• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Law enforcement operations seized BlackSuit ransomware gang’s darknet sites

 | 

Arizona woman sentenced for aiding North Korea in U.S. IT job fraud scheme

 | 

Operation CargoTalon targets Russia’s aerospace with EAGLET malware,

 | 

Unpatched flaw in EoL LG LNV5110R cameras lets hackers gain Admin access

 | 

Koske, a new AI-Generated Linux malware appears in the threat landscape

 | 

Mitel patches critical MiVoice MX-ONE Auth bypass flaw

 | 

Coyote malware is first-ever malware abusing Windows UI Automation

 | 

SonicWall fixed critical flaw in SMA 100 devices exploited in Overstep malware attacks

 | 

DSPM & AI Are Booming: $17.87B and $4.8T Markets by 2033

 | 

Stealth backdoor found in WordPress mu-Plugins folder

 | 

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog

 | 

U.S. CISA urges FCEB agencies to fix two Microsoft SharePoint flaws immediately and added them to its Known Exploited Vulnerabilities catalog

 | 

Sophos fixed two critical Sophos Firewall vulnerabilities

 | 

French Authorities confirm XSS.is admin arrested in Ukraine

 | 

Microsoft linked attacks on SharePoint flaws to China-nexus actors

 | 

Cisco confirms active exploitation of ISE and ISE-PIC flaws

 | 

SharePoint under fire: new ToolShell attacks target enterprises

 | 

CrushFTP zero-day actively exploited at least since July 18

 | 

Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices

 | 

MuddyWater deploys new DCHSpy variants amid Iran-Israel conflict

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Hacking
  • Hacker Interviews – Cesar Cerrudo

Hacker Interviews – Cesar Cerrudo

Pierluigi Paganini June 27, 2016

Today I propose you an interview with Cesar Cerrudo, CTO at IOActive Labs, famous for his research on ICS/SCADA, Smart Cities, IoT, software security.

Cesar Cerrudo is CTO at IOActive Labs, leading the team in producing ongoing cutting edge research on ICS/SCADA, Smart Cities, IoT, software security.

But Cesar, first of all, has chosen the hacking as a philosophy of life, he is one of the most talented professionals in the world that with his studies continuously demonstrate how much vulnerable is our society.

Enjoy the interview

Cesar cerrudo hacker interview

Hi Cesar, first of all, thank you. You are one of the most talented hackers, I consider you among those professionals with a step ahead because your research offer to common people a view on the risks related to the hacking of smart objects that surround use, clamorous is your study on traffic light control systems.

Could you tell me which his your technical background and when you started hacking?

I have a software engineering background, never finished college I did all the college program but didn’t got the title because never took some finals, I was more busy learning useful stuff :). I always liked to take technology apart and when I started to get access to Internet I finally could get into hacking and start learning a lot and try different things, this was like 18 years ago or so. It wasn’t easy but I tried hard and could start doing interesting things, presenting at conferences, traveling around the world, etc.

What was your greatest hacking challenge?

I think hacking MS Windows internals (kernel, IPC, etc.) has been challenging because you need to learn a lot and there isn’t much documentation usually, do reverse engineering, do lots of testing in different MS Windows versions, bypass many protections, etc. in order to come up with interesting vulnerabilities, exploitation techniques, exploits, etc.

What are the 4 tools that cannot be missed in the hacker’s arsenal and why?

I think main tools are a Hex editor, a good debugger, a C compiler or scripting language interpreter and a good disassembler, with these few tools you can do everything, build more tools if needed.

Which are the most interesting hacking communities on the web today?

I’m not sure about this, I haven’t been in hacking communities lately, I guess any that shares cool stuff and discussed interesting topics should be good.

Which is the industry (healthcare, automotive, telecommunication, banking, and so on) most exposed to cyber attacks and why? What scares you more in the internet?

I think healthcare is the one more exposed since it has been proven they don’t have good cyber security in general and they deal with human lives and/or sensitive information.

I don’t think I’m scared about anything in the Internet but I’m really worried about how many important and critical systems (infrastructure, healthcare, etc.) are opened to attacks just waiting to be hacked, I hope not but I think soon we will see a cyber attack ending up taking people lives it’s just matter of time if cyber security doesn’t improve.

We often hear about smart cities, places where the technology reigns and makes our life easy. Unfortunately, in the majority of cases, smart cities projects lack of a “security by design approach.” Do you believe concrete the risk of a major cyber attacks against smart components of modern cities?

Like I said before, there are many systems open to attacks including cities ones, it’s just matter of someone decide to hack them and launch attacks because the possibilities are there and are real, luckily we haven’t seen this type of attacks yet but it won’t surprise me it something happens tomorrow. Most cities around the world are becoming smarter deploying new technologies in different areas, the main problem is that most of that technology is insecure and cities are not understanding the associated risks and what they should do to reduce them.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs –  Hacker, Cesar Cerrudo)


facebook linkedin twitter

Cesar Cerrudo Hacker Interviews Hacking White Hat hacker

you might also like

Pierluigi Paganini July 26, 2025
Law enforcement operations seized BlackSuit ransomware gang’s darknet sites
Read more
Pierluigi Paganini July 26, 2025
Arizona woman sentenced for aiding North Korea in U.S. IT job fraud scheme
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Law enforcement operations seized BlackSuit ransomware gang’s darknet sites

    Cyber Crime / July 26, 2025

    Arizona woman sentenced for aiding North Korea in U.S. IT job fraud scheme

    Intelligence / July 26, 2025

    Operation CargoTalon targets Russia’s aerospace with EAGLET malware,

    Intelligence / July 25, 2025

    Unpatched flaw in EoL LG LNV5110R cameras lets hackers gain Admin access

    Security / July 25, 2025

    Koske, a new AI-Generated Linux malware appears in the threat landscape

    Malware / July 25, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT