Logo

    134: Deviant

    Before conducting physical penetration tests, obtain a genuine authorization letter from a high-ranking official in the company. Be discreet and avoid raising suspicion to avoid being caught, as emotional investment and attention to detail from employees can lead to exposure.

    en-usJune 06, 2023

    About this Episode

    Deviant Ollam is a physical penetration specialist. That means he’s paid to break into buildings to see if the building is secure or not. He has done this for a long time and has a lot of tricks up his sleeve to get into buildings. In this episode we hear 3 stories of him breaking into buildings for a living. You can find more about Deviant on the following sites: https://twitter.com/deviantollam https://www.instagram.com/deviantollam https://youtube.com/deviantollam https://defcon.social/@deviantollam https://deviating.net/ Sponsors Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. This show is sponsored by Packetlabs. They’ve created the Penetration Testing Buyer’s guide - a comprehensive resource that will help you plan, scope, and execute your Penetration Testing projects. Inside, you’ll find valuable information on frameworks, standards, methodologies, cost factors, reporting options, and what to look for in a provider. https://guide.packetlabs.net/. Support for this show comes from Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR & many other compliance frameworks, and provides 24-hour continuous control monitoring so you focus on scaling securely. Listeners of Darknet Diaries can get 10% off Drata and waived implementation fees at drata.com/darknetdiaries. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    🔑 Key Takeaways

    • Security measures should be spread out throughout the entire vault, including cameras and sensors in walls, and businesses must plan for employee departures to prevent major security risks.
    • Small opportunities can lead to great things. Physical security is crucial, and proper security measures must be implemented to ensure safety. A simple door can be easily bypassed without proper security measures.
    • Elevators may not be as safe as you think - physical penetration testing is essential to fully understand the security measures in place and how they can be bypassed. Don't underestimate the importance of testing and securing elevators.
    • Physical penetration testers provide value through their expertise and detailed reports, while locksmiths can adapt their skills to become physical penetration testers. Successfully breaking into a building requires an understanding of not only physical access, but also detection avoidance and response management.
    • Penetration testing requires both technical skills and physical access, with critical thinking being an essential aspect. In analyzing the situation carefully, a diverse set of skills between team members is mutually beneficial for successful penetration testing.
    • Electronic door locks can be vulnerable if the sensor position is known. A straw-fed with propellant can trigger the sensor and open the door. Remote access requires Dropbox.
    • Always carry your access card and be aware of security protocols in public spaces to avoid close encounters and potential security breaches.
    • Confidence and adaptability are key skills to navigate unfamiliar situations, while industry knowledge and appearance facilitate effective communication.
    • Testing a company's security involves assessing the physical building, people and electronics. Ethical testers prioritize not causing harm or danger while tricking employees, while also ensuring clients' security posture is protected without exposing them to danger.
    • Conducting regular penetration tests is crucial for identifying vulnerabilities in physical security measures. Thinking outside the box and being adaptable are essential in this process.
    • Regular penetration testing can identify security vulnerabilities and promote preparedness for unexpected situations, ultimately safeguarding sensitive information and assets from potential security breaches.
    • Before conducting physical penetration tests, obtain a genuine authorization letter from a high-ranking official in the company. Be discreet and avoid raising suspicion to avoid being caught, as emotional investment and attention to detail from employees can lead to exposure.
    • Creating a positive work environment by paying employees fairly, providing benefits and recognizing their contribution can lead to increased efficiency in security measures. Preparing for possible breaches and having an alternate team plan can ensure a sustainable security system.
    • Thorough preparation and meticulous planning with a cross-disciplinary team of experts, including the use of advanced equipment, can help handle any challenges and lead to success in a large-scale job.
    • Companies invest in hiring Red Teams to test their defenses and identify any vulnerabilities that can be exploited. They use advanced tools such as SpotterRF, which helps track potential threats.
    • Understanding the entry points and gate systems of a secure facility can help gather valuable information, even in the face of tough security measures.
    • Regular security system audits and updates are crucial in minimizing the risk of security breaches. Guards must be trained to check trunks and other areas during inspections to prevent potential gaps in security.
    • Companies must educate their employees to be alert and cautious of social engineering tactics, frequently evaluate and enhance security measures, and ensure their employees use their security badges effectively to prevent unauthorized access.
    • Proper building security requires constant upgrades and various levels of security from outer perimeter to innermost sensitive areas to prevent unauthorized access.
    • In the complex world of security testing, being prepared with backup plans and utilizing creative distractions can be crucial in identifying vulnerabilities and preventing potential breaches. Clear protocols and communication are also essential elements for success.
    • Being aware and facing the dark with others can make things less scary. Engage with allies, learn from security assessments, and improve to overcome fear.

