You Gotta Hack That Transistor (https://transistor.fm) https://feeds.transistor.fm/you-gotta-hack-that Felix explores Internet of Things (IoT) and Operational Technology cyber security. Perfect for project managers, developers, and those learning about penetration testing in this niche area. Email Felix using helpme@yg.ht Get more information at the website: yougottahackthat.com Find You Gotta Hack That on LinkedIn and X @gotta_hack © You Gotta Hack That cf43784f-fba1-53f9-ad53-a3d8afd66de5 yes Welcome to You Gotta Hack That en Thu, 14 May 2026 07:00:06 +0100 Thu, 14 May 2026 07:01:56 +0100 https://yougottahackthat.com/ https://img.transistorcdn.com/3ksqdH-tjuatTy-DvqwaseZb5sjUBzJgtd-tbTWLVoc/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS85ZWIx/M2EzOWZhMjY4N2U1/ZWI2YzU1OTJlN2Rj/MGRjZi5wbmc.jpg You Gotta Hack That https://yougottahackthat.com/ episodic You Gotta Hack That Felix explores Internet of Things (IoT) and Operational Technology cyber security. Perfect for project managers, developers, and those learning about penetration testing in this niche area. Email Felix using helpme@yg.ht Get more information at the website: yougottahackthat.com Find You Gotta Hack That on LinkedIn and X @gotta_hack Felix explores Internet of Things (IoT) and Operational Technology cyber security. Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security You Gotta Hack That No No Nerds vs suits 30 30 Nerds vs suits full 01f2bd77-a7b4-4539-b85d-6ee23e0adfe7 https://share.transistor.fm/s/d1ab487d In this episode of You Gotta Hack That, Felix sits down with Alex Ward to unpack the real gap in OT security, nerds versus suits. They dig into why “good enough” thinking persists, how risk gets lost in translation between engineers and the board, and why signing off risk can focus minds fast. They also get into the uncomfortable bits, safety, insider threats, and why recovery and business continuity often matter as much as prevention in industrial environments. Expect blunt talk, practical framing, and a few war stories from the OT frontline.

]]> In this episode of You Gotta Hack That, Felix sits down with Alex Ward to unpack the real gap in OT security, nerds versus suits. They dig into why “good enough” thinking persists, how risk gets lost in translation between engineers and the board, and why signing off risk can focus minds fast. They also get into the uncomfortable bits, safety, insider threats, and why recovery and business continuity often matter as much as prevention in industrial environments. Expect blunt talk, practical framing, and a few war stories from the OT frontline.

]]> Wed, 25 Feb 2026 14:09:04 +0000 You Gotta Hack That You Gotta Hack That 1296 In this episode of You Gotta Hack That, Felix sits down with Alex Ward to unpack the real gap in OT security, nerds versus suits. They dig into why “good enough” thinking persists, how risk gets lost in translation between engineers and the board, and why signing off risk can focus minds fast. They also get into the uncomfortable bits, safety, insider threats, and why recovery and business continuity often matter as much as prevention in industrial environments. Expect blunt talk, practical framing, and a few war stories from the OT frontline.

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Mag stripes died... Is contactless dangerous again? 29 29 Mag stripes died... Is contactless dangerous again? full cdf16081-0236-4593-9134-dbb55bfeb65d https://share.transistor.fm/s/de13e0af From carbon-copy receipts and zip-zap machines to mag stripes, chip and PIN, contactless and mobile wallets, payment tech keeps evolving, and attackers evolve right alongside it. Felix sits down with Gareth, a payments industry veteran of 30 years, to unpack the real hardware attack surface: skimmers in stripe readers, ATM overlays, contactless relay tricks, and why static QR codes are basically begging to be abused. They also dig into why raising contactless limits changes theft economics, how phone theft turns into credential theft, and why the EU Cyber Resilience Act means you need to think about hardware security now.

]]> From carbon-copy receipts and zip-zap machines to mag stripes, chip and PIN, contactless and mobile wallets, payment tech keeps evolving, and attackers evolve right alongside it. Felix sits down with Gareth, a payments industry veteran of 30 years, to unpack the real hardware attack surface: skimmers in stripe readers, ATM overlays, contactless relay tricks, and why static QR codes are basically begging to be abused. They also dig into why raising contactless limits changes theft economics, how phone theft turns into credential theft, and why the EU Cyber Resilience Act means you need to think about hardware security now.

]]> Wed, 18 Feb 2026 10:10:11 +0000 You Gotta Hack That You Gotta Hack That 1663 From carbon-copy receipts and zip-zap machines to mag stripes, chip and PIN, contactless and mobile wallets, payment tech keeps evolving, and attackers evolve right alongside it. Felix sits down with Gareth, a payments industry veteran of 30 years, to unpack the real hardware attack surface: skimmers in stripe readers, ATM overlays, contactless relay tricks, and why static QR codes are basically begging to be abused. They also dig into why raising contactless limits changes theft economics, how phone theft turns into credential theft, and why the EU Cyber Resilience Act means you need to think about hardware security now.

