Artwork

Contenu fourni par SpyCast. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par SpyCast ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
Player FM - Application Podcast
Mettez-vous hors ligne avec l'application Player FM !

From the Vault: The Professional Hacker with Eric Escobar (Pt 1.)

1:06:45
 
Partager
 

Manage episode 394284117 series 170555
Contenu fourni par SpyCast. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par SpyCast ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.

Summary

Eric Escobar (Twitter; LinkedIn) joins Andrew (Twitter; LinkedIn) to discuss compromising networks and information security. He has a coveted DEFCON Black Badge.

What You’ll Learn

Intelligence

-What keeps Eric up at night

-Thinking like an ethical hacker (aka a “penetration tester)

-Protecting your information (i.e., “Hardening the attack surface”)

-Plain English explanations of key cyber concepts like “Kill Chains” and “Zero Days”

Reflections

-Having a cool job

-The information revolution and life in the modern world

And much, much more…

Episode Notes

Eric Escobar commits several thousand felonies on any given day, if he didn’t have permission to do what he was doing.

A Principal Security Consultant with SecureWorks, Eric has compromised pretty much everything out there: from healthcare and banking to technology and critical infrastructure, through to amusement parks and next generation military aircraft.

“From my perspective, it’s the coolest job in the entire world.”

His team consecutively won first place in the Wireless CTF category at DEF CON 23, 24, and 25, snagging a Black Badge along the way. He has a BS and MS in Civil Engineering.

And…

The links between computing, hacking and the 60’s counterculture are FASCINATING. Learn more by dipping your toes here and here, or dive deeper with What the Dormouse Said (2005) by John Markoff and From Counterculture to Cyberculture (2006) by Fred Turner.

Quote of the Week

"Watching any critical infrastructure get compromised is really the thing that keeps me up at night because lives are in the balance…and we do a lot of testing for critical infrastructure, and I've seen computers and machines that have been online and not been taken offline, longer than I've been alive…So really interesting to see those types of things because they interact with really big, expensive hardware…there's a catch 22 that happens where you can't really take the machine offline to do maintenance on it because it's critical infrastructure. So then how do you test it to make sure that a hacker can't take it offline, or maintenance can't be done on it? " – Eric Escobar.



Resources


*Andrew’s Recommendation*

-Word Notes

From beginner thru advanced, you’ll find some helpful definitions of things like “Web 3.0,” “NFT’s” and “Digital Transformation” on this Cyberwire audio glossary.

*SpyCasts*

-Inside Microsoft’s Threat Intelligence Center (MSTIC) – with John Lambert and Cristin Goodwin (2021)

-The Cyber Zeitgeist – with Dave Bittner (2021)

-Securing Cyberspace – with Charlie Mitchell (2016)

*Beginner Resources*

-What is Hacking? The Economic Times (n.d.) [web]

-Ethical Hacking in 8 Minutes, Simplilearn (2020) [8 min video]

-Cybersecurity in 7 minutes, Simplilearn (2020) [7 min video]

Books

-The Cyberweapons Arms Race, N. Perloth (Bloomsbury, 2021)

-Cult of the Dead Cow, J. Menn (PublicAffairs, 2020)

-Breaking & Entering, J. Smith (Mariner Books, 2019)

-The Art of Invisibility, K. Mitnick (L, B & C, 2017)

-Ghost in the Wires, K. Mitnick (Back Bay Books, 2012)

-Kingpin, K. Poulson (Crown, 2012)

-The Cuckoo’s Egg, C. Stoll (Doubleday, 1989)

-Neuromancer, W. Gibson (Ace, 1984)

Articles

-2022 State of the Threat: A Year in Review, Secureworks (2022)

-The Anthropology of Hackers, The Atlantic (2010)

-Timeline Since 2006: Significant Cyber Incidents, CSIS (n.d.)

Documentary

-DEFCON, The Documentary Network (2013)

Resources

-Government Hacking Bibliography, S. Quinlan, New America Foundation (2016)

*Wildcard Resource*

-“The Aurora Shard”

Come to the International Spy Museum to see an ugly chunk of metal. Why? Well, it speaks to a revolution in the relationship between the material world and the non-material world. Broken down? 30 lines of code blew up a 27-ton generator. Zeros and ones can cause violent explosions!


Learn more about your ad choices. Visit megaphone.fm/adchoices

  continue reading

674 episodes

Artwork
iconPartager
 
Manage episode 394284117 series 170555
Contenu fourni par SpyCast. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par SpyCast ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.

