• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

A Scattered Spider member gets 10 years in prison

 | 

FBI: Russia-linked group Static Tundra exploit old Cisco flaw for espionage

 | 

US CERT/CC warns of flaws in Workhorse Software accounting software used by hundreds of municipalities in Wisconsin

 | 

DOJ takes action against 22-year-old running RapperBot Botnet

 | 

Google fixed Chrome flaw found by Big Sleep AI

 | 

Pharmaceutical firm Inotiv discloses ransomware attack. Qilin group claims responsibility for the hack

 | 

A hacker tied to Yemen Cyber Army gets 20 months in prison

 | 

Exploit weaponizes SAP NetWeaver bugs for full system compromise

 | 

Allianz Life security breach impacted 1.1 million customers

 | 

U.S. CISA adds Trend Micro Apex One flaw to its Known Exploited Vulnerabilities catalog

 | 

AI for Cybersecurity: Building Trust in Your Workflows

 | 

Taiwan Web Infrastructure targeted by APT UAT-7237 with custom toolset

 | 

New NFC-Driven Android Trojan PhantomCard targets Brazilian bank customers

 | 

Cisco fixed maximum-severity security flaw in Secure Firewall Management Center

 | 

'Blue Locker' Ransomware Targeting Oil & Gas Sector in Pakistan

 | 

Hackers exploit Microsoft flaw to breach Canada ’s House of Commons

 | 

Norway confirms dam intrusion by Pro-Russian hackers

 | 

Zoom patches critical Windows flaw allowing privilege escalation

 | 

Manpower data breach impacted 144,180 individuals

 | 

U.S. CISA adds Microsoft Internet Explorer, Microsoft Office Excel, and WinRAR flaws to its Known Exploited Vulnerabilities catalog

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Hacking
  • Hacker Interviews – Cesar Cerrudo

Hacker Interviews – Cesar Cerrudo

Pierluigi Paganini June 27, 2016

Today I propose you an interview with Cesar Cerrudo, CTO at IOActive Labs, famous for his research on ICS/SCADA, Smart Cities, IoT, software security.

Cesar Cerrudo is CTO at IOActive Labs, leading the team in producing ongoing cutting edge research on ICS/SCADA, Smart Cities, IoT, software security.

But Cesar, first of all, has chosen the hacking as a philosophy of life, he is one of the most talented professionals in the world that with his studies continuously demonstrate how much vulnerable is our society.

Enjoy the interview

Cesar cerrudo hacker interview

Hi Cesar, first of all, thank you. You are one of the most talented hackers, I consider you among those professionals with a step ahead because your research offer to common people a view on the risks related to the hacking of smart objects that surround use, clamorous is your study on traffic light control systems.

Could you tell me which his your technical background and when you started hacking?

I have a software engineering background, never finished college I did all the college program but didn’t got the title because never took some finals, I was more busy learning useful stuff :). I always liked to take technology apart and when I started to get access to Internet I finally could get into hacking and start learning a lot and try different things, this was like 18 years ago or so. It wasn’t easy but I tried hard and could start doing interesting things, presenting at conferences, traveling around the world, etc.

What was your greatest hacking challenge?

I think hacking MS Windows internals (kernel, IPC, etc.) has been challenging because you need to learn a lot and there isn’t much documentation usually, do reverse engineering, do lots of testing in different MS Windows versions, bypass many protections, etc. in order to come up with interesting vulnerabilities, exploitation techniques, exploits, etc.

What are the 4 tools that cannot be missed in the hacker’s arsenal and why?

I think main tools are a Hex editor, a good debugger, a C compiler or scripting language interpreter and a good disassembler, with these few tools you can do everything, build more tools if needed.

Which are the most interesting hacking communities on the web today?

I’m not sure about this, I haven’t been in hacking communities lately, I guess any that shares cool stuff and discussed interesting topics should be good.

Which is the industry (healthcare, automotive, telecommunication, banking, and so on) most exposed to cyber attacks and why? What scares you more in the internet?

I think healthcare is the one more exposed since it has been proven they don’t have good cyber security in general and they deal with human lives and/or sensitive information.

I don’t think I’m scared about anything in the Internet but I’m really worried about how many important and critical systems (infrastructure, healthcare, etc.) are opened to attacks just waiting to be hacked, I hope not but I think soon we will see a cyber attack ending up taking people lives it’s just matter of time if cyber security doesn’t improve.

We often hear about smart cities, places where the technology reigns and makes our life easy. Unfortunately, in the majority of cases, smart cities projects lack of a “security by design approach.” Do you believe concrete the risk of a major cyber attacks against smart components of modern cities?

Like I said before, there are many systems open to attacks including cities ones, it’s just matter of someone decide to hack them and launch attacks because the possibilities are there and are real, luckily we haven’t seen this type of attacks yet but it won’t surprise me it something happens tomorrow. Most cities around the world are becoming smarter deploying new technologies in different areas, the main problem is that most of that technology is insecure and cities are not understanding the associated risks and what they should do to reduce them.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs –  Hacker, Cesar Cerrudo)


facebook linkedin twitter

Cesar Cerrudo Hacker Interviews Hacking White Hat hacker

you might also like

Pierluigi Paganini August 21, 2025
A Scattered Spider member gets 10 years in prison
Read more
Pierluigi Paganini August 21, 2025
FBI: Russia-linked group Static Tundra exploit old Cisco flaw for espionage
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    A Scattered Spider member gets 10 years in prison

    Cyber Crime / August 21, 2025

    FBI: Russia-linked group Static Tundra exploit old Cisco flaw for espionage

    Intelligence / August 21, 2025

    US CERT/CC warns of flaws in Workhorse Software accounting software used by hundreds of municipalities in Wisconsin

    Security / August 21, 2025

    DOJ takes action against 22-year-old running RapperBot Botnet

    Cyber Crime / August 20, 2025

    Google fixed Chrome flaw found by Big Sleep AI

    Security / August 20, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT