Episodios

  • A mysterious mechanical failure one fateful night in a Saudi Arabian chemical plant leads a cast of operational technology researchers down a strange path towards an uncommon, but grave, threat. In this episode, we hear how these researchers discovered this threat and tried to identify who was responsible for the malware behind it. We also consider how this kind of attack may pose a threat to human life wherever there are manufacturing or public infrastructure facilities around the world.
    A big thanks to Julian Gutmanis, Naser Aldossary, Marina Krotofil, and Robert M. Lee for sharing their stories with us.
    Sponsors
    This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.
    This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project.
    Sources

    https://www.fireeye.com/blog/threat-research/2019/04/triton-actor-ttp-profile-custom-attack-tools-detections.html

    https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html

    https://www.fireeye.com/blog/threat-research/2018/10/triton-attribution-russian-government-owned-lab-most-likely-built-tools.html

    https://dragos.com/wp-content/uploads/TRISIS-01.pdf

    Video S4 TRITON - Schneider Electric Analysis and Disclosure

    Video S4 TRITON - Mandiant Analysis at S4x18

    Video S4 TRITON - Reverse Engineering the Tricon Controller by Dragos

    Video S4 TRITON - A Report From The Trenches

    Video - Safety Orientation video for the Chemical Plant


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • John Strand is a penetration tester. He’s paid to break into computer networks and buildings to test their security. In this episode we listen to stories he has from doing this type of work.
    Thanks to John Strand for coming on the show and telling your story.
    Sponsors
    Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Sources

    How a Hacker’s Mom Broke Into a Prison—and the Warden’s Computer

    Video: How not to suck at pen testing John Strand

    Video: I Had My Mom Break Into Prison


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • ¿Faltan episodios?

    Pulsa aquí para actualizar resultados

  • Freakyclown is a physical penetration tester. His job is to break into buildings to test the security of the building. In this episode we hear stories of some of these missions he’s been on.
    Thanks to Freakyclown for coming on the show and telling your story.
    Sponsors
    This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.
    This episode was sponsored by Molekule, a new air purifier that completely destroys air pollutants to help you breath easier. https://molekule.com.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • This week, while we are busy making a new episode of Darknet Diaries, so we are going to play for you an episode from another podcast we think you'll really like. It's called the Jordan Harbinger show. In this episode he interviews Jack Barsky, a former KGB spy.

    We had Jordan on this podcast once, episode 56. https://darknetdiaries.com/episode/56/

    Subscribe to the Jordan Harbinger show, wherever you listen to podcasts or at https://www.jordanharbinger.com/podcasts/
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • PSYOP, or “Psychological Operations”, is something the US military has been doing to foreign audiences for decades. But what exactly is it? And what’s the difference between white, gray, and black PSYOP missions? We talk to PSYOP specialists to learn more.
    Thanks to Jon Nichols for telling us about this fascinating world.
    Sponsors
    Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Sources

    https://www.democracynow.org/2006/3/24/the_psyops_war_a_look_at

    https://en.wikipedia.org/wiki/Lincoln_Group

    https://www.goarmy.com/careers-and-jobs/special-operations/psyop/psyop-mission.html#

    https://en.wikipedia.org/wiki/Operation_Wandering_Soul_(Vietnam_War)

    https://en.wikipedia.org/wiki/Torches_of_Freedom

    http://cgsc.contentdm.oclc.org/cdm/ref/collection/p16040coll3/id/182

    https://archive.org/details/PropagandaAudiobook/Propaganda+Chapter+01.mp3

    https://www.newsweek.com/us-military-gets-mysterious-and-false-text-message-evacuate-korean-peninsula-669875

    https://www.cbinsights.com/research/future-of-information-warfare/

    https://en.wikipedia.org/wiki/National_Defense_Authorization_Act_for_Fiscal_Year_2013#Smith%E2%80%93Mundt_Modernization_Act_of_2012

    Videos

    Vietnam War Ghost Audio Tape used in PSYOPS ‘Wandering Soul’

    Jon Nichols Part 0 - Unallocated Spaces Talk on Russian Propaganda

    Cyber-Influence: Cyberwar and Psychological Operations

    WWII Psych Ops

    MISO Marines broadcast important information to Afghans

    The War You Don’t See

    Edward L. Bernays interview, 1986-10-23

    As it fights two wars, the Pentagon is steadily and dramatically increasing money spent on propaganda