    📝 Podcast Summary

    Importance of Effective Vault Security Measures

    Security measures should be spread out throughout the entire vault and not just focused on the door, as demonstrated by the robbery of a bank vault in Antwerp. Physical penetration specialists, like Deviant Ollam, are experts in identifying and exploiting these vulnerabilities. It's important for businesses to have a plan for when employees with key access leave, as it creates a major security risk. Antwerp's diamond district is a hub for the world's diamond trade, but it also attracts criminals who want to steal those diamonds. This reinforces the importance of having secure facilities, including security measures spread out throughout the entire vault, such as cameras and sensors in the walls of the vault.

    From Break-in to Physical Security Consultant: The Story of Deviant

    The story of Deviant breaking into a law firm's locked IT room with just a folder led to him being called back to the office to do a full penetration test which eventually resulted in his career as a physical security consultant. Deviant's locksmith skills made him popular, which kickstarted his career as a trainer, consultant, and advisor in physical security. He now has more than one company and is breaking into safes on army bases. His story is a perfect example of how small opportunities can lead to greater things. The incident also highlighted the importance of physical security in office buildings, and how even a regular door can be easily bypassed if the proper security measures are not implemented.

    Elevators and Physical Security Measures: What You Need to Know

    Elevators are not as secure as one thinks. Common keys used by a lot of elevators are not hard to get. It is necessary to test the security of elevators and not consider them as a mysterious box that only the technician knows how to control. Deviant has extensive knowledge of bypassing physical security measures and loves to teach others. Physical penetration testing is essential to understand different security measures, locks, and doors. Deviant has given more talks about security conferences than anyone else. There are millions of ways to get a locked door open; one of them is shim it open. Whole doors installed backwards allow you to take the door off without touching the lock.

    The Similarities and Differences Between Physical Penetration Testers and Locksmiths

    Physical penetration testers and locksmiths share a common skill set, but physical penetration testers also deliver value through their comprehensive knowledge and the report they deliver. Locksmiths are often guarded with their knowledge, but as the field of information security evolves, more locksmiths can become physical penetration testers. The success of a physical penetration test is not just getting into the building, but also avoiding detection and dealing with responses effectively. While physical penetration testers and locksmiths have overlapping skills, they have different mindsets. Physical penetration testers can break into a building and teach their clients how they did it, while locksmiths are often hired to simply break into a building.

    The Importance of Physical Access and Critical Thinking in Penetration Testing

    Penetration testing companies team up to access a building's network and test its security. Physical access is crucial for gaining remote access, and having a diverse set of skills between team members is mutually beneficial. Deviant checks out the building before attempting to gain access and realizes that the security is concentrated at one point of entry, leaving other areas vulnerable. Deviant uses a checklist to assess vulnerabilities in the building's doors before finding an easier way in. It's not just about having special tools but analyzing the situation carefully. Testing security is not just about technology; it also involves physical access and critical thinking skills, which are crucial for successful penetration testing.

