Episodi

  • In this episode, we’re going into the depths of North Korea to conduct one of the greatest hacks of all time. To find a way to inject information into a country run by totalitarian regime.
    A big thanks to Yeonmi Park for sharing her story with us. Also thanks to Alex Gladstein for telling us the inside story.
    You can find more about Flash Drive For Freedom at flashdrivesforfreedom.org.

    Yeonmi’s book "In Order to Live": https://www.amazon.com/gp/product/014310974X/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=014310974X&linkCode=as2&tag=darknet04-20&linkId=88ebdc087c6ce041105c479b1bb6c3d2

    Sponsors
    This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • Ghost Exodus is a hacker. He conducted various illegal activities online. Some of which he documents on YouTube. He’s also a great musician. He got into some trouble from his hacking. This is his story.
    A big thanks to Ghost Exodus for sharing his story with us. Also thanks to Wesley McGrew for telling us the inside story.
    Sponsors
    This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    This episode was sponsored by Detectify. What vulnerabilities will their crowdsource-powered web vulnerability scanner detect in your web applications? Find out with a 14-day free trial. Go to https://detectify.com/Darknet
    Sources

    https://www.pcworld.com/article/167756/article.html

    https://archives.fbi.gov/archives/dallas/press-releases/2011/dl031811.htm


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • Episodi mancanti?

    Fai clic qui per aggiornare il feed.

  • We all know that computers and networks are vulnerable to hacking and malicious actors, but what about us, the humans who interface with these devices? Con games, scams, and strategic deception are far older than computers, and in the modern era, these techniques can make humans the weakest link in even the most secure system. This episode, security consultant and master social engineer, Christopher Hadnagy, joins us to share his stories and wisdom. He describes what it was like to be a social engineer before the world knew what social engineering was and tells some of his amazing stories from his long career in penetration testing.
    A big thanks to Christopher Hadnagy from social-engineer.org for sharing his stories with us.
    Check out his book Social Engineering: The Science of Human Hacking, affiliate link here.
    Check out his podcast called The Social-Engineer podcast.
    Sponsors
    This episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.
    Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.
    Sources

    https://www.social-engineer.org/

    How phishing scammers manipulate your amygdala and oxytocin TEDxFultonStreet

    DEF CON 22 - Chris Hadnagy - What Your Body Tells Me - Body Language for the SE

    https://en.wikipedia.org/wiki/George_C._Parker


    Book Recommendations with affiliate links:

    Social Engineering

    Influence

    What Every Body is Saying

    Emotions Revealed

    Presence

    It’s Not About “Me”, Top 10 Techniques for Building Rapport


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • A mysterious mechanical failure one fateful night in a Saudi Arabian chemical plant leads a cast of operational technology researchers down a strange path towards an uncommon, but grave, threat. In this episode, we hear how these researchers discovered this threat and tried to identify who was responsible for the malware behind it. We also consider how this kind of attack may pose a threat to human life wherever there are manufacturing or public infrastructure facilities around the world.
    A big thanks to Julian Gutmanis, Naser Aldossary, Marina Krotofil, and Robert M. Lee for sharing their stories with us.
    Sponsors
    This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.
    This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project.
    Sources

    https://www.fireeye.com/blog/threat-research/2019/04/triton-actor-ttp-profile-custom-attack-tools-detections.html

    https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html

    https://www.fireeye.com/blog/threat-research/2018/10/triton-attribution-russian-government-owned-lab-most-likely-built-tools.html

    https://dragos.com/wp-content/uploads/TRISIS-01.pdf

    Video S4 TRITON - Schneider Electric Analysis and Disclosure

    Video S4 TRITON - Mandiant Analysis at S4x18

    Video S4 TRITON - Reverse Engineering the Tricon Controller by Dragos

    Video S4 TRITON - A Report From The Trenches

    Video - Safety Orientation video for the Chemical Plant


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • John Strand is a penetration tester. He’s paid to break into computer networks and buildings to test their security. In this episode we listen to stories he has from doing this type of work.
    Thanks to John Strand for coming on the show and telling your story.
    Sponsors
    Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Sources

    How a Hacker’s Mom Broke Into a Prison—and the Warden’s Computer

    Video: How not to suck at pen testing John Strand

    Video: I Had My Mom Break Into Prison


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • Freakyclown is a physical penetration tester. His job is to break into buildings to test the security of the building. In this episode we hear stories of some of these missions he’s been on.
    Thanks to Freakyclown for coming on the show and telling your story.
    Sponsors
    This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.
    This episode was sponsored by Molekule, a new air purifier that completely destroys air pollutants to help you breath easier. https://molekule.com.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • This week, while we are busy making a new episode of Darknet Diaries, so we are going to play for you an episode from another podcast we think you'll really like. It's called the Jordan Harbinger show. In this episode he interviews Jack Barsky, a former KGB spy.

