From Black Hat to Bug Bounties [Pt. 2] with Thomas DeVoss
Hacker Valley Studio8 Syys 2022

From Black Hat to Bug Bounties [Pt. 2] with Thomas DeVoss

We’re joined again by the hacker’s hacker, Tommy DeVoss, aka dawgyg. Bug bounty hunter and reformed black hat, Tommy dives back into a great conversation with us about his journey in hacking and his advice to future red team offensive hackers. We cover everything we couldn’t get to from part 1 of our interview, including his struggles with burnout, his past hacking foreign countries on a bold quest to stop terrorism, and his future in Twitch streaming to teach you how to be a better bug bounty hunter.

Timecoded Guide:

[02:57] Fixating on hacking because of the endless possibilities and iterations to learn

[09:54] Giving advice to the next generation of hackers

[17:17] Contacting Tommy and keeping up with him on Twitter

[21:43] Planning a Twitch course to teach hackers about bug bounties using real bugs and real-world examples

[24:57] Hacking in the early 2000s and understanding the freedom Tommy has to talk about any and all illegal hacking he’s done now that he’s gone to prison

Sponsor Links:

Thank you to our sponsors Axonius and PlexTrac for bringing this season of HVR to life!

Life is complex. But it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone

PlexTrac is pleased to offer an exclusivecRed Team Content Bundle for Hacker Valley listeners. This bundle contains both our "Writing a Killer Penetration Test Report" and "Effective Purple Teaming" white papers in ONE awesome package. Head to PlexTrac.com/HackerValley to learn more about the platform and get your copy today!

Do you ever struggle with burnout when it comes to hacking?

Hacking has maintained Tommy’s interest longer than anything else because of the constant changes in technology and the ever-evolving issues in the online world. However, just because hacking is his passion, doesn’t mean that burnout or frustration never happens. Currently, Tommy is taking more of a break with hacking, letting his current day job and his passion for gaming have a front seat. However, he’s still firmly in the industry, passionately developing learning opportunities for future hackers and answering questions from cyber professionals of all backgrounds.

“I do get burned out sometimes…When it comes to bug bounty hunting, I try and make it so it averages out to where I make at least $1,000 an hour for my effort. It doesn't always work. Sometimes I'm more, sometimes I'm less, but I try and get it so it averages out to about that.”

What hacking advice would you give the younger version of yourself?

Although his black hat ways resulted in prison time for Tommy, he doesn’t regret his past and instead seeks to teach others the lessons he’s learned. When we asked Tommy for advice for new hackers, he was clear that success is a longer journey than people assume it is. Tommy’s success was not a fluke, it took years of hands-on learning and patience with failures in order to develop his bug bounty skills. Nothing is actually automatic or easy with hacking, especially as the technology continues to change and evolve. Tommy wants hackers to take every opportunity to try out their skills, even if it's a complete failure.

“Don't expect success overnight. Also, don't let failure discourage you. When it comes to hacking, you're going to fail significantly more than you're going to succeed. And the people that are successful in bug bounties are the ones that don't let those failures discourage them.”

What do you think about the “media obsessed” stereotype many people have about black hat hackers?

Wrapping up today, Tommy tells us that he’d be happy to be back in the Hacker Valley Studio again some time. Although the stereotype of a black hat hacker wanting attention from the media is disproven, Tommy believes that he definitely has craved that media attention for a large majority of his hacking career. Starting in the early 2000s, after 9/11, Tommy had one of his first brushes with fame in an interview with CNN about hacking Middle Eastern companies. Although his hacking and his politics have changed since then, Tommy enjoys having in-depth conversations about hacking and explaining the intricacies of what he does.

“We loved the attention back then, and I still love the attention now, it's nice. The good thing about now is, because I already got in trouble for everything that I've done, I've done my prison time, I don't have anything that I did illegally on the computer anymore that I can't talk about, because I've already paid my debt to society.”

What are the best ways for people to keep up with what you’re doing?

Considering Tommy’s success, it’s understandable that a lot of cyber professionals and amateurs have tons of questions for him. When it comes to getting in contact with Tommy, he recommends tweeting him on Twitter publicly so that he can not only answer your question, but help others with the exact same questions. Education is key, and Tommy is so dedicated to teaching other hackers that he’s currently developing a recurring Twitch stream centered around helping others learn about bug bounty hunting.

“I don't know how successful we're going to be in finding the bugs, but I think it'll be fun to teach people [on Twitch] and do it that way, so that they can actually spend some time learning it. The best way to actually learn this stuff is to actually try and do the hacking.”

-----------

Links:

Stay in touch with Thomas DeVoss on LinkedIn and Twitter.

Check out the Bug Bounty Hunter website.

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.

