A(z) Def Con csatorna legjobb podcastjai (2024)

1
Hardwear.IO NL, DEF CON 32, and Filesystem Exploitation 1:11:24

13d ago1:11:24

1:11:24

In this week's episode, Specter recaps his experiences at Hardwear.IO and a PS5 hypervisor exploit chain presented there. We also cover some of the recently released DEF CON 32 talks. After the conference talk, we get into some filesystem exploit tricks and how arbitrary file write can be taken to code execution in read-only environments. Links and…

1
#20 What it REALLY Takes to Pass OSCP (and What They Don’t Tell You) ft. Trent Miller 36:40

5d ago36:40

36:40

Kyser Clark interviews Trent Miller, a cybersecurity professional with a diverse background in IT and security roles. They discuss Trent's career journey, the challenges of breaking into cybersecurity, the importance of networking, and insights on certifications like OSCP. Trent shares his experiences with the job market, the reality of skill short…

1
Attacking Browser Extensions and CyberPanel 58:18

7d ago58:18

58:18

In this week's episode, we talk a little bit about LLMs and how they can be used with static analysis. We also cover GitHub Security Blog's post on attacking browser extensions, as well as a somewhat controversial CyberPanel Pre-Auth RCE that was disclosed. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/…

1
#19 Beating the Odds in Cybersecurity: What It Really Takes ft. James Scott 35:39

12d ago35:39

35:39

Kyser Clark interviews James Scott, a cybersecurity professional with a diverse background in the military and digital forensics. They discuss James's journey into penetration testing, the challenges he faced in landing his first role, and the importance of networking and creating personal tools. The conversation also covers the significance of pro…

1
#18 16 Years in IT, Now a Fortune 100 Pentester: 0xD1CE Shares His Journey 30:16

19d ago30:16

30:16

Kyser Clark interviews 0xD1CE, a seasoned penetration tester, who shares his extensive journey from IT to cybersecurity. 0xD1CE discusses his various roles, certifications, and the impact of COVID on his career shift. The conversation gets into the differences between consulting and internal roles, the value of certain cybersecurity certifications,…

1
Episode 14: Bridging the Gap: How to Make Cybersecurity Relevant to Business Leaders with Simona Dimovski 1:00:00

23d ago1:00:00

1:00:00

Did you know that Australian businesses are facing a rapidly evolving cybersecurity landscape? In this episode of the Cyber Consulting Room podcast, host Gordon Draper interviews cybersecurity expert Simona Dimovski. Simona shares her journey into the field, emphasizing the importance of understanding business strategy and the human element in tech…

1
Episode 31 - Insights From A Former State-Sponsored Hacker 48:14

24d ago48:14

48:14

In this episode, explore the most significant cyber threats impacting businesses today. From emerging risks to the persistent attack vectors that continue to catch companies off-guard, we’ll cover it all in a dynamic and insightful discussion. Join our host, Will Morrish, as he chats with Dahvid Schloss, Swarm Leader and former State-Sponsored Hack…

1
Zendesk's Email Fiasco and Rooting Linux with a Lighter 50:26

26d ago50:26

50:26

In this week's episode, we cover the fiasco of a vulnerability in Zendesk that could allow intrusion into multiple fortune 500 companies. We also discuss a project zero blogpost that talks about fuzzing Dav1d and the challenges of fuzzing, as well as rooting Linux via EMFI with a lighter. Links and vulnerability summaries for this episode are avail…

1
#17 Unpacking Bug Bounty Strategies with RootSploit: Zero Days, Recon, and Vulnerabilities 37:18

26d ago37:18

37:18

Cybersecurity professionals Kyser Clark and Pranit Garud (RootSploit) discuss their experiences in the field. They cover topics such as bug bounty programs, the role of an offensive security engineer, and the differences between consulting and working for a Fortune 500 company. Pranit shares tips for getting started in bug bounty hunting and emphas…

1
#16 Why Cybersecurity Is Stressful and How to Succeed with Opeyemi Kolawole (Hacking Insights) 38:56