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Getting a career in OT... 28 28 Getting a career in OT... full 117269ed-1873-4302-9484-185c2b112a1e https://share.transistor.fm/s/16c6bea6 In this episode, Felix is joined by Anjan, a cybersecurity engineer working at the sharp end of OT product security and compliance in UK manufacturing. They dig into what it really looks like to build security into connected industrial kit, especially with major regulation deadlines looming. Anjan shares a practical path into the industry, starting with bug bounty and vulnerability disclosure, then moving into IoT and OT during his Masters, including work on an autonomous vehicle project. Expect honest talk on “audit equals secure” myths, risk-based security, and how to start building an OT security career.

]]> In this episode, Felix is joined by Anjan, a cybersecurity engineer working at the sharp end of OT product security and compliance in UK manufacturing. They dig into what it really looks like to build security into connected industrial kit, especially with major regulation deadlines looming. Anjan shares a practical path into the industry, starting with bug bounty and vulnerability disclosure, then moving into IoT and OT during his Masters, including work on an autonomous vehicle project. Expect honest talk on “audit equals secure” myths, risk-based security, and how to start building an OT security career.

]]> Mon, 09 Feb 2026 04:30:00 +0000 You Gotta Hack That You Gotta Hack That 1527 In this episode, Felix is joined by Anjan, a cybersecurity engineer working at the sharp end of OT product security and compliance in UK manufacturing. They dig into what it really looks like to build security into connected industrial kit, especially with major regulation deadlines looming. Anjan shares a practical path into the industry, starting with bug bounty and vulnerability disclosure, then moving into IoT and OT during his Masters, including work on an autonomous vehicle project. Expect honest talk on “audit equals secure” myths, risk-based security, and how to start building an OT security career.

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No And the winner is .... 'lowest compliance effort' 27 27 And the winner is .... 'lowest compliance effort' full ae4f1d87-e47f-4f96-a0db-7a0bbd9de8d7 https://share.transistor.fm/s/25d4f2ae In this episode, Felix continues his conversation with David Rogers (Copper Horse) about the latest State of Vulnerability Disclosure report and why “what counts as IoT” is messy. They explore how consumer devices end up everywhere (including factories), how category labels can become compliance loopholes, and why good vulnerability disclosure needs more than a generic support page. David also shares concerns about the EU Cyber Resilience Act drifting toward tick-box compliance, and what that could mean for product security teams and, ultimately, all of us. Plus: the report’s dataset is open for anyone to check.

]]> In this episode, Felix continues his conversation with David Rogers (Copper Horse) about the latest State of Vulnerability Disclosure report and why “what counts as IoT” is messy. They explore how consumer devices end up everywhere (including factories), how category labels can become compliance loopholes, and why good vulnerability disclosure needs more than a generic support page. David also shares concerns about the EU Cyber Resilience Act drifting toward tick-box compliance, and what that could mean for product security teams and, ultimately, all of us. Plus: the report’s dataset is open for anyone to check.

]]> Thu, 05 Feb 2026 04:00:00 +0000 You Gotta Hack That You Gotta Hack That 1040 In this episode, Felix continues his conversation with David Rogers (Copper Horse) about the latest State of Vulnerability Disclosure report and why “what counts as IoT” is messy. They explore how consumer devices end up everywhere (including factories), how category labels can become compliance loopholes, and why good vulnerability disclosure needs more than a generic support page. David also shares concerns about the EU Cyber Resilience Act drifting toward tick-box compliance, and what that could mean for product security teams and, ultimately, all of us. Plus: the report’s dataset is open for anyone to check.

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Ever heard of an insecurity canary? 26 26 Ever heard of an insecurity canary? full 1d7be301-c8b5-4804-88a1-bcf40f1f07c3 https://share.transistor.fm/s/758c779a In the first of this two-part episode, Felix is joined by David Rogers (Copper Horse) to unpack a surprisingly powerful way to measure IoT security: vulnerability disclosure policies. David shares what eight years of research reveals about how easy (or impossible) it can be for security researchers to report flaws. We discuss why the lack of a clear route to report vulnerabilities to a vendor is an “insecurity canary” and how security researchers and businesses struggle to get along without enabling easy communications on these topics. We dig into the results from the Copper Horse annual report, the impact of new regulation, and why retailers might be the hidden force improving the market. Plus: the long tail of ultra-cheap devices, and why security shouldn’t be a luxury.

