Claim Ownership

Author:

Subscribed: 0Played: 0
Share

Description

 Episodes
Reverse
If SIM swap stories ever make the news, almost uniformly, they focus on people who lost a lot of money. But SIM swaps also take a psychological toll. Getting cut off from the grid all of a sudden, not knowing why, not being able to call for help. Even when it’s over, you never know if your attackers -- whoever they are -- will come back again.
A year ago we told you the story of Kaseya: an IT solutions company that was breached on July 2021, and its servers were used to spread ransomware to an estimated 800 to 1500 small to medium-sized businesses. Nate Nelson, our Sr. producer, spoke with Rich Murray, who leads the FBI’s North Texas Cyber unit, about how the Federal Bureau of Investigations dealt with another attack by REvil - this time against the Texas government - and how they managed to figure out who was behind it.
Cyberbunker, Part 2

Cyberbunker, Part 2

2023-01-1036:06

Spamhaus's decision to add Cyberbunker to its list of Spam sources led the Stophaus coalition to initiate a DDoS attack later dubbed “The attack that almost broke the Internet.” The fallout from this attack led to Cyberbunker relocating to a bunker in Germany - but it was the involvement of an Irish drug lord known as 'The Penguin' that led to the bullet-proof hosting company's downfall.
Cyberbunker, Part 1

Cyberbunker, Part 1

2023-01-0227:16

Sven Kamphuis and Herman Johan Xennt are quite dissimilar: one is young, the other is old, one is a Freedom Fighter, the other a businessman. In 1996, their unlikely partnership coalesced around a mutual deep hatred towards authority - and around a very unusual building: a Cold-War era nuclear bunker.
2011 was a pivotal year for Netflix: the now hugely successful company was then in the midst of a formidable transformation, changing from a mail-based DVD rental service to the modern streaming service that it is today. It was at this crucial point in the company’s history that Jason Chan, our guest in this episode, was hired by Netflix to lay the foundations for its cloud security protocols. Nate Nelson, our Sr. Producer, spoke with Jason about the decade he spent at the company, what he learned during his tenure there, and the ideas that took shape at that time, such as Chaos Engineering.Nate Nelson, our Sr. producer, spoke with Dr. Cohen about his early research into computer viruses, his work with the US army, the panicky response from the US government - and the parallels between computer viruses and mental viruses - i.e. memes.
In his 1984 seminal paper - "Computer Viruses: Theory and Experiments" - Dr. Fred Cohen not only introduced the name ‘computer virus’, a term invented by his mentor, Leonard Adelman, but was also the first to analyze computer viruses in a rigorous mathematical way, proving that computer viruses were not only practical - but that they were in fact inevitable. Nate Nelson, our Sr. producer, spoke with Dr. Cohen about his early research into computer viruses, his work with the US army, the panicky response from the US government - and the parallels between computer viruses and mental viruses - i.e. memes.
Thamar Reservoir

Thamar Reservoir

2022-12-1336:19

Thamar Gindin is an Israeli scholar whose research focuses on the Persian language. For the past seven years (at least) Thamar has been a target for an endless stream of spear-phishing attempts by the Iranian regime, trying to take over her email account and lure her away from her country's borders. Her family, friends, and colleagues have also suffered numerous attacks. So, how does it feel to live for years with a virtual target mark on your back?...
Nobody likes cheaters, especially in video games: we play games to have fun, and nothing hurts the joy of playing a good game more than losing to a cheater. That is why EA is not the only publisher to implement kernel-mode anti-cheat software in their games: League of Legends and Valorant, for example, use similar software. Yet some people warn that installing such kernel-level systems is extremely dangerous. So, what's the problem with kernel-mode anti-cheat software?
When it was founded in 2011, Norse Corp. - which described itself as "the world's largest dedicated threat intelligence network" - had everything a promising startup could wish for: a charismatic and experienced founder, a rare and valuable technology, and few tens of millons of dollars from investors. Less than six years later, it all came crashing down in the most horrible death a business can experience. What went wrong in Norse Corp.?
John Deere, an American agricultural machinery manufacturer, has recently enraged many farmers and digital rights activists due to the restrictive fixing policy of its tractors. Now, an Australian white hat hacker named Sick Codes has demonstrated not only how he was able to jailbreak the company’s tractors and run Doom on them (because why not) - but also hack into its global operations center, demonstrating how hackers can easily take over a huge number of farming machines all over the world.
In 2006 the Russian Business Network pivoted its business: the once legitimate ISP became a ‘bullet-proof' hosting service, catering to the needs of cybercriminals. It quickly became the largest player in the Russian cybercrime landscape, with ~60% of all cybercrime activity related to Russia connected to it in some way. Following the Russian government’s years-old tradition of collaborating with organized crime, it's no wonder that the Russian Business Network quickly became Putin’s informal cyber attack arm.
Sports is not something that you usually hear mentioned when people talk about cybersecurity - but Chris Cochran and Ron Eddings, co-founders of Hacker Valley Media, believe that cyber professionals can take inspiration from MMA wrestlers and Chess Grandchampions to get to their own version of Peak Performance.
LabMD Vs. The FTC

