Episoder

  • In college, I once showed my class the reality of Remote Access Trojans (RATs) with a live demo—showing how easily someone could take over a computer with the right tool. Years later, the real-world ramifications of these tools are even more chilling. Today, we’re diving deep into Poison Ivy, a notorious RAT that took the cybersecurity world by storm in the mid-2000s, and was linked to high-profile cyberattacks on government agencies, human rights organizations, and corporate giants.

    //NO BS PODCAST HOSTING

    🟡 Yellowball is a no BS podcast hosting service that I built and run. Whether you're looking to start a podcast, import an existing one, or just want to learn more, head over to https://yellowball.fm to check it out.

    //REFERENCES

    https://www.theregister.com/2012/08/31/nitro_hackers_abuse_java_exploit

    https://www.darkreading.com/cyberattacks-data-breaches/poison-ivy-trojan-just-won-t-die

    https://www.mandiant.com/sites/default/files/2021-09/rpt-poison-ivy.pdf

    https://web.archive.org/web/20080208054011/http://www.poisonivy-rat.com/

    https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/poisonivy

  • In this episode, we dive into the chaotic rise of the Mydoom worm, one of the fastest-spreading computer worms ever recorded. From its origins in Russia to its DDoS attacks on SCO Group and Microsoft, Mydoom wreaked havoc on the internet in the early 2000s. We explore how the worm’s clever tactics—like blocking antivirus websites and spreading through email and peer-to-peer networks—made it a formidable threat. Despite the $500,000 bounty, its creator remains a mystery to this day.

    //NO BS PODCAST HOSTING

    🟡 Yellowball is a no BS podcast hosting service that I built and run. Whether you're looking to start a podcast, import an existing one, or just want to learn more, head over to https://yellowball.fm to check it out.

    //REFERENCES

    https://www.getsupport.co.uk/blog/2021-10/mydoom-the-fascinating-story-behind-the-worlds-fastest-computer-virus/

    https://www.mrbrown.com/blog/2004/07/google_attacked.html

    https://www.f-secure.com/v-descs/novarg.shtml

    https://www.f-secure.com/v-descs/mydoom-b.shtml

    https://www.youtube.com/watch?v=QbIkueFe8E4

  • Manglende episoder?

    Klik her for at forny feed.

  • In 2003, the Fizzer worm took advantage of the growing peer-to-peer file-sharing trend, spreading across Kazaa and beyond. What seemed like a harmless music download on Limewire could turn into a backdoor for hackers. In this episode of In The Shell, I share my personal experience with file sharing on my Blue Dell Inspiron 1100 and how I unknowingly encountered malware for the first time. We’ll explore the origins of the Fizzer worm, its unique ability to auto-update, disable antivirus software, and install keyloggers to steal personal information.

    I’ll explain how Fizzer spread through file-sharing platforms and network shares, how it spoofed emails, and the sophisticated techniques it used to stay one step ahead of antivirus programs. From peer-to-peer networks to corporate environments, Fizzer’s reach was global—and the impact on users was profound.

    //NO BS PODCAST HOSTING

    🟡 Yellowball is a no BS podcast hosting service that I built and run. Whether you're looking to start a podcast, import an existing one, or just want to learn more, head over to https://yellowball.fm to check it out.

    //REFERENCES

    https://www.f-secure.com/v-descs/fizzer.shtml

    https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Win32%2fFizzer

    https://www.kaspersky.com/about/press-releases/fizzer-a-multi-threat-worm-that-attacks-via-e-mail-and-kazaa

    https://www.infoworld.com/article/2234751/fizzer-worm-spreading.html

    https://threats.kaspersky.com/en/threat/Email-Worm.Win32.Fizzer/

    https://www.helpnetsecurity.com/2003/05/13/fizzer-e-mail-worm-is-spreading-at-an-alarming-rate/

    http://virus.wikidot.com/fizzer

    https://www.giac.org/paper/gcih/450/w32-fizzera-analysis-infection-prevention-handling/103564

  • In this episode of In the Shell, we dive into one of the most notorious cyber incidents of the early 2000s—the SQL Slammer worm. Join me as we explore how this tiny 376-byte worm caused massive internet disruptions worldwide in 2003. From its rapid spread across 75,000 servers in under 10 minutes to its impact on global infrastructure, the SQL Slammer worm serves as a powerful reminder of the importance of patching vulnerabilities and maintaining strong network security.

    We’ll break down the technical aspects, including SQL Server vulnerabilities, the difference between TCP and UDP, and how the worm exploited a buffer overflow to wreak havoc. Plus, we’ll discuss the lessons learned and how cyber threats have evolved since then.

    //NO BS PODCAST HOSTING

    🟡 Yellowball is a no BS podcast hosting service that I built and run. Whether you're looking to start a podcast, import an existing one, or just want to learn more, head over to https://yellowball.fm to check it out.

    //REFERENCES

    https://www.netscout.com/blog/asert/remembering-sql-slammer

    https://www.historytools.org/docs/the-sql-slammer-virus-how-it-works-and-how-to-protect-yourself

    https://threatpost.com/inside-story-sql-slammer-102010/74589/

    https://www.caida.org/catalog/papers/2003_sapphire/

    https://www.wired.com/2003/07/slammer/

  • In this episode of In the Shell, we dive into the story of the Code Red worm, one of the most notorious cyberattacks in history. We explore how it all began with a vulnerability in Microsoft IIS web servers, leading to the rise of multiple versions of the worm. From defaced websites to failed DDOS attacks, and the eventual rise of the dangerous Code Red II, this episode uncovers the chaos it caused and the lessons we can still learn from it today.

    //NO BS PODCAST HOSTING

    🟡 Yellowball is a no BS podcast hosting service that I built and run. Whether you're looking to start a podcast, import an existing one, or just want to learn more, head over to https://yellowball.fm to check it out.

    //REFERENCES

    https://www.caida.org/archive/code-red/

    https://www.scientificamerican.com/article/code-red-worm-assault-on/

    https://www.sans.org/white-papers/87/

    https://www.xenonstack.com/insights/virus-codered-worm/

    https://www.gao.gov/assets/gao-01-1073t.pdf

    //NEWS CLIPS

    https://www.youtube.com/watch?v=yiXRxZ5CPa0

    https://www.youtube.com/watch?v=mMSnmAcG1XM

    https://www.youtube.com/watch?v=ajbmCtB8tNo

  • On May 4th, 2000, an email with the subject “ILOVEYOU” spread like wildfire across the internet. What seemed like a harmless message turned into one of the most notorious worms in history, infecting millions of computers worldwide. In this episode of In the Shell, I dive into the story behind the ILOVEYOU worm—how it was created, who was behind it, and the chaos it unleashed. We'll explore the origins of this infamous piece of malware, the mind of its creator, and the lessons learned from one of the first major cyberattacks. Join me as we take a closer look at how a simple email caused global disruption and forever changed the way we think about online security.

    //NO BS PODCAST HOSTING

    🟡 Yellowball is a no BS podcast hosting service that I built and run. Whether you're looking to start a podcast, import an existing one, or just want to learn more, head over to https://yellowball.fm to check it out.