1M ago38:56

38:56

Kyser Clark interviews Opeyemi Kolawole, a full-time red teamer and cybersecurity professional. They discuss Opeyemi's background in biology and his transition into the cybersecurity field. Opeyemi shares his experience and insights on various certifications, including the Cyberwarfare Lab Certified Red Team Analyst (CPTA) and the importance of sta…

1
Summer Recap: Phrack, Off-by-One, and RCEs 54:11

1M ago54:11

54:11

In our summer recap, we discuss Phrack's latest issue and talks from the new Off-by-One conference. We also cover some interesting bugs, such as a factorio lua RCE and another RCE via iconv. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/258.html [00:00:00] Introduction [00:01:06] Getting Started…

1
#15 From Zero to Hero: How Anyone Can Succeed in Cybersecurity 34:28

1M ago34:28

34:28

In this solo episode, Kyser Clark discusses the accessibility of cybersecurity careers, emphasizing that anyone can enter the field regardless of their background. He shares his personal journey from blue-collar jobs to becoming a penetration tester, highlighting the importance of certifications and continuous learning. Kyser provides actionable st…

1
Attack of the CUPS and Exploiting Web Views via HSTS 1:08:09

1M ago1:08:09

1:08:09

In this week's episode, we cover an attack utilizing HSTS for exploiting Android WebViews and abusing YouTube embeds in Google Slides for clickjacking. We also talk about the infamous CUPS attack, and the nuances that seem to be left behind in much of the discussion around it. Links and vulnerability summaries for this episode are available at: htt…

1
Episode 30 - CovertSwarm Academy: End of First Year 46:32

1M ago46:32

46:32

Join our host and Academy Hive Leader, Iain Jackson, as he sits down with Phill and Joao, members of the inaugural CovertSwarm Academy intake. In this episode, they reflect on their transformative journey and share insights from their successful first year at the Academy. Thanks for listening! Follow us on LinkedIn.…

1
#14 Social Engineering Unleashed: DEF CON Insights from Jacob Villarreal 34:24

2M ago34:24

34:24

Kyser Clark interviews Jacob Villarreal, a penetration tester, about his journey into the cybersecurity field, his experiences at DEFCON, and various topics related to cybersecurity. Jacob shares his background, including his education, certifications, and transition from IT roles to penetration testing. The discussion covers the importance of netw…

1
Future of the Windows Kernel and Encryption Nonce Reuse 33:52

2M ago33:52

33:52

In this week's episode, we discuss Microsoft's summit with vendors on their intention to lock down the Windows kernel from endpoint security drivers and possibly anti-cheats. We also talk cryptography and about the problems of nonce reuse. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/256.html […

1
Episode 13: The Greatest Insights from Black Hat USA and DEF CON 2024 54:05

2M ago54:05

54:05

Are cybersecurity conferences just another industry event, or are they the driving force behind the next big leap in the field? When you think about the future of cybersecurity, do you consider the role of gatherings like Black Hat USA and DEF CON? In this episode of the Cyber Consulting Room podcast, host Gordon Draper explores the recent Black Ha…

1
#13 Hacking Time: Real World Skills They Don't Teach You | Trent Darrow 39:32

2M ago39:32

39:32

Kyser Clark interviews Trent Darrow, a senior penetration tester and cyber protection team crew lead. They discuss Trent's background, certifications, and his role in building a red team. They also touch on ethical dilemmas in the industry, the effectiveness of certifications in preparing for real-world pen testing, and the importance of skills lik…

1
Iterating Exploits & Extracting SGX Keys 53:44

2M ago53:44

53:44

We are back and testing out a new episode format focusing more on discussion than summaries. We start talking a bit about the value of learning hacking by iterating on the same exploit and challenging yourself as a means of practicing the creative parts of exploitation. Then we dive into the recent Intel SGX fuse key leak, talk a bit about what it …

1
#12 Why OSCP Might Not Be Worth It - A Surprising Take by Evan Isaac 37:52

2M ago37:52

37:52

Kyser Clark and Evan Isaac discuss their experiences and insights in cybersecurity. They cover topics such as certifications, content creation on LinkedIn, web hacking resources, job searching advice, and the importance of offensive and defensive cybersecurity skills. Connect with Evan Isaac on LinkedIn: https://www.linkedin.com/in/evan-isaac/ Take…

