Logo
    Search

    Podcast Summary

    • The Evolution of Software Engineering and the Importance of Reliability TestingThe history of software engineering began in the 1960s after a devastating spacecraft crash, emphasizing the importance of reliability testing. Furthermore, computer science education has evolved, providing numerous opportunities for aspiring software engineers.

      Software engineering became a discipline in the 1960s after the Mariner 1 spacecraft crashed due to a tiny bug in the computer code, launch a whole new field of study and new principles for designing, developing, and testing computer software. This incident highlights the need for reliability testing in software and how a small mistake can lead to catastrophic consequences. Additionally, computer science education has come a long way since the 1950s when the term 'software engineer' did not exist and engineers were managing without the tools of modern development. Today's computer science students can take advantage of many scholarships, work-study programs, and alternative funding schemes providing ample opportunities for those interested in pursuing this lucrative field.

    • Maddie's Expertise in Assembly Language and Computer Hardware.Understanding Assembly language provides a deeper understanding of how computers process information and memory. Maddie's expertise allowed her to decipher any program and work as a reverse engineer at Google's Android security team.

      Maddie's fascination with Assembly language and her deep understanding of computer hardware allowed her to decipher any program and work as a reverse engineer at Google's Android security team. Assembly language is low-level and comprises rudimentary commands like move, push, pop, add, subtract, etc. However, it can interact with memory and CPU in ways that high-level languages cannot, making it efficient. Moreover, one can open up the computer case, probe the circuit board, and see what signals are moving through the circuitry, giving ultimate power over the computer. Maddie spent four years researching hardware and firmware at Applied Physics Lab and simultaneously earned a Masters's degree in Computer Science. Her proficiency in Assembly language gave her a deeper understanding of how computers handle memory and processes.

    • Using Reverse-Engineering to Protect Android Devices from MalwareBy reverse-engineering APK files, experts like Maddie can flag malware-containing apps and alert users through Google Play protect system, ultimately helping to protect millions of Android devices from attacks.

      Reverse-engineering is an important process to analyze Android malware. Maddie and her team focus on finding malware in Android devices, including pre-installed and off-Google Play Store apps. GinMaster is one of the most common types of malware infecting millions of devices, stealing user data and giving hackers control over the device. Users unknowingly download and install the virus when they are tricked into installing a lookalike app. Maddie reviews APK files to flag apps containing malware and puts flags into Google Play protect system to alert users. The next step is to write automated solutions since there are too many apps to analyze. Overall, reverse-engineering helps identify malware and protect users from harm.

    • Maddie's mission to detect and prevent malwareMaddie's work highlights the need for constant vigilance in finding and fixing bugs to protect users and maintain cybersecurity.

      Maddie, a Google security engineer, investigates and analyzes sophisticated malware. She presented on a native library used by a botnet at Black Hat, and the malware authors quickly updated their techniques to evade detection. Maddie's goal is to make it harder for people to make malware and easier to find it. She was contacted by Google Project Zero, a team that focuses on finding zero-day vulnerabilities, which could protect not just Google products but any software that Google users may run. If a bug is found, the team alerts the vendor and starts a timer to fix it. Maddie's work demonstrates the importance of constant vigilance in detecting and preventing malware to protect users and maintain cybersecurity.

    • Combining Forces to Tackle Zero-Day Exploits: Maddie's Role in Google Project ZeroGoogle Project Zero's approach of combining different forces, including the expertise of a reverse engineer like Maddie, can help identify patterns and prevent zero-day exploits from harming vulnerable groups such as human rights defenders, journalists, minorities, and politicians.

      Google Project Zero aims to make it harder for zero-day exploits to be out there by combining different forces. Maddie's role as a reverse engineer boosts the potential research that can be done. Her main role is to find patterns to look for more malware out there by feeding known malware to her, making it a different way of looking for malware. Maddie's discovery of how Pegasus software is used in Android has made NSO angry as now they have to find a new way to exploit phones. Generally, nation state actors use zero-day exploits against human rights defenders, journalists, minoritized populations, and politicians, which does impact us all.

