Breaking Down Security podcast

2016-037: B1ack0wl, Responsible Disclosure, and embedded device security


Share this Podcast



MyCast Subscription

Breaking Down Security podcast

Description: A podcast all about the world of Security, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake and Brian Boettcher teach concepts that aspiring Information Security Professionals need to know, or refresh the m

Most Recent Post

2016-037: B1ack0wl, Responsible Disclosure, and embedded device security

Play Download media

Have you ever found a #vulnerability and wondered if it was worth the time and effort to reach back to the company in question to get the fix in?

This week, we have a story with Mr. "B1ack0wl" who found a vulnerability with certain #Belkin #embedded network devices for end users...  We also find out how B1ack0wl learned his stock and trade.

Find out how he discovered it, and what steps he took to disclose the steps, and what ended up happening to the finding.  -- #embedded device hacking blog -- #wargame site #B1ack0wl mentioned

Direct Link:





Comments, Questions, Feedback:

Support Brakeing Down Security #Podcast on #Patreon:

#Twitter: @brakesec @boettcherpwned @bryanbrake



#Player.FM :

#Stitcher Network:

#TuneIn Radio App:



Last 5 Posts

2016-036: MSSP pitfalls, with Nick Selby and Kevin Johnson

Play Download media
Nick Selby (@nselby on Twitter) is an independent consultant who works a wide variety of jobs.  During a recent engagement, he ran into an interesting issue after a company called him in to handle an incident response. It's not the client, it was with the Managed Security Service Provider (#MSSP)...

2016-035-Paul Coggin discusses the future with Software Defined Networking

Play Download media
Paul Coggin is my SME when I need to know about anything network #security related. And this time, we wanted to have him on our show to discuss Software Defined Networking (#SDN) Software defined networking allows for applications to make connections, manage devices and even control the network usin...

2016-034: Sean Malone from FusionX explains the Expanded Cyber Kill Chain

Play Download media
Another great #rejectedTalk we found was from Sean Malone (@seantmalone on Twitter). The Cyber Kill Chain is a method by which we explain the methodolgy of hackers and the process of hacking. In this discussion, we find Sean has expanded the #killchain, to be more selective, and to show the decision...

2016-033: Privileged Access Workstations (PAWs) and how to implement them

Play Download media
Bill V. (@blueteamer on Twitter) and was the 1st of a series we like to call "2nd Chances: Rejected Talks". Bill had a talk that was rejected initially at DerbyCon (later accepted after someone else cancelled)  Here is the synopsis of his talk that you can now see at DerbyCon: Privileged Access Wor...

2016-032-BlackHat-Defcon-Debrief, Brakesec_CTF_writeup, and blending in while traveling

Play Download media
Co-Host Brian Boettcher went to BlackHat and Defcon this year, as an attendee of the respective cons, but also as a presenter at "Arsenal", which is a venue designed to show up and coming software and hardware applications. We started off by asking him about his experiences at Arsenal, and how he fe...

Guest Book

Subscribe & Follow