]]> In the first of this two-part episode, Felix is joined by David Rogers (Copper Horse) to unpack a surprisingly powerful way to measure IoT security: vulnerability disclosure policies. David shares what eight years of research reveals about how easy (or impossible) it can be for security researchers to report flaws. We discuss why the lack of a clear route to report vulnerabilities to a vendor is an “insecurity canary” and how security researchers and businesses struggle to get along without enabling easy communications on these topics. We dig into the results from the Copper Horse annual report, the impact of new regulation, and why retailers might be the hidden force improving the market. Plus: the long tail of ultra-cheap devices, and why security shouldn’t be a luxury.

]]> Mon, 26 Jan 2026 02:31:11 +0000 You Gotta Hack That You Gotta Hack That 1318 In the first of this two-part episode, Felix is joined by David Rogers (Copper Horse) to unpack a surprisingly powerful way to measure IoT security: vulnerability disclosure policies. David shares what eight years of research reveals about how easy (or impossible) it can be for security researchers to report flaws. We discuss why the lack of a clear route to report vulnerabilities to a vendor is an “insecurity canary” and how security researchers and businesses struggle to get along without enabling easy communications on these topics. We dig into the results from the Copper Horse annual report, the impact of new regulation, and why retailers might be the hidden force improving the market. Plus: the long tail of ultra-cheap devices, and why security shouldn’t be a luxury.

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No OT Threats, Penetration Testing, and Resilience 25 25 OT Threats, Penetration Testing, and Resilience full eb88d28e-0afe-44ce-bc6e-f38ceab3c820 https://share.transistor.fm/s/fdf9c0a0 In this episode of the You Gotta Hack That podcast, the conversation continues with Emily, a principal industrial cyber security consultant, as they delve into the real-world threats facing operational technology (OT) environments. The discussion highlights the inadequacies of traditional IT penetration testing when applied to OT networks, emphasizing the need for tailored approaches that consider the unique vulnerabilities and operational realities of these systems. Emily and Felix explore the concept of dwell time, illustrating how sophisticated attackers can remain undetected within networks for extended periods, gathering intelligence before launching attacks. They stress the importance of understanding actual risks and the necessity of continuous monitoring and testing to ensure robust cyber security measures are in place.

]]> In this episode of the You Gotta Hack That podcast, the conversation continues with Emily, a principal industrial cyber security consultant, as they delve into the real-world threats facing operational technology (OT) environments. The discussion highlights the inadequacies of traditional IT penetration testing when applied to OT networks, emphasizing the need for tailored approaches that consider the unique vulnerabilities and operational realities of these systems. Emily and Felix explore the concept of dwell time, illustrating how sophisticated attackers can remain undetected within networks for extended periods, gathering intelligence before launching attacks. They stress the importance of understanding actual risks and the necessity of continuous monitoring and testing to ensure robust cyber security measures are in place.

]]> Wed, 21 Jan 2026 04:00:00 +0000 You Gotta Hack That You Gotta Hack That 1472 In this episode of the You Gotta Hack That podcast, the conversation continues with Emily, a principal industrial cyber security consultant, as they delve into the real-world threats facing operational technology (OT) environments. The discussion highlights the inadequacies of traditional IT penetration testing when applied to OT networks, emphasizing the need for tailored approaches that consider the unique vulnerabilities and operational realities of these systems. Emily and Felix explore the concept of dwell time, illustrating how sophisticated attackers can remain undetected within networks for extended periods, gathering intelligence before launching attacks. They stress the importance of understanding actual risks and the necessity of continuous monitoring and testing to ensure robust cyber security measures are in place.

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Demystifying ISA 62443 24 24 Demystifying ISA 62443 full 8755afe3-f8a3-4a03-8e91-876649393ac4 https://share.transistor.fm/s/e32e34c9 In this episode of You Gotta Hack That, Felix sits down with Emily, a principal industrial cyber security consultant and former national utility cyber lead, to demystify ISA/IEC 62443. Why do so many teams treat it like a silver bullet and why does that backfire fast? Emily breaks down what 62443 actually is (spoiler: it’s a family of standards), why “be compliant” isn’t a requirement, and why maintenance matters as much as deployment. If you’re trying to secure OT environments, this one will help you focus on what to do first.

And don't forget to check out our training courses to get hands-on and nerdy.

]]> In this episode of You Gotta Hack That, Felix sits down with Emily, a principal industrial cyber security consultant and former national utility cyber lead, to demystify ISA/IEC 62443. Why do so many teams treat it like a silver bullet and why does that backfire fast? Emily breaks down what 62443 actually is (spoiler: it’s a family of standards), why “be compliant” isn’t a requirement, and why maintenance matters as much as deployment. If you’re trying to secure OT environments, this one will help you focus on what to do first.

