Home 0P3N Blog Hector Monsegur, on being a reformed "Black Hat"
Ready to Start Your Career?
Create Free Account
BrBr s profile image
By: BrBr
March 14, 2016

Hector Monsegur, on being a reformed "Black Hat"

By: BrBr
March 14, 2016
BrBr s profile image
By: BrBr
March 14, 2016

Hector Monsegur has had a colorful history. A reformed black hat who went by the name 'Sabu' when he was involved in the hacker collectives "Lulzsec" and "Anonymous", he turned state's evidence for the FBI, working to stop further hacking attempts by the same people he was previously working with. This week, we got to sit down with Hector, to find out what he's been doing in the last few years. Obviously, a regular job in the security realm for a large company is not possible for someone with a colorful past that Mr. Monsegur has. So we discuss some of the methods that he's used to make ends meet.

[embed]https://traffic.libsyn.com/brakeingsecurity/2016-011-Hector_Monsegur-bug_bounties-serialization.mp3[/embed]Download Here: http://traffic.libsyn.com/brakeingsecurity/2016-011-Hector_Monsegur-bug_bounties-serialization.mp3iTunes Direct Link: https://itunes.apple.com/us/podcast/2016-011-hector-monsegur-serialization/id799131292?i=364768504&mt=2https://en.wikipedia.org/wiki/Hector_MonsegurHector brought us to the topic of bug bounties. Do they accomplish what they set out to do? Are they worth the effort companies put into them? And how do you keep bounty hunters from going rogue and using vulnerabilities found against a company on the side?In an effort to satisfy my own curiosity, I asked Hector if he could explain what a 'serialization' vulnerability is, and how it can be used in applications. They are different than your run of the mills, every day variety OWASP error, but this vulnerability can totally ruin your day...https://www.contrastsecurity.com/security-influencers/java-serialization-vulnerability-threatens-millions-of-applicationshttps://securityintelligence.com/one-class-to-rule-them-all-new-android-serialization-vulnerability-gives-underprivileged-apps-super-status/Finally, we ask Hector Monsegur some advice for that 'proto black hat' who is wanting to head down the road that Hector went. The answer will surprise you...We hope you enjoy this most interesting interview with a enigmatic and controversial person, and hope that the information we provide gives another point of view into the mind of a reformed "black hat" hacker... Comments, Questions, Feedback: bds.podcast@gmail.comSupport Brakeing Down Security using Patreon: https://www.patreon.com/bds_podcastRSS FEED: http://www.brakeingsecurity.com/rssOn#Twitter: @brakesec @boettcherpwned @bryanbrake#Facebook: https://www.facebook.com/BrakeingDownSec/#Tumblr: http://brakeingdownsecurity.tumblr.com/Google Play Store: https://play.google.com/music/podcasts/portal/#p:id=playpodcast/series&a=100584969Player.FM : https://player.fm/series/brakeing-down-security-podcastStitcher Network: http://www.stitcher.com/s?fid=80546&refid=stprTuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/#infosec, #blackhat, hector #monsegur, #hacker, #anonymous, #lulzsec, #FBI, #Sabu, #serialization, #bug #bounties, #hackerone, #bugcrowd, #podcast, #de-serialization, #penetration tests, #social #engineering, #CISSPhector
Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry