Episodi
-
The world changed forever in 2010. Stuxnet revolutionized the way nations waged war in cyberspace, and there was no turning back. At Iran’s nuclear facility, centrifuges were mysteriously failing, leaving engineers baffled.
//SPONSORS
Support for this show comes from Notesnook. Notesnook is a private, open-source, end-to-end encrypted note-taking app designed to protect your privacy. Take control of your data and start using Notesnook today. Learn more and create your account at https://notesnook.com.
//NO BS PODCAST HOSTING
🟡 Yellowball is a no BS podcast hosting service that I built and run. Whether you're looking to start a podcast, import an existing one, or just want to learn more, head over to https://yellowball.fm to check it out.
//REFERENCES
https://spectrum.ieee.org/the-real-story-of-stuxnet
https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/
https://www.trellix.com/security-awareness/ransomware/what-is-stuxnet/
https://www.cfr.org/cyber-operations/stuxnet
https://en.wikipedia.org/wiki/Stuxnet
-
The infamous Conficker worm, a piece of malware that shook the cybersecurity world in 2008. Conficker exploited a vulnerability in Windows systems (MS08-067) to spread rapidly across millions of machines, from government networks to critical infrastructure.
//SPONSORS
Support for this show comes from Notesnook. Notesnook is a private, open-source, end-to-end encrypted note-taking app designed to protect your privacy. Take control of your data and start using Notesnook today. Learn more and create your account at https://notesnook.com.
//NO BS PODCAST HOSTING
🟡 Yellowball is a no BS podcast hosting service that I built and run. Whether you're looking to start a podcast, import an existing one, or just want to learn more, head over to https://yellowball.fm to check it out.
//REFERENCES
https://en.wikipedia.org/wiki/Conficker
https://www.csl.sri.com/users/porras/
https://www.nytimes.com/2019/06/29/opinion/sunday/conficker-worm-ukraine.html
https://www.csl.sri.com/users/vinod/
https://www.csl.sri.com/users/vinod/papers/Conficker/P2P/index.html
https://www.csl.sri.com/users/vinod/papers/Conficker/
https://www.techtarget.com/searchnetworking/definition/NetBIOS
-
Episodi mancanti?
-
In this episode, we dive into the Agent.BTZ cyber incident—a sophisticated worm that penetrated U.S. military networks through a simple USB drive. Traced to Russian cyber espionage actors, this attack exposed critical vulnerabilities in military cybersecurity, leading to the creation of USCYBERCOM and fundamental changes in digital defense strategies. The episode reveals how a single piece of malware triggered a global reassessment of cyber warfare, highlighting the critical role of human behavior in technological security.
//NO BS PODCAST HOSTING
🟡 Yellowball is a no BS podcast hosting service that I built and run. Whether you're looking to start a podcast, import an existing one, or just want to learn more, head over to https://yellowball.fm to check it out.
//REFERENCES
https://www.wired.com/2008/11/army-bans-usb-d/
https://www.wired.com/2010/03/ff_cyberwar/
https://www.washingtonpost.com/wp-dyn/content/article/2008/12/08/AR2008120803722.html
https://www.symantec.com/security-center/writeup/2008-071813-2408-99
https://www.gao.gov/products/gao-20-241
https://www.nsa.gov/news-features/speeches-testimonies/speeches/
https://www.simonandschuster.com/books/Dark-Territory/Fred-Kaplan/9781476763279
https://www.kimzetter.com/countdown-to-zero-day
https://www.cfr.org/defense-and-security/cyber-operations-and-cybersecurity
https://ndupress.ndu.edu/Media/News/News-Article-View/Article/571543/cyber-power-and-national-security/
https://www.rsaconference.com/Library
https://www.blackhat.com/html/archives.html
http://news.bbc.co.uk/2/hi/technology/7751641.stm
https://www.nytimes.com/2009/05/29/us/politics/29cyber.html
https://www.brookings.edu/experts/peter-w-singer/
https://symantec-enterprise-blogs.security.com/
-
Let's dive deep into the shadowy world of money mules—unwitting intermediaries in online scams and cybercrime. From stolen banking credentials to elaborate parcel reshipping schemes, scammers rely on these individuals to move stolen funds and goods, leaving the mules to bear the legal and financial consequences.
https://darknetdiaries.com/episode/111/ - Darknet Diaries EP 111: ZeuS
//NO BS PODCAST HOSTING
🟡 Yellowball is a no BS podcast hosting service that I built and run. Whether you're looking to start a podcast, import an existing one, or just want to learn more, head over to https://yellowball.fm to check it out.
