Darknet Diaries
Explore true stories of the dark side of the Internet with host Jack Rhysider as he takes you on a journey through the chilling world of hacking, data breaches, and cyber crime.
Episodes
150: mobman 2
In Episode 20 of Darknet Diaries, we heard from Greg aka “mobman” who said he created the sub7 malware. Something didn’t sit right with a lot of people about that episode. It’s time to revisit that episode and get to the bottom of things.SponsorsThis show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet.Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.Sourceshttps://www.youtube.com/watch?v=GDMc2PZM4V4https://www.illmob.org/notmymobman/https://darknetdiaries.com/episode/20
01/10/24•43m 11s
149: Mini-Stories: Vol 3
In this episode we hear EvilMog (https://x.com/Evil_Mog) tell us a story about when he had to troubleshoot networks in Afghanistan. We also get Joe (http://x.com/gonzosec) to tell us a penetration test story.SponsorsSupport for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet.Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.
03/09/24•48m 4s
148: Dubsnatch
Ever wondered how far a fan would go to get a sneak peek of their favorite artist’s unreleased tracks? In this episode, we uncover the audacious story of some teens bent on getting their hands on the newest dubstep music before anyone else.SponsorsSupport for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet.Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.
06/08/24•1h 29m
147: Tornado
In this episode, Geoff White (https://x.com/geoffwhite247) tells us what happened to Axie Infinity and Tornado cash. It’s a digital heist of epic proportions that changes everything.This story comes from part of Geoff’s book “Rinsed” which goes into the world of money laundering. Get yours here https://amzn.to/3VJs7pb.
02/07/24•1h 25m
146: ANOM
In this episode, Joseph Cox (https://x.com/josephfcox) tells us the story of anom. A secure phone made by criminals, for criminals.This story comes from part of Joseph’s book “Dark Wire” which you should definitely read. Get yours here https://www.hachettebookgroup.com/titles/joseph-cox/dark-wire/9781541702691.
04/06/24•1h 4m
145: Shannen
Shannen Rossmiller wanted to fight terrorism. So she went online and did.Read more about her from her book “The Unexpected Patriot: How an Ordinary American Mother Is Bringing Terrorists to Justice”. An affiliate link to the book on Amazon is here: https://amzn.to/3yaf5sI.Thanks to Spycast for allowing usage of the audio interview with Shannen.SponsorsSupport for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet.Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.
07/05/24•1h 15m
144: Rachel
Rachel Tobac is a social engineer. In this episode we hear how she got started doing this and a few stories of how she hacked people and places using her voice and charm.Learn more about Rachel by following her on Twitter https://twitter.com/RachelTobac or by visiting https://www.socialproofsecurity.com/Daniel Miessler also chimes in to talk about AI. Find out more about him at https://danielmiessler.com/.SponsorsSupport for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet.Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.
02/04/24•1h 2m
143: Jim Hates Scams
Jim Browning has dedicated himself to combatting scammers, taking a proactive stance by infiltrating their computer systems. Through his efforts, he not only disrupts these fraudulent operations but also shares his findings publicly on YouTube, shedding light on the intricacies of scam networks. His work uncovers a myriad of intriguing insights into the digital underworld, which he articulately discusses, offering viewers a behind-the-scenes look at his methods for fighting back against scammers.Jim’s YouTube channel: https://www.youtube.com/c/JimBrowningSponsorsSupport for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more.This episode is sponsored by Intruder. Growing attack surfaces, dynamic cloud environments, and the constant stream of new vulnerabilities stressing you out? Intruder is here to help you cut through the chaos of vulnerability management with ease. Join the thousands of companies who are using Intruder to find and fix what matters most. Sign up to Intruder today and get 20% off your first 3 months. Visit intruder.io/darknet.This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet.CLAIM=a6e199f5f9fd5954e532117c829c8f0a8f0f1282=CLAIM
05/03/24•1h 6m
142: Axact
Axact sells fake diplomas and degrees. What could go wrong with this business plan?SponsorsSupport for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more.Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet.
06/02/24•52m 55s
141: The Pig Butcher
The #1 crime which results in the biggest financial loss is BEC fraud. The #2 crime is pig butchering. Ronnie Tokazowski https://twitter.com/iHeartMalware walks us through this wild world.SponsorsSupport for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more.Support for this show comes from Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR & many other compliance frameworks, and provides 24-hour continuous control monitoring so you focus on scaling securely. Listeners of Darknet Diaries can get 10% off Drata and waived implementation fees at drata.com/darknetdiaries.This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet.
02/01/24•59m 35s
140: Revenge Bytes
Madison's nude photos were posted online. Her twin sister Christine came to help. This begins a bizarre and uneasy story.
05/12/23•1h 26m
139: D3f4ult
This is the story of D3f4ult (twitter.com/_d3f4ult) from CWA. He was a hacktivist, upset with the state of the way things were, and wanted to make some changes. Changes were made.SponsorsSupport for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.Support for this show comes from Quorum Cyber. Their mantra is: “We help good people win.” If you’re looking for a partner to help you reduce risk and defend against the threats that are targeting your business — and especially if you are interested in Microsoft Security — reach out to Quorum Cyber at www.quorumcyber.com/darknet-diaries.Sourceshttps://www.vice.com/en/article/z3ekk5/kane-gamble-cracka-back-online-after-a-two-year-internet-banhttps://www.wired.com/2015/10/hacker-who-broke-into-cia-director-john-brennan-email-tells-how-he-did-it/https://www.hackread.com/fbi-server-hacked-miami-police-data-leaked/https://archive.ph/Si79V#selection-66795.5-66795.6https://wikileaks.org/cia-emails/John-Brennan-Draft-SF86/page-7.html
07/11/23•1h 18m
138: The Mimics of Punjab
This episode is about scammers in the Punjab region. Tarun (twitter.com/taruns21) comes on the show to tell us a story of what happened to him. Naomi Brockwell (twitter.com/naomibrockwell) makes an appearance to speak about digital privacy.To learn more about protecting your digital privacy, watch Naomi’s YouTube channel https://www.youtube.com/@NaomiBrockwellTV. And check out the books Extreme Privacy (https://amzn.to/3L3ffp9) and Beginner’s Introduction to Privacy (https://amzn.to/3EjuSoY).SponsorsSupport for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this show comes from SpyCloud. It’s good practice to see what data is getting passed around out there regarding you, your employees, your customers, and your business. The dark web is a place where this data is traded and shared. SpyCloud will help you find what out there about you and give you a report so you can be aware. Then they’ll continuously monitor the dark web for any new exposures you should be aware of. To learn more visit spycloud.com/darknetdiaries.Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com.
03/10/23•44m 30s
137: Predator
A new type of mercenary spyware came on the radar called Predator. It’ll infect a mobile phone, and then suck up all the data from it. Contacts, text messages, location, and more. This malware is being sold to intelligence agencies around the world.In this episode we hear from Crofton Black at Lighthouse Reports who spent 6 months with a team of journalists researching this story which was published here: https://www.lighthousereports.com/investigation/flight-of-the-predator/.We also hear from Bill Marczak and John Scott-Railton from Citizen Lab.If you want to hear about other mercenary spyware, check out episodes 99 and 100, about NSO group and Pegasus. To hear another episode about Greece check out episode 64 called Athens Shadow Games.SponsorsSupport for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet.Support for this show comes from Akamai Connected Cloud (formerly Linode). Akamai Connected Cloud supplies you with virtual servers. Visit linode.com/darknet and get a special offer.
05/09/23•1h 7m
136: Team Xecuter
Team Xecuter was a group involved with making and selling modchips for video game systems. They often made mods that allowed the video game system to rip games or play pirated games. It was a crowd favorite in the modding scene. Until it all fell apart. The story of what happened to Team Xecuter must be heard to believe.This episode features Gary Bowser. You can find more about Gary here:https://twitter.com/Bowser_GaryOPAhttps://garyopa.com/https://www.gofundme.com/f/garyopa-restarting-his-life?utm_location=darknetdiariesSponsorsSupport for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com.Sourceshttps://www.washingtonpost.com/archive/politics/1994/10/27/ringleader-pleads-guilty-in-phone-fraud/56e551bb-a727-43e8-a3ca-1c1f4cf6ef82/https://www.justice.gov/sites/default/files/usao/legacy/2010/10/12/usab4304.pdfhttps://www.eurogamer.net/nintendo-to-appeal-not-guilty-judgement-of-flash-cart-sellers-7https://www.gamesindustry.biz/nintendo-pounces-on-global-piracy-outfithttps://www.justice.gov/opa/pr/two-members-notorious-videogame-piracy-group-team-xecuter-custodyhttps://medium.com/swlh/watch-paint-dry-how-i-got-a-game-on-the-steam-store-without-anyone-from-valve-ever-looking-at-it-2e476858c753#.z05q2nykchttps://www.lemonde.fr/police-justice/article/2022/05/27/voler-des-societes-qui-font-des-milliards-qu-est-ce-que-j-en-ai-a-faire-max-louarn-c-ur-de-hackeur_6127821_1653578.htmlhttps://www.theverge.com/2020/11/20/21579392/nintendo-big-house-super-smash-bros-melee-tournament-slippi-cease-desisthttps://www.youtube.com/watch?v=U7VwtOrwceohttps://www.youtube.com/watch?v=5sNIE5anpik
01/08/23•1h 25m
135: The D.R. Incident
Omar Avilez worked in the CSIRT of the Dominican Republic when a major cyber security incident erupted. Omar walks us through what happened and the incident response procedures that he went through.Breakmaster Cylinder’s new album: https://breakmastercylinder.bandcamp.com/album/the-moon-all-that.SponsorsSupport for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet.Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this show comes from Flare. Flare automates monitoring across the dark & clear web to detect high-risk exposure, before threat actors have a chance to leverage it. Their unified solution makes it easy to rapidly identify risks across thousands of sources, including developers leaking secrets on public GitHub Repositories, threat actors selling infected devices on dark web markets, and targeted attacks being planned on illicit Telegram Channels. Visit https://flare.io to learn more.Sourceshttps://www.wired.com/story/costa-rica-ransomware-conti/https://malpedia.caad.fkie.fraunhofer.de/details/win.bandookhttps://www.youtube.com/watch?v=QHYH0U66K5Qhttps://www.youtube.com/live/prCr7Z94078https://www.eff.org/deeplinks/2023/02/uncle-sow-dark-caracal-latin-americahttps://www.bleepingcomputer.com/news/security/quantum-ransomware-attack-disrupts-govt-agency-in-dominican-republic/https://www.welivesecurity.com/2021/07/07/bandidos-at-large-spying-campaign-latin-america/AttributionDarknet Diaries is created by Jack Rhysider.Assembled by Tristan Ledger.Episode artwork by odibagas.Mixing by Proximity Sound.Theme music created by Breakmaster Cylinder. Theme song available for listen and download at bandcamp. Or listen to it on Spotify.
04/07/23•42m 38s
134: Deviant
Deviant Ollam is a physical penetration specialist. That means he’s paid to break into buildings to see if the building is secure or not. He has done this for a long time and has a lot of tricks up his sleeve to get into buildings. In this episode we hear 3 stories of him breaking into buildings for a living.You can find more about Deviant on the following sites:https://twitter.com/deviantollamhttps://www.instagram.com/deviantollamhttps://youtube.com/deviantollamhttps://defcon.social/@deviantollamhttps://deviating.net/SponsorsSupport for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com.This show is sponsored by Packetlabs. They’ve created the Penetration Testing Buyer’s guide - a comprehensive resource that will help you plan, scope, and execute your Penetration Testing projects. Inside, you’ll find valuable information on frameworks, standards, methodologies, cost factors, reporting options, and what to look for in a provider. https://guide.packetlabs.net/.Support for this show comes from Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR & many other compliance frameworks, and provides 24-hour continuous control monitoring so you focus on scaling securely. Listeners of Darknet Diaries can get 10% off Drata and waived implementation fees at drata.com/darknetdiaries.
