ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Security Headlines with Johnny Xmas"
Episode Synopsis
In this episode of Security Headlines, we are joined by
the Hacker Johnny Xmas. Johnny is a very interesting character
with a lot of fun projects behind him.
Join us as we get to hear Johnny's stories as we deep dive
into this weeks episode of Security Headlines:
## Venmo
After giving a talk about it and releasing software that made everyone
able to easily abuse this, Luckily venmo took action and limited the
amount of data avaliable. Johnny found a way to generate api keys with
just making a simple request to the
## Bypassing Webb application firewalls
A lot of firewalls just focus on IP filtering which is a huge problem
when, in todays world it is really easy and cheap for a consumer
to aquire a large sets off ip addresses.
One provider of proxied ip addresses is Hola VPN that lets their free
users act as exit nodes that they sell using platforms such as luminate.
Other people have adopted this approach but with mobile development toolkits.
## Grimm
Johnny is currently working for the security engineering firm Grimm, a company known for its involvement in the ICS(Industrial control system) security work.
Currently working on developing
Grimm is currently hiring people, do you want to get paid to develop security training platforms ?
then Grimm is the place for you!
External links:
https://twitch.tv/j0hnnyxm4s
https://twitter.com/J0hnnyXm4s/
https://www.youtube.com/c/JohnnyXmas/
https://github.com/johnnyxmas/Talk_Decks/tree/master/2019/Sorry%20about%20your%20WAF
https://ghost.express/
https://www.cnbc.com/2020/05/07/zoom-buys-keybase-in-first-deal-as-part-of-plan-to-fix-security.html
https://www.twitch.tv/mr_horologist
https://twitter.com/cigarsec
https://www.icsvillage.com/
https://www.grimm-co.com/careers
https://en.wikipedia.org/wiki/Venmo
https://www.technowize.com/grindr-security-flaw-lets-anyone-hijack-user-accounts/
https://en.wikipedia.org/wiki/Principle_of_least_privilege
https://en.wikipedia.org/wiki/Branched-chain_amino_acid
https://opihr.com/
https://en.wikipedia.org/wiki/Sub7
https://nmap.org/book/man-nse.html
https://en.wikipedia.org/wiki/Less_Than_Jake
https://en.wikipedia.org/wiki/Oh,_Sleeper
https://luminati.io/
https://selenium.dev/
https://blog.firosolutions.com
the Hacker Johnny Xmas. Johnny is a very interesting character
with a lot of fun projects behind him.
Join us as we get to hear Johnny's stories as we deep dive
into this weeks episode of Security Headlines:
## Venmo
After giving a talk about it and releasing software that made everyone
able to easily abuse this, Luckily venmo took action and limited the
amount of data avaliable. Johnny found a way to generate api keys with
just making a simple request to the
## Bypassing Webb application firewalls
A lot of firewalls just focus on IP filtering which is a huge problem
when, in todays world it is really easy and cheap for a consumer
to aquire a large sets off ip addresses.
One provider of proxied ip addresses is Hola VPN that lets their free
users act as exit nodes that they sell using platforms such as luminate.
Other people have adopted this approach but with mobile development toolkits.
## Grimm
Johnny is currently working for the security engineering firm Grimm, a company known for its involvement in the ICS(Industrial control system) security work.
Currently working on developing
Grimm is currently hiring people, do you want to get paid to develop security training platforms ?
then Grimm is the place for you!
External links:
https://twitch.tv/j0hnnyxm4s
https://twitter.com/J0hnnyXm4s/
https://www.youtube.com/c/JohnnyXmas/
https://github.com/johnnyxmas/Talk_Decks/tree/master/2019/Sorry%20about%20your%20WAF
https://ghost.express/
https://www.cnbc.com/2020/05/07/zoom-buys-keybase-in-first-deal-as-part-of-plan-to-fix-security.html
https://www.twitch.tv/mr_horologist
https://twitter.com/cigarsec
https://www.icsvillage.com/
https://www.grimm-co.com/careers
https://en.wikipedia.org/wiki/Venmo
https://www.technowize.com/grindr-security-flaw-lets-anyone-hijack-user-accounts/
https://en.wikipedia.org/wiki/Principle_of_least_privilege
https://en.wikipedia.org/wiki/Branched-chain_amino_acid
https://opihr.com/
https://en.wikipedia.org/wiki/Sub7
https://nmap.org/book/man-nse.html
https://en.wikipedia.org/wiki/Less_Than_Jake
https://en.wikipedia.org/wiki/Oh,_Sleeper
https://luminati.io/
https://selenium.dev/
https://blog.firosolutions.com
More episodes of the podcast Security Headlines
Introducing Hacker Talk
03/03/2022
Fuzzing with Patrick Ventuzelo
24/10/2021
Osint Special with Jay Townsend
17/08/2021
Security Headlines with Kolja Weber
19/01/2021
ChalmersCTF with Michael Dubell
17/12/2020
Security Headlines with Antoine Jacoutot
04/12/2020
DynaGuard Special
30/11/2020
Security Headlines with Jonas Lejon
20/11/2020
Security Headlines with Johan Rydberg Moller
13/11/2020
Security Headlines with Eijah
06/11/2020
In God we trust