    • The Crucial Need to Address Zero-day Vulnerabilities for Digital SafetyIt is important to detect and fix zero-day vulnerabilities to prevent exploitation of innocent people. Deep understanding and teamwork are necessary to solve complex bug issues. A neutral approach to bug fixing is essential regardless of national interests.

      Zero-day vulnerabilities should be found and fixed to ensure digital safety and security of individuals. Nation state actors may use their abilities for both good and bad purposes, and it's crucial to address the vulnerability issue to prevent exploitation of innocent people. Maddie's work in disarming nation state actors by finding and fixing weapons and exploits has faced strange interactions, including being targeted by North Korean hackers. Maddie's philosophy remains unchanged as she focuses on fixing bugs despite potential cross-conflict with national interests. A recent discovery where WebKit's 2013 bug was reintroduced in 2016 and exploited in 2022 highlights the importance of deep understanding and teamwork to solve complex bug issues.

    • Nation-state linked exploit servers delivering zero-day vulnerabilitiesUpdating operating systems and apps is crucial to secure devices and prevent nation-state actors or hackers from exploiting vulnerabilities. Always act fast in response to suspicious activity and work with vendors to patch any bugs.

      A security research team identified exploit servers delivering vulnerabilities on different devices and browsers, caused by a watering hole attack. The discovery of active traffic and users being hacked led to quick action to capture and analyze as many exploits as possible before squashing them and working with vendors to patch bugs in order to stop further infections. The sophisticated nature of the eleven zero-day vulnerabilities used by the exploit server has led the researchers to believe that it was likely a nation state actor behind the attack. Users should always update their operating system and apps to make it harder for hackers to exploit vulnerabilities in their devices.

    • The Importance of Understanding Zero-day Exploits and Nation State Actors in CybersecurityEven with good security hygiene, individuals and entities can still be targeted by state actors using zero-day exploits. Understanding the philosophy behind cybersecurity can help make the world a safer place for information and education.

      Zero-day exploits are often used by nation state actors to target entities or individuals with good security hygiene, such as human rights defenders and journalists. Governments engage in a range of cyber activities, including intelligence-gathering, cybercrime, hacktivism, and election meddling. While Maddie strives to ensure safe and secure access to the internet through her work on zero-day exploits, there are also individuals who exploit vulnerabilities for malicious purposes. Despite spending millions of dollars on developing vulnerabilities, NSA does not report many to vendors, which makes navigating the cybersecurity landscape difficult. Maddie's guiding principle is to make the world a better place with safe and secure access to information and education, and it is important to consider the philosophy behind cybersecurity.

    • Maddie's Mission to Neutralize Zero-Day Vulnerabilities.Maddie and her team are working to build up defenses to help everyone defend against attackers. Their efforts will make it harder for attackers to find vulnerabilities and develop new bug classes that have never been seen before.

      While nation states around the world want to exploit zero-day vulnerabilities, Maddie focuses on neutralizing them and building up defenses to help everyone better defend against attackers. Though the effort has resulted in progress since 2014, zero-day still poses a great threat because many in-the-wild zero-days are variants of previously-patched bugs. Maddie and her team focus on pushing forward and taking advantage of opportunities rather than being discouraged by the news. Offensive security researchers publish to show the new attack surface and exploit techniques that need to be addressed, which is called public state-of-the-art. Maddie and her team's efforts will make it harder for attackers to find vulnerabilities and develop new bug classes that have never been seen before.

    • Closing the Gap in Zero-Day Exploit Awareness and DetectionFocusing on in-the-wild zero-day exploits and improving transparency around them can help allocate resources strategically and increase user awareness. Collaboration between researchers and targeted populations is crucial for detecting and mitigating sophisticated actors.