    Exploiting Electronic Door Locks with Propellant Cloud Triggers

    Physical access control systems with electronically locked doors can be exploited by triggering the sensor with a little cloud of propellant to open the door. These sensors are very common in access control environments that detect egress events. A sensor detects impending egress events through motion sensors. A straw-fed with propellant can be used to trigger the sensor, and the door will pop open. However, this method is successful if the sensor position is known. You need to know where the sensor is located in the vestibule to trigger it. In addition, leaving a computer to access from a remote location requires a Dropbox.

    Importance of Access Cards and Security Protocols in Public Spaces

    Deviant, a security consultant, found a place to hide in an elevator after forgetting his access card in his hotel room. He decided to put the elevator on independent service mode and soon found himself relaxing and scrolling through Twitter. However, after a couple of hours, he heard a loud banging noise that he assumed was the cleaners. But to his surprise, it was a security guard who had noticed he was in the elevator and had taped a notice that the elevator was out of service. Deviant had a close encounter and realized the importance of having access cards and being aware of the security protocols to avoid such incidents in the future.

    The Importance of Confidence and Adaptability in Unexpected Situations

    The power of confidence and a little bit of knowledge can get you far. By acting confidently and using industry jargon, the protagonist was able to convince a security guard that he was a technician and gain access to restricted areas. This shows how appearance and language can be important in convincing others of your abilities and expertise. However, it also emphasizes the importance of being able to think on your feet and adapt to unexpected situations, as the protagonist was able to do when thrown into a situation that was not according to plan. Overall, this story showcases the importance of confidence, quick thinking, and adaptability in navigating unexpected situations.

    Importance of Ethical Testing in Company Security

    When testing a company's security, it is important to test all aspects including the physical building, people, and electronics. Deviant Ollam, a professional social engineer, believes in a moral code in testing people which involves not causing harm or putting anyone in danger. He tricked a guard into thinking he worked for the elevator company but also gave the guard opportunities to verify his credentials. Social engineers want people to feel better for having met them instead of leaving them feeling awful about being deceived. However, not all bad actors have the same moral code and can resort to violent means to access company data. Deviant believes in giving clients a win by testing their security posture but also ensuring that they are not exposed to any danger.

    The Importance of Creativity and Strategy in Penetration Testing

    Penetration testing requires creativity and strategy. Deviant and his team used a search-and-rescue dog and social engineering tactics to gain access to a facility in a small town. They avoided contact with employees by going at night and on a Sunday. By compromising the RFID key cards, Deviant was able to gain access to sensitive areas. This emphasizes the importance of testing physical security measures and highlights vulnerabilities that may go unnoticed without testing. It also shows the value of thinking outside the box and being adaptable in the face of challenges. Companies should consider conducting regular penetration tests to identify weaknesses and improve their overall security posture.

    The Importance of Effective Penetration Testing

    Penetration testing involves attempting to breach security measures to identify vulnerabilities. The team in this story used social engineering tactics to gain access to a factory, replicating employee badges and dressing the part. While they were successful at getting inside, they encountered an unexpected employee who was suspicious of their presence. Despite the risk, they were able to leave without incident. This highlights the importance of testing security measures and being prepared for unexpected situations. Effective penetration testing can help identify vulnerabilities and prevent security breaches, ultimately protecting sensitive information and valuable assets.

    The Importance of Authorization and Discretion in Physical Penetration Tests

    When conducting physical penetration tests, it is crucial to carry a letter of authorization from the company, preferably from someone high up who can vouch for you. If caught, this authorization can act as a 'get-out-of-jail-free card.' However, it is important to use a genuine authorization letter, as a fake one can easily be uncovered. Deviant and his crew were caught during a security test and could not lie their way out of it. The employee caught them and checked the authenticity of their letter by calling the company head of security himself. It is also important to be discreet during physical penetration tests and not raise suspicion. The employee caught them because he had emotional investment in the company and was attentive to details.

