Mayhem Blog

With more than 600K followers on YouTube, LiveOverflow is one of infosec’s first social media influencers. How did he get started and what’s next?

What if you discovered a flaw in a ransomware payment system that unlocked the data without paying the ransom? Would you use it? Jack Cable talks about hacking the Qlocker ransomware and briefly interrupting its payment system.

MITRE ATT&CK catalogs the known tactics, techniques, and procedures of past advanced persistent threats, providing a roadmap for any red or blue team. In this episode, Frank Duff, Director of ATT&CK Evaluations for MITRE Engenuity, talks about how both red and blue teams can directly benefit from ATT&CK.

It seems everything smart is hackable, with IoT startups sometimes repeating security mistakes first made decades ago. How then does one start securing it?

You’d think that having an amazing resume, a couple of bug bounties, or a CTF win would land you that dream infosec job. For many, though, that isn’t true. That’s why Tennisha Martin founded Black Girls Hack.

Shortly after OpenSSL’s Heartbleed, Shellshock was discovered lurking in two-decades old Bash code. How could open source software be vulnerable for so long? This episode looks at how open source projects have for the most part gone untested over time.

What is the allure of lockpicking at hacker conferences? In this episode Deviant Ollam explains why these mechanical puzzles remain popular with hackers. Ollam, who was an early member of Toool, The Open Organization of Lockpickers, discusses his career as a physical pen tester and also provides some basic lockpicking tips.

To help more people to become penetration testers, Kim Crawley and Phillip L. Wylie wrote The PenTester BluePrint: Starting A Career As An Ethical Hacker. In this episode of The Hacker Mind, Kim talks about the practical steps anyone can take to gain the skills and confidence necessary to become a penetration tester.

How do the current DMCA laws impact those who hack digital devices? And why doesn’t our basic right to repair our devices extend into the digital world? To answer these questions, Paul Roberts, Editor-in-Chief of the Security Ledger, founded secureparis.org, a group of infosec experts who are volunteering to fight for the right to repair.