#435: Real World Hacking Demo with OTW
David Bombal
Revealing the Ongoing Hacks on 'Move It' Software by CLOPS Group
Exploring the breach of 'Move It' software by CLOPS, affecting major companies like Siemens and Schneider Electric, and uncovering the dark web presence of the hacking group.
00:00
Transcript
Play full episode
Transcript
Episode notes
This is a real world demonstration of the SQL Injection attack used in the recent MOVEit hack. This is real world - not just a simple SQL attack.
Big thank you to Juniper Networks for supporting the community and making training free. Go to https://juniper.net/davidbombal to get lots of training and also learn how to get certified for $50 (Associate Level).
// Mr Robot Playlist //
• Mr Robot
// Proof of Concept //
Horizon3: https://www.horizon3.ai/moveit-transf...
// David's SOCIAL //
Discord: https://discord.com/invite/usKSyzb
Twitter: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube:
/ davidbombal
// Occupy The Web social //
Twitter: https://twitter.com/three_cube
// OTW classes //
Hacker's Arise Pro Subscription:
https://hackers-arise.com/online-stor...
Get 3 year's access to all live courses:
https://hackers-arise.com/online-stor...
// Occupy The Web books //
Linux Basics for Hackers: https://amzn.to/3JlAQXe
Getting Started Becoming a Master Hacker: https://amzn.to/3qCQbvh
Top Hacking Books you need to read:
• Top Hacking Books...
// Other books //
The Linux Command Line: https://amzn.to/3ihGP3j
How Linux Works: https://amzn.to/3qeCHoY
The Car Hacker’s Handbook by Craig Smith: https://amzn.to/3pBESSM
Hacking Connected Cars by Alissa Knight: https://amzn.to/3dDUZN8
// Occupy The Web Website / Hackers Arise Website //
Website: https://www.hackers-arise.com/?afmc=1d
OTW Mr Robot series: https://www.hackers-arise.com/mr-robot
Want to learn more from Occupy the Web? You can join his classes using these links:
Hacker's Arise Pro Subscription"
https://hackers-arise.com/online-stor...
Get 3 year's access to all live courses:
https://hackers-arise.com/online-stor...
// MY STUFF //
https://www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Coming Up
00:55 - Juniper Free Training (Sponsored segment)
01:51 - OccupyTheWeb books and new books
03:57 - The MOVEit breach explained
05:20 - Clop website // Companies affected
08:52 - The two different vulnerabilities
10:26 - The truth about SQL Injection
12:21 - Using Shodan
14:05 - Proof of concept of the exploit
16:18 - SQL Injection example
20:35 - MOVEit hack analysis / How it was done
28:57 - CVE-2023-35708 SQL Injection vulnerability explained
30:36 - What is Taiwan Semi-Conductor (TSMC) and why they got hacked
31:01 - SQL Injection hack in the real world
32:45 - OccupyTheWeb online classes
33:46 - Union statement // Stacking queries demo
37:02 - Upcoming OccupyTheWeb courses and classes
39:50 - Conclusion
MOVEit
sql
sql injection
hack
hacking
hacker
pegasus
cybersecurity
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.
#hacking #cybersecurity #sql
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
