From Black Hat to Bug Bounties [Pt. 2] with Thomas DeVoss
Hacker Valley Studio8 Syys 2022

From Black Hat to Bug Bounties [Pt. 2] with Thomas DeVoss

We’re joined again by the hacker’s hacker, Tommy DeVoss, aka dawgyg. Bug bounty hunter and reformed black hat, Tommy dives back into a great conversation with us about his journey in hacking and his advice to future red team offensive hackers. We cover everything we couldn’t get to from part 1 of our interview, including his struggles with burnout, his past hacking foreign countries on a bold quest to stop terrorism, and his future in Twitch streaming to teach you how to be a better bug bounty hunter.

Timecoded Guide:

[02:57] Fixating on hacking because of the endless possibilities and iterations to learn

[09:54] Giving advice to the next generation of hackers

[17:17] Contacting Tommy and keeping up with him on Twitter

[21:43] Planning a Twitch course to teach hackers about bug bounties using real bugs and real-world examples

[24:57] Hacking in the early 2000s and understanding the freedom Tommy has to talk about any and all illegal hacking he’s done now that he’s gone to prison

Sponsor Links:

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

Life is complex. But it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone

PlexTrac is pleased to offer an exclusivecRed Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today!

Do you ever struggle with burnout when it comes to hacking?

Hacking has maintained Tommy’s interest longer than anything else because of the constant changes in technology and the ever-evolving issues in the online world. However, just because hacking is his passion, doesn’t mean that burnout or frustration never happens. Currently, Tommy is taking more of a break with hacking, letting his current day job and his passion for gaming have a front seat. However, he’s still firmly in the industry, passionately developing learning opportunities for future hackers and answering questions from cyber professionals of all backgrounds.

“I do get burned out sometimes…When it comes to bug bounty hunting, I try and make it so it averages out to where I make at least $1,000 an hour for my effort. It doesn't always work. Sometimes I'm more, sometimes I'm less, but I try and get it so it averages out to about that.”

What hacking advice would you give the younger version of yourself?

Although his black hat ways resulted in prison time for Tommy, he doesn’t regret his past and instead seeks to teach others the lessons he’s learned. When we asked Tommy for advice for new hackers, he was clear that success is a longer journey than people assume it is. Tommy’s success was not a fluke, it took years of hands-on learning and patience with failures in order to develop his bug bounty skills. Nothing is actually automatic or easy with hacking, especially as the technology continues to change and evolve. Tommy wants hackers to take every opportunity to try out their skills, even if it's a complete failure.

“Don't expect success overnight. Also, don't let failure discourage you. When it comes to hacking, you're going to fail significantly more than you're going to succeed. And the people that are successful in bug bounties are the ones that don't let those failures discourage them.”

What do you think about the “media obsessed” stereotype many people have about black hat hackers?

Wrapping up today, Tommy tells us that he’d be happy to be back in the Hacker Valley Studio again some time. Although the stereotype of a black hat hacker wanting attention from the media is disproven, Tommy believes that he definitely has craved that media attention for a large majority of his hacking career. Starting in the early 2000s, after 9/11, Tommy had one of his first brushes with fame in an interview with CNN about hacking Middle Eastern companies. Although his hacking and his politics have changed since then, Tommy enjoys having in-depth conversations about hacking and explaining the intricacies of what he does.

“We loved the attention back then, and I still love the attention now, it's nice. The good thing about now is, because I already got in trouble for everything that I've done, I've done my prison time, I don't have anything that I did illegally on the computer anymore that I can't talk about, because I've already paid my debt to society.”

What are the best ways for people to keep up with what you’re doing?

Considering Tommy’s success, it’s understandable that a lot of cyber professionals and amateurs have tons of questions for him. When it comes to getting in contact with Tommy, he recommends tweeting him on Twitter publicly so that he can not only answer your question, but help others with the exact same questions. Education is key, and Tommy is so dedicated to teaching other hackers that he’s currently developing a recurring Twitch stream centered around helping others learn about bug bounty hunting.

“I don't know how successful we're going to be in finding the bugs, but I think it'll be fun to teach people [on Twitch] and do it that way, so that they can actually spend some time learning it. The best way to actually learn this stuff is to actually try and do the hacking.”

-----------

Links:

Stay in touch with Thomas DeVoss on LinkedIn and Twitter.

Check out the Bug Bounty Hunter website.