      The focus on zero-days that are actually exploited in the wild can help close the gap between public and private state-of-the-art, and enables us to put our resources in areas that are super-useful. The rise in detection and disclosure of in-the-wild zero-day exploits is promising, though transparency around these vulnerabilities and exploits can still be improved. Vendors need to be more transparent in disclosing actively exploited vulnerabilities and provide more detailed descriptions. Researchers are working on figuring out how to detect sophisticated actors who are good at cleaning up traces and leaving little evidence of exploitation. Citizen Lab and Amnesty International are doing awesome work in this space, working closely with targeted populations. The goal is to make users aware of active exploitation and provide forensic information.

    Recent Episodes from Darknet Diaries

    147: Tornado

    147: Tornado

    In this episode, Geoff White (https://x.com/geoffwhite247) tells us what happened to Axie Infinity and Tornado cash. It’s a digital heist of epic proportions that changes everything.

    This story comes from part of Geoff’s book “Rinsed” which goes into the world of money laundering. Get yours here https://amzn.to/3VJs7pb.

    Darknet Diaries
    en-usJuly 02, 2024

    146: ANOM

    146: ANOM

    In this episode, Joseph Cox (https://x.com/josephfcox) tells us the story of anom. A secure phone made by criminals, for criminals.

    This story comes from part of Joseph’s book “Dark Wire” which you should definitely read. Get yours here https://www.hachettebookgroup.com/titles/joseph-cox/dark-wire/9781541702691.

    Darknet Diaries
    en-usJune 04, 2024

    145: Shannen

    145: Shannen
    Shannen Rossmiller wanted to fight terrorism. So she went online and did. Read more about her from her book “The Unexpected Patriot: How an Ordinary American Mother Is Bringing Terrorists to Justice”. An affiliate link to the book on Amazon is here: https://amzn.to/3yaf5sI. Thanks to Spycast for allowing usage of the audio interview with Shannen. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    144: Rachel

    144: Rachel
    Rachel Tobac is a social engineer. In this episode we hear how she got started doing this and a few stories of how she hacked people and places using her voice and charm. Learn more about Rachel by following her on Twitter https://twitter.com/RachelTobac or by visiting https://www.socialproofsecurity.com/ Daniel Miessler also chimes in to talk about AI. Find out more about him at https://danielmiessler.com/. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    143: Jim Hates Scams

    143: Jim Hates Scams
    Jim Browning has dedicated himself to combatting scammers, taking a proactive stance by infiltrating their computer systems. Through his efforts, he not only disrupts these fraudulent operations but also shares his findings publicly on YouTube, shedding light on the intricacies of scam networks. His work uncovers a myriad of intriguing insights into the digital underworld, which he articulately discusses, offering viewers a behind-the-scenes look at his methods for fighting back against scammers. Jim’s YouTube channel: https://www.youtube.com/c/JimBrowning Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. This episode is sponsored by Intruder. Growing attack surfaces, dynamic cloud environments, and the constant stream of new vulnerabilities stressing you out? Intruder is here to help you cut through the chaos of vulnerability management with ease. Join the thousands of companies who are using Intruder to find and fix what matters most. Sign up to Intruder today and get 20% off your first 3 months. Visit intruder.io/darknet. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    142: Axact

    142: Axact
    Axact sells fake diplomas and degrees. What could go wrong with this business plan? Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    141: The Pig Butcher

    141: The Pig Butcher
    The #1 crime which results in the biggest financial loss is BEC fraud. The #2 crime is pig butchering. Ronnie Tokazowski https://twitter.com/iHeartMalware walks us through this wild world. Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR & many other compliance frameworks, and provides 24-hour continuous control monitoring so you focus on scaling securely. Listeners of Darknet Diaries can get 10% off Drata and waived implementation fees at drata.com/darknetdiaries. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    139: D3f4ult