And don't forget to check out our training courses to get hands-on and nerdy.

]]> Mon, 12 Jan 2026 05:00:00 +0000 You Gotta Hack That You Gotta Hack That 1466 In this episode of You Gotta Hack That, Felix sits down with Emily, a principal industrial cyber security consultant and former national utility cyber lead, to demystify ISA/IEC 62443. Why do so many teams treat it like a silver bullet and why does that backfire fast? Emily breaks down what 62443 actually is (spoiler: it’s a family of standards), why “be compliant” isn’t a requirement, and why maintenance matters as much as deployment. If you’re trying to secure OT environments, this one will help you focus on what to do first.

And don't forget to check out our training courses to get hands-on and nerdy.

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No The implications of phone theft 23 23 The implications of phone theft full 3d088956-f008-42f1-a23b-6b1b79df8e90 https://yougottahackthat.com/insights/the-implications-of-phone-theft In this episode, Felix and Alex discuss the alarming rise of phone thefts in London, sharing personal anecdotes and insights into the implications of losing a device. They explore security measures, user behaviors, and the broader impact of identity theft in today's digital age. The conversation emphasizes the importance of enhancing phone security and being proactive in protecting personal information.

]]> In this episode, Felix and Alex discuss the alarming rise of phone thefts in London, sharing personal anecdotes and insights into the implications of losing a device. They explore security measures, user behaviors, and the broader impact of identity theft in today's digital age. The conversation emphasizes the importance of enhancing phone security and being proactive in protecting personal information.

]]> Thu, 08 May 2025 01:50:19 +0100 You Gotta Hack That You Gotta Hack That 1080 In this episode, Felix and Alex discuss the alarming rise of phone thefts in London, sharing personal anecdotes and insights into the implications of losing a device. They explore security measures, user behaviors, and the broader impact of identity theft in today's digital age. The conversation emphasizes the importance of enhancing phone security and being proactive in protecting personal information.

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Autonomous ships, cyber security and the workboat code 22 22 Autonomous ships, cyber security and the workboat code full dce43531-6d61-444b-8c5e-00359324a202 https://yougottahackthat.com/insights/autonomous-ships-cyber-security-and-the-workboat-code In this conversation, Felix and Oli discuss the development of a hydrogen-powered uncrewed surface vessel (USV) and the associated cybersecurity challenges. They explore the importance of integrating cybersecurity measures from the outset, navigating regulatory frameworks like Workboat Code 3, and the ongoing challenges of ensuring compliance and safety in a rapidly evolving technological landscape. The discussion highlights the need for thorough documentation, the role of regulations in shaping industry practices, and the future of cybersecurity in maritime technology.

]]> In this conversation, Felix and Oli discuss the development of a hydrogen-powered uncrewed surface vessel (USV) and the associated cybersecurity challenges. They explore the importance of integrating cybersecurity measures from the outset, navigating regulatory frameworks like Workboat Code 3, and the ongoing challenges of ensuring compliance and safety in a rapidly evolving technological landscape. The discussion highlights the need for thorough documentation, the role of regulations in shaping industry practices, and the future of cybersecurity in maritime technology.

]]> Thu, 17 Apr 2025 02:00:00 +0100 You Gotta Hack That You Gotta Hack That 1146 In this conversation, Felix and Oli discuss the development of a hydrogen-powered uncrewed surface vessel (USV) and the associated cybersecurity challenges. They explore the importance of integrating cybersecurity measures from the outset, navigating regulatory frameworks like Workboat Code 3, and the ongoing challenges of ensuring compliance and safety in a rapidly evolving technological landscape. The discussion highlights the need for thorough documentation, the role of regulations in shaping industry practices, and the future of cybersecurity in maritime technology.

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Attacking Santa's Christmas deliveries 21 21 Attacking Santa's Christmas deliveries full e83d3f36-5d93-4196-a4e0-59e66382d43d https://yougottahackthat.com/insights/attacking-santas-christmas-deliveries Felix and Alex discuss the attack surface and disruption opportunities for a Cyber attack against Santa's Christmas delivery schedule.

]]> Felix and Alex discuss the attack surface and disruption opportunities for a Cyber attack against Santa's Christmas delivery schedule.

]]> Wed, 18 Dec 2024 02:00:00 +0000 You Gotta Hack That You Gotta Hack That 1187 Felix and Alex discuss the attack surface and disruption opportunities for a Cyber attack against Santa's Christmas delivery schedule.

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Railways and trains 20 20 Railways and trains full 4ed00d14-3eb3-4530-a591-439b431b912b https://share.transistor.fm/s/89be152d Most people think of trains and railways as being great big lumps of metal that (hopefully) whizz along long shiny tracks, but it turns out they are incredibly complex and have a broad attack surface!