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Follow Ron Eddings on Twitter and LinkedIn

Catch up with Chris Cochran on Twitter and LinkedIn

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Jaksot(406)

The Future of Endpoint Threats and Why Zero Trust is the Only Option with Rob Allen

The Future of Endpoint Threats and Why Zero Trust is the Only Option with Rob Allen

Get ready for a SPECIAL episode! Ron Eddings will take you on an inside look at Threatlocker’s rapidly growing event, Zero Trust World, and will talk with Rob Allen, Chief Product Officer at Threatlocker, to discuss what you can find out from your endpoints (hint: it’s more than remote access tools you didn’t know were running!)   Impactful Moments: 00:00 - Welcome 01:24 - Zero Trust World Sneak Peek! 02:21 - From our Sponsor, Threatlocker 03:50 - Introducing guest, Rob Allen 05:03 - What’s Zero Trust World 10:40 - Technical Executive Leaders 16:24 - Managing from the Top Down 20:33 - More Than Allow Listing 24:38 - Rubber Ducky, You’re the One… 26:59 - Assume Breach 29:30 - Some Interesting Finds 35:55 - Where Most of the Action Happens 26:30 - One Step Better…   Links: Connect with our guest, Rob Allen: https://www.linkedin.com/in/threatlockerrob/  Check out https://www.threatlocker.com/  to learn more! See the Zero Trust World recap portion here on our YouTube Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

20 Maalis 202443min

Slugging it Out in the SOC to Find Your Niche in Cyber with Nate Malicoat

Slugging it Out in the SOC to Find Your Niche in Cyber with Nate Malicoat

Ron Eddings sits down in-person with Nate Malicoat, Threat Intel Engineer at ContraForce, for a down-to-earth interview about entering the cybersecurity workforce from the Marines. Impactful Moments: 00:00 - Welcome 01:20 - Introducing guest, Nate Malicoat 03:00 - Marines to Computer Life 05:13 - Importance of Mentoring & Mentors 10:04 - Participating in the Industry 12:42 - Why Aim For the CISO role? 14:40 - Be Persistent, But Not Annoying   Links: Connect with our guest, Nate Malicoat: https://www.linkedin.com/in/nate-malicoat-58760a143/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

5 Maalis 202416min

Creating Value in the Cyber Industry with Nick Lantuh

Creating Value in the Cyber Industry with Nick Lantuh

Nick Lantuh, CEO of Interpres Security, joins Ron Eddings on the mic at Hacker Valley’s “On the Big Screen” event to talk about how Nick’s previous career experience have given him unique insight into the cybersecurity industry. Ron and Nick discuss everything from Nick’s immigrant background and his experience with helping customers, to threat modeling and starting up companies.   Impactful Moments: 00:00 - Welcome 01:05 - Introducing guest, Nick Lantuh 03:06 - The Differentiator 06:21 - Wanting to ‘Be Your Own Boss’ 10:00 - Being the Executive Chairman 12:47 - The Go-To-Market Side 15:11 - The Turnaround 18:01 - Making the Ecosystem Better 21:20 - Bridging the Gap 24:14 - Exposure Management 29:59 - One Step Better…   Links: Connect with our guest, Nick Lantuh: https://www.linkedin.com/in/nicklantuh/ Check out Interpres Security: https://interpressecurity.com/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

27 Helmi 202431min

AI & Phishing: Fighting Fire with Fire

AI & Phishing: Fighting Fire with Fire

In this episode, Host Ron Eddings is joined by Vishal Dixit, Co-founder & CTO at Graphus Inc., and Sven Bechmann, Senior Product Manager of Email Security at Kaseya to dig into how phishing attacks are evolving and how you can keep your business safe.   Get the ultimate email security software and stop phishing attacks that others miss! Request a demo from our friends at Graphus, today! -- and don't miss their 5-minute guide to phishing attacks and prevention.    Impactful Moments: 00:00 - Welcome 01:37 - Introducing guests Vishal & Sven 02:50 - The Current State of Phishing 06:40 - Phishing & Career Path 10:47 - From our Sponsor, Graphus Inc 12:07 - Phishing & Email Security 14:27 - “Security Is an Afterthought” 17:29 - What are Hackers Doing with AI? 23:08 - AI & Phishing Detection 31:30 - Phishing Evolution 35:30 - One Step Better…   Links: Connect with our guests: Vishal Dixit: https://www.linkedin.com/in/dixitvishal/ Sven Bechmann: https://www.linkedin.com/in/sven-bechmann-product-management/ Learn more from Graphus.ai: https://www.graphus.ai/hackervalley Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

20 Helmi 202437min

Andrew Forgie's Path From Apache Mechanic to Cybersecurity Sales Leader and Mastering Cyber Sales

Andrew Forgie's Path From Apache Mechanic to Cybersecurity Sales Leader and Mastering Cyber Sales

In this episode, Andrew Forgie takes us on his journey from his early days as an Apache helicopter mechanic in the military to his current role as a regional sales manager in cybersecurity.  Andrew shares his trials and challenges, the significant shift from being in a service role to mastering the art of sales in the highly competitive tech industry. His story illustrates the power of adapting to change and the critical role of personal development in achieving professional success. 00:00 - Introduction 00:42 - Introduction to the episode and guest Andrew Forgie, regional sales manager at RMS. 01:29 - Andrew discusses his transition from the military to cybersecurity sales. 02:43 - Insight into Andrew's early struggles and successes in sales. 04:13 - How "Selling for Dummies" transformed Andrew's approach to sales. 06:02 - The importance of attitude and creating a buying environment in sales. 08:09 - Andrew shares his life vision exercise and its impact on his career. 12:09 - Discussion on the value of relationships in cybersecurity sales. 24:19 - Advice for those looking to enter or excel in cybersecurity sales. Links: Connect with our guest Andrew Forgie: https://www.linkedin.com/in/andrewforgie/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

