Aaron Tng, a Microsoft Student Ambassador and BlueHat Conference Speaker, joins Nic Fillingham on this week's episode of The BlueHat Podcast. Aaron shares how his curiosity during the pandemic in 2020, sparked by the surge in cyber-attacks, propelled him into the world of cybersecurity. Through dedicated self-learning and leveraging resources like the Microsoft Learn website, Aaron achieved multiple certifications, laying the foundation for his expertise in cybersecurity. Aaron is also passionate about the impact of Cybersecurity on society and actively promoting K-12 Cybersecurity Awareness and Education. He unveils his comprehensive four-point plan, which encompasses fundamental courses, advanced studies, educator training, and real-life internship opportunities. Aaron emphasizes the importance of moving beyond surface-level internet safety education, advocating for a deeper understanding of secure coding and threat modeling.

In This Episode You Will Learn:

• The different resources utilized for Aaron’s cybersecurity education
• Aspirations for the future of cybersecurity education
• How Aaron founded a student-led nonprofit called Cyber Secure it

Some Questions We Ask:

• What challenges did you face presenting to the Washington State Board of Education?
• How did you earn multiple cybersecurity certifications while still in high school?
• Why do you believe it's crucial to move beyond surface-level internet safety?

Resources:

View Aaron Tng on LinkedIn

View Wendy Zenone on LinkedIn

View Nic Fillingham on LinkedIn

Related Microsoft Podcasts:

• Microsoft Threat Intelligence Podcast
• Afternoon Cyber Tea with Ann Johnson
• Uncovering Hidden Risks

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Hosted on Acast. See acast.com/privacy for more information.

Dor Dali, Head of Security Research at Cyolo, joins Nic Fillingham on this week's episode of The BlueHat Podcast. They delve into Dor's journey into cybersecurity, from pranking friends as a teenager to his professional roles, including his involvement in the Blue Hat conference through GE, where he helped create the Capture The Flag (CTF) challenge. Dor details the vulnerabilities in the RDP protocol by closely following the protocol specifications and identifying discrepancies that led to security flaws. They detail a vulnerability related to RDP Gateway's UDP cookie authentication process, the implications of Dor's research for other security researchers and hackers and the importance of leveraging available resources, such as protocol specifications and open-source implementations, to understand closed-source systems better and potentially uncover vulnerabilities.

In This Episode You Will Learn:

• The unique perspective Dor has with RDP security research
• How to approach security research when following the protocol specifications
• The importance of clear documentation in preventing security vulnerabilities

Some Questions We Ask:

• How did you design and build the Capture the Flag event?
• Did you face any unexpected hurdles while researching the RDP protocol's security?
• Have you found other security vulnerabilities by closely adhering to protocol specifications?

Resources:

View Dor Dali on LinkedIn

View Wendy Zenone on LinkedIn

View Nic Fillingham on LinkedIn

Related Microsoft Podcasts:

• Microsoft Threat Intelligence Podcast
• Afternoon Cyber Tea with Ann Johnson
• Uncovering Hidden Risks

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Hosted on Acast. See acast.com/privacy for more information.

Cyber Security Content Creator, Speaker & Ethical Hacker, Katie Paxton-Fear, joins Nic Fillingham on this week's episode of The BlueHat Podcast. Katie holds a PhD in defense and security AI plus cybersecurity and works as an academic, teaching undergraduate students cybersecurity topics. She also runs a popular YouTube channel focused on bug bounty hunting, hacking, and pen testing. Katie shares her journey into cybersecurity, reflects on her initial interest in undeciphered languages and how it parallels her approach to cybersecurity, both involving a fascination with solving mysteries and uncovering hidden meanings.

In This Episode You Will Learn:

• Approaching AI systems with caution when translating less-documented languages
• Concerns surrounding the use of copyrighted training data in AI systems
• Recognizing and addressing AI system limitations and biases in real-world deployments.

Some Questions We Ask:

• Can fine-tuning AI models prevent degradation and improve performance?
• What are the ethical implications of putting sensitive information into AI systems
• How does relying on niche or obscure training data impact AI models?

Resources:

View Katie Paxton-Fear on LinkedIn

View Wendy Zenone on LinkedIn

View Nic Fillingham on LinkedIn

Related Microsoft Podcasts:

• Microsoft Threat Intelligence Podcast
• Afternoon Cyber Tea with Ann Johnson
• Uncovering Hidden Risks

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Hosted on Acast. See acast.com/privacy for more information.