Real World Hacking Demo with OTW

This is a real world demonstration of the SQL Injection attack used in the recent MOVEit hack. This is real world – not just a simple SQL attack.

Big thank you to Juniper Networks for supporting the community and making training free. Go to https://juniper.net/davidbombal to get lots of training and also learn how to get certified for $50 (Associate Level).

// David\’s Social //

================
Connect with me:
================
Discord: http://discord.davidbombal.com
Twitter: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube Main Channel https://www.youtube.com/davidbombal
YouTube Tech Channel: https://www.youtube.com/channel/UCZTIRrENWr_rjVoA7BcUE_A
YouTube Clips Channel: https://www.youtube.com/channel/UCbY5wGxQgIiAeMdNkW5wM6Q
YouTube Shorts Channel: https://www.youtube.com/channel/UCEyCubIF0e8MYi1jkgVepKg
Apple Podcast: https://davidbombal.wiki/applepodcast
Spotify Podcast: https://open.spotify.com/show/3f6k6gERfuriI96efWWLQQ

================
Support me:
================
Or, buy my CCNA course and support me:
DavidBombal.com: CCNA ($10): http://bit.ly/yt999ccna
Udemy CCNA Course: https://bit.ly/ccnafor10dollars
GNS3 CCNA Course: CCNA ($10): https://bit.ly/gns3ccna10

// MY STUFF //
https://www.amazon.com/shop/davidbombal

// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com

// MENU //
00:00 – Coming Up
00:55 – Juniper Free Training (Sponsored segment)
01:51 – OccupyTheWeb books and new books
03:57 – The MOVEit breach explained
05:20 – Clop website // Companies affected
08:52 – The two different vulnerabilities
10:26 – The truth about SQL Injection
12:21 – Using Shodan
14:05 – Proof of concept of the exploit
16:18 – SQL Injection example
20:35 – MOVEit hack analysis / How it was done
28:57 – CVE-2023-35708 SQL Injection vulnerability explained
30:36 – What is Taiwan Semi-Conductor (TSMC) and why they got hacked
31:01 – SQL Injection hack in the real world
32:45 – OccupyTheWeb online classes
33:46 – Union statement // Stacking queries demo
37:02 – Upcoming OccupyTheWeb courses and classes
39:50 – Conclusion

MOVEit
sql
sql injection
hack
hacking
hacker
pegasus
cybersecurity

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Disclaimer: This video is for educational purposes only.

#hacking #cybersecurity #sql

subscribe
  • David Bombal