14 Helmi 202426min

Zinet Kemal's Journey From Ethiopian Immigrant to TEDx Speaker & Cloud Security Engineer at Fortune

Zinet Kemal's Journey From Ethiopian Immigrant to TEDx Speaker & Cloud Security Engineer at Fortune

In this episode of Hacker Valley Studio, we dive into the inspiring journey of Zinet Kamal, an immigrant from Ethiopia who has carved a niche for herself in cybersecurity. Despite starting her journey with limited access to technology and not having mentors until 2020, Zinet's resilience and passion led her to become a cloud security engineer at a Fortune 500 company. Her story is a testament to the human spirit's capability to overcome barriers and make significant strides in the tech industry.   This episode is a story of personal growth, cultural transitions, and the drive to empower the next generation through education and cybersecurity awareness. As a mother of four, a multi-award-winning cybersecurity advocate, and a best-selling author, Zinet brings a unique perspective on the importance of diversity in tech and the role of mentorship in shaping future leaders. 00:00 - Welcome 01:32 - Introducing Guest, Zinet Kemal 03:09 - Growing up in Africa 07:12 - “I Never Had a Children’s Book” 12:52 - Culture Shock 16:02 - From Legal to Cybersecurity 18:50 - CCDC Competition 21:55 - Role of Community in Resetting 24:34 - “Oh No… Hacked Again!” 30:00 - Online Safety Empowerment 34:50 - Moving up in Cyber   Links: Connect with Zinet Kemal: https://www.linkedin.com/in/zinetkemal/ Zinet’s LinkedIn Course:  https://www.linkedin.com/learning/cybersecurity-careers-build-your-brand-in-cybersecurity/grow-your-cybersecurity-career-with-personal-branding?course Check out Zinet's Books: https://www.amazon.com/stores/Zinet-Kemal/author/B099P5B8FD Watch Zinet's TEDx Talk: https://www.youtube.com/watch?v=J61K1Gu97jM Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

6 Helmi 202438min

Paving the Path for CISOs of the Future with Gary Hayslip

Paving the Path for CISOs of the Future with Gary Hayslip

In this episode, Host Ron Eddings catches up with repeat guest, Gary Hayslip, CISO at SoftBank Investment Advisors and co-author of CISO Desk Reference guide. Gary explains that the varied nature of his current CISO role contrasts with the broader industry trends. He discusses how that nature plays into the CISO hiring process and career path, as well as how his books are helping to bridge the gap among professionals.   Impactful Moments: 00:00 - Welcome 00:59 - Introducing guest, Gary Hayslip 01:38 - The Path to Becoming a CISO 08:04 - CSO vs CISO 10:47 - “I'm firing you…” 15:03 - Interviewing for the CISO role 17:56 - Join Our Mastermind 18:39 - Being ‘Mr. Maybe’ 21:41 - CISO- A Day in the Life 24:50 - Using Books to Pave the Way   Links: Connect with our guest Gary Hayslip: https://www.linkedin.com/in/ghayslip/ Check out Gary’s Books: https://www.amazon.com/stores/Gary-Hayslip/author/B01IJN838A?ref=ap_rdr&isDramIntegrated=true&shoppingPortalEnabled=true Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

30 Tammi 202429min

The Untold Story of Browser Risks: Pioneering Enterprise Browser Security with Or Eshed

The Untold Story of Browser Risks: Pioneering Enterprise Browser Security with Or Eshed

In this episode, Host Ron Eddings and guest Or Eshed, CEO of Layer X, discuss how changes in IT infrastructure, employee behavior and malicious tech have created an era where browser security is a must. Or details how he is spearheading a movement to reposition browsers as our first line of defense. Impactful Moments: 00:00 - Welcome 02:50 - Introducing guest, Or Eshed 05:27 - The Crime Scene: Where Employees Are 07:20 - Educating Users with a Browser Extension 10:13 - The Enablement Game 13:10 - How Malicious Browser Extensions Work 16:07 - From our Sponsor, Layer X 17:33 - Better Than EDR- Know Who Is Doing What 22:53 - Stop Account Takeovers- Stealthily 27:55 - Predictions & GPT Use Case 33:16 - One Step Better… Links: Connect with our guest : https://www.linkedin.com/in/or-eshed/ Check out Layer X: https://layerxsecurity.com/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

23 Tammi 202435min

Suosittua kategoriassa Koulutus

rss-murhan-anatomia
psykopodiaa-podcast
voi-hyvin-meditaatiot-2
rss-niinku-asia-on
jari-sarasvuo-podcast
psykologia
rss-duodecim-lehti
aloita-meditaatio
ihminen-tavattavissa-tommy-hellsten-instituutti
rss-psykalab
aamukahvilla
rss-liian-kuuma-peruna
rss-narsisti
rss-vapaudu-voimaasi
mielipaivakirja
rss-valo-minussa-2
rss-arkea-ja-aurinkoa-podcast-espanjasta
rss-rouva-keto
rss-anteeks-etukateen
filocast-filosofian-perusteet