Email Felix using helpme@yg.ht

Find You Gotta Hack That on X @gotta_hack

]]> Most people think of trains and railways as being great big lumps of metal that (hopefully) whizz along long shiny tracks, but it turns out they are incredibly complex and have a broad attack surface!

Email Felix using helpme@yg.ht

Find You Gotta Hack That on X @gotta_hack

]]> Tue, 20 Feb 2024 02:00:00 +0000 You Gotta Hack That You Gotta Hack That 1262 Most people think of trains and railways as being great big lumps of metal that (hopefully) whizz along long shiny tracks, but it turns out they are incredibly complex and have a broad attack surface!

Email Felix using helpme@yg.ht

Find You Gotta Hack That on X @gotta_hack

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Vulnerability research into SolaX Inverter Smart Connectivity 19 19 Vulnerability research into SolaX Inverter Smart Connectivity full 771cc8ea-ee2b-4d2f-b7c3-fcfbda0f6fbb https://share.transistor.fm/s/bc86155d Felix describes research completed against the SolaX Pocket WiFi module that connects SolaX inverters to the Internet for smart connectivity features. The research highlights some of the challenges experienced by researchers and developers alike as well as the risks that these vulnerabilities present.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on X @gotta_hack

]]> Felix describes research completed against the SolaX Pocket WiFi module that connects SolaX inverters to the Internet for smart connectivity features. The research highlights some of the challenges experienced by researchers and developers alike as well as the risks that these vulnerabilities present.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on X @gotta_hack

]]> Tue, 06 Feb 2024 02:00:00 +0000 You Gotta Hack That You Gotta Hack That 937 Felix describes research completed against the SolaX Pocket WiFi module that connects SolaX inverters to the Internet for smart connectivity features. The research highlights some of the challenges experienced by researchers and developers alike as well as the risks that these vulnerabilities present.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on X @gotta_hack

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Cars 18 18 Cars full dcb7515d-dd37-4ca1-926a-68e0988ba4cd https://share.transistor.fm/s/d43560d3 In this episode Felix looks at the complexities and attack surface of modern cars. They may have become more sophisticated but are
they now technologically fragile?

Email Felix using helpme@yg.ht

Find You Gotta Hack That on X @gotta_hack

]]> In this episode Felix looks at the complexities and attack surface of modern cars. They may have become more sophisticated but are
they now technologically fragile?

Email Felix using helpme@yg.ht

Find You Gotta Hack That on X @gotta_hack

]]> Wed, 24 Jan 2024 16:45:00 +0000 You Gotta Hack That You Gotta Hack That 1006 In this episode Felix looks at the complexities and attack surface of modern cars. They may have become more sophisticated but are
they now technologically fragile?

Email Felix using helpme@yg.ht

Find You Gotta Hack That on X @gotta_hack

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Prosthetics 17 17 Prosthetics full 222a8577-515d-4d27-983b-160192a54116 https://share.transistor.fm/s/5e28c422 Felix analyses the security within modern smart-prosthetics and medical tech to help prevent the need for amputations. The security need behind these two devices is not always immediately apparent because some people might think of it as being 'boring medical data'. Cyber security concerns are still there none-the-less, just in a slightly different form.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on Twitter @gotta_hack

]]> Felix analyses the security within modern smart-prosthetics and medical tech to help prevent the need for amputations. The security need behind these two devices is not always immediately apparent because some people might think of it as being 'boring medical data'. Cyber security concerns are still there none-the-less, just in a slightly different form.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on Twitter @gotta_hack

]]> Thu, 01 Jun 2023 02:00:00 +0100 You Gotta Hack That You Gotta Hack That 756 Felix analyses the security within modern smart-prosthetics and medical tech to help prevent the need for amputations. The security need behind these two devices is not always immediately apparent because some people might think of it as being 'boring medical data'. Cyber security concerns are still there none-the-less, just in a slightly different form.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on Twitter @gotta_hack

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Medical Imaging Devices 16 16 Medical Imaging Devices full 29da697b-5731-4114-a7be-056391d92fed https://share.transistor.fm/s/cd202a57 Felix delves in the technology that supports MRI scanners, X-Ray machines and CT scanners and looks at the vulnerabilities they have had in the past as well as potential opportunities for them to fall foul of attackers. The technology here focuses on the DICOM and HL7 protocols both of which have had security concerns but are used globally to ensure doctors remain connected to their patients medical images.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on Twitter @gotta_hack

]]> Felix delves in the technology that supports MRI scanners, X-Ray machines and CT scanners and looks at the vulnerabilities they have had in the past as well as potential opportunities for them to fall foul of attackers. The technology here focuses on the DICOM and HL7 protocols both of which have had security concerns but are used globally to ensure doctors remain connected to their patients medical images.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on Twitter @gotta_hack

