- 27
- 88 994
Hacking Matters
Germany
เข้าร่วมเมื่อ 30 ม.ค. 2023
Welcome to Hacking Matters, your ultimate destination for cybersecurity education and best practices.
DORA Regulation EXPLAINED in Simple Terms
Explore the implications of the EU’s Digital Operational Resilience Act (DORA) and the NIS2 Directive on cybersecurity. This video breaks down how these regulations aim to strengthen digital resilience across financial and critical infrastructure sectors, highlighting key requirements and potential vulnerabilities organizations must address to ensure compliance and security.
Subscribe to Hacking Matters for more insights: t.ly/pHLqG
LinkedIn: www.linkedin.com/in/karsten-nohl/
Subscribe to Hacking Matters for more insights: t.ly/pHLqG
LinkedIn: www.linkedin.com/in/karsten-nohl/
มุมมอง: 219
วีดีโอ
Make your backups ransomware-proof
มุมมอง 2.7K14 วันที่ผ่านมา
The five essential security processes: patching, hardening, identity management, vulnerability management, and backup and recovery. Today we speak about 𝐛𝐚𝐜𝐤𝐮𝐩 𝐚𝐧𝐝 𝐫𝐞𝐜𝐨𝐯𝐞𝐫𝐲. There are three critical practices: 𝘀𝘁𝗼𝗿𝗶𝗻𝗴 𝗱𝗮𝘁𝗮 where ransomware cannot access it, 𝗯𝗮𝗰𝗸𝗶𝗻𝗴 𝘂𝗽 both data and configuration settings, and regularly practicing 𝗿𝗲𝗰𝗼𝘃𝗲𝗿𝘆. Additionally, the importance of red teaming exercises f...
Must Watch CCC Hacking Talks for the Holidays!
มุมมอง 2.5K21 วันที่ผ่านมา
Looking for inspiration this holiday season? Check out these must-watch Chaos Computer Club (CCC) hacking talks! Subscribe to Hacking Matters for more insights: t.ly/pHLqG LinkedIn: www.linkedin.com/in/karsten-nohl/ CCC Conference links: Talk 1: th-cam.com/video/RifYnSKSkvk/w-d-xo.html&ab_channel=28c3 Talk 2: th-cam.com/video/FJmtju0Gnls/w-d-xo.html&ab_channel=AllHackingCons Talk 3: th-cam.com/...
How SS7 Hacking EXPOSES Your Private Data
มุมมอง 2.5Kหลายเดือนก่อน
Discover how SS7 vulnerabilities leave your private data exposed to hackers. Learn the shocking methods used to intercept calls, SMS, and location data-and how to protect yourself. Stay informed and safeguard your privacy in an increasingly connected world. Veritasium study: th-cam.com/video/wVyu7NB7W6Y/w-d-xo.html&ab_channel=Veritasium Mobile security study: th-cam.com/video/nRdJ0vaQt0o/w-d-xo...
First month in identity management
มุมมอง 2.5Kหลายเดือนก่อน
Let's walk through critical steps like federating identities, securing access with multi-factor authentication, and consolidating access for a streamlined, zero-trust system. Identity is the key parameter in modern security. LinkedIn: www.linkedin.com/in/karsten-nohl/ Subscribe to Hacking Matters for more insights: t.ly/pHLqG Timestamps: 0:37 Identity management becomes important 1:17 Steps in ...
How to develop a Hacking Mindset
มุมมอง 1.9Kหลายเดือนก่อน
Becoming a skilled hacker it’s more than just technical knowledge-it’s a mindset. If you’re curious about how things work and want to understand how to influence them, you’re already on the right path. Subscribe to Hacking Matters channel: t.ly/pHLqG LinkedIn: www.linkedin.com/in/karsten-nohl/ 0:50 What's the hacking mindset 01:19 Ability to program 02:10 Community & Target 03:15 Understanding ...
Cyber defence funnel
มุมมอง 2.5Kหลายเดือนก่อน
Cyber security is a journey, not a project. We need to set our expectations accordingly. Renowned hacker and experienced CISO Karsten Nohl outlines what level of security is realistic and practical to achieve: Keeping "99%" of hacking groups out. LinkedIn: www.linkedin.com/in/karsten-nohl/ Subscribe to Hacking Matters for more insights: t.ly/pHLqG Timestamps: 0:36 Setting achievable goals at cy...