Follow Ron Eddings on Twitter and LinkedIn

Catch up with Chris Cochran on Twitter and LinkedIn

Purchase a HVS t-shirt at our shop

Continue the conversation by joining our Discord

Jaksot(408)

Having Resilience In Your Cyber Career with Erika Eakins

Having Resilience In Your Cyber Career with Erika Eakins

In this episode, host Chris is joined by Erika Eakins — a cybersecurity sales ninja, podcaster, and co-founder at Teach Kids Tech. Erika opens up about her challenges entering tech and cybersecurity as a woman and her mission to serve the underrepresented. Erika also shares how the strength and resilience she acquired in childhood have helped to carry her through unexpected hardships in the industry like layoffs. Impactful Moments: 0:00-Welcome 00:50-Introducing guest, Erika Eakins 01:22-Erika’s origin story 05:43-Being judged on looks 07:10-”Why are you still in?!” 07:47-Where to find strength 10:40-Who are the Cyber Queens? 13:18-Join our mastermind! 14:02-Aiming to Overcome Obstacles 16:08-Reflection on Resilience 17:54-Teach Kids Tech 20:30-The legacy of Queens 23:23-Power of Positivity & Support Links: Connect with our guest Erika Eakins https://www.linkedin.com/in/eeakins/ Check out The Cyber Queens Podcast https://www.cyberqueenspodcast.com/ Learn more about Teach Kids Tech https://www.teachkidstech.net/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com/ Continue the conversation by joining our Discord: https://hackervalley.com/discord

26 Syys 202325min

Build vs. Buy: The Classic Technologist Conundrum

Build vs. Buy: The Classic Technologist Conundrum

It’s a classic technologist conundrum: Should I build or buy the solution I need to solve a problem? The “Build vs. Buy” conundrum is faced by technology teams worldwide. To help approach this riddle, Chris Cochran speaks to two industry veterans, Slavik Markovich co-founder & CEO of Descope, and Rob Fry, co-founder of AKA Identity.  Whether you’re an entrepreneur, a CTO, or just tech-curious, this episode offers invaluable insights. Using the identity market as a case study, we’ll explore the multifaceted considerations needed to make the best choice for your team and organization.   Impactful Moments: 0:00 - Build vs. Buy: The Classic Technologist Conundrum 0:37 - Show Intro 0:57 - Introducing Slavik Markovich and Rob Fry 3:25 - Previous build vs. buy project 6:44 - Decision logic for build vs. buy  15:09 - How does tech sway your decision making? 19:44 - How does data impact decision making? 24:31 - How do processes influence decision making? 29:13 - Maintaining custom tech solutions over time 33:28 - Tenants for building a tech company 41:06 - Build authentication and user journey flows with Descope   Links:  Learn more about Descope: https://www.descope.com/ Connect with our guest Slavik Markovich: https://www.linkedin.com/in/slavikm/ Connect with our guest Rob Fry: https://www.linkedin.com/in/fry-rob-g/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

19 Syys 202343min

AI Is the Tool Not the Toolbox

AI Is the Tool Not the Toolbox

Embrace the AI Revolution in Cybersecurity! Ron Eddings explores the dynamic world of AI, from cybersecurity automation to anomaly detection. Learn how AI is being used by practitioners and creators to stay one step ahead of the adversary and the competition   Impactful Moments 0:00 - Intro 1:35 - Origin into cybersecurity and automation 6:12 - What is Artificial Intelligence? 8:23 - Using AI to Classify Phishing Emails 11:32 - Descript and Claude2 to Summarize Content 17:54 - ChatGPT Advanced Data Analysis 21:41 - Top 4 AI Red Team Attacks 26:09 - Cybersecurity AI Disrupters 27:50 - Cybersecurity Creative Mastermind   Links: Connect with Ron Eddings: https://www.linkedin.com/in/ronaldeddings/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

12 Syys 202328min

Security Teams Can’t Do It All with Rob Wood - REWIND

Security Teams Can’t Do It All with Rob Wood - REWIND

For this week's episode, we brought back a fan favorite Security Teams Can't Do It All. This episode features guest Rob Wood, CISO at CMS, who discusses the challenges of data silos in the workplace and the importance of supportive leadership.   Links: Connect with our guest Rob Wood on LinkedIn Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