    Investing in Employees for a Stronger Security System

    Investing in employees and creating a positive work environment can lead to a stronger security system. Having employees who care about what's going on and are invested in their company can act as the best line of defense. It's important to pay employees properly, give them real benefits and reward them. The success of being caught in a security breach lies in catching it for all the right reasons, as it reflects on the efficiency and effectiveness of the security system. It's important to have a list of sensitive assets and formulate a series of attack chains to prepare for possible breaches. In case of burning out of one team, having an alternative plan could be beneficial.

    Deviant and his Cross-Disciplinary Team's Preparation for a Large-scale Job

    Deviant and his team of cross-disciplinary experts embarked on a large-scale job, which required thorough preparation and meticulous planning. This included using long-range cameras, drones, and full badge-printing machines. The team consisted of experts in electronics, surveillance, physical tactics, and social engineering. They had to rotate rental cars constantly and drive long distances to get to the site. The initial phase of the job involved rigorous reconnaissance, including driving by, long-range camera work, and crawling through fields in hunter's camo. The job was scaled so vast that they even brought along interns, making them a whole Oceans Eleven crew. They were ready for anything, which helped them prepare to handle any challenges they faced during the job.

    Red Teams and Advanced Tools Used to Test and Improve Company Security

    Companies invest a lot of money in their security systems to detect and stop any sabotage or intrusion. Hence, they also hire red teams who attack their own company to find weak points that an adversary may exploit. Getting past such systems requires elaborate planning, reconnaissance, and gathering key information. Threat actors may spend an entire night in the dirt with long-range glass to learn which employees go through which doors, when security patrols come around and when they don't. The red team engages in such activities to test their defenses and improve security. Companies have sophisticated tools, such as SpotterRF to detect motion sensing in a field, which can be used to track a potential threat.

    Overcoming High-Security Measures Using Surveillance and Gate System Expertise

    Creating a fake profile is difficult and time-consuming, requiring a history and connections, like planting crops. Deviant was able to determine that the only entry point to a secure facility was through the vehicle checkpoint, which utilized a badge-reader and gate arm. Understanding the gate system allowed them to identify potential exploits and gather valuable surveillance footage. Ground loop sensors were used to detect vehicles and prevent gate arm damage, making foot entry impossible. Despite the high-security measures, Deviant was able to gather information and plan their next move using their expertise in surveillance and understanding of gate systems.

    The Dangers of Tailgating Attacks and How Attackers Breach Security Measures

    Security systems can be vulnerable to tailgating attacks where someone closely follows another person through a secure checkpoint. By using social engineering tactics and carefully planning a backup strategy, it is possible to breach security measures. In this case, the attackers created fake badges and used a dwell time workaround to follow a car through a gated checkpoint. They also planned for multiple exit strategies in case of an emergency. The guards on duty did not check car trunks, leading to a potential security gap. These insights highlight the need to regularly audit and update security systems to minimize the risk of breaches.

    The Power of Social Engineering in Unauthorized Access to Secure Areas

    Social engineering is an effective tool to gain access to secure areas. The three teams used different tactics such as tailgating and pretending to be new employees to get into the facility. They thoroughly inspected the area by checking doors and taking note of the tolerances in order to exploit their way in. It is important for companies to train their employees to be aware of these tactics and to always use their badges properly. Companies also need to regularly inspect their premises for any vulnerabilities and to implement stricter security measures to prevent unauthorized access.

    The Importance of Defense in-Depth for Building Security

    The importance of defense in-depth for proper building security is highlighted through the experiences of the hackers who were able to gain access to sensitive areas by being sloppy and prop doors open with doorstops. They were surprised to find that they were not actively being challenged and were able to get into multiple sensitive rooms without being caught. The hackers decided to step it up and try to see what level of noise it would take to make the employees report them to security. The customers even suggested they try drilling a door which they paid for. This highlights the importance of constant upgrades and various levels of security starting from the outer perimeter to the innermost sensitive area.