]]> Thu, 25 May 2023 02:00:00 +0100 You Gotta Hack That You Gotta Hack That 1321 Felix delves in the technology that supports MRI scanners, X-Ray machines and CT scanners and looks at the vulnerabilities they have had in the past as well as potential opportunities for them to fall foul of attackers. The technology here focuses on the DICOM and HL7 protocols both of which have had security concerns but are used globally to ensure doctors remain connected to their patients medical images.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on Twitter @gotta_hack

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Wearable Tech 15 15 Wearable Tech full 22565a22-097c-4167-bb66-c5008a275b96 https://share.transistor.fm/s/ef943da9 Wearable tech is increasingly popular with consumers worldwide. It's become a class of tech that is so ubiquitous that privacy and cyber security concerns have to be taken seriously. In this episode we look at the Bluetooth Low Energy (BLE) protocol which makes the vast majority of this technology possible.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on Twitter @gotta_hack

]]> Wearable tech is increasingly popular with consumers worldwide. It's become a class of tech that is so ubiquitous that privacy and cyber security concerns have to be taken seriously. In this episode we look at the Bluetooth Low Energy (BLE) protocol which makes the vast majority of this technology possible.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on Twitter @gotta_hack

]]> Thu, 18 May 2023 02:00:00 +0100 You Gotta Hack That You Gotta Hack That 1225 Wearable tech is increasingly popular with consumers worldwide. It's become a class of tech that is so ubiquitous that privacy and cyber security concerns have to be taken seriously. In this episode we look at the Bluetooth Low Energy (BLE) protocol which makes the vast majority of this technology possible.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on Twitter @gotta_hack

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Continuous Glucose Monitors (CGMs) 14 14 Continuous Glucose Monitors (CGMs) full 8e7622f4-b2b9-4797-b494-735cd9f9d815 https://share.transistor.fm/s/fb22a15e In this episode Felix investigates Glucose Monitors.  He looks at their cyber security profile and discusses Near Field Communications (NFC) which is a commonly used protocol to communicate between smart phones and the little device.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on Twitter @gotta_hack

]]> In this episode Felix investigates Glucose Monitors.  He looks at their cyber security profile and discusses Near Field Communications (NFC) which is a commonly used protocol to communicate between smart phones and the little device.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on Twitter @gotta_hack

]]> Wed, 26 Apr 2023 02:00:00 +0100 You Gotta Hack That You Gotta Hack That 922 In this episode Felix investigates Glucose Monitors.  He looks at their cyber security profile and discusses Near Field Communications (NFC) which is a commonly used protocol to communicate between smart phones and the little device.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on Twitter @gotta_hack

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Insulin pumps 13 13 Insulin pumps full 92d39db6-6794-41e7-bdf6-c4bbb6b32947 https://share.transistor.fm/s/3d6e2db2 Felix looks at the slightly murky history of the cyber security behind insulin pumps. These devices have a bad security reputation, but, it isn't that straight forward.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on Twitter @gotta_hack

]]> Felix looks at the slightly murky history of the cyber security behind insulin pumps. These devices have a bad security reputation, but, it isn't that straight forward.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on Twitter @gotta_hack

]]> Wed, 19 Apr 2023 02:00:00 +0100 You Gotta Hack That You Gotta Hack That 1236 Felix looks at the slightly murky history of the cyber security behind insulin pumps. These devices have a bad security reputation, but, it isn't that straight forward.

