Mayhem Case Studies

Red teams and pen tests are point in time assessments. What if you could simulate an ongoing attack to test your teams’ readiness? You can with a cyber range. Lee Rossi, CTO and co founder.of SimSpace, a cyber range company, joins The Hacker Mind podcast to explain how using both live Red Teams and automated cyber ranges can keep your organization ahead of the attackers.

Web APIs have become increasingly important to the operation of modern business. Many business models for new products and services are constructed based on APIs such as billing, IoT and identity providers. Engineers are under pressure to deliver web APIs that are tested, observable, maintainable, scalable and secure!

Just because you have a tool, like ATT&CK, you might not realize its full potential without someone being there to guide you … at least in the beginning. Frank, now the chief innovation officer and co founder of Tidal Security, returns to The Hacker Mind to discuss the ATT&CK, only ...

DEF CON is 30 years old this year, and it’s bigger and better in part because of topic-specific villages. Here’s an inside look at four of the most popular villages.

Fighting organized crime online might seem like a logical extension for law enforcement, but, in fact, it is not all that straight forward. Michael McPherson is someone with 25 years in the FBI, who has transitioned out to the corporate world, and can best describe the experiences on both sides.

There’s a war online in Ukraine, one that you haven’t heard much about, in part because the country is holding its own thanks to infosec volunteers worldwide. Mikko Hypponen joins The Hacker Mind to discuss cybercrime unicorns and the fog of cyber war that surrounds the Ukrainian war.

Living off the Land (LoL) is an attack where files already on your machine, ie your operating system, are used against you. They would be undetectable, right? Kyle Hanslovan CEO of Huntress Labs joins The Hacker Mind to discuss recent LoL attacks.

With digital convenience there’s often a price. And if that means a bad actor can create a wireless key for your new Tesla, that price is pretty steep. At CanSecWest 2022, researcher Martin Herfurt announced a new tool,TeslaKee, which he hopes prevents wireless key attacks from happening.

CWE 401- Missing Release Of Memory After Effective Lifetime can occur when a program does not release memory after it is finished using it.