1
#11 Stay Creative Together: Insights from Nouha Ben Brahim 34:26

2M ago34:26

34:26

Kyser Clark interviews Nouha Ben Brahim, a Python programmer turned bug bounty hunter and founder of No Breach. They discuss Nouha's journey into cybersecurity, the most concerning cyber breach, common web hacking vulnerabilities, becoming a speaker at events, starting a cybersecurity company, and Nouha's podcast, The Hackers Line. Connect with Nou…

1
#10 Breaking into Cybersecurity: Tips from a Pro ft. Jake Mayhew 39:04

3M ago39:04

39:04

In this conversation, Kyser Clark interviews Jake Mayhew, a senior penetration tester, about his background and experiences in cybersecurity. They discuss the importance of internships, the value of creating a home lab, and the benefits of networking at local conferences and meetups. Jake also shares advice for job seekers, including the significan…

1
Episode 29 - DEF CON: Las Vegas Special 26:20

3M ago26:20

26:20

Earlier this month, our Swarm of ethical hackers attended DEF CON 32 in Las Vegas, one of the most anticipated events in the hacking community. On this episode, join our Head of People and Culture and host, Ellie Lancaster, as she interviews our colleagues Faith, Alex, and Joao about their standout moments from the event. Learn about the different …

1
#9 Red Teaming & Malware Development ft. Nathan Rice 35:04

3M ago35:04

35:04

In this conversation, Kyser Clark interviews Nathan Rice, a senior penetration tester, about his background and experience in cybersecurity. They discuss the differences between penetration testing and red team operations, the importance of starting with penetration testing before moving to red teaming, and the challenges and rewards of obtaining c…

1
Episode 12: How Secure Is Your Digital Life? The Alarming Reality of Tech Trust Issues 45:46

3M ago45:46

45:46

Can we ever truly trust the technology that runs our lives? Think about it: every time we use a phone, share a photo, or shop online, we’re putting a lot of trust in these digital systems. But how safe are they? In this episode of the Cyber Consulting Room podcast, host Gordon Draper continues his conversation with Helen Patton, a distinguished cyb…

1
#8 Cybersecurity Is a Beautiful Field: There's People That Don't Like Me ft. Aaron Tran 35:14

3M ago35:14

35:14

Kyser Clark interviews Aaron Tran, a military veteran who successfully transitioned into a career in cybersecurity. They discuss Aaron's journey from the military to becoming a penetration tester, the challenges he faced, and the steps he took to bridge the gap between non-cyber and cyber roles. They also touch on the importance of having a plan an…

1
#7 Think Outside the Box to Land First Pentesting Job ft. Ryan Daub 32:28

3M ago32:28

32:28

In this conversation, Kyser Clark interviews Ryan Daub, an Offensive Security Analyst Associate, about his journey in cybersecurity and his current role as an internal penetration tester for healthcare organizations. They discuss topics such as landing a job in cybersecurity, the role of AI in penetration testing, the differences between internal a…

1
#6 Is AI Going to Cause Bad Stuff? Of Course, Everything Does ft. Mike Finkel 31:33

3M ago31:33

31:33

In this conversation, Kyser Clark interviews Mike Finkel, a penetration tester, about his background and experiences in the cybersecurity field. They discuss certifications, the importance of customer service skills in pentesting, and the role of AI in the industry. Mike shares his hot take on AI, expressing his excitement for its potential in pent…

1
Episode 28 - DEF CON: Badge Life 40:58

4M ago40:58

40:58

Those of you at DEF CON 31 might remember the badges our swarm members had. Well, this year, we've got something even better! With DEF CON 32 around the corner, we are ready to introduce the team behind the awesome badge we will bring to the event. Meet our host and Head of People and Culture, Ellie Lancaster, as she discusses with Paul, John, and …

1
#5 Pay It Forward ft. George Raileanu 39:24

4M ago39:24

39:24

In this conversation, George Raileanu discusses the importance of mentoring, strategies for finding a mentor, and the benefits of building a strong network in cybersecurity. He also shares advice on continuous learning, dealing with imposter syndrome and burnout, and the value of paying it forward in the industry. Connect with George Raileanu on Li…