06/06/23•1h 27m
133: I'm the Real Connor
One day Connor Tumbleson got an email saying his identity has been stolen. And this was one of the strangest days he’s ever had.SponsorsSupport for this show comes from Quorum Cyber. Their mantra is: “We help good people win.” If you’re looking for a partner to help you reduce risk and defend against the threats that are targeting your business — and especially if you are interested in Microsoft Security — reach out to Qurotum Cyber at quorumcyber.com.Skiff is a collaboration platform built for privacy from the ground up. Every document, note, and idea you write is end-to-end encrypted and completely private. Only you and your trusted collaborators can see what you’ve created. Try it out at https://skiff.com.Support for this show comes from AttackIQ. AttackIQ’s security optimization platform emulates the adversary with realism to test your security program, generating real-time performance data to improve your security posture. They also offer free training. Head to attackiq.com to get a closer look at how AttackIQ can help you today.Sourceshttps://connortumbleson.com/https://krebsonsecurity.com/2022/10/glut-of-fake-linkedin-profiles-pits-hr-against-the-bots/Snippet from Darknet Diaries ep 119 about North Korean’s getting tech jobs to steal bitcoin https://www.youtube.com/watch?v=v1ik6bAwELAAttributionAssembled by Tristan Ledger.Sound design by Garrett Tiedemann.Episode artwork by odibagas.Mixing by Proximity Sound.Theme music created by Breakmaster Cylinder.
02/05/23•39m 21s
132: Sam the Vendor
Sam Bent, a.k.a. DoingFedTime, brings us a story of what it was like being a darknet market vendor.Learn more about Sam at https://www.doingfedtime.com/.SponsorsSupport for this show comes from Akamai Connected Cloud (formerly Linode). Akamai Connected Cloud supplies you with virtual servers. Visit linode.com/darknet and get a special offer.Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.
04/04/23•1h 17m
131: Welcome to Video
Andy Greenberg (https://twitter.com/a_greenberg) brings us a gut wrenching story of how criminal investigators used bitcoin tracing techniques to try to find out who was at the center of a child sexual abuse darkweb website.This story is part of Andy’s new book “Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency”. An affiliate link to the book on Amazon is here: https://amzn.to/3VkjSh7.SponsorsSupport for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet.Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.
27/12/22•1h 8m
130: Jason's Pen Test
Join us as we sit down with Jason Haddix (https://twitter.com/Jhaddix), a renowned penetration tester who has made a name for himself by uncovering vulnerabilities in some of the world’s biggest companies. In this episode, Jason shares his funny and enlightening stories about breaking into buildings and computers, and talks about the time he discovered a major security flaw in a popular mobile banking app.SponsorsSupport for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer.Support for this show comes from Arctic Wolf. Arctic Wolf is the industry leader in security operations solutions, delivering 24x7 monitoring, assessment, and response through our patented Concierge Security model. They work with your existing tools and become an extension of your existing IT team. Visit arcticwolf.com/darknet to learn more.
13/12/22•43m 50s
129: Gollumfun (Part 2)
Brett Johnson, AKA Gollumfun (twitter.com/GOllumfun) was involved with the websites Counterfeit Library and Shadow Crew. He tells his story of what happened there and some of the crimes he committed.In part 2, his past catches up to him.Listen to more of Brett on his own show. https://www.thebrettjohnsonshow.com/.
29/11/22•1h 18m
128: Gollumfun (Part 1)
Brett Johnson, AKA Gollumfun (twitter.com/GOllumfun) was involved with the websites Counterfeit Library and Shadow Crew. He tells his story of what happened there and some of the crimes he committed.SponsorsSupport for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer.
15/11/22•1h 1m
127: Maddie
Maddie Stone is a security researcher for Google’s Project Zero. In this episode we hear what it’s like battling zero day vulnerabilities.SponsorsSupport for this show comes from Zscalar. Zscalar zero trust exchange will scrutinize the traffic and permit or deny traffic based on a set of rules. This is so much more secure than letting data flow freely internally. And it really does mitigate ransomware outbreaks. The Zscaler Zero Trust Exchange gives YOU confidence in your security to feel empowered to focus on other parts of your business, like digital transformation, growth, and innovation. Check out the product at zscaler.com.Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.Sourceshttps://www.sophos.com/en-us/medialibrary/pdfs/technical%20papers/yu-vb2013.pdfhttps://www.youtube.com/watch?v=s0Tqi7fuOSUhttps://www.vice.com/en/article/4x3n9b/sometimes-a-typo-means-you-need-to-blow-up-your-spacecraft
01/11/22•54m 12s
126: REvil
REvil is the name of a ransomware service as well as a group of criminals inflicting ransomware onto the world. Hear how this ransomware shook the world.A special thanks to our guest Will, a CTI researcher with Equinix.SponsorsSupport for this show comes from Zscalar. Zscalar zero trust exchange will scrutinize the traffic and permit or deny traffic based on a set of rules. This is so much more secure than letting data flow freely internally. And it really does mitigate ransomware outbreaks. The Zscaler Zero Trust Exchange gives YOU confidence in your security to feel empowered to focus on other parts of your business, like digital transformation, growth, and innovation. Check out the product at zscaler.com.Support for this show comes from Arctic Wolf. Arctic Wolf is the industry leader in security operations solutions, delivering 24x7 monitoring, assessment, and response through our patented Concierge Security model. They work with your existing tools and become an extension of your existing IT team. Visit arcticwolf.com/darknet to learn more.
18/10/22•1h 4m
125: Jeremiah
Jeremiah Roe is a seasoned penetration tester. In this episode he tells us about a time when he had to break into a building to prove it wasn’t as secure as the company thought.You can catch more of Jeremiah on the We’re In podcast.SponsorsSupport for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this show comes from Snyk. Snyk is a developer security platform that helps you secure your applications from the start. It automatically scans your code, dependencies, containers, and cloud infrastructure configs — finding and fixing vulnerabilities in real time. Create your free account at snyk.co/darknet.
04/10/22•49m 21s
124: Synthetic Remittance
What do you get when you combine social engineering, email, crime, finance, and the money stream flowing through big tech? Evaldas Rimašauskas comes to mind. He combined all these to make his big move. A whale of a move.SponsorsSupport for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer.Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.
20/09/22•18m 3s
123: Newswires
Investing in the stock market can be very profitable. Especially if you can see into the future. This is a story of how a group of traders and hackers got together to figure out a way to see into the future and make a lot of money from that.SponsorsSupport for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.Support for this show comes from Juniper Networks. Juniper Networks is dedicated to simplifying network operations and driving superior experiences for end users. Visit juniper.net/darknet to learn more about how Juniper’s Zero Trust Data Center provides uncompromising visibility across all your data center environments. Visit juniper.net/darknet to learn more.
06/09/22•49m 9s
122: Lisa
In this episode we hear some insider threat stories from Lisa Forte.SponsorsSupport for this show comes from Axonius. Securing assets — whether managed, unmanaged, ephemeral, or in the cloud — is a tricky task. The Axonius Cybersecurity Asset Management Platform correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet.Support for this show comes from Snyk. Snyk is a developer security platform that helps you secure your applications from the start. It automatically scans your code, dependencies, containers, and cloud infrastructure configs — finding and fixing vulnerabilities in real time. Create your free account at snyk.co/darknet.AttributionDarknet Diaries is created by Jack Rhysider.Editing by Damienne. Assembled by Tristan Ledger. Sound designed by Andrew Meriwether.Episode artwork by odibagas.Mixing by Proximity Sound.Theme music created by Breakmaster Cylinder. Theme song available for listen and download at bandcamp. Or listen to it on Spotify.
23/08/22•49m 26s
121: Ed
In this episode we hear some penetration test stories from Ed Skoudis (twitter.com/edskoudis). We also catch up with Beau Woods (twitter.com/beauwoods) from I am The Cavalry (iamthecavalry.org).SponsorsSupport for this show comes from Axonius. Securing assets — whether managed, unmanaged, ephemeral, or in the cloud — is a tricky task. The Axonius Cybersecurity Asset Management Platform correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this show comes from Zscalar. Zscalar zero trust exchange will scrutinize the traffic and permit or deny traffic based on a set of rules. This is so much more secure than letting data flow freely internally. And it really does mitigate ransomware outbreaks. The Zscaler Zero Trust Exchange gives YOU confidence in your security to feel empowered to focus on other parts of your business, like digital transformation, growth, and innovation. Check out the product at zscaler.com/darknet.Support for this podcast comes from Cybereason. Cybereason reverses the attacker’s advantage and puts the power back in the defender’s hands. End cyber attacks. From endpoints to everywhere. Learn more at Cybereason.com/darknet.View all active sponsors.AttributionDarknet Diaries is created by Jack Rhysider.Editing by Damienne. Assembled by Tristan Ledger. Sound designed by Andrew Meriwether.Episode artwork by odibagas.Audio cleanup by Proximity Sound.Theme music created by Breakmaster Cylinder.
26/07/22•41m 56s
120: Voulnet
This is the story about when Mohammed Aldoub, AKA Voulnet, (twitter.com/Voulnet) found a vulnerability on Virus Total and Tweeted about it.SponsorsSupport for this podcast comes from Cybereason. Cybereason reverses the attacker’s advantage and puts the power back in the defender’s hands. End cyber attacks. From endpoints to everywhere. Learn more at Cybereason.com/darknet.Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet.Sourceshttps://www.cyberscoop.com/story/trial-error-kuwait-mohammed-aldoub-case/
28/06/22•32m 50s
119: Hot Wallets
In this episode we interview journalist Geoff White to discuss some of the recent crypto currency heists that have been happening. Geoff has been tracking a certain group of thieves for some time and shares his knowledge of what he’s found.Much of what we talk about in this episode has been published in Geoff’s new book The Lazarus Heist: From Hollywood to High Finance: Inside North Korea’s Global Cyber War (https://amzn.to/3mKf1qB).SponsorsSupport for this show comes from Axonius. Securing assets — whether managed, unmanaged, ephemeral, or in the cloud — is a tricky task. The Axonius Cybersecurity Asset Management Platform correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. axonius.com/darknetSupport for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.
14/06/22•57m 32s
118: Hot Swaps
This is the story of Joseph Harris (https://twitter.com/akad0c). When he was a young teen he got involved with stealing video game accounts and selling them for money. This set him on a course where he flew higher and higher until he got burned.Joseph sometimes demonstrates vulnerabilities he finds on his YouTube channel https://www.youtube.com/channel/UCdcuF5Zx6BiYmwnS-CiRAng.Listen to episode 112 “Dirty Coms” to hear more about what goes on in the communities Joseph was involed with.SponsorsSupport for this show comes from Axonius. Securing assets — whether managed, unmanaged, ephemeral, or in the cloud — is a tricky task. The Axonius Cybersecurity Asset Management Platform correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks.Support for this show comes from Synack. Synack is a penetration testing firm. But they also have a community of, people like you, who earn regular money by legally hacking. If you’re interested in getting paid to hack, visit them now at synack.com/red-team, and click ‘apply now.’
31/05/22•1h 26m
117: Daniel the Paladin
Daniel Kelley (https://twitter.com/danielmakelley) was equal parts mischievousness and clever when it came to computers. Until the day his mischief overtook his cleverness.SponsorsSupport for this show comes from Keeper Security. Keeper Security’s is an enterprise password management system. Keeper locks down logins, payment cards, confidential documents, API keys, and database passwords in a patented Zero-Knowledge encrypted vault. And, it takes less than an hour to deploy across your organization. Get started by visiting keepersecurity.com/darknet.Support for this podcast comes from Cybereason. Cybereason reverses the attacker’s advantage and puts the power back in the defender’s hands. End cyber attacks. From endpoints to everywhere. Learn more at Cybereason.com/darknet.
17/05/22•1h 9m
116: Mad Dog
Jim Lawler, aka “Mad Dog”, was a CIA case officer for 25 years. In this episode we hear some of the stories he has and things he did while working in the CIA.Jim has two books out. Affiliate links below.Living Lies: A Novel of the Iranian Nuclear Weapons Program https://amzn.to/3s0PpcaIn the Twinkling of an Eye: A Novel of Biological Terror and Espionage https://amzn.to/3y7B4OLSponsorsSupport for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer.Support for this show comes from Juniper Networks. Juniper Networks is dedicated to simplifying network operations and driving superior experiences for end users. Visit juniper.net/darknet to learn more about how Juniper’s Zero Trust Data Center provides uncompromising visibility across all your data center environments. Visit juniper.net/darknet to learn more.
03/05/22•1h 13m
115: Player Cheater Developer Spy
Some video game players buy cheats to win. Let’s take a look at this game cheating industry to see who the players are.SponsorsSupport for this show comes from Axonius. Securing assets — whether managed, unmanaged, ephemeral, or in the cloud — is a tricky task. The Axonius Cybersecurity Asset Management Platform correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this podcast comes from Cybereason. Cybereason reverses the attacker’s advantage and puts the power back in the defender’s hands. End cyber attacks. From endpoints to everywhere. Learn more at Cybereason.com/darknet.
19/04/22•38m 51s
114: HD
HD Moore (https://twitter.com/hdmoore) invented a hacking tool called Metasploit. He crammed it with tons of exploits and payloads that can be used to hack into computers. What could possibly go wrong? Learn more about what HD does today by visiting rumble.run/.SponsorsSupport for this show comes from Quorum Cyber. They exist to defend organisations against cyber security breaches and attacks. That’s it. No noise. No hard sell. If you’re looking for a partner to help you reduce risk and defend against the threats that are targeting your business — and specially if you are interested in Microsoft Security - reach out to www.quorumcyber.com.Support for this show comes from Snyk. Snyk is a developer security platform that helps you secure your applications from the start. It automatically scans your code, dependencies, containers, and cloud infrastructure configs — finding and fixing vulnerabilities in real time. And Snyk does it all right from the existing tools and workflows you already use. IDEs, CLI, repos, pipelines, Docker Hub, and more — so your work isn’t interrupted. Create your free account at snyk.co/darknet.
05/04/22•1h 16m
113: Adam
Adam got a job doing IT work at a learning academy. He liked it and was happy there and feeling part of the team. But a strange series of events took him in another direction, that definitely didn’t make him happy.SponsorsSupport for this show comes from Axonius. Securing assets — whether managed, unmanaged, ephemeral, or in the cloud — is a tricky task. The Axonius Cybersecurity Asset Management Platform correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this podcast comes from Cybereason. Cybereason reverses the attacker’s advantage and puts the power back in the defender’s hands. End cyber attacks. From endpoints to everywhere. Learn more at Cybereason.com/darknet.Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet.
22/03/22•51m 11s
112: Dirty Coms
This episode we talk with a guy named “Drew” who gives us a rare peek into what some of the young hackers are up to today. From listening to Drew, we can see that times are changing for the motive behind hacking. In the ’90s and ’00s it was done for fun and curiosity. In the ’10s Anonymous showed us what Hacktivism is. And now, in the ’20s, the young hackers seem to be profit driven.SponsorsSupport for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer.Support for this show comes from Juniper Networks. Juniper Networks is dedicated to simplifying network operations and driving superior experiences for end users. Visit juniper.net/darknet to learn more about how Juniper Secure Edge can help you keep your remote workforce seamlessly secure wherever they are.
08/03/22•1h 28m
111: ZeuS
ZeuS is a banking trojan. Designed to steal money from online bank user’s accounts. This trojan became so big, that it resulted in one of the biggest FBI operations ever.SponsorsSupport for this show comes from Axonius. Securing assets — whether managed, unmanaged, ephemeral, or in the cloud — is a tricky task. The Axonius Cybersecurity Asset Management Platform correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.Support for this show comes from Keeper Security. Keeper Security’s is an enterprise password management system. Keeper locks down logins, payment cards, confidential documents, API keys, and database passwords in a patented Zero-Knowledge encrypted vault. And, it takes less than an hour to deploy across your organization. Get started by visiting keepersecurity.com/darknet.
22/02/22•48m 35s
110: Spam Botnets
This episode tells the stories of some of the worlds biggest spamming botnets. We’ll talk about the botnets Rustock, Waledac, and Cutwail. We’ll discover who was behind them, what their objectives were, and what their fate was.SponsorsSupport for this show comes from Juniper Networks (hyperlink: juniper.net/darknet). Juniper Networks is dedicated to simplifying network operations and driving superior experiences for end users. Visit juniper.net/darknet to learn more about how Juniper Secure Edge can help you keep your remote workforce seamlessly secure wherever they are. Support for this podcast comes from Cybereason. Cybereason reverses the attacker’s advantage and puts the power back in the defender’s hands. End cyber attacks. From endpoints to everywhere. Learn more at Cybereason.com/darknet.
08/02/22•1h 9m
109: TeaMp0isoN
TeaMp0isoN was a hacking group that was founded by TriCk and MLT (twitter.com/0dayWizard). They were responsible for some high profile hacks. But in this story it’s not the rise that’s most interesting. It’s the fall.SponsorsSupport for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.Support for this podcast comes from Cybereason. Cybereason reverses the attacker’s advantage and puts the power back in the defender’s hands. End cyber attacks. From endpoints to everywhere. Learn more at Cybereason.com/darknet.
25/01/22•1h
108: Marq
This is the story of Marq (twitter.com/dev_null321). Which involves passwords, the dark web, and police.SponsorsSupport for this podcast comes from Cybereason. Cybereason reverses the attacker’s advantage and puts the power back in the defender’s hands. End cyber attacks. From endpoints to everywhere. Learn more at Cybereason.com/darknet.Support for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer.View all active sponsors.SourcesCourt records and news articles were used to fact check this episode. However Marq requested that links to his full name not be made available.https://techcrunch.com/2019/12/19/ring-doorbell-passwords-exposed/https://www.wired.com/2010/03/hacker-bricks-cars/
11/01/22•46m 3s
107: Alethe
Alethe is a social engineer. Professionally she tries to trick people to give her passwords and access that she shouldn’t have. But her journey to this point is interesting and in this episode she tells us how she became a social engineer.Follow Alethe on Twitter: https://twitter.com/AletheDenisSponsorsSupport for this show comes from Skiff. Skiff is a collaboration platform built for privacy from the ground up. Every document, note, and idea you write is end-to-end encrypted and completely private. Only you and your trusted collaborators can see what you’ve created. Try it out at https://www.skiff.org/darknet.Support for this show comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
21/12/21•57m 18s
106: @Tennessee
How much online abuse are you willing to take before you decide to let your abuser have what they want? Unfortunately, this is a decision that many people have to ask themselves. If someone can threaten you physically, it bypasses whatever digital security you have in place.Thanks to https://twitter.com/jw for sharing this harrowing story with us.Affiliate links to books:The Smart Girl’s Guide to Privacy: https://www.amazon.com/gp/product/1593276486/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=1593276486&linkCode=as2&tag=tunn01-20&linkId=0a8ee2ca846534f77626757288d77e00Extreme Privacy:https://www.amazon.com/gp/product/B0898YGR58/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B0898YGR58&linkCode=as2&tag=tunn01-20&linkId=575c5ed0326484f0b612f000621b407fSponsorsSupport for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET.Support for this show comes from Ping Identity, champions of identity for the global enterprise. Give your users a loveable login solution. Visit www.pingidentity.com/.View all active sponsors.
07/12/21•47m 39s
105: Secret Cells
Joseph Cox (https://twitter.com/josephfcox), Senior Staff Writer at Motherboard (https://www.vice.com/en/topic/motherboard), joins us to talk about the world of encrypted phones.BooksAffiliate links to books:The Smart Girl’s Guide to Privacy: https://www.amazon.com/gp/product/1593276486/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=1593276486&linkCode=as2&tag=tunn01-20&linkId=0a8ee2ca846534f77626757288d77e00Extreme Privacy:https://www.amazon.com/gp/product/B0898YGR58/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B0898YGR58&linkCode=as2&tag=tunn01-20&linkId=575c5ed0326484f0b612f000621b407fSponsorsSupport for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET.Support for this show comes from Ping Identity, champions of identity for the global enterprise. Give your users a loveable login solution. Visit www.pingidentity.com/.View all active sponsors.
23/11/21•1h 10m
104: Arya
Arya Ebrahami has had quite a personal relationship with darknet marketplaces. In this episode you’ll hear about his adventures on tor. Arya’s current project is https://lofi-defi.com.SponsorsSupport for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer.Support for this show comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.View all active sponsors.Sourceshttps://www.nbcwashington.com/news/local/27-arrested-in-prince-william-county-narcotics-investigation/58441/https://patch.com/virginia/manassas/undercover-narcotics-operation-nets-27-arrrests-xanax-distribution-ring
09/11/21•1h 19m
103: Cloud Hopper
Fabio Viggiani is an incident responder. In this episode he talks about the story when one of his clients were breached.SponsorsSupport for this show, and for stretched security teams, comes from SOC.OS. Too many security alerts means alert fatigue for under-resourced SecOps teams. Traditional tools aren’t solving the problem. SOC.OS is the lightweight, cost-effective, and low-maintenance solution for your team. Centralise, enrich, and correlate your security alerts into manageable, prioritised clusters. Get started with an extended 3-month free trial at https://socos.io/darknet.Support for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET.Sources https://www.reuters.com/investigates/special-report/china-cyber-cloudhopper https://www.reuters.com/article/us-china-cyber-cloudhopper-companies-exc-idUSKCN1TR1D4 https://www.fbi.gov/wanted/cyber/apt-10-group https://www.youtube.com/watch?v=277A09ON7mY https://www.wsj.com/articles/ghosts-in-the-clouds-inside-chinas-major-corporate-hack-11577729061 https://www.technologyreview.com/2018/12/20/239760/chinese-hackers-allegedly-stole-data-of-more-than-100000-us-navy-personnel/
26/10/21•52m 25s
102: Money Maker
Frank Bourassa had an idea. He was going to make money. Literally. Listen to the story of a master counterfeiter.
12/10/21•1h 19m
101: Lotería
In 2014 the Puerto Rico Lottery was mysteriously losing money. Listen to this never before told story about what happened and who did it.SponsorsSupport for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET.Support for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer.Sourceshttps://en.wikipedia.org/wiki/Puerto_Rico_Lotteryhttps://www.justice.gov/usao-pr/pr/10-individuals-indicted-drug-trafficking-and-money-launderinghttps://www.dea.gov/press-releases/2014/07/22/caribbean-corridor-strike-force-arrests-10-individuals-indicted-drughttps://casetext.com/case/united-states-v-delfin-robles-alvarez-7
28/09/21•1h 10m
100: NSO
The NSO Group creates a spyware called Pegasus which gives someone access to the data on a mobile phone. They sell this spyware to government agencies around the world. How is it used and what kind of company is the NSO Group?Thanks to John Scott-Railton and Citizen Lab for investigating this and sharing their research.SponsorsSupport for this show comes from Detectify. Try their web vulnerability scanner free. Go to https://detectify.com/?utm_source=podcast&utm_medium=referral&utm_campaign=DARKNETSupport for this show comes from Ping Identity, champions of identity for the global enterprise. Give your users a loveable login solution. Visit www.pingidentity.com/.Support for this show comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.For a full list of sources used in this episode and complete transcripts visit https://darknetdiaries.com.
31/08/21•1h 9m
99: The Spy
Igor works as a private investigator in NYC. He’s often sitting in cars keeping a distant eye on someone with binoculars. Or following someone through the busy streets of New York. In this episode we hear about a time when Igor was on a case but sensed that something wasn’t right.SponsorsSupport for this show comes from Exabeam. Exabeam lets security teams see what traditional tools can’t, with automated threat detection and triage, complete visibility across the entire IT environment and advanced behavioral analytics that distinguishes real threats from perceived ones, so security teams stay ahead and businesses keep moving — without fear of the unknown. When the security odds are stacked against you, outsmart them from the start with Exabeam. Learn more at https://exabeam.com/DD.Support for this show comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.View all active sponsors.SourcesArticle: The Case of the Bumbling SpyPodcast: The Catch and Kill Podcast with Ronan Farrow
17/08/21•1h 11m
98: Zero Day Brokers
Zero day brokers are people who make or sell malware that’s sold to people who will use that malware to exploit people. It’s a strange and mysterious world that not many people know a lot about. Nicole Perlroth, who is a cybersecurity reporter for the NY Times, dove in head first which resulted in her writing a whole book on it.Affiliate link for book: This is How They Tell Me The World Ends (https://www.amazon.com/gp/product/1635576059/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=1635576059&linkCode=as2&tag=tunn01-20&linkId=0aa8c966d98b49a7927bfc29aac76bbe)Audiobook deal: Try Audible Premium Plus and Get Up to Two Free Audiobooks (https://www.amazon.com/Audible-Free-Trial-Digital-Membership/dp/B00NB86OYE/?ref_=assoc_tag_ph_1485906643682&_encoding=UTF8&camp=1789&creative=9325&linkCode=pf4&tag=tunn01-20&linkId=31042b955d5e6d639488dc084711d033)SponsorsSupport for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET.Support for this show comes from Privacy.com. Privacy allows you to create anonymous debit cards instantly to use for online shopping. Visit privacy.com/darknet to get a special offer.View all active sponsors.Sources
Nicole’s Book: This is How They Tell Me the World Ends
https://www.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.html
03/08/21•50m 13s
97: The Pizza Problem
What if someone wanted to own your Instagram account? Not just control it, but make it totally theirs. This episode tells the story of how someone tried to steal an Instagram account from someone.SponsorsSupport for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer.Support for this show comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.View all active sponsors.SourcesVid: The $5 Million Phone Hack 📱True Life Crime
20/07/21•45m 19s
96: The Police Station Incident
Nicole Beckwith wears a lot of hats. She’s a programmer, incident responder, but also a cop and a task force officer with the Secret Service. In this episode she tells a story which involves all of these roles.https://twitter.com/NicoleBeckwithSponsorsSupport for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET.Support for this show comes from Exabeam. Exabeam lets security teams see what traditional tools can’t, with automated threat detection and triage, complete visibility across the entire IT environment and advanced behavioral analytics that distinguishes real threats from perceived ones, so security teams stay ahead and businesses keep moving — without fear of the unknown. When the security odds are stacked against you, outsmart them from the start with Exabeam. Learn more at https://exabeam.com/DD.View all active sponsors.Sources
https://www.secjuice.com/unusual-journeys-nicole-beckwith/
Talk from Nicole: Mind Hacks – Psychological profiling, and mental health in OSINT investigations
Talk from Nicole: Who’s guarding the gateway?
06/07/21•53m 26s
95: Jon & Brian's Big Adventure
Jon and Brian are penetration testers who both worked at a place called RedTeam Security. They’re paid to break into buildings and hack into networks to test the security of those buildings. In this episode they bring us a story of how they prepare and execute a mission like this. But even with all the preparation, something still goes terribly wrong.SponsorsSupport for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET.Support for this show comes from Ping Identity, champions of identity for the global enterprise. Give your users a loveable login solution. Visit www.pingidentity.com/.View all active sponsors.Sources
Video: Jon and Brian on ABC Nightline
Video: RedTeam Security breaks into a power station
https://www.redteamsecure.com/
22/06/21•1h 14m
94: Mariposa
Chris Davis has been stopping IT security threats for decades. He’s currently running the company Hyas that he started. In this episode he tells a few tales of some threats that he helped stop.SponsorsSupport for this show comes from Exabeam. Exabeam lets security teams see what traditional tools can’t, with automated threat detection and triage, complete visibility across the entire IT environment and advanced behavioral analytics that distinguishes real threats from perceived ones, so security teams stay ahead and businesses keep moving — without fear of the unknown. Learn more by visiting exabeam.com/dd.Support for this show comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.View all active sponsors.Sources
https://www.zdnet.com/article/hacker-curador-pleads-guilty-to-credit-card-theft/
https://www.pbs.org/wgbh/pages/frontline/shows/hackers/
https://archive.org/details/frontline_202009/Frontline-+Hackers/VIDEO_TS/VTS_01_1.VOB
https://defintel.com/docs/Mariposa_Analysis.pdf
https://krebsonsecurity.com/2020/03/french-firms-rocked-by-kasbah-hacker/
08/06/21•44m 8s
93: Kik
Kik is a wildly popular chat app. Their website says that 1 in 3 American teenagers use Kik. But something dark is brewing on Kik.
25/05/21•1h 31m
92: The Pirate Bay
The Pirate Bay is a website, a search engine, which has an index of torrent files. A lot of copyrighted material is listed on the site, but the site doesn’t store any of the copyrighted material. It just points the user to where you can download it from. So for a while The Pirate Bay has been the largest places you can find pirated movies, music, games, and apps. But this site first came up 2003. And is still up and operation now, 18 years later! You would think someone would shut this place down by now. How does the biggest source for copyrighted material stay up and online for that long? Listen to this episode to find out.SponsorsSupport for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer.Support for this show comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.View all active sponsors.
11/05/21•1h 43m
91: webjedi
What happens when an unauthorized intruder gets into the network of a major bank? Amélie Koran aka webjedi was there for one of these intrusions and tells us the story of what happened.You can find more talks from Amélie at her website webjedi.net.SponsorsSupport for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.This podcast is sponsored by Navisite. Accelerate IT transformation to respond to new demands, lower costs and prepare for whatever comes next. Visit Navisite.com/go.View all active sponsors.Sources
https://www.foxnews.com/story/0,2933,435681,00.html
https://w2.darkreading.com/risk-management/world-bank-(allegedly)-hacked/d/d-id/1072857
https://www.washingtonpost.com/nation/2020/05/18/missionary-pilot-death-coronavirus/
https://webjedi.net/
27/04/21•56m 52s
90: Jenny
Meet Jenny Radcliffe, the People Hacker. She’s a social engineer and physical penetration tester. Which means she gets paid to break into buildings and test their security. In this episode she tells us a few stories of some penetration testing jobs she’s done.SponsorsSupport for this show comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.This podcast is sponsored by Navisite. Accelerate IT transformation to respond to new demands, lower costs and prepare for whatever comes next. Visit Navisite.com/go.View all active sponsors.Sourceshumanfactorsecurity.co.uk
13/04/21•1h 9m
89: Cybereason - Molerats in the Cloud
The threat research team at Cybereason uncovered an interesting piece of malware. Studied it and tracked it. Which lead them to believe they were dealing with a threat actor known as Molerats. SponsorsThis episode is sponsored by Cybereason. Cybereason reverses the attacker’s advantage and puts the power back in your hands. Their future-ready attack platform gives defenders the wisdom to uncover, understand, and piece together multiple threats. And the precision focus to end cyberattacks instantly – on computers, mobile devices, servers, and the cloud. They do all this through a variety of tools they’ve developed such as antivirus software, endpoint monitoring, and mobile threat detection tools. They can give you the power to do it yourself, or they can do all the monitoring and respond to threats in your environment for you. Or you can call them after an incident to get help cleaning up. If you want to monitor your network for threats, check out what Cybereason can do for you. Cybereason. End cyber attacks. From endpoints to everywhere. Learn more at Cybereason.com/darknet.View all active sponsors.Sources
https://www.cybereason.com/hubfs/dam/collateral/reports/Molerats-in-the-Cloud-New-Malware-Arsenal-Abuses-Cloud-Platforms-in-Middle-East-Espionage-Campaign.pdf
https://malpedia.caad.fkie.fraunhofer.de/actor/molerats
https://www.fireeye.com/blog/threat-research/2013/08/operation-molerats-middle-east-cyber-attacks-using-poison-ivy.html
06/04/21•57m 35s
88: Victor
Victor looks for vulnerabilities on the web and reports them responsibly. This is the story about discloser number 5780.Listen to episodes 86, and 87 before this one to be caught up on the story leading up to this.SponsorsThis podcast is sponsored by Navisite. Accelerate IT transformation to respond to new demands, lower costs and prepare for whatever comes next. Visit Navisite.com/go.This podcast is sponsored by the JSCM Group. They have a service called ClosedPort: Scan, and it’s is a monthly Penetration Test performed by Cyber Security Experts. Contact JSCM Group today at jscmgroup.com/darknet.Support for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.
30/03/21•42m 34s
87: Guild of the Grumpy Old Hackers
In 2016 the LinkedIn breach data became available to the public. What the Guild of the Grumpy Old Hackers did with it then is quite the story. Listen to Victor, Edwin, and Mattijs tell their story.SponsorsSupport for this show comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.Support for this show comes from Privacy.com. Privacy allows you to create anonymous debit cards instantly to use for online shopping. Visit privacy.com/darknet to get a special offer.View all active sponsors.
16/03/21•47m 53s
86: The LinkedIn Incident
In 2012, LinkedIn was the target of a data breach. A hacker got in and stole millions of user details. Username and password hashes were then sold to people willing to buy. This episode goes over the story of what happened.For a good password manager, check out LastPass.SponsorsSupport for this episode comes from Quadrant Information Security. If you need a team of around the clock analysts to monitor for threat in your network using a custom SIEM, check out what Quadrant can do for you by visiting www.quadrantsec.com.Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.Support for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer.
02/03/21•51m 50s
85: Cam the Carder
This is the story of Cam Harrison, aka “kilobit” and his rise and fall as a prominent carder.SponsorsSupport for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.Support for this episode comes from Oracle for Startups. Oracle for Startups delivers enterprise cloud at a startup price tag, with free cloud credits and 70% off industry-leading cloud services to help you reel in the big fish—confidently. To learn more, visit Oracle.com/goto/darknet.View all active sponsors.Sources
https://www.justice.gov/opa/pr/member-organized-cybercrime-ring-responsible-50-million-online-identity-theft-sentenced-115
https://nakedsecurity.sophos.com/2014/11/14/carder-su-fraudster-jailed-for-9-years-and-ordered-to-pay-50-8m/
https://www.justice.gov/usao-nv/operation-open-market
16/02/21•1h 16m
84: Jet-setters
How bad is it if you post your boarding pass on Instagram? Our guest, “Alex” decides to figure this out for themself and has quite a story about what happened. You can read more from “Alex” on their blog https://mango.pdf.zone.We also hear from TProphet who’s here to give us some travel hacks to save tons on airfare when we start traveling again. You can learn more about TProphet’s travel hacks at https://seat31b.com or https://award.cat.SponsorsSupport for this show comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.Support for this show comes from Tanium. With Tanium you can gain real-time security and operational data directly from your endpoints – along with the ability to take action on, and create reports from, that data – in just minutes, so that you and your teams can have the insight and capability necessary to accomplish the mission effectively. Learn more at https://federal.tanium.com.View all active sponsors.Sources
https://mango.pdf.zone/finding-former-australian-prime-minister-tony-abbotts-passport-number-on-instagram
https://seat31b.com
https://award.cat
02/02/21•1h 12m
83: NSA Cryptologists
In this episode we interview two NSA Cryptologists, Marcus J. Carey and Jeff Man. We hear their story of how they got into the NSA and what they did while there.To hear more stories from Jeff tune into Paul’s Security Weekly where Jeff is a regular co-host and shares a lot of stories and insights.Marcus has written several books on security. They are Tribe of Hackers, Tribe of Hackers Blue Team, Tribe of Hackers Red Team, Tribe of Hackers Security Leaders, Think in Code, and a childrens book called Three Little Hackers.Also check out the Tribe of Hackers podcast to hear interviews with all these amazing people!SponsorsSupport for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.Support for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer.View all active sponsors.