LabMD Vs. The FTC

2022-10-3139:04

One day in 2008, Michael Daugherty - CEO and owner of LabMD, a cancer detection lab - got a call from an executive of TiVera, a cybersecurity company. The caller said that a file containing private medical data of some 9000 of LabMD's patients has been discovered online. When Michael refused to pay for TiVersa's hefty "consultation fee", it reported the incident to the FTC. This was the beginning of a ten-year-long legal battle that ultimately destroyed LabMD - but cost the Federal Agency dearly.
Media companies probably get hacked no more than other, non-media oriented organizations such as hospitals, banks, etc. But these hacks are often more visible and more memorable because… well, media companies are more public facing by their very nature. How can these organizations be hacked, and why should we care about such attacks? Nate Nelson spoke with Joel Molinoff, former chief information risk officer for CBS Corporation, and Dan Vasile, former vice president of information security at Paramount.
Financial markets make good targets for criminals: after all, that's where the big money is. Surprisingly, many of these criminals are not your run-of-the-mill black hat hacker, but brokers registered with the SEC: Genuine finance industry professionals.
Authentication has come a long way since the 1980s or 90s. But when it comes to phone calls - we’re still in the Middle Ages. Vishing, or Voice Scams, are probably as old as the Telephone itself, yet it is still very easy to impersonate someone over the phone or spoof a phone call’s origin. Rachel Tobac is a hacker and the CEO of SocialProof Security, where she helps people and companies keep their data safe by training and pen-testing them on social engineering risks. Rachel spoke with Nate Nelson, our Sr. producer, about Vishing: how common is it, where attackers get the information they need to impersonate someone from, and the many many psychological tricks they can employ to fool the person on the other side of the call.
In any trading market, at any time in history, no matter where you are, the most important thing you can possess isn’t actually money, or influence, or anything like that. Knowledge -- in particular, knowing something before everybody else -- is far more valuable. Some traders are willing to go to great lengths to get it before anyone else. In some cases, they’ll apply great ingenuity to the problem - but in others, they’ll use manipulation -- hacking into these technologies to gain an unfair advantage, and make a fortune along the way.
The name Lulzsec is probably very familiar to listeners who were around in 2011, when this hacking group was at the peak of its nefarious activity. As their name implies, Lulzsec was known for trolling their victims: their childish behavior might have fooled some people into thinking that Lulzsec was mostly harmless - but as the story you’re about to hear will show, they were anything but.
The US government says that Kim Schmitz, better know as Kim DotCom, is the leader of a file sharing crime ring. He sees himself as a an internet freedom fighter: a fugitive on the run from vindictive overly-powerful governments. Can King Kimble escape the wrath of the USA?
Multi-Factor Authentication (MFA) is usually considered a better solution for authentication than just using passwords. But Roger Grimes, a veteran security professional, and a Data-Driven Defense Evangelist claims that the sense of security current MFA solutions provides us - is false.
Comments (77)

סעדיה עגאם

0

Dec 14th
Reply

Poops

yes

Sep 20th
Reply

Poops

Stuxnet #1. USA, USA. USA.

Apr 26th
Reply

Jorel

Could someone translate what this guy is saying? I hear words but there is no meaning to them

Apr 2nd
Reply

Jeffery Gray

this podcast promotes deep state propaganda, they know is propaganda...

Jan 20th
Reply

Joel Prokopchuk

This title reminds me of a comic strip from the UserFriendly comic, where a fed up BOfH sends missiles at a particularly annoying spammer.

Jan 12th
Reply

Andy Edwards

wonder if cyber Eason/ML will ever speak out about NSO like Jack Rhysider has

Nov 28th
Reply

Gerrit van Rensburg

Hey Ran & Team, Could you cover the Hauwei case? it's been on-going for a while and has huge geo-politcal consequences! love the show!

Sep 24th
Reply

lavericklavericklave

the story is total garbage. just happens to find some papers with two board members being fired lying around on someones desk. come on

Mar 15th
Reply

Mirek Rumin

I can't believe that's how the extra story ends... Wth!?

Jan 16th
Reply

Gurdeep Mundi

whoa!

Jan 12th
Reply

Chauncey Bones

congratulations on hitting the century mark! really enjoyed the Act I, II, III format and content. had a few laughs listening and got a bit nostalgic. has ML thought about more election hacking? the April 2020 South Korean legislation involved Huawei and was quite shady. keep ☝ the great work and Happy New Year!

Dec 23rd
Reply

🤨

man ... you produced this before the election! That's some foresight!

Dec 19th
Reply

Clinton Knight

I think I know Jan Sloot's Data Compression System method. And honestly, its stupidly simple. No wonder there was no storage.

Dec 7th
Reply

Beano09

Hi

Dec 4th
Reply

Beano09

Hi

Dec 4th
Reply

Chauncey Bones

y'all nailed it. what a shit show ladies and gents sit back and enjoy your pop corn

Nov 7th
Reply (1)

Chauncey Bones

and thats why I still have aol mail. ahhhhh the days of yore. not mentioned in the pod was a yahoo ceo died stranded in winter trying to help his stranded family. related? maybe not but possibly malicious........ love the pods Ran!

Oct 10th
Reply (1)

Chauncey Bones

dank pod cast i get to play judge. me sees this..... Crisco i mean Cisco, if they knew international law was about to be broken, and most corporations do, it wouldn't do well in Hague. Perhaps the case in the US is just an amuse bouche for the global court and the plaintiffs are exposing Sullivan's hand. this case in the States will depend on November third sadly but Crisco should stop using Cisco

Aug 30th
Reply

Andy Edwards

There's a flip side to maintaining that anonymity: seems like it's possible the source for the leaks could have been killed and the journalists wouldn't know about it. I wonder if they were still able to contact the source long after the fact? It seems like that would be a huge risk in itself. So I'm guessing it's hard to verify whether the security measures were successful...

Aug 12th
Reply
loading
Download from Google Play
Download from App Store