    We had Jordan on this podcast once, episode 56. https://darknetdiaries.com/episode/56/

    Subscribe to the Jordan Harbinger show, wherever you listen to podcasts or at https://www.jordanharbinger.com/podcasts/
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • PSYOP, or “Psychological Operations”, is something the US military has been doing to foreign audiences for decades. But what exactly is it? And what’s the difference between white, gray, and black PSYOP missions? We talk to PSYOP specialists to learn more.
    Thanks to Jon Nichols for telling us about this fascinating world.
    Sponsors
    Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Sources

    https://www.democracynow.org/2006/3/24/the_psyops_war_a_look_at

    https://en.wikipedia.org/wiki/Lincoln_Group

    https://www.goarmy.com/careers-and-jobs/special-operations/psyop/psyop-mission.html#

    https://en.wikipedia.org/wiki/Operation_Wandering_Soul_(Vietnam_War)

    https://en.wikipedia.org/wiki/Torches_of_Freedom

    http://cgsc.contentdm.oclc.org/cdm/ref/collection/p16040coll3/id/182

    https://archive.org/details/PropagandaAudiobook/Propaganda+Chapter+01.mp3

    https://www.newsweek.com/us-military-gets-mysterious-and-false-text-message-evacuate-korean-peninsula-669875

    https://www.cbinsights.com/research/future-of-information-warfare/

    https://en.wikipedia.org/wiki/National_Defense_Authorization_Act_for_Fiscal_Year_2013#Smith%E2%80%93Mundt_Modernization_Act_of_2012

    Videos

    Vietnam War Ghost Audio Tape used in PSYOPS ‘Wandering Soul’

    Jon Nichols Part 0 - Unallocated Spaces Talk on Russian Propaganda

    Cyber-Influence: Cyberwar and Psychological Operations

    WWII Psych Ops

    MISO Marines broadcast important information to Afghans

    The War You Don’t See

    Edward L. Bernays interview, 1986-10-23

    As it fights two wars, the Pentagon is steadily and dramatically increasing money spent on propaganda


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • Vodafone Greece is the largest telecom provider in Greece. But in 2004 a scandal within the company would pin them to be top of the news cycle in Greece for weeks. Hackers got in the network. And what they were after took everyone by surprise.
    Sponsors
    Support for this episode comes from Okta. Learn more about how you can improve your security posture with the leader in identity-driven security at okta.com/darknet.
    This episode is supported by PlexTrac. PlexTrac is the purple teaming platform and is designed to streamline reporting, tracking and attestation so you can focus on getting the real cybersecurity work done. Whether you're creating pen test reports on the red team, or tracking and remediating on the blue team, PlexTrac can help.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • The hacker named w0rmer was active within AnonOps. These are Anonymous Operations which often organize and wage attacks on websites or people often with the purpose of social justice. Eventually w0rmer joined in on some of these hacking escapades which resulted in an incredible story that he will one day tell his kids.
    Thanks to w0rmer for telling us your story.
    Sponsors
    This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.
    Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.
    SourcesArchived Tweets
    Feb 7, 2012 Twitter user @Anonw0rmer posts “@MissAnonFatale I managed to pwn1 a site , get my papers , find my required primary IDS , yeah baby, i deservers em :)”
    Feb 8, 2012 1:17 AM, Twitter user @Anonw0rmer posted, “ROFL! WaS that us? https://www.wvgazettemail.com/news/legal_affairs/hackers-group-posts-police-chiefs-information-online/article_77f79fd5-f76f-5825-ae19-43a398361fdf.html o yeah oops #OpPigRoast #CabinCr3w”
    Feb 9, 2012 12:35 AM, Twitter user @Anonw0rmer posted, “DB Leak http://dps.alabama.gov https://pastehtml.com/view/bnik8yo1q.html”. The bottom of this post originally showed this NSFW image.
    Feb 9, 2012 at 8:42 PM, Twitter user @Anonw0rmer posted, “Mobile Alabama Police Criminal Record Database Logins Failing To Protect And Serve I Via @ItsKahuna I http://pastehtml.com/view/bnmjxxgfp.html #OpPiggyBank.”
    Feb 9, 2012 at 8:39 PM, Twitter user @CabinCr3w posted, “Texas Dept. of safety Hacked By @AnonWOrmer for #OpPiggyBank http://bit.ly/x1KH5Y #CabinCr3w #Anonymous” Bottom of pastebin also shows a woman holding a sign saying “We Are ALL Anonymous We NEVER Forgive. We NEVER Forget. <3 @Anonw0rmer”
    Feb 10, 2012 at 9:07 PM, Twitter user @Anonw0rmer posted, “My baby SETS standards ! wAt U got? https://i.imgur.com/FbH2K.jpg https://i.imgur.com/zsPvm.jpg https://i.imgur.com/S2S2C.jpg https://i.imgur.com/TVqdN.jpg #CabinCr3w”.
    Links

