We're seeing a lot of attacks against large online assets that are being successfully executed by very under-skilled adversaries, very often children. Much of the reason behind this is due to very low-hanging vulnerabilities that are easily exploited combined with a prevalence of tools that make it a simple task for anyone with a bit of curiosity. In this Play by Play, you'll explore "the Internet of vulnerabilities", that is to draw awareness to how fundamentally flawed much of the Internet is.
Niall is a solutions architect and security professional based in Norway. He
specializes in Web Application, Network, and Social Engineering style attacks and can be found
travelling the world, telling people how these attacks work.
Troy Hunt is a Microsoft Regional Director and MVP for Developer Security. He's a regular conference speaker, frequent blogger at troyhunt.com and is the creator of the data breach notification service known as “Have I Been Pwned”.
Course Overview Welcome to this Play by Play with Pluralsight. A Play By Play is a series where we sit down with an expert and talk through a problem or topic in a very candid natural way. There's very minimal scripting. We just get down to business. In this Play by Play, I talk with my good friend and fellow security researcher, Niall Merrigan, about the Internet of Vulnerabilities. And what I really wanted to spend time showing you with Niall is just how many problems there are out there on the web. We show you how easy it is to find exposed connected devices. Everything from machines with Remote Desktop Protocol open to webcams to IoT things connected to the web. We go on to talk about just how easy it is to find vulnerable systems on the internet, not just vulnerable systems but step-by-step instructions about how to exploit them. And that can be done using a combination of Google and some easily accessible, freely available tools. We talk a lot about Wi-Fi, just how vulnerable our devices are, how much information they all share about us without us even knowing it. We even touch on the Wi-Fi rubbish bins. And, finally, the dark markets. They sound a lot scarier and inaccessible than what they actually are. Dark markets on the web are extremely prevalent and very easy to locate. This is a really practical somewhat scary Play by Play. I hope you enjoy watching it.