19/01/21•1h 22m
82: Master of Pwn
The Zero Day Initiative runs a hacker contest called Pwn2Own. The contest calls the best hackers in the world to demonstrate they can hack into software that should be secure. Like browsers, phones, and even cars. A lot of vulnerabilities are discovered from this event which means vendors must fix them. Whoever can demonstrate the most vulnerabilities will be crowned the “Master of Pwn”.Thanks to Dustin Childs and Brian Gorenc from ZDI to hear all about Pwn2Own.Thanks to Radek and Pedro for sharing their experiences of becoming the Masters of Pwn.SponsorsSupport for this show comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.Support for this show comes from Kars 4 Kids. Donate your car today, this organization will sell to use for their charity.View all active sponsors.Sources
https://www.forbes.com/profile/lee-junghoon/?sh=49ee055fc9c7
https://www.cyberscoop.com/pwn2own-chinese-researchers-360-technologies-trend-micro/
https://twitter.com/BrendanEich/status/697889208380293120
https://www.techtimes.com/articles/247111/20200130/google-bug-bounty-2019-became-the-highest-paid-google-hackers-reaching-6-5-million.htm
05/01/21•1h 5m
81: The Vendor
This is the story of a darknet marketplace vendor we’ll name V. V tells his story of how he first became a buyer, then transitioned into seller.This episode talks about drugs. Listener discretion is advised.If you want to contact V his email is at https://darknetdiaries.com/episode/81.SponsorsSupport for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.Support for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer.
22/12/20•1h 17m
80: The Whistleblower
In this episode we hear a story from a social engineer who’s job it is to get people to do things they don’t want to do. Why? For profit.SponsorsSupport for this episode comes from SentinelOne which can protect and assistwith ransomeware attacks. On top of that, SentinelOne offers threat hunting, visibility, and remote administration tools to manage and protect any IoT devices connected to your network. Go to SentinelOne.com/DarknetDiaries for your free demo. Your cybersecurity future starts today with SentinelOne.Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.Support for this show comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.View all active sponsors.
08/12/20•50m 10s
79: Dark Basin
What do you do when you find yourself the target of a massive hacking campaign, and you are getting thousands of phishing emails and someone following you in your car. You might turn to Citizen Lab who has the ability to research who is behind this and help bring the hackers to justice.Our guests this episodes are Adam Hulcoop and John Scott-Railton of Citizen Lab. This episode also has an interview with Matthew Earl of Shadowfall.SponsorsSupport for this show comes from LastPass by LogMeIn. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.Support for this show comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
24/11/20•56m 18s
78: Nerdcore
Nerdcore music is music for nerds. In this episode we hear from some of the musicians who make Nerdcore music.This episode features guests ytcracker, Ohm-I, and Dual Core.Content warning: This episode has explicit lyrics.MusicFor a playlist of music used in this episode visit darknetdiaries.com/episode/78.SponsorsSupport for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.Support for this show comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
10/11/20•1h 18m
77: Olympic Destroyer
In February 2018, during the Winter Olympics in Pyeongchang South Korea, a cyber attack struck, wiping out a lot of the Olympic’s digital infrastructure. Teams rushed to get things back up, but it was bad. Malware had repeatedly wiped the domain controllers rendering a lot of the network unusable. Who would do such a thing?We will talk with Andy Greenberg to discuss Olympic Destroyer, a chapter from his book Sandworm (affiliate link).SponsorsSupport for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer.Support for this show comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
27/10/20•47m 2s
76: Knaves Out
This is the story about how someone hacked into JP Morgan Chase, one of the biggest financial institutions in the world. It’s obvious why someone would want to break into a bank right? Well the people who hacked into this bank, did not do it for obvious reasons. The hackers are best described as knaves. Which are tricky, deceitful fellows.SponsorsSupport for this show comes from LastPass by LogMeIn. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.Support for this episode comes from SentinelOne which can protect and assistwith ransomeware attacks. On top of that, SentinelOne offers threat hunting, visibility, and remote administration tools to manage and protect any IoT devices connected to your network. Go to SentinelOne.com/DarknetDiaries for your free demo. Your cybersecurity future starts today with SentinelOne.Support for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.For a complete list of sources and a full transcript of the show visit darknetdiaries.com/episode/76.
13/10/20•1h 25m
75: Compromised Comms
From 2009 to 2013 the communication channels the CIA uses to contact assets in foreign countries was compromised. This had terrifying consequences.Guests this episodes are Jenna McLaughlin and Zach Dorfman.SponsorsThis episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.This episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.View all active sponsors.Sources
https://finance.yahoo.com/news/cias-communications-suffered-catastrophic-compromise-started-iran-090018710.html
Video: Fostering Bipartisanship in Intelligence Oversight CNAS2019
https://www.mcclatchydc.com/news/nation-world/national/article28348576.html
https://foreignpolicy.com/2018/08/15/botched-cia-communications-system-helped-blow-cover-chinese-agents-intelligence/
https://www.nytimes.com/2017/05/20/world/asia/china-cia-spies-espionage.html
https://www.nytimes.com/2018/01/17/world/asia/jerry-lee-cia-china-mole-hunt-suspect.html
https://news.yahoo.com/cia-fix-communications-system-left-trail-dead-agents-remains-elusive-100046908.html
https://www.washingtonpost.com/archive/sports/1988/03/21/cuban-defector-impeaches-cia-spies/10cec17c-076b-4867-96c5-628b8435a852/
https://en.wikipedia.org/wiki/Aldrich_Ames
AttributionDarknet Diaries is created by Jack Rhysider.Research assistance this episode from Yael Grauer.
29/09/20•35m 7s
74: Mikko
Poker is a competitive game. Unlike other casino games, poker is player vs player. Criminal hackers have understood this for a while and sometimes hack the other players to get an edge. And that small edge can result in millions of dollars in winnings.This episode contains a story from Mikko Hypponen of F-Secure. We also interview Mikko to know more about him and the history of malware.SponsorsThis episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.This episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.Sources
https://www.cardplayer.com/poker-news/18318-wsop-bracelet-winner-jailed-for-web-poker-cheating
https://forumserver.twoplustwo.com/29/news-views-gossip/my-unbelievable-ept-barcelona-story-hotel-rooms-arts-barcelona-broken-into-plant-trojans-1369171/
Mikko’s research on bypassing hotel room keys
https://archive.f-secure.com/weblog/archives/00002647.html
https://pokerfuse.com/news/live-and-online/more-stories-of-tampered-laptops-emerge-in-wake-of-ept-barcelona-scam-24-09/
https://forumserver.twoplustwo.com/showpost.php?p=40050535&postcount=410
https://forumserver.twoplustwo.com/showpost.php?p=40099537&postcount=794
https://igaming.org/poker/news/danish-former-high-stakes-pro-reported-to-police-for-massive-fraud-1602/
https://nyheder.tv2.dk/krimi/2019-12-02-dansk-pokerspiller-far-konfiskeret-26-millioner-kroner
https://www.flushdraw.net/news/peter-jepsen-verdict-a-mixed-victory-for-poker-justice/
https://www.bankrollmob.com/poker-news/2019123/danish-poker-pro-sentenced-jail-cheating-others-online-poker
Video: Peter Jepsen talks about an attempted hack on him
https://www.sijoitustieto.fi/comment/29593#comment-29593
https://forumserver.twoplustwo.com/29/news-views-gossip/sad-conclusion-my-barcelona-incident-1397551/
Video: Brain Searching for the first PC virus in Pakistan
https://archive.org/details/malwaremuseum
15/09/20•1h 9m
73: WannaCry
It is recommend to listen to episodes 53 “Shadow Brokers”, 71 “FDFF”, and 72 “Bangladesh Bank Heist” before listening to this one.In May 2017 the world fell victim to a major ransomware attack known as WannaCry. One of the victims was UK’s national health service. Security researchers scrambled to try to figure out how to stop it and who was behind it.Thank you to John Hultquist from FireEye and thank you to Matt Suiche founder of Comae.SponsorsSupport for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project.
01/09/20•44m 51s
72: Bangladesh Bank Heist
A bank robbery with the objective to steal 1 billion dollars. This is the story of the largest bank robbery in history. And it was all done over a computer.Our guest this episode was Geoff White. Learn more about him at geoffwhite.tech.Check out Geoff’s new book Crime Dot Com. Affiliate link: https://www.amazon.com/gp/product/1789142857/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=1789142857&linkCode=as2&tag=darknet04-20&linkId=bb5a6aa7ba980183e0ce7cee1939ea05SponsorsThis episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
18/08/20•36m 47s
71: Information Monopoly
In this episode, we’re going into the depths of North Korea to conduct one of the greatest hacks of all time. To find a way to inject information into a country run by totalitarian regime.A big thanks to Yeonmi Park for sharing her story with us. Also thanks to Alex Gladstein for telling us the inside story.You can find more about Flash Drive For Freedom at flashdrivesforfreedom.org.Yeonmi’s book "In Order to Live": https://www.amazon.com/gp/product/014310974X/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=014310974X&linkCode=as2&tag=darknet04-20&linkId=88ebdc087c6ce041105c479b1bb6c3d2SponsorsThis episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
04/08/20•1h 8m
70: Ghost Exodus
Ghost Exodus is a hacker. He conducted various illegal activities online. Some of which he documents on YouTube. He’s also a great musician. He got into some trouble from his hacking. This is his story.A big thanks to Ghost Exodus for sharing his story with us. Also thanks to Wesley McGrew for telling us the inside story.SponsorsThis episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.This episode was sponsored by Detectify. What vulnerabilities will their crowdsource-powered web vulnerability scanner detect in your web applications? Find out with a 14-day free trial. Go to https://detectify.com/DarknetSources
https://www.pcworld.com/article/167756/article.html
https://archives.fbi.gov/archives/dallas/press-releases/2011/dl031811.htm
21/07/20•56m 45s
69: Human Hacker
We all know that computers and networks are vulnerable to hacking and malicious actors, but what about us, the humans who interface with these devices? Con games, scams, and strategic deception are far older than computers, and in the modern era, these techniques can make humans the weakest link in even the most secure system. This episode, security consultant and master social engineer, Christopher Hadnagy, joins us to share his stories and wisdom. He describes what it was like to be a social engineer before the world knew what social engineering was and tells some of his amazing stories from his long career in penetration testing.A big thanks to Christopher Hadnagy from social-engineer.org for sharing his stories with us.Check out his book Social Engineering: The Science of Human Hacking, affiliate link here.Check out his podcast called The Social-Engineer podcast.SponsorsThis episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.Sources
https://www.social-engineer.org/
How phishing scammers manipulate your amygdala and oxytocin TEDxFultonStreet
DEF CON 22 - Chris Hadnagy - What Your Body Tells Me - Body Language for the SE
https://en.wikipedia.org/wiki/George_C._Parker
Book Recommendations with affiliate links:
Social Engineering
Influence
What Every Body is Saying
Emotions Revealed
Presence
It’s Not About “Me”, Top 10 Techniques for Building Rapport
07/07/20•1h 4m
68: Triton
A mysterious mechanical failure one fateful night in a Saudi Arabian chemical plant leads a cast of operational technology researchers down a strange path towards an uncommon, but grave, threat. In this episode, we hear how these researchers discovered this threat and tried to identify who was responsible for the malware behind it. We also consider how this kind of attack may pose a threat to human life wherever there are manufacturing or public infrastructure facilities around the world.A big thanks to Julian Gutmanis, Naser Aldossary, Marina Krotofil, and Robert M. Lee for sharing their stories with us.SponsorsThis episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project.Sources
https://www.fireeye.com/blog/threat-research/2019/04/triton-actor-ttp-profile-custom-attack-tools-detections.html
https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html
https://www.fireeye.com/blog/threat-research/2018/10/triton-attribution-russian-government-owned-lab-most-likely-built-tools.html
https://dragos.com/wp-content/uploads/TRISIS-01.pdf
Video S4 TRITON - Schneider Electric Analysis and Disclosure
Video S4 TRITON - Mandiant Analysis at S4x18
Video S4 TRITON - Reverse Engineering the Tricon Controller by Dragos
Video S4 TRITON - A Report From The Trenches
Video - Safety Orientation video for the Chemical Plant
23/06/20•1h 13m
67: The Big House
John Strand is a penetration tester. He’s paid to break into computer networks and buildings to test their security. In this episode we listen to stories he has from doing this type of work.Thanks to John Strand for coming on the show and telling your story.SponsorsSupport for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.Sources
How a Hacker’s Mom Broke Into a Prison—and the Warden’s Computer
Video: How not to suck at pen testing John Strand
Video: I Had My Mom Break Into Prison
09/06/20•40m 54s
66: freakyclown
Freakyclown is a physical penetration tester. His job is to break into buildings to test the security of the building. In this episode we hear stories of some of these missions he’s been on.Thanks to Freakyclown for coming on the show and telling your story.SponsorsThis episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.This episode was sponsored by Molekule, a new air purifier that completely destroys air pollutants to help you breath easier. https://molekule.com.