Summary

Eric Escobar (Twitter; LinkedIn) joins Andrew (Twitter; LinkedIn) to discuss compromising networks and information security. He has a coveted DEFCON Black Badge.

What You’ll Learn

Intelligence

-What keeps Eric up at night

-Thinking like an ethical hacker (aka a “penetration tester)

-Protecting your information (i.e., “Hardening the attack surface”)

-Plain English explanations of key cyber concepts like “Kill Chains” and “Zero Days”

Reflections

-Having a cool job

-The information revolution and life in the modern world

And much, much more…

Episode Notes

Eric Escobar commits several thousand felonies on any given day, if he didn’t have permission to do what he was doing.

A Principal Security Consultant with SecureWorks, Eric has compromised pretty much everything out there: from healthcare and banking to technology and critical infrastructure, through to amusement parks and next generation military aircraft.

“From my perspective, it’s the coolest job in the entire world.”

His team consecutively won first place in the Wireless CTF category at DEF CON 23, 24, and 25, snagging a Black Badge along the way. He has a BS and MS in Civil Engineering.

And…

The links between computing, hacking and the 60’s counterculture are FASCINATING. Learn more by dipping your toes here and here, or dive deeper with What the Dormouse Said (2005) by John Markoff and From Counterculture to Cyberculture (2006) by Fred Turner.

Quote of the Week

"Watching any critical infrastructure get compromised is really the thing that keeps me up at night because lives are in the balance…and we do a lot of testing for critical infrastructure, and I've seen computers and machines that have been online and not been taken offline, longer than I've been alive…So really interesting to see those types of things because they interact with really big, expensive hardware…there's a catch 22 that happens where you can't really take the machine offline to do maintenance on it because it's critical infrastructure. So then how do you test it to make sure that a hacker can't take it offline, or maintenance can't be done on it? " – Eric Escobar.



Resources


*Andrew’s Recommendation*

-Word Notes

From beginner thru advanced, you’ll find some helpful definitions of things like “Web 3.0,” “NFT’s” and “Digital Transformation” on this Cyberwire audio glossary.

*SpyCasts*

-Inside Microsoft’s Threat Intelligence Center (MSTIC) – with John Lambert and Cristin Goodwin (2021)

-The Cyber Zeitgeist – with Dave Bittner (2021)

-Securing Cyberspace – with Charlie Mitchell (2016)

*Beginner Resources*

-What is Hacking? The Economic Times (n.d.) [web]

-Ethical Hacking in 8 Minutes, Simplilearn (2020) [8 min video]

-Cybersecurity in 7 minutes, Simplilearn (2020) [7 min video]

Books

-The Cyberweapons Arms Race, N. Perloth (Bloomsbury, 2021)

-Cult of the Dead Cow, J. Menn (PublicAffairs, 2020)

-Breaking & Entering, J. Smith (Mariner Books, 2019)

-The Art of Invisibility, K. Mitnick (L, B & C, 2017)

-Ghost in the Wires, K. Mitnick (Back Bay Books, 2012)

-Kingpin, K. Poulson (Crown, 2012)

-The Cuckoo’s Egg, C. Stoll (Doubleday, 1989)

-Neuromancer, W. Gibson (Ace, 1984)

Articles

-2022 State of the Threat: A Year in Review, Secureworks (2022)

-The Anthropology of Hackers, The Atlantic (2010)

-Timeline Since 2006: Significant Cyber Incidents, CSIS (n.d.)

Documentary

-DEFCON, The Documentary Network (2013)

Resources

-Government Hacking Bibliography, S. Quinlan, New America Foundation (2016)

*Wildcard Resource*

-“The Aurora Shard”

Come to the International Spy Museum to see an ugly chunk of metal. Why? Well, it speaks to a revolution in the relationship between the material world and the non-material world. Broken down? 30 lines of code blew up a 27-ton generator. Zeros and ones can cause violent explosions!


Learn more about your ad choices. Visit megaphone.fm/adchoices

  continue reading

674 episodes

Tous les épisodes

×
 
Loading …

Bienvenue sur Lecteur FM!

Lecteur FM recherche sur Internet des podcasts de haute qualité que vous pourrez apprécier dès maintenant. C'est la meilleure application de podcast et fonctionne sur Android, iPhone et le Web. Inscrivez-vous pour synchroniser les abonnements sur tous les appareils.

 

Guide de référence rapide