5 Syys 202330min

The Art of Creating Cybersecurity Content With Jason Rebholz

The Art of Creating Cybersecurity Content With Jason Rebholz

In this episode, host Ron is joined by the CISO at Corvus Insurance, Jason Rebholz, to talk about the life of being a cybersecurity content creator. From his drive to create cyber content for technical and non-technical audiences to the sometimes harsh realities of content creation, Jason opens up about the importance of having passion and well-balanced goals. Impactful Moments 00:00 - Welcome 01:12 - Introducing guest, Jason Rebholz 02:05 - Jason’s cybersecurity background 04:37 - Everybody loves a former CISO 06:16 - Creating digestable content for all 09:07 - The nuances of MFA 11:16 - Goal setting 14:06 - The harsh reality of content creation 18:56 - Bullets before canon balls 28:53 - Join our mastermind! 29:57 - Balance is key 31:25 - Mastering effective communication 33:29 - Advice for aspiring content creators   Links: Connect with our guest Jason https://www.linkedin.com/in/jrebholz/ Check out Jason’s YouTube channel https://www.youtube.com/@teachmecyber Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

29 Elo 202335min

Humility In Product Management with Eric Avigdor

Humility In Product Management with Eric Avigdor

In this episode, hosts Ron and Chris are joined by special guest Eric Avigdor, VP of Product Management at Votiro. With humility as the focal point, Eric details his journey as a Product Manager — sharing his unique approach to leadership and customer engagement, as well as the art of asking the right questions. Discover how Votiro is spearheading content security innovation, and don't miss Eric's advice for budding Product Managers eager to make their mark in the industry. Impactful Moments: 00:00 - Welcome 01:10 - Introducing guest, Eric Avigdor 02:27 - Cybersecurity is like an orchestra 03:20 - Product Management vs Engineering 04:40 - Misconceptions of Product Management 07:09 - Understanding the product 08:18 - The realities of the job 10:51 - Tying the whole story together 13:32 - Why Votiro? 16:52 - Leading the way in innovation 19:05 - A word about our sponsor 21:24 - A use-case storytime 23:17 - Integrating where content resides 25:06 - Security + collaboration is the goal 27:50 - Advice for aspiring Product Managers Links: Connect with Eric Avigdor: https://www.linkedin.com/in/eric-avigdor-0b561118/  Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

22 Elo 202329min

Leadership In Cybersecurity with Marty Overman

Leadership In Cybersecurity with Marty Overman

Host Chris Cochran is joined by Marty Overman, Senior VP at Imperva, to discuss the importance of self-awareness and transparency in cybersecurity leadership. The two emphasize the need for leaders to recognize their strengths and weaknesses and understand and empathize with the needs and experiences of those they lead. Impactful Moments 00:00 - Welcome 00:52 - Introducing guest, Marty Overman 01:26 - What makes a great sales leader? 04:50 - The power of asking questions 07:27 - Building strong team cultures 11:58 - Creating opportunities for collaboration 14:28 - Setting goals and expectations 17:24 - Creating team identity together 24:15 - Identifying areas for improvement 28:09 - Psychological safety in leadership 30:12 - Creating a safe space 34:52 - Adults and the inner child 37:26 - Empathy and understanding Links: Connect with Marty Overman: https://www.linkedin.com/in/martyoverman/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

15 Elo 202338min

SaaS Opportunities & Consequences of Using AI

SaaS Opportunities & Consequences of Using AI

In this episode, host Ron is joined by Jamie Blasco, co-founder and CTO at Nudge Security, to discuss the opportunities of SaaS as well as the security implications of AI. Jamie also considers the importance of striking a balance between productivity and security when employees adopt new tools. Lastly, he emphasizes his philosophy of treating employees as part of the solution and creating a culture where they feel valued and included in the company's security efforts. Impactful Moments: 00:00 - Welcome 01:35 - Introducing guest, Jamie Blasco 02:25 - How does SaaS fit into AI today? 03:52 - Areas of opportunity for AI & SaaS 05:17 - A walk down Jamie’s memory lane 09:56 - Finding the shadow IT 15:08 - What are the risks? 18:26 - A word from our sponsor! 20:40 - 3rd party risk & data usage 24:33 - Types of AI Nudge is utilizing 26:38 - The premise behind Nudge 30:50 - Employees as part of the solution 33:13 - SaaS — critical but risky 36:43 - Jamie’s final words of advice Links: Connect with Jamie Blasco: https://www.linkedin.com/in/jaimeblasco/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

1 Elo 202338min

Suosittua kategoriassa Koulutus

rss-murhan-anatomia
voi-hyvin-meditaatiot-2
psykopodiaa-podcast
psykologia
rss-duodecim-lehti
rss-niinku-asia-on
adhd-podi
rss-vapaudu-voimaasi
rss-valo-minussa-2
kesken
jari-sarasvuo-podcast
rss-luonnollinen-synnytys-podcast
aamukahvilla
aloita-meditaatio
rss-uskonto-on-tylsaa
rss-ai-mita-siskopodcast
rss-narsisti
rss-rouva-keto
rss-pedatalk
rss-metropolia-ammattikorkeakoulu