26/05/20•53m 47s
65: PSYOP
PSYOP, or “Psychological Operations”, is something the US military has been doing to foreign audiences for decades. But what exactly is it? And what’s the difference between white, gray, and black PSYOP missions? We talk to PSYOP specialists to learn more.Thanks to Jon Nichols for telling us about this fascinating world.SponsorsSupport for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.Sources
https://www.democracynow.org/2006/3/24/the_psyops_war_a_look_at
https://en.wikipedia.org/wiki/Lincoln_Group
https://www.goarmy.com/careers-and-jobs/special-operations/psyop/psyop-mission.html#
https://en.wikipedia.org/wiki/Operation_Wandering_Soul_(Vietnam_War)
https://en.wikipedia.org/wiki/Torches_of_Freedom
http://cgsc.contentdm.oclc.org/cdm/ref/collection/p16040coll3/id/182
https://archive.org/details/PropagandaAudiobook/Propaganda+Chapter+01.mp3
https://www.newsweek.com/us-military-gets-mysterious-and-false-text-message-evacuate-korean-peninsula-669875
https://www.cbinsights.com/research/future-of-information-warfare/
https://en.wikipedia.org/wiki/National_Defense_Authorization_Act_for_Fiscal_Year_2013#Smith%E2%80%93Mundt_Modernization_Act_of_2012
Videos
Vietnam War Ghost Audio Tape used in PSYOPS ‘Wandering Soul’
Jon Nichols Part 0 - Unallocated Spaces Talk on Russian Propaganda
Cyber-Influence: Cyberwar and Psychological Operations
WWII Psych Ops
MISO Marines broadcast important information to Afghans
The War You Don’t See
Edward L. Bernays interview, 1986-10-23
As it fights two wars, the Pentagon is steadily and dramatically increasing money spent on propaganda
12/05/20•1h 11m
64: The Athens Shadow Games
Vodafone Greece is the largest telecom provider in Greece. But in 2004 a scandal within the company would pin them to be top of the news cycle in Greece for weeks. Hackers got in the network. And what they were after took everyone by surprise.SponsorsSupport for this episode comes from Okta. Learn more about how you can improve your security posture with the leader in identity-driven security at okta.com/darknet.This episode is supported by PlexTrac. PlexTrac is the purple teaming platform and is designed to streamline reporting, tracking and attestation so you can focus on getting the real cybersecurity work done. Whether you're creating pen test reports on the red team, or tracking and remediating on the blue team, PlexTrac can help.Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
28/04/20•1h 14m
63: w0rmer
The hacker named w0rmer was active within AnonOps. These are Anonymous Operations which often organize and wage attacks on websites or people often with the purpose of social justice. Eventually w0rmer joined in on some of these hacking escapades which resulted in an incredible story that he will one day tell his kids.Thanks to w0rmer for telling us your story.SponsorsThis episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.SourcesArchived TweetsFeb 7, 2012 Twitter user @Anonw0rmer posts “@MissAnonFatale I managed to pwn1 a site , get my papers , find my required primary IDS , yeah baby, i deservers em :)”Feb 8, 2012 1:17 AM, Twitter user @Anonw0rmer posted, “ROFL! WaS that us? https://www.wvgazettemail.com/news/legal_affairs/hackers-group-posts-police-chiefs-information-online/article_77f79fd5-f76f-5825-ae19-43a398361fdf.html o yeah oops #OpPigRoast #CabinCr3w”Feb 9, 2012 12:35 AM, Twitter user @Anonw0rmer posted, “DB Leak http://dps.alabama.gov https://pastehtml.com/view/bnik8yo1q.html”. The bottom of this post originally showed this NSFW image.Feb 9, 2012 at 8:42 PM, Twitter user @Anonw0rmer posted, “Mobile Alabama Police Criminal Record Database Logins Failing To Protect And Serve I Via @ItsKahuna I http://pastehtml.com/view/bnmjxxgfp.html #OpPiggyBank.”Feb 9, 2012 at 8:39 PM, Twitter user @CabinCr3w posted, “Texas Dept. of safety Hacked By @AnonWOrmer for #OpPiggyBank http://bit.ly/x1KH5Y #CabinCr3w #Anonymous” Bottom of pastebin also shows a woman holding a sign saying “We Are ALL Anonymous We NEVER Forgive. We NEVER Forget. <3 @Anonw0rmer”Feb 10, 2012 at 9:07 PM, Twitter user @Anonw0rmer posted, “My baby SETS standards ! wAt U got? https://i.imgur.com/FbH2K.jpg https://i.imgur.com/zsPvm.jpg https://i.imgur.com/S2S2C.jpg https://i.imgur.com/TVqdN.jpg #CabinCr3w”.Links
Criminal Complaint - United States Western District Court of Texas
https://gizmodo.com/these-breasts-nailed-a-hacker-for-the-fbi-5901430
https://www.tomsguide.com/us/Anonymous-CabinCr3w-w0rmer-Ochoa-Australia,news-14803.html
14/04/20•56m 55s
62: Cam
Cam’s story is both a cautionary tale and inspirational at the same time. He’s been both an attacker and defender. And not the legal kind of attacker. He has caused half a million dollars in damages with his attacks. Attacks that arose from a feeling of seeing injustices in the world. Listen to his story.SponsorsThis episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project.Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.Sources
BBC: The teenage hackers who’ve been given a second chance
https://www.bbc.com/news/av/technology-40655656/uk-s-first-boot-camp-hopes-to-reform-teenage-hackers
https://www.ncsc.gov.uk/
https://www.csa.limited/
https://www.tripwire.com/state-of-security/latest-security-news/teenager-who-ddosed-governments-seaworld-receives-no-jail-time/
https://www.ncsc.gov.uk/section/education-skills/11-19-year-olds
31/03/20•1h 1m
61: Samy
Samy Kamkar is a hacker. And while he’s done a lot of stuff, he’s best known for creating the Samy Worm. Which spread its way through a popular social media site and had crazy results.Thanks to our guest Samy Kamkar for telling his story. Learn more about him by visiting https://samy.pl/.SponsorsThis episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.Sources
Samy’s YouTube Channel
Video: MySpace Worm Animated Story
https://samy.pl/myspace/
https://www.vice.com/en_us/article/wnjwb4/the-myspace-worm-that-changed-the-internet-forever
17/03/20•1h 1m
60: dawgyg
This is a story about the hacker named “dawgyg” and how he made over $100,000 in a single day, from hacking.Thanks to our guest dawgyg for telling his story.SponsorsThis episode is sponsored by SentinelOne - to learn more about their endpoint security solutions and get a 30-day free trial, visit sentinelone.com/darknetdiariesThis episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project.Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.Sources
Video: The Million-Dollar Hacker | Bloomberg
Video: Hacker makes big money as a bug bounty hunter | Kim Komando Show
https://hackerone.com/dawgyg
dawgyg wins h1415
https://www.hackerone.com/blog/meet-six-hackers-making-seven-figures
USA v. DeVoss court records
03/03/20•43m 9s
59: The Courthouse
In this episode we hear from Gary and Justin. Two seasoned penetration testers who tell us a story about the time when they tried to break into a courthouse but it went all wrong.SponsorsThis episode was sponsored by Detectify. Try their web vulnerability scanner free. Go to https://detectify.com/?utm_source=podcast&utm_medium=referral&utm_campaign=DARKNETThis episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.Sources
https://arstechnica.com/information-technology/2019/11/how-a-turf-war-and-a-botched-contract-landed-2-pentesters-in-iowa-jail/
https://krebsonsecurity.com/2020/01/iowa-prosecutors-drop-charges-against-men-hired-to-test-their-security/
https://www.coalfire.com/News-and-Events/Press-Releases/Coalfire-CEO-Tom-McAndrew-statement
https://www.desmoinesregister.com/story/news/crime-and-courts/2019/10/10/iowa-supreme-court-justice-cady-policies-courthouse-break-ins-senate-polk-dallas-burglary-ia-cyber/3930656002/
https://www.desmoinesregister.com/story/news/crime-and-courts/2019/09/19/iowa-state-senator-calls-oversight-committee-investigate-courthouse-break-ins-crime-polk-dallas/2374576001/
https://www.desmoinesregister.com/story/news/crime-and-courts/2019/10/28/iowa-courthouse-break-ins-men-security-firm-plead-not-guilty-trespassing/2488314001/
https://www.desmoinesregister.com/story/news/crime-and-courts/2019/10/30/courthouse-break-in-ceo-cyber-security-coalfire-charges-dropped/4097354002/
https://www.desmoinesregister.com/story/news/crime-and-courts/2020/01/30/courthouse-break-ins-charges-dropped-against-coalfire-employees/4611574002/
18/02/20•1h 25m
58: OxyMonster
OxyMonster sold drugs on the darknet at Dream Market. Something happened though, and it all came crashing down.SponsorsThis episode was sponsored by Detectify. Try their web vulnerability scanner free. Go to https://detectify.com/?utm_source=podcast&utm_medium=referral&utm_campaign=DARKNETThis episode was sponsored by Molekule, a new air purifier that completely destroys air pollutants to help you breath easier. https://molekule.com to use check out code “DARKNET10” to get a discount.See complete list of sources at https://darknetdiaries.com/episode/58.
04/02/20•1h
57: MS08-067
Hear what goes on internally when Microsoft discovers a major vulnerability within Windows.GuestThanks to John Lambert for sharing this story with us.SponsorsSupport for this episode comes from ProCircular. Use the team at ProCircular to conduct security assessments, penetration testing, SIEM monitoring, help with patches, or do incident response. Visit www.procircular.com/ to learn more.This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.Sources
https://blogs.technet.microsoft.com/johnla/2015/09/26/the-inside-story-behind-ms08-067/
https://www.justice.gov/opa/pr/payment-processor-scareware-cybercrime-ring-sentenced-48-months-prison
https://www.nytimes.com/2019/06/29/opinion/sunday/conficker-worm-ukraine.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601
https://www.wired.com/story/nsa-windows-10-vulnerability-disclosure/
Book: Worm
AttributionDarknet Diaries is created by Jack Rhysider.Episode artwork by odibagas.Theme music created by Breakmaster Cylinder. Theme song available for listen and download at bandcamp. Or listen to it on Spotify.