Email Felix using helpme@yg.ht

Find You Gotta Hack That on Twitter @gotta_hack

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Pacemakers 12 12 Pacemakers full 484bc360-848a-4c5f-a14f-91052a95e691 https://share.transistor.fm/s/5b500af6 Pacemakers are surprising prevalent and have been around for years.  These devices keep people alive but have a difficult cyber security history.  Felix looks at how these devices work and what security challenges they face.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Pacemakers are surprising prevalent and have been around for years.  These devices keep people alive but have a difficult cyber security history.  Felix looks at how these devices work and what security challenges they face.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Wed, 12 Apr 2023 02:00:00 +0100 You Gotta Hack That You Gotta Hack That 1042 Pacemakers are surprising prevalent and have been around for years.  These devices keep people alive but have a difficult cyber security history.  Felix looks at how these devices work and what security challenges they face.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No The IoT and embedded systems penetration testing process 11 11 The IoT and embedded systems penetration testing process full f8da328b-ff90-4b8f-bd26-ca61138f902f https://share.transistor.fm/s/be296b11 Felix discusses what makes a good penetration testing process, the difficulties that are unique to the Internet of Things and embedded systems, and how best to approach getting good security assurance.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Felix discusses what makes a good penetration testing process, the difficulties that are unique to the Internet of Things and embedded systems, and how best to approach getting good security assurance.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Wed, 05 Apr 2023 02:00:00 +0100 You Gotta Hack That You Gotta Hack That 1544 Felix discusses what makes a good penetration testing process, the difficulties that are unique to the Internet of Things and embedded systems, and how best to approach getting good security assurance.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No CCTV systems 10 10 CCTV systems full 33bb5529-9b51-4b14-954f-be6732228cbc https://share.transistor.fm/s/dfdbc001 CCTV systems have a bad reputation when it comes to cyber security.  Felix looks at the attack surface of CCTV systems and discusses how these systems are more complex than most people realise and how that results in them being abused.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> CCTV systems have a bad reputation when it comes to cyber security.  Felix looks at the attack surface of CCTV systems and discusses how these systems are more complex than most people realise and how that results in them being abused.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Wed, 29 Mar 2023 02:00:00 +0100 You Gotta Hack That You Gotta Hack That 929 CCTV systems have a bad reputation when it comes to cyber security.  Felix looks at the attack surface of CCTV systems and discusses how these systems are more complex than most people realise and how that results in them being abused.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Occupancy Sensors 9 9 Occupancy Sensors full 17c4e9c3-23b0-4084-88c6-8c062e76d6db https://share.transistor.fm/s/055d4ba5 Felix looks at the types of Occupancy Sensors typically used in lighting management and intruder alarm systems. The most common sensor type is the Passive Infra Red (PIR) sensors. These are primitive in some ways but very sophisticated in others.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Felix looks at the types of Occupancy Sensors typically used in lighting management and intruder alarm systems. The most common sensor type is the Passive Infra Red (PIR) sensors. These are primitive in some ways but very sophisticated in others.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Wed, 22 Mar 2023 02:00:00 +0000 You Gotta Hack That You Gotta Hack That 866 Felix looks at the types of Occupancy Sensors typically used in lighting management and intruder alarm systems. The most common sensor type is the Passive Infra Red (PIR) sensors. These are primitive in some ways but very sophisticated in others.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Fire detection and response systems 8 8 Fire detection and response systems full e4cf6202-bed8-4405-ab29-bd2193ba7ca1 https://share.transistor.fm/s/4b5b2571 Felix looks in depth at the cyber security implications of fire systems in modern buildings. This particularly focuses on the BACnet protocol - a common element of modern open-protocol systems.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Felix looks in depth at the cyber security implications of fire systems in modern buildings. This particularly focuses on the BACnet protocol - a common element of modern open-protocol systems.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Wed, 15 Mar 2023 02:00:00 +0000 You Gotta Hack That You Gotta Hack That 822 Felix looks in depth at the cyber security implications of fire systems in modern buildings. This particularly focuses on the BACnet protocol - a common element of modern open-protocol systems.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Lifts (Elevators) and Escalators 7 7 Lifts (Elevators) and Escalators full 5398871e-9b5d-4299-b928-890b1553df52 https://share.transistor.fm/s/7b4a4bc8 It is easy to take lifts and escalators for granted, but it turns out that modern versions have a huge amount of connectivity.  We delve into all this tech and focus on one type of communications used in modern lilfts and escaltors, called ModBus.  We discuss how ModBus might be attacked, especially when thinking about all the other technologies that are also now connected to these systems.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> It is easy to take lifts and escalators for granted, but it turns out that modern versions have a huge amount of connectivity.  We delve into all this tech and focus on one type of communications used in modern lilfts and escaltors, called ModBus.  We discuss how ModBus might be attacked, especially when thinking about all the other technologies that are also now connected to these systems.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Wed, 08 Mar 2023 02:00:00 +0000 You Gotta Hack That You Gotta Hack That 1206 It is easy to take lifts and escalators for granted, but it turns out that modern versions have a huge amount of connectivity.  We delve into all this tech and focus on one type of communications used in modern lilfts and escaltors, called ModBus.  We discuss how ModBus might be attacked, especially when thinking about all the other technologies that are also now connected to these systems.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No RFID door locks 6 6 RFID door locks full 5cf650b9-598d-4a88-85ab-7c30a8a36f8d https://share.transistor.fm/s/073719c9 Felix delves into RFID door locks and examines a small portion of the cyber security issues in this space.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Felix delves into RFID door locks and examines a small portion of the cyber security issues in this space.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Wed, 01 Mar 2023 02:00:00 +0000 You Gotta Hack That You Gotta Hack That 1233 Felix delves into RFID door locks and examines a small portion of the cyber security issues in this space.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Building Management Systems 5 5 Building Management Systems full dd8cad8c-49dd-4ce1-b79c-45bf4e056b4c https://share.transistor.fm/s/bf5bc1f8 We take a look at how Building Management Systems (BMS) are setup and the huge range of cyber security issues that can be present.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> We take a look at how Building Management Systems (BMS) are setup and the huge range of cyber security issues that can be present.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Wed, 22 Feb 2023 02:00:00 +0000 You Gotta Hack That You Gotta Hack That 898 We take a look at how Building Management Systems (BMS) are setup and the huge range of cyber security issues that can be present.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Smart Plugs 4 4 Smart Plugs full 7e6c389f-e0ff-4456-94f4-c723c5805539 https://share.transistor.fm/s/c47e6bf9 Felix opens two smart plugs and discusses the security of what he finds.  This continues the theme from previous episodes of electricity generation, management, and usage to show how many different angles an attacker could choose to affect our day-to-day lives.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Felix opens two smart plugs and discusses the security of what he finds.  This continues the theme from previous episodes of electricity generation, management, and usage to show how many different angles an attacker could choose to affect our day-to-day lives.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Wed, 15 Feb 2023 02:00:00 +0000 You Gotta Hack That You Gotta Hack That 1020 Felix opens two smart plugs and discusses the security of what he finds.  This continues the theme from previous episodes of electricity generation, management, and usage to show how many different angles an attacker could choose to affect our day-to-day lives.

