It’s also probably the most common type of breach. It’s way easier to compromise tech support than find a vulnerability, so it makes a ton of sense for a company like Blizzard to have an auditing team to test the various attack vectors.
A lot of roles like QA and cyber security sound glamorous, but that’s because people like glamorous titles. If you’ve spent even a tiny amount of time working in a relevant industry (in this case, anything touching computers), you should be able to read between the lines. That “sanitation engineer” is probably just a janitor or garbage truck driver, not the person in charge of the city water filtration services or something.
scavenger hunt badge
I haven’t been, but yeah, that sounds likely. Things like that are to get people new to the industry excited, not to actually challenge hardcore hackers.
I’ve attended and even spoken at some tech conferences, and they’re like 90% entry level stuff with a handful of interesting events and talks that actually break some new ground. I’m in senior level position now, and conferences are something I’d send my juniors to for networking and to get an idea of how they want to grow their career, but I don’t really attend anymore. I imagine cyber security conferences are similar.
Ask him what SYN, SYN-ACK and ACK are
Lol, that’s basic TCP stack stuff, I doubt he would’ve gone that low level at a company like Blizzard. You get to that level when you’re looking for amplification attacks at a place like Cloudflare or the military.
At Blizzard, they most likely want to make sure they’re up to date on security patches, their tech support is following the proper scripts, and IT isn’t getting lazy reviewing reports and whatnot. Basically, liability coverage in case there’s a real breach so their insurance can cover any losses.
But yeah, streamers like to appear like they know their stuff because that’s what gets people to watch.
It’s also probably the most common type of breach. It’s way easier to compromise tech support than find a vulnerability, so it makes a ton of sense for a company like Blizzard to have an auditing team to test the various attack vectors.
Yep, absolutely.
The uh, funniest one that sticks in my memory was the hack of basically an early build of GTA 6.
Somebody social engineered their way into someone at Rockstar who had some level of admin acces, I think via fake / intercepted and reformed 2FA auths to the target’s phone, along with some spear phishing.
Then, they were proficient enough to exploit thier way throughout the intranet… but not smart enough to cover all their tracks.
A lot of roles like QA and cyber security sound glamorous, but that’s because people like glamorous titles. If you’ve spent even a tiny amount of time working in a relevant industry (in this case, anything touching computers), you should be able to read between the lines.
You would think this, but everywhere I have worked in the industry… most people cannot infact read between the lines.
I’ve attended and even spoken at some tech conferences, and they’re like 90% entry level stuff with a handful of interesting events and talks that actually break some new ground.
Impressive!
I’ve been to some, never spoken though… also, not DEFCON though.
I imagine cyber security conferences are similar. (mostly exist for networking)
I agree.
But yeah, streamers like to appear like they know their stuff because that’s what gets people to watch.
Yeah, but Thor takes it to an uncommon point of basically being a conman, with his so much of his reputation built, by himself, on vastly overstated credentials.
Its like getting a 2 year nursing assistant degrer and then acting as if you can safely perform a brain surgery.
ve been to some, never spoken though… also, not DEFCON though.
Yeah, I’ve spoken at local JS and Go confs with several hundred to a couple thousand attendees (my sessions were small, like 30 people), and attended a couple others.
DEFCON is much larger, but looking at the schedule, it seems pretty similar, a mix of relatively entry level stuff and more advanced topics. So someone attending doesn’t say much other than that they’re interested in cyber security.
Its like getting a 2 year nursing assistant degrer and then acting as if you can safely perform a brain surgery.
Interesting. I haven’t watched enough of his stuff to know what claims he’s made.
It’s also probably the most common type of breach. It’s way easier to compromise tech support than find a vulnerability, so it makes a ton of sense for a company like Blizzard to have an auditing team to test the various attack vectors.
A lot of roles like QA and cyber security sound glamorous, but that’s because people like glamorous titles. If you’ve spent even a tiny amount of time working in a relevant industry (in this case, anything touching computers), you should be able to read between the lines. That “sanitation engineer” is probably just a janitor or garbage truck driver, not the person in charge of the city water filtration services or something.
I haven’t been, but yeah, that sounds likely. Things like that are to get people new to the industry excited, not to actually challenge hardcore hackers.
I’ve attended and even spoken at some tech conferences, and they’re like 90% entry level stuff with a handful of interesting events and talks that actually break some new ground. I’m in senior level position now, and conferences are something I’d send my juniors to for networking and to get an idea of how they want to grow their career, but I don’t really attend anymore. I imagine cyber security conferences are similar.
Lol, that’s basic TCP stack stuff, I doubt he would’ve gone that low level at a company like Blizzard. You get to that level when you’re looking for amplification attacks at a place like Cloudflare or the military.
At Blizzard, they most likely want to make sure they’re up to date on security patches, their tech support is following the proper scripts, and IT isn’t getting lazy reviewing reports and whatnot. Basically, liability coverage in case there’s a real breach so their insurance can cover any losses.
But yeah, streamers like to appear like they know their stuff because that’s what gets people to watch.
Yep, absolutely.
The uh, funniest one that sticks in my memory was the hack of basically an early build of GTA 6.
Somebody social engineered their way into someone at Rockstar who had some level of admin acces, I think via fake / intercepted and reformed 2FA auths to the target’s phone, along with some spear phishing.
Then, they were proficient enough to exploit thier way throughout the intranet… but not smart enough to cover all their tracks.
You would think this, but everywhere I have worked in the industry… most people cannot infact read between the lines.
Impressive!
I’ve been to some, never spoken though… also, not DEFCON though.
I agree.
Yeah, but Thor takes it to an uncommon point of basically being a conman, with his so much of his reputation built, by himself, on vastly overstated credentials.
Its like getting a 2 year nursing assistant degrer and then acting as if you can safely perform a brain surgery.
Yeah, I’ve spoken at local JS and Go confs with several hundred to a couple thousand attendees (my sessions were small, like 30 people), and attended a couple others.
DEFCON is much larger, but looking at the schedule, it seems pretty similar, a mix of relatively entry level stuff and more advanced topics. So someone attending doesn’t say much other than that they’re interested in cyber security.
Interesting. I haven’t watched enough of his stuff to know what claims he’s made.