How to create effective Risk Acceptances
มุมมอง 2.2Kหลายเดือนก่อน
Risk acceptances are essential for balancing innovation and security. This video explores how to enable experimentation, focus on provable risks, and secure your baseline. Discover best practices, including creating a risk-friendly environment and using structured risk acceptance forms to make informed decisions. Achieve growth while maintaining security in balance. Subscribe to Hacking Matters...
Security vs Innovation
มุมมอง 2.8K2 หลายเดือนก่อน
In this video, we dive into the delicate balance between 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 and 𝗶𝗻𝗻𝗼𝘃𝗮𝘁𝗶𝗼𝗻, exploring how these two forces often conflict but are both essential in today’s tech landscape. We’ll discuss why cutting-edge advancements can sometimes create vulnerabilities, and how security measures can slow down innovation. Learn strategies for achieving a balance that drives growth without compromising safe...
Effective Cyber Certifications
มุมมอง 2.6K2 หลายเดือนก่อน
In this video, we break down the critical role of 𝗰𝗲𝗿𝘁𝗶𝗳𝗶𝗰𝗮𝘁𝗶𝗼𝗻𝘀 in the cybersecurity industry and why they matter - but that’s not all. While certifications like CISSP and OSCP are important, we also explore why hands-on experience remains unmatched. Learn how the right mix of formal credentials and practical know-how can set you apart in a competitive field. Subscribe to Hacking Matters chann...
Post intrusion
มุมมอง 3.2K2 หลายเดือนก่อน
We arrive to the final stage of a hacking incident: 𝘁𝗵𝗲 𝗿𝗲𝘀𝗽𝗼𝗻𝘀𝗲. Learn how to prioritize your defense against criminal hackers, manage ransomware attacks, and handle crisis communication with your stakeholders. Discover tips on negotiating with hackers, limiting the damage of a data breach, and involving cyber insurance experts in your defense. Subscribe to Hacking Matters channel: t.ly/pHLqG ...
Lateral movement
มุมมอง 2.1K2 หลายเดือนก่อน
We arrive to the lateral movement phase of a hacking journey. Learn how hackers extend their access across corporate networks and how defenders can leverage detection and defense tools to prevent further intrusion. 2022 research on EDR: th-cam.com/video/CKfjLnEMfvI/w-d-xo.htmlsi=ZP7n6FqHC_34HoJJ Subscribe to Hacking Matters channel: t.ly/pHLqG LinkedIn: de.linkedin.com/in/karsten-nohl 0:44 Late...
Initial intrusion
มุมมอง 3K3 หลายเดือนก่อน
Now, we dig deeper into the simplified hacking kill chain. Today's topic: 𝗶𝗻𝗶𝘁𝗶𝗮𝗹 𝗶𝗻𝘁𝗿𝘂𝘀𝗶𝗼𝗻. From overlooked patches on VPNs and firewalls to internal protocols unnecessarily exposed to the Internet, we cover it all. Learn why hackers focus on scalable attacks, the importance of regular vulnerability scanning, and best practices for patch management. Subscribe to Hacking Matters channel: t.ly/p...
Simplified Hacking Kill Chain
มุมมอง 2.3K3 หลายเดือนก่อน
Ever wondered how cybercriminals infiltrate organizations? It’s not like the movies. In this video, we break down the Hacking Kill Chain - a step-by-step guide to how hackers work their way into systems: 1️⃣ Initial Intrusion - The first breach 2️⃣ Lateral Movement - Spreading through the network 3️⃣ Mission Accomplished - Achieving their hacking goals ⏱ Early detection is critical to stopping ...
Building Security Teams
มุมมอง 3.1K3 หลายเดือนก่อน
Discover the security teams inside a organisation: Security Advisory, Security Operations, Security Assurance and Security Compliance. Subscribe to Hacking Matters channel: t.ly/pHLqG LinkedIn: www.linkedin.com/in/karsten-nohl/ 00:50 Teams of a security organisation 01:21 Security Advisory 2:11 Security Operations 2:45 Security Assurance 3:20 Security Compliance 4:50 Security Team example #cybe...
