Lépjen offline állapotba az Player FM alkalmazással!
From Specs to Security
Manage episode 418345829 series 3486243
Dor Dali, Head of Security Research at Cyolo, joins Nic Fillingham on this week's episode of The BlueHat Podcast. They delve into Dor's journey into cybersecurity, from pranking friends as a teenager to his professional roles, including his involvement in the Blue Hat conference through GE, where he helped create the Capture The Flag (CTF) challenge. Dor details the vulnerabilities in the RDP protocol by closely following the protocol specifications and identifying discrepancies that led to security flaws. They detail a vulnerability related to RDP Gateway's UDP cookie authentication process, the implications of Dor's research for other security researchers and hackers and the importance of leveraging available resources, such as protocol specifications and open-source implementations, to understand closed-source systems better and potentially uncover vulnerabilities.
In This Episode You Will Learn:
- The unique perspective Dor has with RDP security research
- How to approach security research when following the protocol specifications
- The importance of clear documentation in preventing security vulnerabilities
Some Questions We Ask:
- How did you design and build the Capture the Flag event?
- Did you face any unexpected hurdles while researching the RDP protocol's security?
- Have you found other security vulnerabilities by closely adhering to protocol specifications?
Resources:
View Nic Fillingham on LinkedIn
Related Microsoft Podcasts:
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Hosted on Acast. See acast.com/privacy for more information.
41 epizódok
Manage episode 418345829 series 3486243
Dor Dali, Head of Security Research at Cyolo, joins Nic Fillingham on this week's episode of The BlueHat Podcast. They delve into Dor's journey into cybersecurity, from pranking friends as a teenager to his professional roles, including his involvement in the Blue Hat conference through GE, where he helped create the Capture The Flag (CTF) challenge. Dor details the vulnerabilities in the RDP protocol by closely following the protocol specifications and identifying discrepancies that led to security flaws. They detail a vulnerability related to RDP Gateway's UDP cookie authentication process, the implications of Dor's research for other security researchers and hackers and the importance of leveraging available resources, such as protocol specifications and open-source implementations, to understand closed-source systems better and potentially uncover vulnerabilities.
In This Episode You Will Learn:
- The unique perspective Dor has with RDP security research
- How to approach security research when following the protocol specifications
- The importance of clear documentation in preventing security vulnerabilities
Some Questions We Ask:
- How did you design and build the Capture the Flag event?
- Did you face any unexpected hurdles while researching the RDP protocol's security?
- Have you found other security vulnerabilities by closely adhering to protocol specifications?
Resources:
View Nic Fillingham on LinkedIn
Related Microsoft Podcasts:
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Hosted on Acast. See acast.com/privacy for more information.
41 epizódok
सभी एपिसोड
×Üdvözlünk a Player FM-nél!
A Player FM lejátszó az internetet böngészi a kiváló minőségű podcastok után, hogy ön élvezhesse azokat. Ez a legjobb podcast-alkalmazás, Androidon, iPhone-on és a weben is működik. Jelentkezzen be az feliratkozások szinkronizálásához az eszközök között.