Email Felix using helpme@yg.ht
Find You Gotta Hack That on Twitter @gotta_hack

yougottahackthat.com

]]> Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Delayed attacks against Realtek chips you'll find everywhere 3 3 Delayed attacks against Realtek chips you'll find everywhere full c79b0977-257f-43a2-b173-70e15f2155c1 https://share.transistor.fm/s/d2dbf1ec Wed, 08 Feb 2023 02:00:00 +0000 You Gotta Hack That You Gotta Hack That 966 Felix discusses the supply chain issues that allow attackers to take their time when taking advantage of embedded systems. The vulnerabilities discussed are for the Realtek RTL819xD chip and have IDs CVE-2021-35392, CVE-2021-35393, CVE-2021-35394, and CVE-2021-35395. Email Felix using helpme@yg.ht Find You Gotta Hack That on Twitter @gotta_hack yougottahackthat.com Felix discusses the supply chain issues that allow attackers to take their time when taking advantage of embedded systems. The vulnerabilities discussed are for the Realtek RTL819xD chip and have IDs CVE-2021-35392, CVE-2021-35393, CVE-2021-35394, and CV Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Domestic Solar Power Systems 2 2 Domestic Solar Power Systems full fbdb722a-073a-45df-b9e4-b9832b869a44 https://share.transistor.fm/s/748d690b Wed, 01 Feb 2023 02:00:00 +0000 You Gotta Hack That You Gotta Hack That 914 Felix looks at the system that supports the solar panels at home and where it might be weak to cyber attack. Warning though, don't play with electrics unless you know what you are doing! Email Felix using helpme@yg.ht Find You Gotta Hack That on Twitter @gotta_hack yougottahackthat.com Felix looks at the system that supports the solar panels at home and where it might be weak to cyber attack. Warning though, don't play with electrics unless you know what you are doing! Email Felix using helpme@yg.ht Find You Gotta Hack That on Twitt Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Smart meters 1 1 Smart meters full d1040920-5616-431b-9c42-658c842bdfcc https://share.transistor.fm/s/c2996cce Thu, 26 Jan 2023 02:00:00 +0000 You Gotta Hack That You Gotta Hack That 612 Felix takes a look at the security vulnerabilities behind household smart meters. Email Felix using helpme@yg.ht Find You Gotta Hack That on Twitter @gotta_hack yougottahackthat.com Felix takes a look at the security vulnerabilities behind household smart meters. Email Felix using helpme@yg.ht Find You Gotta Hack That on Twitter @gotta_hack yougottahackthat.com Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No Welcome to You Gotta Hack That 1 1 Welcome to You Gotta Hack That trailer d592a7a6-7e26-4438-a965-e39d36a2bedc https://share.transistor.fm/s/d1554590 Fri, 20 Jan 2023 14:30:00 +0000 You Gotta Hack That You Gotta Hack That 46 Welcome to You Gotta Hack That, a brand new show in which Felix takes a weekly look at Internet of Things (IoT) cyber security. Perfect for IoT project managers, developers, and those learning about penetration testing in this niche area. Welcome to You Gotta Hack That, a brand new show in which Felix takes a weekly look at Internet of Things (IoT) cyber security. Perfect for IoT project managers, developers, and those learning about penetration testing in this niche area. Internet of things, IoT, Operational Technology, OT, cyber security, hacking, testing, penetration testing, embedded security, industrial control systems, cyber security, cyber assurance, operational technology, OT security No