    The Importance of Backup Plans and Creativity in Security Testing

    The importance of having a backup plan and being creative when the original plan fails is highlighted in this story, as the protagonist uses distractions like setting off alarms and biking around to divert attention while his team successfully completes their mission. The story also emphasizes the value of communication and the need to have clear protocols in place, as the security guards suggest calling for remote access instead of causing a commotion. Overall, the story highlights the complex nature of security testing and the need for thorough planning and execution to identify vulnerabilities and prevent potential breaches.

    Facing the Dark with Allies: Lessons from a Security Assessment

    The story emphasizes the importance of being aware rather than living in fear. Going into dark places with friends and allies can make things less scary. This client's security assessment showed the need for improvements, and their engagement with the team was over. The team successfully defeated security, and the client loved hearing about all the different ways they were able to do it. The exercises were a great training exercise for everyone involved. It is the artist's job to take people into the darker places. Darkness is not scary because it's dark, but because you don't know what's in it. Therefore, it's crucial to face the dark with friends and learn from it to improve.

    Recent Episodes from Darknet Diaries

    145: Shannen

    145: Shannen
    Shannen Rossmiller wanted to fight terrorism. So she went online and did. Read more about her from her book “The Unexpected Patriot: How an Ordinary American Mother Is Bringing Terrorists to Justice”. An affiliate link to the book on Amazon is here: https://amzn.to/3yaf5sI. Thanks to Spycast for allowing usage of the audio interview with Shannen. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    144: Rachel

    144: Rachel
    Rachel Tobac is a social engineer. In this episode we hear how she got started doing this and a few stories of how she hacked people and places using her voice and charm. Learn more about Rachel by following her on Twitter https://twitter.com/RachelTobac or by visiting https://www.socialproofsecurity.com/ Daniel Miessler also chimes in to talk about AI. Find out more about him at https://danielmiessler.com/. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    143: Jim Hates Scams

    143: Jim Hates Scams
    Jim Browning has dedicated himself to combatting scammers, taking a proactive stance by infiltrating their computer systems. Through his efforts, he not only disrupts these fraudulent operations but also shares his findings publicly on YouTube, shedding light on the intricacies of scam networks. His work uncovers a myriad of intriguing insights into the digital underworld, which he articulately discusses, offering viewers a behind-the-scenes look at his methods for fighting back against scammers. Jim’s YouTube channel: https://www.youtube.com/c/JimBrowning Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. This episode is sponsored by Intruder. Growing attack surfaces, dynamic cloud environments, and the constant stream of new vulnerabilities stressing you out? Intruder is here to help you cut through the chaos of vulnerability management with ease. Join the thousands of companies who are using Intruder to find and fix what matters most. Sign up to Intruder today and get 20% off your first 3 months. Visit intruder.io/darknet. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    142: Axact

    142: Axact
    Axact sells fake diplomas and degrees. What could go wrong with this business plan? Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    141: The Pig Butcher

    141: The Pig Butcher
    The #1 crime which results in the biggest financial loss is BEC fraud. The #2 crime is pig butchering. Ronnie Tokazowski https://twitter.com/iHeartMalware walks us through this wild world. Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR & many other compliance frameworks, and provides 24-hour continuous control monitoring so you focus on scaling securely. Listeners of Darknet Diaries can get 10% off Drata and waived implementation fees at drata.com/darknetdiaries. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    139: D3f4ult

    139: D3f4ult
    This is the story of D3f4ult (twitter.com/_d3f4ult) from CWA. He was a hacktivist, upset with the state of the way things were, and wanted to make some changes. Changes were made. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from Quorum Cyber. Their mantra is: “We help good people win.” If you’re looking for a partner to help you reduce risk and defend against the threats that are targeting your business — and especially if you are interested in Microsoft Security — reach out to Quorum Cyber at www.quorumcyber.com/darknet-diaries. Sources https://www.vice.com/en/article/z3ekk5/kane-gamble-cracka-back-online-after-a-two-year-internet-ban https://www.wired.com/2015/10/hacker-who-broke-into-cia-director-john-brennan-email-tells-how-he-did-it/ https://www.hackread.com/fbi-server-hacked-miami-police-data-leaked/ https://archive.ph/Si79V#selection-66795.5-66795.6 https://wikileaks.org/cia-emails/John-Brennan-Draft-SF86/page-7.html Learn more about your ad choices. Visit podcastchoices.com/adchoices

