Cybersecurity Expert Answers Hacking Questions From Twitter | Tech Support | WIRED

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi I'm Amanda Russo aka Maori unicorn and I'm an offensive security engineer and this is hacking support this Twitter user cloud opening ass at this point hackers know everything there is to know about every one of us why do we need passwords now why keep going to the gym if you're gonna die anyways passwords are kind of a necessary evil and hackers really don't know everything about you it all depends if you put that information out there on the Internet Congrats I know what a white hat is I know what a black hat is what is a Red Hat angry hacker I don't think I've heard the term red hat hacker before when you're a white hat hacker you have for good a lot of people in the security industry are white hat hackers and then for the cyber criminals they we call them black hats there's also this other term called grey hat where they could be a IT admin during the day while moonlight as a black hat during the night hacker for life ass maurer unicorn how do you even begin learning and exceeding in this field I'm trying to become a penetration tester need inspiration so a pen tester is kind of like an attacker that goes and checks all of the external ports any openings within someones network but if you really want to be a penetration tester there's a lot of content out on the web right now courses workshops they even have events at a conferences where you can meet other people in the field you can find a mentor learn from them they would point you in the right direction I feel like the hacker culture is pretty open and diverse so there's a lot of content out there malware is the worst what is this purpose other than wasting my time usually malware is going after money and if anything you're considered collateral damage when Maur is delivered they're usually just spraying that all the malware too many people as possible so it may not be intended for you I think of malware as like a fashion trend you know there's different malware every season every quarter and you have to stay in fashion and I'm trying all the time when you think about older malware that you Soaker a couple years ago sometimes it comes back in fashion this Twitter user name is Jessica Alba is an interesting choice for hacking how do hackers decide who they're going to target Jessica Alba's a beautiful woman and she's also celebrity so she sounds like a great shiny object for cyber criminals to go after but a lot of them have different motivations that could include money is probably the biggest one another one would be reputation it would be like haha I hacked this person it could be information kind of like corporate espionage and then we have destruction which is kind of rare basically it is they try to destroy all the systems to put that company out of business Kylie Minaj asks why do they make the login process for your student loan aid so difficult and tedious if some hackers want to break into my account and pay off all my student loans please don't make it difficult for them you all are gonna ruin this for me let them run wild in there Kylie these hackers are not going to go and pay off your debt if anything they were going to go into the system to pay off their tuition so a lot of these controls are in place to hinder hackers like that to get into your account it's an unfortunate thing to do but you know it's necessary axel blazing ass speaking of what is even the point of these bot accounts that follow you but well that's it no messaging or anything no spam just follow like sake it's done well these accounts are doing something that may not pertain to you what we call it account aging so what that means is they're trying to bypass a lot of automated detection from social media that they have in place to look for fake accounts and so by tweeting or messaging or making any type of action they're trying to bypass the Texan to look more like a legitimate account this Twitter user Andrew Chiqui asks what will they think of next is there anything that has been courted in the last decade that hackers haven't found a vulnerability can do some damage if you think about your fridge at home being able to connect to the Wi-Fi or your pressure cooker being able to connect to the app on your phone a lot of these devices are developed in a way where they're looking for the lowest possible cost of manufacturing so when they get to the security part it's kind of like an afterthought so until things change we're gonna still have these problems with IOT Twitter users sift Basque Maori unicorn what should my first step be in the bugging should I just get a file in a book and start doing the best way is to just jump right in think about it as riding a bike it takes time it takes practice but eventually you'll get it there's a different debugger for every operating system but they're not easy to learn unless you start you know just doing it yourself and training yourself and practicing like I don't remember every single command in the Bogert I have to use a cheat sheet Twitter user storm wolf my awesome boss says that I can request to change my job title to whatever I want it to be in our company profile obviously safe for work could anything random like Pokemon hacker or cybersecurity wizard what do you guys think it should be well I can see you just said obviously safer work so I think you shouldn't just name yourself safe forward this Twitter user sub-8 you ass your Smart TV and your video streaming apps are collecting and sharing tons of data just because it can how long before we can start having embedded cameras that malware's triggers surreptitiously I have unfortunate news for you this has been happening - six years and it's going to continue to happen so too late for you Allison eight two seven one eight six eight five that's a mouthful why do you hate C sharp and his handle looks like a bot I don't hate C sharp C sharp hates me the only one of you asks why can't hackers do anything useful like leak Taylor's recordings of babe and better man grow up hackers if you don't already know Taylor Swift