    Criminal Complaint - United States Western District Court of Texas

    https://gizmodo.com/these-breasts-nailed-a-hacker-for-the-fbi-5901430

    https://www.tomsguide.com/us/Anonymous-CabinCr3w-w0rmer-Ochoa-Australia,news-14803.html


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • Cam’s story is both a cautionary tale and inspirational at the same time. He’s been both an attacker and defender. And not the legal kind of attacker. He has caused half a million dollars in damages with his attacks. Attacks that arose from a feeling of seeing injustices in the world. Listen to his story.
    Sponsors
    This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Sources

    BBC: The teenage hackers who’ve been given a second chance

    https://www.bbc.com/news/av/technology-40655656/uk-s-first-boot-camp-hopes-to-reform-teenage-hackers

    https://www.ncsc.gov.uk/

    https://www.csa.limited/

    https://www.tripwire.com/state-of-security/latest-security-news/teenager-who-ddosed-governments-seaworld-receives-no-jail-time/

    https://www.ncsc.gov.uk/section/education-skills/11-19-year-olds


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • Samy Kamkar is a hacker. And while he’s done a lot of stuff, he’s best known for creating the Samy Worm. Which spread its way through a popular social media site and had crazy results.
    Thanks to our guest Samy Kamkar for telling his story. Learn more about him by visiting https://samy.pl/.
    Sponsors
    This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.
    Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial.
    Sources

    Samy’s YouTube Channel

    Video: MySpace Worm Animated Story

    https://samy.pl/myspace/

    https://www.vice.com/en_us/article/wnjwb4/the-myspace-worm-that-changed-the-internet-forever


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • This is a story about the hacker named “dawgyg” and how he made over $100,000 in a single day, from hacking.
    Thanks to our guest dawgyg for telling his story.
    Sponsors
    This episode is sponsored by SentinelOne - to learn more about their endpoint security solutions and get a 30-day free trial, visit sentinelone.com/darknetdiaries
    This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Sources

    Video: The Million-Dollar Hacker | Bloomberg

    Video: Hacker makes big money as a bug bounty hunter | Kim Komando Show

    https://hackerone.com/dawgyg

    dawgyg wins h1415

    https://www.hackerone.com/blog/meet-six-hackers-making-seven-figures

    USA v. DeVoss court records


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • In this episode we hear from Gary and Justin. Two seasoned penetration testers who tell us a story about the time when they tried to break into a courthouse but it went all wrong.
    Sponsors
    This episode was sponsored by Detectify. Try their web vulnerability scanner free. Go to https://detectify.com/?utm_source=podcast&utm_medium=referral&utm_campaign=DARKNET
    This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Sources

    https://arstechnica.com/information-technology/2019/11/how-a-turf-war-and-a-botched-contract-landed-2-pentesters-in-iowa-jail/

    https://krebsonsecurity.com/2020/01/iowa-prosecutors-drop-charges-against-men-hired-to-test-their-security/

    https://www.coalfire.com/News-and-Events/Press-Releases/Coalfire-CEO-Tom-McAndrew-statement

    https://www.desmoinesregister.com/story/news/crime-and-courts/2019/10/10/iowa-supreme-court-justice-cady-policies-courthouse-break-ins-senate-polk-dallas-burglary-ia-cyber/3930656002/