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • Vodafone Greece is the largest telecom provider in Greece. But in 2004 a scandal within the company would pin them to be top of the news cycle in Greece for weeks. Hackers got in the network. And what they were after took everyone by surprise.
    Sponsors
    Support for this episode comes from Okta. Learn more about how you can improve your security posture with the leader in identity-driven security at okta.com/darknet.
    This episode is supported by PlexTrac. PlexTrac is the purple teaming platform and is designed to streamline reporting, tracking and attestation so you can focus on getting the real cybersecurity work done. Whether you're creating pen test reports on the red team, or tracking and remediating on the blue team, PlexTrac can help.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • The hacker named w0rmer was active within AnonOps. These are Anonymous Operations which often organize and wage attacks on websites or people often with the purpose of social justice. Eventually w0rmer joined in on some of these hacking escapades which resulted in an incredible story that he will one day tell his kids.
    Thanks to w0rmer for telling us your story.
    Sponsors
    This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.
    Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.
    SourcesArchived Tweets
    Feb 7, 2012 Twitter user @Anonw0rmer posts “@MissAnonFatale I managed to pwn1 a site , get my papers , find my required primary IDS , yeah baby, i deservers em :)”
    Feb 8, 2012 1:17 AM, Twitter user @Anonw0rmer posted, “ROFL! WaS that us? https://www.wvgazettemail.com/news/legal_affairs/hackers-group-posts-police-chiefs-information-online/article_77f79fd5-f76f-5825-ae19-43a398361fdf.html o yeah oops #OpPigRoast #CabinCr3w”
    Feb 9, 2012 12:35 AM, Twitter user @Anonw0rmer posted, “DB Leak http://dps.alabama.gov https://pastehtml.com/view/bnik8yo1q.html”. The bottom of this post originally showed this NSFW image.
    Feb 9, 2012 at 8:42 PM, Twitter user @Anonw0rmer posted, “Mobile Alabama Police Criminal Record Database Logins Failing To Protect And Serve I Via @ItsKahuna I http://pastehtml.com/view/bnmjxxgfp.html #OpPiggyBank.”
    Feb 9, 2012 at 8:39 PM, Twitter user @CabinCr3w posted, “Texas Dept. of safety Hacked By @AnonWOrmer for #OpPiggyBank http://bit.ly/x1KH5Y #CabinCr3w #Anonymous” Bottom of pastebin also shows a woman holding a sign saying “We Are ALL Anonymous We NEVER Forgive. We NEVER Forget. <3 @Anonw0rmer”
    Feb 10, 2012 at 9:07 PM, Twitter user @Anonw0rmer posted, “My baby SETS standards ! wAt U got? https://i.imgur.com/FbH2K.jpg https://i.imgur.com/zsPvm.jpg https://i.imgur.com/S2S2C.jpg https://i.imgur.com/TVqdN.jpg #CabinCr3w”.
    Links

    Criminal Complaint - United States Western District Court of Texas

    https://gizmodo.com/these-breasts-nailed-a-hacker-for-the-fbi-5901430

    https://www.tomsguide.com/us/Anonymous-CabinCr3w-w0rmer-Ochoa-Australia,news-14803.html


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • Cam’s story is both a cautionary tale and inspirational at the same time. He’s been both an attacker and defender. And not the legal kind of attacker. He has caused half a million dollars in damages with his attacks. Attacks that arose from a feeling of seeing injustices in the world. Listen to his story.
    Sponsors
    This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Sources

    BBC: The teenage hackers who’ve been given a second chance

    https://www.bbc.com/news/av/technology-40655656/uk-s-first-boot-camp-hopes-to-reform-teenage-hackers

    https://www.ncsc.gov.uk/

    https://www.csa.limited/

    https://www.tripwire.com/state-of-security/latest-security-news/teenager-who-ddosed-governments-seaworld-receives-no-jail-time/

    https://www.ncsc.gov.uk/section/education-skills/11-19-year-olds


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • Samy Kamkar is a hacker. And while he’s done a lot of stuff, he’s best known for creating the Samy Worm. Which spread its way through a popular social media site and had crazy results.
    Thanks to our guest Samy Kamkar for telling his story. Learn more about him by visiting https://samy.pl/.
    Sponsors
    This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.
    Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.
    Sources