    138: The Mimics of Punjab

    138: The Mimics of Punjab
    This episode is about scammers in the Punjab region. Tarun (twitter.com/taruns21) comes on the show to tell us a story of what happened to him. Naomi Brockwell (twitter.com/naomibrockwell) makes an appearance to speak about digital privacy. To learn more about protecting your digital privacy, watch Naomi’s YouTube channel https://www.youtube.com/@NaomiBrockwellTV. And check out the books Extreme Privacy (https://amzn.to/3L3ffp9) and Beginner’s Introduction to Privacy (https://amzn.to/3EjuSoY). Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from SpyCloud. It’s good practice to see what data is getting passed around out there regarding you, your employees, your customers, and your business. The dark web is a place where this data is traded and shared. SpyCloud will help you find what out there about you and give you a report so you can be aware. Then they’ll continuously monitor the dark web for any new exposures you should be aware of. To learn more visit spycloud.com/darknetdiaries. Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    137: Predator

    137: Predator
    A new type of mercenary spyware came on the radar called Predator. It’ll infect a mobile phone, and then suck up all the data from it. Contacts, text messages, location, and more. This malware is being sold to intelligence agencies around the world. In this episode we hear from Crofton Black at Lighthouse Reports who spent 6 months with a team of journalists researching this story which was published here: https://www.lighthousereports.com/investigation/flight-of-the-predator/. We also hear from Bill Marczak and John Scott-Railton from Citizen Lab. If you want to hear about other mercenary spyware, check out episodes 99 and 100, about NSO group and Pegasus. To hear another episode about Greece check out episode 64 called Athens Shadow Games. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Akamai Connected Cloud (formerly Linode). Akamai Connected Cloud supplies you with virtual servers. Visit linode.com/darknet and get a special offer. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    136: Team Xecuter

    136: Team Xecuter
    Team Xecuter was a group involved with making and selling modchips for video game systems. They often made mods that allowed the video game system to rip games or play pirated games. It was a crowd favorite in the modding scene. Until it all fell apart. The story of what happened to Team Xecuter must be heard to believe. This episode features Gary Bowser. You can find more about Gary here: https://twitter.com/Bowser_GaryOPA https://garyopa.com/ https://www.gofundme.com/f/garyopa-restarting-his-life?utm_location=darknetdiaries Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. Sources https://www.washingtonpost.com/archive/politics/1994/10/27/ringleader-pleads-guilty-in-phone-fraud/56e551bb-a727-43e8-a3ca-1c1f4cf6ef82/ https://www.justice.gov/sites/default/files/usao/legacy/2010/10/12/usab4304.pdf https://www.eurogamer.net/nintendo-to-appeal-not-guilty-judgement-of-flash-cart-sellers-7 https://www.gamesindustry.biz/nintendo-pounces-on-global-piracy-outfit https://www.justice.gov/opa/pr/two-members-notorious-videogame-piracy-group-team-xecuter-custody https://medium.com/swlh/watch-paint-dry-how-i-got-a-game-on-the-steam-store-without-anyone-from-valve-ever-looking-at-it-2e476858c753#.z05q2nykc https://www.lemonde.fr/police-justice/article/2022/05/27/voler-des-societes-qui-font-des-milliards-qu-est-ce-que-j-en-ai-a-faire-max-louarn-c-ur-de-hackeur_6127821_1653578.html https://www.theverge.com/2020/11/20/21579392/nintendo-big-house-super-smash-bros-melee-tournament-slippi-cease-desist https://www.youtube.com/watch?v=U7VwtOrwceo https://www.youtube.com/watch?v=5sNIE5anpik Learn more about your ad choices. Visit podcastchoices.com/adchoices