21/01/20•58m 33s
56: Jordan
This is the story of Jordan Harbinger. A bit of a misfit teenager, who was always on the edge of trouble. In this story we hear what happened that lead to a visit from the FBI.GuestThanks to Jordan Harbinger for sharing his story with us. You can find hist podcast by searching for The Jordan Harbinger Show wherever you listen to podcasts.SponsorsThis episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.More information at https://darknetdiaries.com/episode/56.
07/01/20•44m 10s
55: NoirNet
A holiday special episode. A private pen tester takes on a job that involves him with another eccentric pen tester, a mischievious smile, and his quest to gain access to the network.GuestThanks to TinkerSec for telling us the story.Sourceshttps://twitter.com/TinkerSec/status/1206410740099366918AttributionDarknet Diaries is created by Jack Rhysider.Artwork this episode by habblesthecat.More information at DarknetDiaries.com.
25/12/19•17m 37s
54: NotPetya
The story of NotPetya, seems to be the first time, we see what a cyber war looks like. In the summer of 2017 Ukraine suffered a serious and catastrophic cyber attack on their whole country. Hear how it went down, what got hit, and who was responsible.GuestThanks to Andy Greenberg for his research and sharing this story. I urge you to get his book Sandworm because it’s a great story.SponsorsThis episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2019 to get a $20 credit on your next project.Support for this episode comes from Honeybook. HoneyBook is an online business management tool that organizes your client communications, bookings, contracts, and invoices – all in one place. Visit honeybook.com/darknet to get 50% off your subscription.This episode was sponsored by CMD. Securing Linux systems is hard, let CMD help you with that. Visit cmd.com/dark to get a free demo.For more show notes visit darknetdiaries.com/episode/54.
24/12/19•57m 1s
53: Shadow Brokers
The NSA has some pretty advanced, super secret, hacking tools. What if these secret hacking tools were to end up in the wrong person’s hands? Well, that happened.GuestThanks to Jake Williams from Rendition Security for telling us the story.SponsorsThis episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
10/12/19•50m 4s
52: Magecart
Credit card skimming is growing in popularity. Gas pumps all over are seeing skimmers attached to them. It’s growing in popularity because it’s really effective. Hackers have noticed how effective it is and have began skimming credit cards from websites.GuestThanks to Yonathan Klijnsma from RiskIQ.SponsorsThis episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2019 to get a $20 credit on your next project.Support for this episode comes from Honeybook. HoneyBook is an online business management tool that organizes your client communications, bookings, contracts, and invoices – all in one place. Visit honeybook.com/darknet to get 50% off your subscription.This episode was sponsored by CMD. Securing Linux systems is hard, let CMD help you with that. Visit https://cmd.com/dark to get a free demo.Visit darknetdiaries.com for full show notes and transcripts.
26/11/19•48m 17s
Ep 51: The Indo-Pak Conflict
Kashmir is a region right in between India, Pakistan, and China. For the last 70 years Pakistan and India have fought over this region of the world, both wanting to take control of it. Tensions sometimes heat up which can result in people being killed. When tensions get high in the real world, some people take to the internet and hack their rivals as a form of protest. In this episode we’ll explore some of the hacking that goes on between India and Pakistan.SponsorsSupport for this episode comes from Check Point. Check Point makes firewalls and security appliances you can use to combat the latest generation of cyber attacks. Upgrade your cybersecurity at CheckPoint.comSupport for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.For more show notes and links visit https://darknetdiaries.com/episode/51.
12/11/19•46m 49s
Ep 50: Operation Glowing Symphony
Operation Inherent Resolve was started in 2016 which aimed to combat ISIS. It was a combined joint task force lead by the US military. Operation Inherent Resolve sent troops, ships, and air strikes to Iraq and Syria to fire weapons upon ISIS military. It’s widely known that US military engaged with ISIS in this way. But what you may not have heard, is the story of how the US military also combated ISIS over the Internet. This is the story of how the US hacked ISIS.SponsorsThis episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2019 to get a $20 credit on your next project.Support for this episode comes from Honeybook. HoneyBook is an online business management tool that organizes your client communications, bookings, contracts, and invoices – all in one place. Visit [honeybook.com/darknet] to get 50% off your subscription.Support for this episode comes from Check Point. Check Point makes firewalls and security appliances you can use to combat the latest generation of cyber attacks. Upgrade your cybersecurity at CheckPoint.com
30/10/19•1h 11m
Ep 49: Elliot
In this episode we meet Elliot Alderson (@fs0c131y) from Twitter. Who is this strange masked person? What adventures have they gotten themselves into? Many stories will be told. The mask will be lifted.SponsorsThis episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.Go to https://nordvpn.com/darknet to get 70% off a 3 year plan and use code darknet for an extra month for free!
15/10/19•45m 17s
Ep 48: Operation Socialist
This is the story about when a nation state hacks into a company within another nation.SponsorsThis episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25 to get 25% off.This episode was sponsored by Nord VPN. Visit https://nordvpn.com/darknet and use promo code “DARKNET” to get 75% off when signing up for 3 years.
01/10/19•48m 40s
Ep 47: Project Raven
This is the story about an ex-NSA agent who went to work for a secret hacking group in the UAE.SponsorsThis episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
17/09/19•1h 1m
Ep 46: XBox Underground (Part 2)
This is the story about the XBox hacking scene and how a group of guys pushed their luck a little too far.This is part 2 of a 2 part series.SponsorsThis episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet.Learn more about stocks and investing from MyWallSt. Visit mywallst.com/darknet to learn more.
03/09/19•1h 24m
Ep 45: XBox Underground (Part 1)
This is the story about the XBox hacking scene and how a group of guys pushed the hacking a little too far.This is part 1 of a 2 part series.SponsorsThis episode was sponsored by Nord VPN. Visit https://nordvpn.com/darknet and use promo code "DARKNET".This episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn't be. Check them out at https://canary.tools.This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. Use promot code "DARKNET25".
20/08/19•1h 19m
Ep 44: Zain
Ransomware is ugly. It infects your machine and locks all the the data and to unlock you have to pay a fee. In this episode we dive into some of the people behind it.SponsorsThis episode was sponsored by CMD. Securing Linux systems is hard, let CMD help you with that. Visit https://cmd.com/dark to get a free demo.This episode was sponsored by MyWallSt. Their app can help you find good looking stocks to invest in. Visit MyWallSt.com/dark to start your free 30 day trial.For more show notes and links check out darknetdiaries.com.
06/08/19•34m 47s
Ep 43: PPP
This is the story about how I acquired a black badge from DEFCON (pictured above).We also hear the story about who PPP is, and their CTF journey at DEFCON.This episode was sponsored by Nord VPN. Visit https://nordvpn.com/darknet and use promo code “DARKNET”.This episode was sponsored by Detectify. Try their web vulnerability scanner free. Go to https://detectify.com/?utm_source=podcast&utm_medium=referral&utm_campaign=DARKNET
23/07/19•1h
Ep 42: Mini-Stories: Vol 2
Three stories in one episode. Listen in on one of Dave Kennedy's penetration tests he conducted where he got caught trying to gain entry into a datacenter. Listen to a network security engineer talk about the unexpected visitor found in his network and what he did about it. And listen to Dan Tentler talk about a wild and crazy engagement he did for a client.GuestsA very special thanks to Dave Kennedy. Learn more about his company at trustedsec.com.Thank you Clay for sharing your story. Check out the WOPR Summit.Viss also brought an amazing story to share. Thank you too. Learn more about him at Phobos.io.I first heard Clay's story on the Getting Into Infosec Podcast. Thanks Ayman for finding him and bring that story to my attention.SponsorsThis episode was sponsored by CMD. Securing Linux systems is hard, let CMD help you with that. Visit https://cmd.com/dark to get a free demo.This episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn't be. Check them out at https://canary.tools.For more show notes and links check out darknetdiaries.com.
09/07/19•54m 16s
Ep 41: Just Visiting
Join JekHyde and Carl on a physical penetration test, a social engineering engagagement, a red team assessment. Their mission is to get into a building they shouldn't be allowed, then plant a rogue computer they can use to hack into the network from a safe place far away.This episode was sponsored by Nord VPN. Visit https://nordvpn.com/darknet and use promo code "DARKNET".This episode was sponsored by Hostinger. Go to https://hostinger.com/darknet and use code DARKNET to get 15% off a hosting plan and check out this week’s free feature.For more information visit darknetdiaries.com.
25/06/19•49m 16s
Ep 40: No Parking
Take a ride with a red teamer. A physical penetration tester as he tries to make his away into unauthorized areas, steal sensitive documents, hack into the computers, and escape with company property.This episode was sponsored by CMD. Securing Linux systems is hard, let CMD help you with that. Visit https://cmd.com/dark to get a free demo.This episode was sponsored by Hostinger. Go to https://hostinger.com/darknet and use code DARKNET to get 15% off a hosting plan and check out this week’s free feature.For complete show notes and links go to darknetdiaries.com.
11/06/19•1h
Ep 39: 3 Alarm Lamp Scooter
A talk at Defcon challenged people to find a way to destroy a hard drive. A young man was inspired by this challenge and was determined to find a way to destroy a hard drive. But this is not a typical young man, with a typical plan.For pictures of Daniel and his projects visit darknetdiaries.com/episode/39.This episode was sponsored by Nord VPN. Visit nordvpn.com/darknet and use promo code "DARKNET".This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet.
28/05/19•50m 25s
Ep 38: Dark Caracal
A journalist wrote articles critical of the Kazakhstan government. The government did not like this and attempted to silence her. But they may have done more than just silence her. Perhaps they tried to spy on her too. The EFF investigated this case and went down a very interesting rabbit hole.Thanks to Cooper Q from EFF's new Threat Lab. Also big thanks to Eva from EFF, Andrew Blaich and Michael Flossman from Lookout.For another story about the EFF listen to episode 12 "Crypto Wars".This episode was sponsored by CMD. Securing Linux systems is hard, let CMD help you with that. Visit https://cmd.com/dark to get a free demo.
14/05/19•54m 44s
Ep 37: LVS
The Venetian casino in Las Vegas Nevada was the largest hotel in the world until 2015. The parent company is Las Vegas Sands (LVS) which owns 10 properties around the world. And the CEO and founder of LVS is Sheldon Adelson. One day the CEO said something which sparked quite a firestorm.This episode was sponsored by Nucleus. Visit nucleussec.com to start your free trial.This episode was sponsored by CMD. Securing Linux systems is hard, let CMD help you with that. Visit https://cmd.com/dark to get a free demo.For more show notes visit DarknetDiaries.com.
30/04/19•28m 23s
Ep 36: Jeremy from Marketing
A company hires a penetration tester to pose as a new hire, Jeremy from Marketing, to see how much he can hack into in his first week on the job. It doesn't go as planned.Thanks to @TinkerSec for telling us this story.This episode was sponsored by Nord VPN. Visit https://nordvpn.com/darknet and use promo code "DARKNET".This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet.For more show notes visit https://darknetdiaries.com/episode/36.
