilhoit and Stephen Hilt presented findings about how a honeypot they set up showed the way gas station pumps could be used to plan DDoS and other attacks that could bring inventory and control systems to a standstill. The researchers suggested that, despite their prevalence, gas pumps were not recognized as an attack vector and under-protected as a result.

A Cure for UAF attacks?Brian Gorenc, manager of vulnerability research for HP Security Research, showed how isolated heap memory protection works on Windows and how objects are located on a system. The result of his team’s work could be techniques to reduce use-after-free (UAF) attacks, which allow hackers to execute arbitrary code and take over a system.

The Satellite ScenarioSynack security staffer Colby Moore showed how a data protocol flaw in Globalstar satellite transmissions means cybercriminals could alter messages to send pilots, wilderness hikers and even armoured trucks might be sent off course. The technique alters the apparent location of the assets being tracked by Globalstar equipment.

Trouble At The WheelPeople tend to think it’ll be hard to break into their car if they keep their keys close, but ethical hackers Charlie Miller, a security researcher at Twitter, and Chris Valasek, director of vehicle security research at IOActive, provided an inside look at how wireless signals could be hijacked to not only access vehicles remotely but completely control them.

Home, Smart (But Dangerous) Home

The short-wave wireless communication standard has become a promising way to turn Internet of Things (IoT) dreams into a reality, but researchers at Cognosec outlined an unsecure initial key transport that would make it possible to compromise ZigBee networks and take control of all connected devices, such motion sensors, light switches or door locks.