The Hacker Mind
EP 26: Hacking Charity

EP 26: Hacking Charity

July 27, 2021

Hackers are charitable in ways that might surprise you. Whether it is in Africa or rural Arkansas, hackers find ways to use their skills for good reasons.

 

Jack Daniel and Jason Kent return to The Hacker Mind to discuss the various ways hackers are helping society by contributing to charitable organizations … even starting their own. From BSides, to DerbyCon, to Shmoocon, even on the Apple App Store you can find evidence of their hard work.

EP 25: Hacking Communities

EP 25: Hacking Communities

July 13, 2021

As we head to Hacker Summer Camp, how should we rebuild our infosec communities to be more inclusive and diverse? Jack Daniel offers his unique voice.  

As one of the founders of BSides, and as a community advocate for Tenable, Jack provides guidance on how we can re-emerge from the pandemic and successfully amplify and support people of different ethnicities, faiths, and genders within our hacking communities without being patronizing.

EP 24: Hacking Biology

EP 24: Hacking Biology

June 29, 2021

There are a lot of parallels between computer security and biology. If you think you already understand hacking systems, then I’ve got a story for you.

In this episode, Harrison Green talks about his experience creating exploits during capture the flag competitions and how it relates to his current day to day work with the Durrant Lab at the University of Pittsburgh on computational biology.

EP 23: Hacking APIs

EP 23: Hacking APIs

June 15, 2021

APIs are vital in our mobile digital world, but the consequences of API security flaws have yet to be seen. So how hard is it to hack APIs? Not very hard.

In this Episode, Jason Kent from Cequence talks about his experience hacking a garage door opener API, the tools he uses such as Burp, ZAP, and APK tool, and why we need to be paying more attention to the OWASP API Security Top 10.

EP 22: Hacking Social Media

EP 22: Hacking Social Media

June 1, 2021

With more than 600K followers on YouTube, LiveOverflow is one of infosec’s first social media influencers. How did he get started and what’s next? 

In this episode, LiveOverflow talks about his six years of producing engaging YouTube content and what the rise of social media influencers might mean for traditional conferences like Black Hat. He also gives a preview of his new YouTube series on the sudo vulnerability.

EP 21: Hacking Ransomware

EP 21: Hacking Ransomware

May 18, 2021

What if you discovered a flaw in a ransomware payment system that unlocked the data without paying the ransom? Would you use it? Would you help others?

 

In this episode, Jack Cable talks about hacking the Qlocker ransomware and briefly interrupting its payment system. He also talks about his infosec journey hacking cryptocurrencies, joining the Digital Defense Service and CISA, and helping secure the 2020 presidential election… all before the age of 22. 

EP 20: MITRE ATT&CK Evaluations

EP 20: MITRE ATT&CK Evaluations

May 4, 2021

MITRE ATT&CK catalogs the known tactics, techniques, and procedures of past advanced persistent threats, providing a roadmap for any red or blue team.

In this episode, Frank Duff, Director of ATT&CK Evaluations for MITRE Engenuity, talks about how both red and blue teams can directly benefit from ATT&CK, and how organizations -- and even some security vendors -- are now evaluating their solutions against it.

EP 19: Hacking IoT

EP 19: Hacking IoT

April 20, 2021

It seems everything smart is hackable, with startups sometimes repeating security mistakes first made decades ago. How then does one start securing IoT?

In this episode, Beau Woods and Paulino Calderon discuss their book, Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things. They talk about IoT threat models, the technologies being used today, and what tools and knowledge you need to get started successfully hacking IoT devices today.

EP 18: Hacking Diversity

EP 18: Hacking Diversity

April 6, 2021

You’d think that having an amazing resume, a couple of bug bounties, or a CTF win would land you that dream infosec job. For many, though, that isn’t true.

That’s why Tennisha Martin founded Black Girls Hack, an organization designed to help the next generation receive the skills and experience they need to land jobs in the C-suites, and perhaps begin to address the acute shortage of infosec professionals with qualified people of color.

EP 17: Shellshock

EP 17: Shellshock

March 23, 2021

Shortly after OpenSSL’s Heartbleed, Shellshock was discovered lurking in Bash code two decades old. How could open source software be vulnerable for so long?

This episode looks at how fuzz testing has evolved over the years, how open source projects have for the most part gone untested over time, and how new efforts to match fuzzing to software development are today helping to discover dangerous new vulnerabilities before they become the next Shellshock.

Podbean App

Play this podcast on Podbean App