    139: D3f4ult
    This is the story of D3f4ult (twitter.com/_d3f4ult) from CWA. He was a hacktivist, upset with the state of the way things were, and wanted to make some changes. Changes were made. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from Quorum Cyber. Their mantra is: “We help good people win.” If you’re looking for a partner to help you reduce risk and defend against the threats that are targeting your business — and especially if you are interested in Microsoft Security — reach out to Quorum Cyber at www.quorumcyber.com/darknet-diaries. Sources https://www.vice.com/en/article/z3ekk5/kane-gamble-cracka-back-online-after-a-two-year-internet-ban https://www.wired.com/2015/10/hacker-who-broke-into-cia-director-john-brennan-email-tells-how-he-did-it/ https://www.hackread.com/fbi-server-hacked-miami-police-data-leaked/ https://archive.ph/Si79V#selection-66795.5-66795.6 https://wikileaks.org/cia-emails/John-Brennan-Draft-SF86/page-7.html Learn more about your ad choices. Visit podcastchoices.com/adchoices

    138: The Mimics of Punjab

    138: The Mimics of Punjab
    This episode is about scammers in the Punjab region. Tarun (twitter.com/taruns21) comes on the show to tell us a story of what happened to him. Naomi Brockwell (twitter.com/naomibrockwell) makes an appearance to speak about digital privacy. To learn more about protecting your digital privacy, watch Naomi’s YouTube channel https://www.youtube.com/@NaomiBrockwellTV. And check out the books Extreme Privacy (https://amzn.to/3L3ffp9) and Beginner’s Introduction to Privacy (https://amzn.to/3EjuSoY). Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from SpyCloud. It’s good practice to see what data is getting passed around out there regarding you, your employees, your customers, and your business. The dark web is a place where this data is traded and shared. SpyCloud will help you find what out there about you and give you a report so you can be aware. Then they’ll continuously monitor the dark web for any new exposures you should be aware of. To learn more visit spycloud.com/darknetdiaries. Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    Related Episodes

    98: Zero Day Brokers

    98: Zero Day Brokers
    Zero day brokers are people who make or sell malware that’s sold to people who will use that malware to exploit people. It’s a strange and mysterious world that not many people know a lot about. Nicole Perlroth, who is a cybersecurity reporter for the NY Times, dove in head first which resulted in her writing a whole book on it. Affiliate link for book: This is How They Tell Me The World Ends (https://www.amazon.com/gp/product/1635576059/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=1635576059&linkCode=as2&tag=tunn01-20&linkId=0aa8c966d98b49a7927bfc29aac76bbe) Audiobook deal: Try Audible Premium Plus and Get Up to Two Free Audiobooks (https://www.amazon.com/Audible-Free-Trial-Digital-Membership/dp/B00NB86OYE/?ref_=assoc_tag_ph_1485906643682&_encoding=UTF8&camp=1789&creative=9325&linkCode=pf4&tag=tunn01-20&linkId=31042b955d5e6d639488dc084711d033) Sponsors Support for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET. Support for this show comes from Privacy.com. Privacy allows you to create anonymous debit cards instantly to use for online shopping. Visit privacy.com/darknet to get a special offer. View all active sponsors. Sources Nicole’s Book: This is How They Tell Me the World Ends https://www.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.html Learn more about your ad choices. Visit podcastchoices.com/adchoices

    ISC StormCast for Friday, September 28th 2018

    059: Warum ist Cyber Security Chefsache, Nico Werner (All-in Digital & CloudCommand)?

    059: Warum ist Cyber Security Chefsache, Nico Werner (All-in Digital & CloudCommand)?
    In der heutigen Interview-Folge des Tech-Podcasts "Blue Screen" begrüßen wir Nico Werner als unseren Gast. Nico ist ein bekannter Podcaster und beschäftigt sich mit dem Thema "Cyber Security ist Chefsache". Da wir uns beide mit IT- und OT-Themen, insbesondere Industrie 4.0, beschäftigen, ist es eine spannende Gelegenheit, uns auszutauschen.

    ISC StormCast for Tuesday, April 2nd 2019