#107 Niall Merrigan, Hacking, Bug Bounties and Responsible Disclosure

Summary
Niall Merrigan, security researcher tells me about bug hunting and the best hacks he has seen.

Details
Who he is, what he does. Bug hunting, crowd sourcing the hunters, bug bounties, should you invite attacks on production, Hacker One and Bug Crowd. IoT is the most attacked software; smart cars, aircraft. Security.txt. Responsible disclosure, what do if you find a bug, Niall's experience when reporting a particular bug. Even when bugs are known and acknowledged they are not necessarily fixed; industry code systems, hacks designed to kill. Is every hack is a "sophisticated hack", the @mat hack. Are you a target for hacks. The most impressive hack Niall has seen. Physical access to device, hak5 rubber duckie. Supply chain injection*. Hacking a cat.

* We recorded this episode before the Super Micro story broke.

Links
Niall's homepage
Niall's Twitter

Download mp3 of podcast

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.