16/04/19•1h 1m
Ep 35: Carbanak
ATM hacking. Hollywood has been fantasizing about this since the 1980's. But is this a thing now? A security researcher named Barnaby Jack investigated ATMs and found them to be vulnerable. Once he published his data the ATM hacking scene rose in popularity and is is a very serious business today.One of the first big ATM robberies was done with the malware called Carbanak. Jornt v.d. Wiel joins us to discuss what this malware is.This episode was sponsored by Nucleus. Visit nucleussec.com to start your free trial.This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet.For more show notes and links visit darknetdiaries.com.
02/04/19•40m 14s
Ep 34: For Your Eyes Only
Nude selfies. This episode is all about nude selfies. What happens if you take one and give it to a vengeful boyfriend. What happens when a hacker knows you have them and wants to steal them from your phone. What happens is not good. This episode was sponsored by Nord VPN. Visit nordvpn.com/darknet and use promo code "DARKNET".This episode was sponsored by Molekule, a new air purifier that completely destroys air pollutants to help you breath easier. Visit molekule.com to use check out code "DARKNET" to get a discount.For references, sources, and links check out the show notes at darknetdiaries.com/episode/34/.
19/03/19•51m 55s
Ep 33: RockYou
In 2009 a hacker broke into a website with millions of users and downloaded the entire user database. What that hacker did with the data has changed the way we view account security even today.This episode was sponsored by CuriosityStream. A streaming service showing non-fiction and documtnaries. Visit https://curiositystream.com/darknet and use promo code "darknet".This episode was sponsored by CMD. Securing Linux systems is hard, let CMD help you with that. Visit https://cmd.com/dark to get a free demo.To see more show notes visit darknetdiaries.com/episode/33.
05/03/19•40m 33s
Ep 32: The Carder
A carding kingpin was tracked by the Secret Service. How did he steal the cards? Where was he stealing them from? How much was he making doing this? And where did he go wrong? Find out all this and more as we listen to how the Secret Service investigated the case.This episode was sponsored by Eero. A solution to blanket your home in WiFi. Visit https://eero.com/darknet and use promo code "darknet".This episode was sponsored by Nord VPN. Visit https://nordvpn.com/darknet and use promo code "darknet".Cover image this episode created by 𝕄årç ∆⃝ 𝕄ølïñårō.Go to Darknet Diaries for additional show notes.
19/02/19•39m 29s
Ep 31: Hacker Giraffe
In late November 2018, a hacker found over 50,000 printers were exposed to the Internet in ways they shouldn't have been. He wanted to raise awareness of this problem, and got himself into a whole heap of trouble. For show notes and links visit DarknetDiaries.com.This episode was sponsored by CuriosityStream. A documentary streaming service. Visit curiositystream.com/darknet and use promo code "darknet".This episode is also sponsored by Cover. Visit cover.com/darknet to get insured today.
05/02/19•56m 2s
Ep 30: Shamoon
In 2012, Saudi Aramco was hit with the most destructive virus ever. Thousands and thousands of computers were destroyed. Herculean efforts were made to restore them to operational status again. But who would do such an attack?Very special thanks goes to Chris Kubecka for sharing her story.She is author of the book Down the Rabbit Hole An OSINT Journey, and Hack The World With OSINT (due out soon).This episode was sponsored by Eero. A solution to blanket your home in WiFi. Visit https://eero.com/darknet and use promo code "darknet".This episode is also sponsored by Cover. Visit cover.com/darknet to get insured today.
22/01/19•35m 22s
Ep 29: Stuxnet
Stuxnet was the most sophisticated virus ever discovered. It's target was a nuclear enrichment facility in Iran. This virus was successfully able to destroy numerous centrifuges. Hear who did it and why.Special thanks to Kim Zetter for joining us this episode. You can find more about Stuxnet from her book Count Down to Zero Day.
08/01/19•41m 6s
Ep 28: Unit 8200
Israel has their own version of the NSA called Unit 8200. I was curious what this unit does and tried to take a peek inside. Hear what I found by listening along to this episode.This episode was sponsored by Nord VPN. Visit https://nordvpn.com/darknet and use promo code “darknet”.This episode is also sponsored by Mack Weldon. Visit mackweldon.com to shop for premium men's casual wear and get a 20% off discount with your first order by using promo code “diaries”.
15/12/18•48m 35s
Ep 27: Chartbreakers
Something is wrong with the Apple Podcasts top charts. As a podcaster, this personally annoyed and intrigued me. I investigate how this is happening and who is behind it.For show notes visit https://darknetdiaries.com/episode/27.This episode was sponsored by Nord VPN. Visit https://nordvpn.com/darknet and use promo code 'darknet'.This episode is sponsored by LPSS Digital Marketing, your source for honest, transparent marketing services for businesses of all sizes. Visit LPSS at https://www.lpss.co/ for details.
01/12/18•47m 14s
Ep 26: IRS
The IRS processes $3 trillion dollars a year. A lot of criminals want to get a piece of that. In 2015 the IRS had a large data breach. Hundreds of thousands of tax records were leaked. What happened and who was behind this? Listen to this episode to find out.For show notes visit https://darknetdiaries.com
15/11/18•35m 21s
Ep 25: Alberto
Alberto Hill was sent to prison for a long time for hacking. For a crime he said he did not commit. Listen to his story and you be the judge on whether he's guilty or not.
01/11/18•42m 35s
Ep 24: Operation Bayonet
Darknet markets are online black markets. They are highly illegal, and dangerous to run. Hear exactly how dangerous it was for Alphabay and Hansa dark markets.
15/10/18•39m 12s
Ep 23: Vladimir Levin
When banks started coming online, they almost immediately started being targeted by hackers. Vladimir Levin was one of the first ever known hacker to try to rob a bank. He succeeded a little, and failed a lot. Vladimir would go down in the history books as one of the most notorious hackers of all time because of his attempted online bank robberies.
01/10/18•28m 22s
Ep 22: Mini-Stories: Vol 1
Three stories in one! In this episode we hear about a penetration test from Mubix that he'll never forget, a incident response from Robert M. Lee which completely stunned him, and a social engineering mission from Snow.Podcast recommendation: Moonshot.
15/09/18•39m 41s
Ep 21: Black Duck Eggs
Ira Winkler's specialty is assembling elite teams of special forces and intelligence officers to go after companies. Ira shares a story about a time he and his team broke into a global 5 company. A company so large that theft of intellictual property could result in billions of dollars of damage. Ira's consulting company: Secure Mentum.His books: Spies Among Us, Advanced Persistent Security, Through the Eyes of the Enemy.
01/09/18•28m 19s
Ep 20: mobman
Chances are, if you were downloading shady programs in the early 2000's, you were infected with malware he wrote called SubSeven. Hacking changed mobman's life. Hear how it happened by listening to this episode.Image for this episode created by dr4w1ngluc4s. Check out his Instagram to see some amazing artwork! Check out the podcasts Van Sounds and True Crime Island
15/08/18•46m 23s
Ep 19: Operation Aurora
In 2009, around Christmas time, something terrible was lurking in the network at Google. Google is the most popular website on the Internet. It’s so popular many people just think Google is the Internet. Google hires many of the most talented minds and has been online since the 90s. Hacking into Google is no easy task. There’s a team of security engineers who test and check all the configurations on the site before they go live. And Google has teams of security analysts and technicians watching the network 24/7 for attacks, intrusions, and suspicious activity. Security plays a very vital role at Google, and everything has to have the best protections. But this attack slipped past all that. Hackers had found their way into the network. They compromised numerous systems, burrowed their way into Google’s servers, and were trying to get to data they shouldn’t be allowed to have. Google detected this activity. And realized pretty quickly they were dealing with an attack more sophisticated than anything they’ve ever seen.Podcast recommendation: Twenty Thousand Hertz
01/08/18•28m 29s
Ep 18: Jackpot
A man addicted to gambling finds a bug in a video poker machine that lets him win excessive amounts of money.
01/07/18•21m 5s
Ep 17: Finn
A 14-year-old kid who finds himself bored in class decides to hack someone's twitter account and ends up with more than he bargained for.
03/06/18•45m 19s
Ep 16: Eijah
In 2007, a hacker named Eijah got fed up with the way DRM prevented him from being able to play the content he paid for. He decided to fight back against the AACS and find a way to circumvent the DRM. By the time Eijah was done, his life wasn't the same.
01/05/18•35m 41s
Ep 15: Ill Tills
A major retailer was hacked. Their point of sales machines were riddled with malware. Listen to hear how digital forensics and incident responders handled the situation. What malware was found? Where was it found? How was it stopped? And most importantly, how much data was leaked?
01/04/18•33m 21s
Ep 14: #OpJustina
In 2013 a hospital was accused of conducting a medical kidnapping against a young girl name Justina. This enraged many people across the country, including members of anonymous. A DDOS attack was waged against the hospital.
01/03/18•25m 21s
Ep 13: Carna Botnet
In 2012 the Carna Bot was built and unleashed on the world. But it didn't have any intentions on doing anything malicious. It was built just to help us all understand the Internet better. This botnet used the oldest security vulnerable in the book. And the data that came out of it was amazing.
15/02/18•33m 18s
Ep 12: Crypto Wars
In the 1990's the Internet started to take shape. But the US goverment had strict laws regulating what type of cryptography is allowed to be used online. A few brave people stood up to the government in the name of civil rights and won the right to use strong encryption. Listen to their battle and what they had to do through to accomplish this.
01/02/18•28m 30s
Ep 11: Strictly Confidential
What happens when an innovative tech company, that's trying to develop the next big thing, detects a hacker in their network? We hear the story from a digital forensics investigator which has a surprising result.
15/01/18•19m 32s
Ep 10: Misadventures of a Nation State Actor
In today's world of intelligence gathering, governments hack other governments. This episode takes you on a ride with a nation state actor to see exactly how it's done.
01/01/18•33m 25s
Ep 9: The Rise and Fall of Mt. Gox
Mt. Gox was the largest bitcoin exchange in the world. It suddenly went offline. What happened?
15/12/17•28m 53s
Ep 8: Manfred (Part 2)
Manfred found a way to turn his passion for video games and reverse engineering into a full time business. He exploited video games and sold virtual goods and currency for real money. This was his full time job. Listen to this episode to hear exactly how he did this.
01/12/17•28m 8s
Ep 7: Manfred (Part 1)
Manfred has had the most epic story of all online video game stories. For the last 20 years, he's been hacking online games.
01/12/17•23m 17s
Ep 6: The Beirut Bank Job
Jayson E. Street tells us a story about the time he broke into a bank in Beirut Lebanon.
15/11/17•29m 19s
Ep 5: #ASUSGATE
Security researcher Kyle Lovett bought a new Asus router in 2013. He found it was riddled with security vulnerabilties. He set out on a mission to resolve these vulnerabilities not only for his own router, but for thousands of others who were also vulnerable.
01/11/17•25m 7s
Ep 4: Panic! at the TalkTalk Board Room
Mobile provider TalkTalk suffered a major breach in 2015. The CEO tried her best to keep angry customers calm and carry on. The UK government and Metropolitan Police investigate the breach. We get a rare glimpse of how the CEO handles the crisis.
15/10/17•38m 23s
Ep 3: DigiNotar, You are the Weakest Link, Good Bye!
The 2011 DigiNotar breach changed the way browsers do security. In this episode, we learn what role a CA plays, how browsers work with CAs, and what happens when a CA is breached.
01/10/17•25m 44s
Ep 2: The Peculiar Case of the VTech Hacker
VTech makes toy tablets, laptops, and watches for kids. In 2015, they were breached. The hacker downloaded gigs of children's data. Discover what the hacker did once he took the data.
15/09/17•23m 20s
Ep 1: The Phreaky World of PBX Hacking
Farhan Arshad and Noor Aziz Uddin were captured 2 years after being placed on the FBI's Cyber's Most Wanted list for PBX hacking. In this episode, we explain PBX hacking and how hackers are racking up billions of dollars in phone bills. We also learn how the two men were captured.
01/09/17•14m 1s