has an alter ego that we call Swift on security and she's considered a security Pro in the cyber security industry so no one actually wants to hack her but if you're in the know and who do you know who that is then you know who it is this Twitter user zero pone asks can we stop calling people who DDoS hackers Journal's why the hell do you even call them hackers to begin with looking for legitimate answers as I'm confused as hell let me set the record straight there's a difference between hacker and a cyber criminal so if we were to refer to the bad guys I would rather prefer to call them a cyber criminal there's a lot of people in the security industry that considered themselves hackers there's a lot of people that hack for good WM Ramadan asked morena corn I have a simple yet daunting question why do you use a Mac for your security work I mean a lot of people argue the fact that Linux is a way to go in terms of security Mac is similar to Linux think about two different brands of cars they look different on the outside but they could be sharing the same chassis underneath there's not a lot of malware out there for Mac and Linux I mean it's there but you know currently most of them ours on Windows the bishop or Josh Harris 25 what is the point of spam emails are they profiting from it what do they gain from spending random unnecessary emails when people send out spam emails they're sending it to thousands and thousands of targets say you had a million emails sent out and they're requesting $1 these cyber criminals are expecting that 1% will actually bite a lot of these cyber criminals will treat this as a business so it becomes very lucrative for them cyber tooth marry and corn if you would or create a time line for an incident what would it look like just curious because your design skills are cray-cray well a lot of people don't know this but before I got into computer science I was actually pursuing a degree in graphic design so a lot of it from my time doing that carries over into my work back when I used to work at the Department of Defense I used to create these 3d videos to describe different type of network layouts I didn't know 3d design at the time so I spent a weekend taught myself and the next day started you know making content if you can make things look nice and be able to communicate the actual abstract content it helps don't look ass yeah but bad pickup lines and phishing really any different low effort easy reuse and rarely do you get a success I really think fishing is more effective than saying a pick-up line I've Vlad Dalvi I studied one a car i case in NHS hospital a disaster seemed totally preventable why didn't they patch were they lazy stupid in the case of this incident a hospital in the UK was under a ransomware attack it happened because they didn't upgrade their servers or their computers and this is the whole reason why upgrading is really important but when you think about it some of these infrastructures like hospital or a power plant a lot of them cannot experience any downtime so when you do do an upgrade you have to shut down the systems for a little while Hiero 7:33 asks as someone who doesn't work in InfoSec what are red and blue team I'm assuming red are the pen testers these terms actually come from the military where they would perform military operations they have a team that acts as the red team doing the attacks and the blue team serves as defense team similar to what we have in cybersecurity and that the red team is attacking the blue team's systems the whole point of what the red team does is to enumerate holes within a network we want to find the holes before the bad actors do you think of it like we're sparring partners so we're really not there to antagonize a blue team or anything like that we really want to work together with the blue team roots asylum hacker kid interviewed his mom about what it's like to build a career in InfoSec something Def Con parents often think about how do we inspire kids to go into the space and see it for the fun and challenge that it is well when I was young I had no idea I was gonna be in this job I actually had to know that this job existed in order to actually go into it if there was a chance that at a career fair you would have someone who gets the hack for a living I think that would be a really cool thing to have you have to have the correct mentality to be in this industry the whole hacker mentality is creatively thinking outside the box solving a problem that's out of the standards or norms of what how it's supposed to execute if we kind of use that type of mentality in some of the content or workshops or anything that we reach out to these kids with it will kind of inspire them to want to solve problems in this field this Twitter user ARF Ness asks why do stock image hackers exclusively wear ski masks and hoodies well I think the photographer was going for a feel of an actual robber criminal but there is a reason to wear something on your face they're trying to hide their face from cameras or any type of identifier that will tribute them to a crime and why they're wearing hoodies I can imagine that some of these serving rooms are super cold they need to cover their ears if you don't already know you know some of us actually dress like this to work and I actually have a ski mask for all of my outfits and let me put it on for you guys and it's not complete without the glasses we're good to go it's time to hack this has been hacking a support with a manner or so you guys stay safe out there

Info

Channel: WIRED

Views: 1,431,247

Rating: 4.8796639 out of 5

Keywords: hacker, hacking, amanda rousseau, malware unicorn, malware unicorn hacker, amanda rousseau hacker, offensive security engineer, security, internet security, hacking support, hacker explains, hacker answers twitter questions, hacker answers questions, hacker wired, wired hacker, wired hacking, white hat, black hat, infosec, information security, web security, tech support, hacking tech support, tech support hacking, info security, wired

Id: b52cfb6lweU

Channel Id: undefined

Length: 11min 29sec (689 seconds)

Published: Thu Nov 07 2019