This episode’s guest is Bay Area based security researcher MG. He joins the podcast to share his work experimenting with various HID (Human Interface Devices) attacks using USB drives and cables. MG has also made news recently for disclosing a vulnerability in the Amazon Key smart lock technology and shares his experience developing the proof of concept and eventually sharing it with Amazon’s security team.
Another year, another wave of security incidents and threat models to keep the cybersecurity industry busy. So there was plenty to discuss and share as the InfoSec community flocked to San Francisco for the annual RSA Conference last month.
A view from the escalator as I descend into the bowels of RSAC 2017.
As always, the latest trends in the industry were addressed. Large data breaches, quickly growing threat models, security education, political hacking, and the risks posed by the Internet of Things were common threads throughout many of the keynotes, sessions, workshops, expos, and general chatter among attendees.
RSAC has more of a trade show feel compared to other security conferences so I’ve learned over the years that it’s best to approach the conference as an opportunity to meet and network with industry experts. This year I spent less time attending the talks and more time meeting with the players in the industry who are there to make deals and form partnerships.
Throughout the week I was lucky to catch up with several industry professionals representing some of the top tier firms in the cybersecurity sector who shared their take on the challenges and trends facing cybersecurity firms, their clients, and end users.
This episode of the podcast features interviews collected at RSAC 2017.
At this year’s RSA security conference in San Francisco, researcher Rob Graham gave a presentation entitled “Mirai and IoT Botnet Analysis.” His talk examined the infamous “Mirai” Internet of Things botnet and shared details on how it operates. Graham also covered technical aspects of the cameras it infects and detailed his own experimentation with Mirai in the wild. He went on to discuss last year’s massive DDoS attacks on DNS provider Dyn, which involved variations of the Mirai IoT botnet.