//REFERENCES
https://www.schwab.com/schwabsafe/think-twice-before-assisting-money-movement
https://krebsonsecurity.com/2020/04/how-cybercriminals-are-weathering-covid-19/
https://www.youtube.com/watch?v=vthPmLORVrM
https://www.youtube.com/watch?v=FxR4EMFH8GU
https://www.youtube.com/watch?v=3_HFHd9E1Fk
https://krebsonsecurity.com/2016/09/money-mule-gangs-turn-to-bitcoin-atms
https://chargebacks911.com/reshipping-scams/
https://www.ukfinance.org.uk/press/press-release/money-mule-recruiters-use-fake-online-job-adverts-to-target-generation-covid
https://www.fbi.gov/how-we-can-help-you/scams-and-safety/common-frauds-and-scams/money-mules
-
In college, I once showed my class the reality of Remote Access Trojans (RATs) with a live demo—showing how easily someone could take over a computer with the right tool. Years later, the real-world ramifications of these tools are even more chilling. Today, we’re diving deep into Poison Ivy, a notorious RAT that took the cybersecurity world by storm in the mid-2000s, and was linked to high-profile cyberattacks on government agencies, human rights organizations, and corporate giants.
//NO BS PODCAST HOSTING
🟡 Yellowball is a no BS podcast hosting service that I built and run. Whether you're looking to start a podcast, import an existing one, or just want to learn more, head over to https://yellowball.fm to check it out.
//REFERENCES
https://www.theregister.com/2012/08/31/nitro_hackers_abuse_java_exploit
https://www.darkreading.com/cyberattacks-data-breaches/poison-ivy-trojan-just-won-t-die
https://www.mandiant.com/sites/default/files/2021-09/rpt-poison-ivy.pdf
https://web.archive.org/web/20080208054011/http://www.poisonivy-rat.com/
https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/poisonivy
-
In this episode, we dive into the chaotic rise of the Mydoom worm, one of the fastest-spreading computer worms ever recorded. From its origins in Russia to its DDoS attacks on SCO Group and Microsoft, Mydoom wreaked havoc on the internet in the early 2000s. We explore how the worm’s clever tactics—like blocking antivirus websites and spreading through email and peer-to-peer networks—made it a formidable threat. Despite the $500,000 bounty, its creator remains a mystery to this day.
//NO BS PODCAST HOSTING
🟡 Yellowball is a no BS podcast hosting service that I built and run. Whether you're looking to start a podcast, import an existing one, or just want to learn more, head over to https://yellowball.fm to check it out.
//REFERENCES
https://www.getsupport.co.uk/blog/2021-10/mydoom-the-fascinating-story-behind-the-worlds-fastest-computer-virus/
https://www.mrbrown.com/blog/2004/07/google_attacked.html
https://www.f-secure.com/v-descs/novarg.shtml
https://www.f-secure.com/v-descs/mydoom-b.shtml
https://www.youtube.com/watch?v=QbIkueFe8E4
-
In 2003, the Fizzer worm took advantage of the growing peer-to-peer file-sharing trend, spreading across Kazaa and beyond. What seemed like a harmless music download on Limewire could turn into a backdoor for hackers. In this episode of In The Shell, I share my personal experience with file sharing on my Blue Dell Inspiron 1100 and how I unknowingly encountered malware for the first time. We’ll explore the origins of the Fizzer worm, its unique ability to auto-update, disable antivirus software, and install keyloggers to steal personal information.
I’ll explain how Fizzer spread through file-sharing platforms and network shares, how it spoofed emails, and the sophisticated techniques it used to stay one step ahead of antivirus programs. From peer-to-peer networks to corporate environments, Fizzer’s reach was global—and the impact on users was profound.