    Samy’s YouTube Channel

    Video: MySpace Worm Animated Story

    https://samy.pl/myspace/

    https://www.vice.com/en_us/article/wnjwb4/the-myspace-worm-that-changed-the-internet-forever


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • This is a story about the hacker named “dawgyg” and how he made over $100,000 in a single day, from hacking.
    Thanks to our guest dawgyg for telling his story.
    Sponsors
    This episode is sponsored by SentinelOne - to learn more about their endpoint security solutions and get a 30-day free trial, visit sentinelone.com/darknetdiaries
    This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Sources

    Video: The Million-Dollar Hacker | Bloomberg

    Video: Hacker makes big money as a bug bounty hunter | Kim Komando Show

    https://hackerone.com/dawgyg

    dawgyg wins h1415

    https://www.hackerone.com/blog/meet-six-hackers-making-seven-figures

    USA v. DeVoss court records


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • In this episode we hear from Gary and Justin. Two seasoned penetration testers who tell us a story about the time when they tried to break into a courthouse but it went all wrong.
    Sponsors
    This episode was sponsored by Detectify. Try their web vulnerability scanner free. Go to https://detectify.com/?utm_source=podcast&utm_medium=referral&utm_campaign=DARKNET
    This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Sources

    https://arstechnica.com/information-technology/2019/11/how-a-turf-war-and-a-botched-contract-landed-2-pentesters-in-iowa-jail/

    https://krebsonsecurity.com/2020/01/iowa-prosecutors-drop-charges-against-men-hired-to-test-their-security/

    https://www.coalfire.com/News-and-Events/Press-Releases/Coalfire-CEO-Tom-McAndrew-statement

    https://www.desmoinesregister.com/story/news/crime-and-courts/2019/10/10/iowa-supreme-court-justice-cady-policies-courthouse-break-ins-senate-polk-dallas-burglary-ia-cyber/3930656002/

    https://www.desmoinesregister.com/story/news/crime-and-courts/2019/09/19/iowa-state-senator-calls-oversight-committee-investigate-courthouse-break-ins-crime-polk-dallas/2374576001/

    https://www.desmoinesregister.com/story/news/crime-and-courts/2019/10/28/iowa-courthouse-break-ins-men-security-firm-plead-not-guilty-trespassing/2488314001/

    https://www.desmoinesregister.com/story/news/crime-and-courts/2019/10/30/courthouse-break-in-ceo-cyber-security-coalfire-charges-dropped/4097354002/

    https://www.desmoinesregister.com/story/news/crime-and-courts/2020/01/30/courthouse-break-ins-charges-dropped-against-coalfire-employees/4611574002/


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • OxyMonster sold drugs on the darknet at Dream Market. Something happened though, and it all came crashing down.
    Sponsors
    This episode was sponsored by Detectify. Try their web vulnerability scanner free. Go to https://detectify.com/?utm_source=podcast&utm_medium=referral&utm_campaign=DARKNET
    This episode was sponsored by Molekule, a new air purifier that completely destroys air pollutants to help you breath easier. https://molekule.com to use check out code “DARKNET10” to get a discount.

    See complete list of sources at https://darknetdiaries.com/episode/58.

    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • Hear what goes on internally when Microsoft discovers a major vulnerability within Windows.
    Guest
    Thanks to John Lambert for sharing this story with us.
    Sponsors
    Support for this episode comes from ProCircular. Use the team at ProCircular to conduct security assessments, penetration testing, SIEM monitoring, help with patches, or do incident response. Visit www.procircular.com/ to learn more.
    This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Sources

    https://blogs.technet.microsoft.com/johnla/2015/09/26/the-inside-story-behind-ms08-067/

    https://www.justice.gov/opa/pr/payment-processor-scareware-cybercrime-ring-sentenced-48-months-prison

    https://www.nytimes.com/2019/06/29/opinion/sunday/conficker-worm-ukraine.html

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601

    https://www.wired.com/story/nsa-windows-10-vulnerability-disclosure/

    Book: Worm

    Attribution
    Darknet Diaries is created by Jack Rhysider.
    Episode artwork by odibagas.
    Theme music created by Breakmaster Cylinder. Theme song available for listen and download at bandcamp. Or listen to it on Spotify.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • This is the story of Jordan Harbinger. A bit of a misfit teenager, who was always on the edge of trouble. In this story we hear what happened that lead to a visit from the FBI.
    Guest
    Thanks to Jordan Harbinger for sharing his story with us. You can find hist podcast by searching for The Jordan Harbinger Show wherever you listen to podcasts.
    Sponsors
    This episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.

