Cyber Threat Unit Spotlight: Jay Turla
Date published:
Apr 18, 2022
Jay Turla
Principal Security Consultant, Philippines
As Principal Security Consultant at VikingCloud, Jay Turla mentors the VikingCloud Cyber Threat Unit team in Manilla, providing training and Quality Assurance (QA) sessions and assisting with specialized testing and projects. He is also responsible for developing methodologies related to penetration testing, hardware hacking, automotive security, and wireless testing. Before VikingCloud, Jay held positions as Security Operations Manager, Application Security Engineer, and Senior Security Consultant.
Jay’s passion is exploit development and car hacking. He triaged automotive security bugs in a previous role where he also learned how to do car hacking and was able to discover vulnerabilities in cars that allowed him to send disallowed Control Area Network (CAN) messages (CAN Injection) and unlock cars through Radio Frequency (RF) hacking or CAN Injection.
Jay has spoken at numerous international conferences on various topics, including car hacking, Metasploit development, and hacking botnets. Conferences include DEFCON Car Hacking Village, DEFCON Packet Hacking Village, ROOTCON, Nullcon, Black Hat Asia, OWASP SeaSides, SINCON, and other “hacking” conferences. He also possesses numerous certifications, including OSWP, ISO 27001 Lead Auditor, CEHv8, and ECSA.
Q: What’s your favorite security vulnerability and why?
A: In web app testing - I love SSRF (Server-Side Request Forgery) because it allows an attacker to scan ports using a request to identify internal servers or possibly leak Amazon Web Services (AWS) metadata. For NetPen, anything that pops me a shell* is the best — from LOLBins (Living off the Land Binaries) to LLMNR (Link-Local Multicast Name Resolution) poisoning...anything!!! I’ve had my fair share of hacking targets on a client and gaining administrator or root account access. I have also made some auxiliary and exploit modules for Metasploit on some of the exploits I discovered.
Q: What is the primary cause of breaches that you see most often? Do you have any relatable stories you can share?
A: The primary causes of breaches I typically see are critical web app vulnerabilities, resulting in a user being infected with malware. I’ve seen a dark web scan tool that outputs leaked credentials, including the Indicators of Compromise (IOC) and the malware location, enabling attackers to access their accounts. I’ve also heard of a large company that was breached because of leaked AWS keys from a developer.
Q: If you could give one piece of advice to our customers, what would it be?
A: Good cyber hygiene should include external/managed penetration testing. In addition to penetration testing, you can partner or integrate with a bug bounty program**. This would protect the customers' critical business data and establish safe harbors for ethical hackers.
Jay’s critical thinking and enthusiasm for investigating, developing, and testing security systems make him an essential part of the VikingCloud team. His expertise has been acknowledged by security industry leaders, and he has provided his expertise to many industry events. We’re thrilled that he’s a part of the VikingCloud Cyber Threat Unit.
Learn more about Jay on LinkedIn: https://www.linkedin.com/in/shipjayturla
*Exploiting a security vulnerability to make a program run a hacker’s code.
**Bug bounty programs encourage ethical hacking and responsible disclosure of security flaws. They help companies improve their cybersecurity posture and protect their digital assets.