July 27, 2021
Hackers are charitable in ways that might surprise you. Whether it is in Africa or rural Arkansas, hackers find ways to use their skills for good reasons.
Jack Daniel and Jason Kent return to The Hacker Mind to discuss the various ways hackers are helping society by contributing to charitable organizations … even starting their own. From BSides, to DerbyCon, to Shmoocon, even on the Apple App Store you can find evidence of their hard work.
July 13, 2021
As we head to Hacker Summer Camp, how should we rebuild our infosec communities to be more inclusive and diverse? Jack Daniel offers his unique voice.
As one of the founders of BSides, and as a community advocate for Tenable, Jack provides guidance on how we can re-emerge from the pandemic and successfully amplify and support people of different ethnicities, faiths, and genders within our hacking communities without being patronizing.
June 29, 2021
There are a lot of parallels between computer security and biology. If you think you already understand hacking systems, then I’ve got a story for you.
In this episode, Harrison Green talks about his experience creating exploits during capture the flag competitions and how it relates to his current day to day work with the Durrant Lab at the University of Pittsburgh on computational biology.
June 15, 2021
APIs are vital in our mobile digital world, but the consequences of API security flaws have yet to be seen. So how hard is it to hack APIs? Not very hard.
In this Episode, Jason Kent from Cequence talks about his experience hacking a garage door opener API, the tools he uses such as Burp, ZAP, and APK tool, and why we need to be paying more attention to the OWASP API Security Top 10.
June 1, 2021
With more than 600K followers on YouTube, LiveOverflow is one of infosec’s first social media influencers. How did he get started and what’s next?
In this episode, LiveOverflow talks about his six years of producing engaging YouTube content and what the rise of social media influencers might mean for traditional conferences like Black Hat. He also gives a preview of his new YouTube series on the sudo vulnerability.
May 18, 2021
What if you discovered a flaw in a ransomware payment system that unlocked the data without paying the ransom? Would you use it? Would you help others?
In this episode, Jack Cable talks about hacking the Qlocker ransomware and briefly interrupting its payment system. He also talks about his infosec journey hacking cryptocurrencies, joining the Digital Defense Service and CISA, and helping secure the 2020 presidential election… all before the age of 22.
May 4, 2021
MITRE ATT&CK catalogs the known tactics, techniques, and procedures of past advanced persistent threats, providing a roadmap for any red or blue team.
In this episode, Frank Duff, Director of ATT&CK Evaluations for MITRE Engenuity, talks about how both red and blue teams can directly benefit from ATT&CK, and how organizations -- and even some security vendors -- are now evaluating their solutions against it.
April 20, 2021
It seems everything smart is hackable, with startups sometimes repeating security mistakes first made decades ago. How then does one start securing IoT?
In this episode, Beau Woods and Paulino Calderon discuss their book, Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things. They talk about IoT threat models, the technologies being used today, and what tools and knowledge you need to get started successfully hacking IoT devices today.
April 6, 2021
You’d think that having an amazing resume, a couple of bug bounties, or a CTF win would land you that dream infosec job. For many, though, that isn’t true.
That’s why Tennisha Martin founded Black Girls Hack, an organization designed to help the next generation receive the skills and experience they need to land jobs in the C-suites, and perhaps begin to address the acute shortage of infosec professionals with qualified people of color.
March 23, 2021
Shortly after OpenSSL’s Heartbleed, Shellshock was discovered lurking in Bash code two decades old. How could open source software be vulnerable for so long?
This episode looks at how fuzz testing has evolved over the years, how open source projects have for the most part gone untested over time, and how new efforts to match fuzzing to software development are today helping to discover dangerous new vulnerabilities before they become the next Shellshock.