    More information at https://darknetdiaries.com/episode/56.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • A holiday special episode. A private pen tester takes on a job that involves him with another eccentric pen tester, a mischievious smile, and his quest to gain access to the network.
    Guest
    Thanks to TinkerSec for telling us the story.
    Sources
    https://twitter.com/TinkerSec/status/1206410740099366918
    Attribution
    Darknet Diaries is created by Jack Rhysider.
    Artwork this episode by habblesthecat.

    More information at DarknetDiaries.com.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • The story of NotPetya, seems to be the first time, we see what a cyber war looks like. In the summer of 2017 Ukraine suffered a serious and catastrophic cyber attack on their whole country. Hear how it went down, what got hit, and who was responsible.
    Guest
    Thanks to Andy Greenberg for his research and sharing this story. I urge you to get his book Sandworm because it’s a great story.

    Sponsors
    This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2019 to get a $20 credit on your next project.
    Support for this episode comes from Honeybook. HoneyBook is an online business management tool that organizes your client communications, bookings, contracts, and invoices – all in one place. Visit honeybook.com/darknet to get 50% off your subscription.
    This episode was sponsored by CMD. Securing Linux systems is hard, let CMD help you with that. Visit cmd.com/dark to get a free demo.

    For more show notes visit darknetdiaries.com/episode/54.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • The NSA has some pretty advanced, super secret, hacking tools. What if these secret hacking tools were to end up in the wrong person’s hands? Well, that happened.
    Guest
    Thanks to Jake Williams from Rendition Security for telling us the story.
    Sponsors
    This episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • Credit card skimming is growing in popularity. Gas pumps all over are seeing skimmers attached to them. It’s growing in popularity because it’s really effective. Hackers have noticed how effective it is and have began skimming credit cards from websites.
    Guest
    Thanks to Yonathan Klijnsma from RiskIQ. Yonathan has fallen on hard times and could use your help GoFundMe Link.
    Sponsors
    This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2019 to get a $20 credit on your next project.
    Support for this episode comes from Honeybook. HoneyBook is an online business management tool that organizes your client communications, bookings, contracts, and invoices – all in one place. Visit honeybook.com/darknet to get 50% off your subscription.
    This episode was sponsored by CMD. Securing Linux systems is hard, let CMD help you with that. Visit https://cmd.com/dark to get a free demo.

    Visit darknetdiaries.com for full show notes and transcripts.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • Kashmir is a region right in between India, Pakistan, and China. For the last 70 years Pakistan and India have fought over this region of the world, both wanting to take control of it. Tensions sometimes heat up which can result in people being killed. When tensions get high in the real world, some people take to the internet and hack their rivals as a form of protest. In this episode we’ll explore some of the hacking that goes on between India and Pakistan.
    Sponsors
    Support for this episode comes from Check Point. Check Point makes firewalls and security appliances you can use to combat the latest generation of cyber attacks. Upgrade your cybersecurity at CheckPoint.com
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.

    For more show notes and links visit https://darknetdiaries.com/episode/51.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • Operation Inherent Resolve was started in 2016 which aimed to combat ISIS. It was a combined joint task force lead by the US military. Operation Inherent Resolve sent troops, ships, and air strikes to Iraq and Syria to fire weapons upon ISIS military. It’s widely known that US military engaged with ISIS in this way. But what you may not have heard, is the story of how the US military also combated ISIS over the Internet. This is the story of how the US hacked ISIS.
    Sponsors
    This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2019 to get a $20 credit on your next project.
    Support for this episode comes from Honeybook. HoneyBook is an online business management tool that organizes your client communications, bookings, contracts, and invoices – all in one place. Visit [honeybook.com/darknet] to get 50% off your subscription.
    Support for this episode comes from Check Point. Check Point makes firewalls and security appliances you can use to combat the latest generation of cyber attacks. Upgrade your cybersecurity at CheckPoint.com
    Learn more about your ad choices. Visit megaphone.fm/adchoices