Pen-testing techniques may not have changed much over time, but the tools and scope certainly have. Here's the state of pen testing as we approach 2024.
Austin spends the majority of his time thinking about ways to abuse LLMs, the impact of the attacks, and the effects on society. He brings a truly unique perspective to the way to use, attack, and verify output from AI LLM models. Whether you are just learning the ins and outs of LLMs or you were an early adopter, this segment is for you!
The next version of the PCI DSS will likely mean more work for pen testers and give them more leeway in conducting tests, but it also puts them under greater scrutiny. Here’s what’s new in PCI DSS 4.0.
Chris Rock is a Cyber Mercenary who has worked in the Middle East, US and Asia for the last 30 years working for both government and private organizations. ˇHe is the Chief Information Security Officer and co-founder of SIEMonster. Chris has presented three times at the largest hacking conference in the world, DEFCON in Las Vegas on controversial v...
Resources we mentioned:
The Hardware Hackers Handbook is a great start
Do a badge challenge: https://www.cyberark.com/resources/threat-research-blog/an-introduction-to-hardware-hacking
Take some classes
Do some Arduino stuff: https://www.arduino.cc/
Take free courses on electrical engineering: https://ocw.mit.edu/courses/6-01sc-introduction-to-el...
In the Security News: No Flipper Zero for you!, your glibc is hanging out and other Looney Tunables, and it vulnerable, for no reasons, other than the obvious ones, a Russian firm will pay $20m for Android or iPhone 0days, you do what you do and other Exim vulnerability stories, yet another way to become root on Linux, if you ever wanted to read th...
SiliconAngle reports that more companies have been conducting purple team cybersecurity threat evaluations, with security penetration testing firm SpecterOps being the latest to create a collaboration between its offensive and defensive cybersecurity teams in testing and defending corporate systems.
If you've ever played Dungeons & Dragons, you probably know that the quality of the experience depends on how prepared, experienced, and talented the Dungeon Master is.
Today, we'll talk to InfoSec DM and practitioner extraordinaire Ryan Fried about some of the key elements that separate a good cybersecurity tabletop exercise from a bad one! T...