))
Security Headlines with Johnny Xmas
Manage episode 300249059 series 2971726
Content provided by Firo Solutions. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Firo Solutions or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
In this episode of Security Headlines, we are joined by
the Hacker Johnny Xmas. Johnny is a very interesting character
with a lot of fun projects behind him.
Join us as we get to hear Johnny's stories as we deep dive
into this weeks episode of Security Headlines:
## Venmo
After giving a talk about it and releasing software that made everyone
able to easily abuse this, Luckily venmo took action and limited the
amount of data avaliable. Johnny found a way to generate api keys with
just making a simple request to the
## Bypassing Webb application firewalls
A lot of firewalls just focus on IP filtering which is a huge problem
when, in todays world it is really easy and cheap for a consumer
to aquire a large sets off ip addresses.
One provider of proxied ip addresses is Hola VPN that lets their free
users act as exit nodes that they sell using platforms such as luminate.
Other people have adopted this approach but with mobile development toolkits.
## Grimm
Johnny is currently working for the security engineering firm Grimm, a company known for its involvement in the ICS(Industrial control system) security work.
Currently working on developing
Grimm is currently hiring people, do you want to get paid to develop security training platforms ?
then Grimm is the place for you!
External links:
https://twitch.tv/j0hnnyxm4s
https://twitter.com/J0hnnyXm4s/
https://www.youtube.com/c/JohnnyXmas/
https://github.com/johnnyxmas/Talk_Decks/tree/master/2019/Sorry%20about%20your%20WAF
https://ghost.express/
https://www.cnbc.com/2020/05/07/zoom-buys-keybase-in-first-deal-as-part-of-plan-to-fix-security.html
https://www.twitch.tv/mr_horologist
https://twitter.com/cigarsec
https://www.icsvillage.com/
https://www.grimm-co.com/careers
https://en.wikipedia.org/wiki/Venmo
https://www.technowize.com/grindr-security-flaw-lets-anyone-hijack-user-accounts/
https://en.wikipedia.org/wiki/Principle_of_least_privilege
https://en.wikipedia.org/wiki/Branched-chain_amino_acid
https://opihr.com/
https://en.wikipedia.org/wiki/Sub7
https://nmap.org/book/man-nse.html
https://en.wikipedia.org/wiki/Less_Than_Jake
https://en.wikipedia.org/wiki/Oh,_Sleeper
https://luminati.io/
https://selenium.dev/
https://blog.firosolutions.com
25 episodes
Share