1
Episode 11: Cultivating a People-Centric Approach to Cybersecurity with Helen Patton 45:12

4M ago45:12

45:12

Did you know that your organization's security culture could be its strongest defense—or its weakest link? In today's digital landscape, where cyber threats lurk around every corner, relying solely on technological safeguards isn't enough. Building a resilient security culture within your organization is paramount. This episode of The Cyber Consult…

1
#4 A Vulnerability Assessment Isn't a Pentest ft. Kristofer Johnson 36:26

4M ago36:26

36:26

Kyser Clark and Kristopher Johnson's conversation covers various topics related to offensive security, certifications, career progression, and distinguishing between vulnerability assessments and penetration tests. Kristopher shares his journey into offensive security, his challenges, and the importance of continuous learning and perseverance. The …

1
#3 Best Way to Learn Active Directory Hacking Skills ft. Robert O’Connor 39:17

4M ago39:17

39:17

The conversation between Kyser Clark and Robert O'Connor covers a wide range of topics related to penetration testing, certifications, career progression, and personal experiences in the cybersecurity field. Robert shares insights on his journey from IT intern to senior analyst to penetration tester, discussing certifications, specialization in Act…

1
#1 Do Something Great in the World ft. Joshua Ragland 36:57

4M ago36:57

36:57

The conversation covers a wide range of topics related to cybersecurity, including the background and career journey of the guest, the importance of offensive security, the cybersecurity skills shortage, strategies for excelling in CTF competitions, and the correlation between cybersecurity and everyday life. The guest also shares insights on preve…

1
#2 Transition From Pentester to Senior Pentester ft. Adolfo (Val) Vask 37:05

4M ago37:05

37:05

Adolfo (Val) Vask, a seasoned cybersecurity professional, shares insights on his journey from intelligence analysis to penetration testing and red teaming. He discusses certifications, the MetaSploit Pro Specialist, the relevance of education in cybersecurity, and the transition from penetration tester to senior penetration tester. He also provides…

1
#0 Security Is Not Everybody’s Responsibility 30:23

4M ago30:23

30:23

In this episode, I introduce myself, Kyser Clark, and share my background in cybersecurity. I talk about my experience as a client systems technician in the United States Air Force and my transition into penetration testing. I also discuss my certifications and educational background in cybersecurity. I explain the purpose of this podcast, which is…

1
Episode 27 - From America's Insurance Capital: Let's Talk About Fraudsters 25:54

5M ago25:54

25:54

The YOU DESERVE TO BE HACKED™ slogan has reached Hartford, the insurance capital of North America, to challenge the cybersecurity approach of CISOs in the industry. On this episode, listen to our host and CRO, Will Morrish, and Ilan Fehler, our first hired member in the US, as they explore the type of fraud companies are exposed to, what we have le…

1
Cyber Consulting Room - Episode 10 Akshaye Kalkura - Consulting Around The World 30:01

5M ago30:01

30:01

In this episode of the Cyber Consulting Room podcast, host Gordon Draper interviews Akshaye Kalkura, a cybersecurity leader from Consulting Firm Razilio with extensive experience in the field. Akshaye discusses his journey into cybersecurity, his education and certifications, and the challenges of hiring the right consultants. He also shares his ex…

1
Episode 26 - Understanding DORA and NIS2 32:23

6M ago32:23

32:23

Listen to our host and Swarm Director, Louis Blackburn, as he discusses with our new Hive Member, Ben Stickland, their interpretation of DORA (Digital Operational Resilience Act) and NIS2 (Network and Information Security Directive 2) and how they will help financial entities and critical infrastructure sectors to strengthen their cybersecurity pos…

1
Cyber Consulting Room - Episode 9 - David Jorm 39:50

6M ago39:50

39:50

In this episode of the Cyber Consulting Room podcast, host Gordon Draper interviews cybersecurity veteran David Jorm. David Jorm discusses his journey into cybersecurity, his experience in the industry, and his passion for nurturing new talent. He shares stories from his consulting career, including pen testing a plane and working on what may have …