    https://www.desmoinesregister.com/story/news/crime-and-courts/2019/09/19/iowa-state-senator-calls-oversight-committee-investigate-courthouse-break-ins-crime-polk-dallas/2374576001/

    https://www.desmoinesregister.com/story/news/crime-and-courts/2019/10/28/iowa-courthouse-break-ins-men-security-firm-plead-not-guilty-trespassing/2488314001/

    https://www.desmoinesregister.com/story/news/crime-and-courts/2019/10/30/courthouse-break-in-ceo-cyber-security-coalfire-charges-dropped/4097354002/

    https://www.desmoinesregister.com/story/news/crime-and-courts/2020/01/30/courthouse-break-ins-charges-dropped-against-coalfire-employees/4611574002/


    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • OxyMonster sold drugs on the darknet at Dream Market. Something happened though, and it all came crashing down.
    Sponsors
    This episode was sponsored by Detectify. Try their web vulnerability scanner free. Go to https://detectify.com/?utm_source=podcast&utm_medium=referral&utm_campaign=DARKNET
    This episode was sponsored by Molekule, a new air purifier that completely destroys air pollutants to help you breath easier. https://molekule.com to use check out code “DARKNET10” to get a discount.

    See complete list of sources at https://darknetdiaries.com/episode/58.

    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • Hear what goes on internally when Microsoft discovers a major vulnerability within Windows.
    Guest
    Thanks to John Lambert for sharing this story with us.
    Sponsors
    Support for this episode comes from ProCircular. Use the team at ProCircular to conduct security assessments, penetration testing, SIEM monitoring, help with patches, or do incident response. Visit www.procircular.com/ to learn more.
    This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Sources

    https://blogs.technet.microsoft.com/johnla/2015/09/26/the-inside-story-behind-ms08-067/

    https://www.justice.gov/opa/pr/payment-processor-scareware-cybercrime-ring-sentenced-48-months-prison

    https://www.nytimes.com/2019/06/29/opinion/sunday/conficker-worm-ukraine.html

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601

    https://www.wired.com/story/nsa-windows-10-vulnerability-disclosure/

    Book: Worm

    Attribution
    Darknet Diaries is created by Jack Rhysider.
    Episode artwork by odibagas.
    Theme music created by Breakmaster Cylinder. Theme song available for listen and download at bandcamp. Or listen to it on Spotify.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • This is the story of Jordan Harbinger. A bit of a misfit teenager, who was always on the edge of trouble. In this story we hear what happened that lead to a visit from the FBI.
    Guest
    Thanks to Jordan Harbinger for sharing his story with us. You can find hist podcast by searching for The Jordan Harbinger Show wherever you listen to podcasts.
    Sponsors
    This episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.

    More information at https://darknetdiaries.com/episode/56.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • A holiday special episode. A private pen tester takes on a job that involves him with another eccentric pen tester, a mischievious smile, and his quest to gain access to the network.
    Guest
    Thanks to TinkerSec for telling us the story.
    Sources
    https://twitter.com/TinkerSec/status/1206410740099366918
    Attribution
    Darknet Diaries is created by Jack Rhysider.
    Artwork this episode by habblesthecat.

    More information at DarknetDiaries.com.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • The story of NotPetya, seems to be the first time, we see what a cyber war looks like. In the summer of 2017 Ukraine suffered a serious and catastrophic cyber attack on their whole country. Hear how it went down, what got hit, and who was responsible.
    Guest
    Thanks to Andy Greenberg for his research and sharing this story. I urge you to get his book Sandworm because it’s a great story.

    Sponsors
    This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2019 to get a $20 credit on your next project.
    Support for this episode comes from Honeybook. HoneyBook is an online business management tool that organizes your client communications, bookings, contracts, and invoices – all in one place. Visit honeybook.com/darknet to get 50% off your subscription.
    This episode was sponsored by CMD. Securing Linux systems is hard, let CMD help you with that. Visit cmd.com/dark to get a free demo.

    For more show notes visit darknetdiaries.com/episode/54.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

  • The NSA has some pretty advanced, super secret, hacking tools. What if these secret hacking tools were to end up in the wrong person’s hands? Well, that happened.
    Guest
    Thanks to Jake Williams from Rendition Security for telling us the story.
    Sponsors
    This episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.
    Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up.
    Learn more about your ad choices. Visit megaphone.fm/adchoices