Getting security operations underway - Hacking Matters
มุมมอง 5K4 หลายเดือนก่อน
Getting security operations underway - Hacking Matters
Must have security tools - Hacking Matters
มุมมอง 5K4 หลายเดือนก่อน
Must have security tools - Hacking Matters
Network segregation done right - Hacking Matters
มุมมอง 2.6K5 หลายเดือนก่อน
Network segregation done right - Hacking Matters
Vulnerability management done right - Hacking Matters
มุมมอง 7K5 หลายเดือนก่อน
Vulnerability management done right - Hacking Matters
Patching done right - Hacking Matters
มุมมอง 4.5K5 หลายเดือนก่อน
Patching done right - Hacking Matters
5 baseline security processes - Hacking Matters
มุมมอง 2.9K6 หลายเดือนก่อน
5 baseline security processes - Hacking Matters
is it safe to insert a recovery/external drive into a PC infected with a ransomware ? like is there a chance that even if you were to boot from the external drive the ransomware will load on the kernel level and infect the external drive ?
I have exploited SS7 vulnerability in Spain 🇪🇸 and Asia region, I Intercepted calls and sms and shown them how vulnerability still exists but they took any action so I sold the SS7 Service to some script kiddies and now they just keep donating me some amout every day in btc 😂😂😂😂😂
Love it
Thanks for this. It's at once fascinating and frightening. I'm wondering if you have looked into what steps US telcos are taking to remedy these vulnerabilities.
Thank you for an excellent explanation of a serious problem that many executives and policy makers have chosen to ignore. Would you care to express an opinion on the almost total indifference to the GSMA's code of conduct for leasing Global Title? Are there legitimate business reasons for telcos to refuse to sign, or is the UK regulator correct in wanting to set a global precedent by effectively mandating the code for businesses under their jurisdiction?
Great analysis, thank you! I have a quick question: My OKX wallet holds some USDT, and I have the seed phrase. (alarm fetch churn bridge exercise tape speak race clerk couch crater letter). How can I transfer them to Binance?
Juni
BG Music is irritating
Hi, great video! You mentioned, that you'll link to more videos on honeypots and zero trust. Could you add those? Thank you!
Good Information, appreciate your insight into the role of a CISO! God Bless!
interesting . Thanks for explaining this topic.
nice, didn't even know cis benchmarks existed
CIS is a wealth of information! Just keep in mind that you'll never be compliant with all their recomms ... It's more a collection of suggestions :)
😮
That s so good. i have question about ai. can ai reaplace cybersecurity ?
Thanks for the nice feedback! For the moment, AI tools complement cyber. They act as co-pilots for both hackers and defenders. The potential for defenders is probably larger, but only time will tell :)
Great content. Greetings from Brazil 🫶
Thank you, Rodrigo! Means a lot coming from you. Let's catch up :)
________---🎉❤---________
Network segregation 😮😮😮
Hey I saw your post on Upwork Platform, I wasn't able to text there. I am texting you here. I am interested in work please let me know if you want to work. I can provide you my previous work as well. Please let me know. Thanks.
I have a hacker right now
Let's try to start a discussion. Karsten, you choose four points from Prevention and then take one topic from Recovery, jumping over Detection and Reaction. Let's say we're talking about cycling safety. And you say: to minimise the risk of cycling you need a good helmet, good brakes, good tyres that don't slip in the rain and good health insurance to put your teeth in after a bad fall. This is how "patching" and "recovery" sound to me in one context.
Well said, Boris! The main point is: Don't upgrade your brakes as long as you have no helmet. Always focus on the weakest capability first :)
@@Karsten_Nohl good idea, got it :) But my point was: we should not mention BCM as one part of Cyber Security. BCM is actually as big and as challenging as entire Infosec and it's a separate job with dedicated ISO 22301 norm etc. If CISOs had a union, it would have to fight for a number of things: no, we won't be reporting to CIO and no, we won't consider BCM as one of the things on our agenda...
@@borisawdejew2556 Agreed! Security is a team sport; the CISO is the Libero, but others need to play, too, in order to win (most of the time).
Thanks for new video, Karsten! Keep going :-)
Thank you, Boris! This means a lot to me!~
Could not have framed it better myself. Thanks.
Thank you very much, Suva!~ Glad we got a chance on work on this together :)
I think the core takeaway is schedule time to do patching, not just doing them as needed.
Well summarized, Matt! Patching becomes overwhelming unless you plan for it.
Do we need a workout on golden images? 🤔
Absolutely! A golden image is like giving vaccines to babies. Protects from many threats for many years.
Thought-provoking ideas! Thanks for sharing.
Lovely video! The person who took the video seems pretty skilled 😉
Very nice work, Bhai Sankalp! 🙏