1
Memory Corruption: Best Tackled with Mitigations or Safe-Languages 58:23

6M ago58:23

58:23

Memory corruption is a difficult problem to solve, but many such as CISA are pushing for moves to memory safe languages. How viable is rewriting compared to mitigating? Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/254.html [00:00:00] Introduction [00:01:12] Clarifying Scope & Short/Long Term [0…

1
Episode 25 - SwarmCon 7 at Bletchley Park 30:35

6M ago30:35

30:35

Immersed in the world of cryptography, WWII espionage and the remarkable story behind Alan Turing and his team's groundbreaking efforts to crack the Nazi encryption system, the Enigma code, our Swarm came from all over the world to share, learn and collaborate with each other. On this episode of our podcast, our host and new Head of People and Cult…

1
Cyber Consulting Room - Episode 8 - Mark Nicholls 1:29:32

7M ago1:29:32

1:29:32

Mark Nicholls, CEO of Information Professionals Group, shares his insights and advice on cybersecurity and information security. He emphasizes the importance of learning from mistakes and taking an iterative approach to career development. Nicholls also highlights the significance of threat and risk assessments in cybersecurity decision-making. He …

1
[discussion] A Retrospective and Future Look Into DAY[0] 1:03:55

7M ago1:03:55

1:03:55

Change is in the air for the DAY[0] podcast! In this episode, we go into some behind the scenes info on the history of the podcast, how it's evolved, and what our plans are for the future. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/253.html [00:00:00] Introduction[00:01:30] Early days of the …

1
Cyber Consulting Room - Episode 7 - Prashant Mahajan, Amy Nightingale, John Gerardos 23:22

8M ago23:22

23:22

Welcome to the Cyber Consulting Room podcast, where host Gordon Draper leads engaging discussions with cybersecurity experts Prashant Mahajan, Amy Nightingale, and John Gerardos. In this episode, the panel delves into the ethical considerations guiding cybersecurity consultants, the essential skills and attributes sought in hiring processes, and th…

1
Episode 24 - Initial Access Brokers 34:43

8M ago34:43

34:43

On this episode meet our CEO, Anders Reeves, as he interviews Swarm Director, Louis Blackburn, on the topics of the 'Cyber Kill Chain' and how 'Initial Access Brokers' (IAB) play a key role in enabling mass negative impact by threat actors seeking to deploy Ransomware, and more. Watch on YouTube! Thanks for listening! Follow us on LinkedIn.…

1
[binary] Bypassing KASLR and a FortiGate RCE 29:47

8M ago29:47

29:47

Bit of a lighter episode this week with a Linux Kernel ASLR bypass and a clever exploit to RCE FortiGate SSL VPN. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/252.html [00:00:00] Introduction [00:00:29] KASLR bypass in privilege-less containers [00:13:13] Two Bytes is Plenty: FortiGate RCE with…

1
[bounty] RCE'ing Mailspring and a .NET CRLF Injection 43:19

8M ago43:19

43:19

In this week's bounty episode, an attack takes an XSS to RCE on Mailspring, a simple MFA bypass is covered, and a .NET CRLF injection is detailed in its FTP functionality. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/251.html [00:00:00] Introduction [00:00:20] Making Desync attacks easy with TR…

1
[binary] Future of Exploit Development Followup 46:41

8M ago46:41

46:41

In the 250th episode, we have a follow-up discussion to our "Future of Exploit Development" video from 2020. Memory safety and the impacts of modern mitigations on memory corruption are the main focus.

1
[bounty] libXPC to Root and Digital Lockpicking 45:35

8M ago45:35

45:35

In this episode we have an libXPC root privilege escalation, a run-as debuggability check bypass in Android, and digital lockpicking on smart locks. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/249.html [00:00:00] Introduction [00:00:21] Progress OpenEdge Authentication Bypass Deep-Dive [CVE-20…

Podcastok, amelyeket érdemes meghallgatni

Def Con Podcastok

Podcastok, amelyeket érdemes meghallgatni

Gyors referencia kézikönyv