Artwork

Content provided by Amin Malekpour. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Amin Malekpour or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!

Ep. 3 – One Request, One URL, One Bluetooth Hack: Three Takeovers That Shouldn’t Have Happened

21:30
 
Share
 

Manage episode 466504305 series 3643227
Content provided by Amin Malekpour. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Amin Malekpour or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

How can attackers take over accounts, networks, and devices—without credentials?

In this episode, we break down three real-world security flaws that prove authentication alone isn’t enough:

  • Account Takeover – A single request bypassed email verification, locking out store owners.
  • Internal Network Compromise – A hidden admin URL and hardcoded access key gave attackers full control.
  • Smart Device Hijack – A community-submitted finding reveals how Bluetooth vulnerabilities allowed remote command execution—without WiFi, passwords, or internet access.

These findings expose critical weaknesses in application security, network defense, and IoT device protection—problems that pentesters, developers, and security teams must identify before attackers do.

Chapters:

00:00 - INTRO

01:30 - FINDING #1 - How a Security Researcher Took Over an Entire Shopping Platform with Just One Request

07:25 - FINDING #2 - How a Security Researcher Hacked an Entire Internal Network with Just One URL

13:46 - FINDING #3 - How a Security Researcher Took Over a Smart Switch Using Just Bluetooth

20:47 - OUTRO

Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode!
🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram
📩 Submit Your Pentest Findings https://forms.gle/7pPwjdaWnGYpQcA6A
📧 Feedback? Email Us [email protected]
🔗 Podcast Website → Website Link

  continue reading

Chapters

1. INTRO (00:00:00)

2. FINDING #1 - How a Security Researcher Took Over an Entire Shopping Platform with Just One Request (00:01:30)

3. FINDING #2 - How a Security Researcher Hacked an Entire Internal Network with Just One URL (00:07:25)

4. FINDING #3 - How a Security Researcher Took Over a Smart Switch Using Just Bluetooth (00:13:46)

5. OUTRO (00:20:47)

9 episodes

Artwork
iconShare
 
Manage episode 466504305 series 3643227
Content provided by Amin Malekpour. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Amin Malekpour or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

How can attackers take over accounts, networks, and devices—without credentials?

In this episode, we break down three real-world security flaws that prove authentication alone isn’t enough:

  • Account Takeover – A single request bypassed email verification, locking out store owners.
  • Internal Network Compromise – A hidden admin URL and hardcoded access key gave attackers full control.
  • Smart Device Hijack – A community-submitted finding reveals how Bluetooth vulnerabilities allowed remote command execution—without WiFi, passwords, or internet access.

These findings expose critical weaknesses in application security, network defense, and IoT device protection—problems that pentesters, developers, and security teams must identify before attackers do.

Chapters:

00:00 - INTRO

01:30 - FINDING #1 - How a Security Researcher Took Over an Entire Shopping Platform with Just One Request

07:25 - FINDING #2 - How a Security Researcher Hacked an Entire Internal Network with Just One URL

13:46 - FINDING #3 - How a Security Researcher Took Over a Smart Switch Using Just Bluetooth

20:47 - OUTRO

Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode!
🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram
📩 Submit Your Pentest Findings https://forms.gle/7pPwjdaWnGYpQcA6A
📧 Feedback? Email Us [email protected]
🔗 Podcast Website → Website Link

  continue reading

Chapters

1. INTRO (00:00:00)

2. FINDING #1 - How a Security Researcher Took Over an Entire Shopping Platform with Just One Request (00:01:30)

3. FINDING #2 - How a Security Researcher Hacked an Entire Internal Network with Just One URL (00:07:25)

4. FINDING #3 - How a Security Researcher Took Over a Smart Switch Using Just Bluetooth (00:13:46)

5. OUTRO (00:20:47)

9 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Quick Reference Guide

Listen to this show while you explore
Play