//NO BS PODCAST HOSTING
🟡 Yellowball is a no BS podcast hosting service that I built and run. Whether you're looking to start a podcast, import an existing one, or just want to learn more, head over to https://yellowball.fm to check it out.
//REFERENCES
https://www.f-secure.com/v-descs/fizzer.shtml
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Win32%2fFizzer
https://www.kaspersky.com/about/press-releases/fizzer-a-multi-threat-worm-that-attacks-via-e-mail-and-kazaa
https://www.infoworld.com/article/2234751/fizzer-worm-spreading.html
https://threats.kaspersky.com/en/threat/Email-Worm.Win32.Fizzer/
https://www.helpnetsecurity.com/2003/05/13/fizzer-e-mail-worm-is-spreading-at-an-alarming-rate/
http://virus.wikidot.com/fizzer
https://www.giac.org/paper/gcih/450/w32-fizzera-analysis-infection-prevention-handling/103564
-
In this episode of In the Shell, we dive into one of the most notorious cyber incidents of the early 2000s—the SQL Slammer worm. Join me as we explore how this tiny 376-byte worm caused massive internet disruptions worldwide in 2003. From its rapid spread across 75,000 servers in under 10 minutes to its impact on global infrastructure, the SQL Slammer worm serves as a powerful reminder of the importance of patching vulnerabilities and maintaining strong network security.
We’ll break down the technical aspects, including SQL Server vulnerabilities, the difference between TCP and UDP, and how the worm exploited a buffer overflow to wreak havoc. Plus, we’ll discuss the lessons learned and how cyber threats have evolved since then.
//NO BS PODCAST HOSTING
🟡 Yellowball is a no BS podcast hosting service that I built and run. Whether you're looking to start a podcast, import an existing one, or just want to learn more, head over to https://yellowball.fm to check it out.
//REFERENCES
https://www.netscout.com/blog/asert/remembering-sql-slammer
https://www.historytools.org/docs/the-sql-slammer-virus-how-it-works-and-how-to-protect-yourself
https://threatpost.com/inside-story-sql-slammer-102010/74589/
https://www.caida.org/catalog/papers/2003_sapphire/
https://www.wired.com/2003/07/slammer/
-
In this episode of In the Shell, we dive into the story of the Code Red worm, one of the most notorious cyberattacks in history. We explore how it all began with a vulnerability in Microsoft IIS web servers, leading to the rise of multiple versions of the worm. From defaced websites to failed DDOS attacks, and the eventual rise of the dangerous Code Red II, this episode uncovers the chaos it caused and the lessons we can still learn from it today.
//NO BS PODCAST HOSTING
🟡 Yellowball is a no BS podcast hosting service that I built and run. Whether you're looking to start a podcast, import an existing one, or just want to learn more, head over to https://yellowball.fm to check it out.
//REFERENCES
https://www.caida.org/archive/code-red/
https://www.scientificamerican.com/article/code-red-worm-assault-on/
https://www.sans.org/white-papers/87/
https://www.xenonstack.com/insights/virus-codered-worm/
https://www.gao.gov/assets/gao-01-1073t.pdf
//NEWS CLIPS
https://www.youtube.com/watch?v=yiXRxZ5CPa0
https://www.youtube.com/watch?v=mMSnmAcG1XM
https://www.youtube.com/watch?v=ajbmCtB8tNo
-
On May 4th, 2000, an email with the subject “ILOVEYOU” spread like wildfire across the internet. What seemed like a harmless message turned into one of the most notorious worms in history, infecting millions of computers worldwide. In this episode of In the Shell, I dive into the story behind the ILOVEYOU worm—how it was created, who was behind it, and the chaos it unleashed. We'll explore the origins of this infamous piece of malware, the mind of its creator, and the lessons learned from one of the first major cyberattacks. Join me as we take a closer look at how a simple email caused global disruption and forever changed the way we think about online security.
//NO BS PODCAST HOSTING
🟡 Yellowball is a no BS podcast hosting service that I built and run. Whether you're looking to start a podcast, import an existing one, or just want to learn more, head over to https://yellowball.fm to check it out.
