Logo

    59: The Courthouse

    Regular security assessments and proper handling of security situations are crucial in maintaining effective security measures in government facilities to avoid potential risks.

    en-usFebruary 18, 2020

    About this Episode

    In this episode we hear from Gary and Justin. Two seasoned penetration testers who tell us a story about the time when they tried to break into a courthouse but it went all wrong. Sponsors This episode was sponsored by Detectify. Try their web vulnerability scanner free. Go to https://detectify.com/?utm_source=podcast&utm_medium=referral&utm_campaign=DARKNET This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25. Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up. Sources https://arstechnica.com/information-technology/2019/11/how-a-turf-war-and-a-botched-contract-landed-2-pentesters-in-iowa-jail/ https://krebsonsecurity.com/2020/01/iowa-prosecutors-drop-charges-against-men-hired-to-test-their-security/ https://www.coalfire.com/News-and-Events/Press-Releases/Coalfire-CEO-Tom-McAndrew-statement https://www.desmoinesregister.com/story/news/crime-and-courts/2019/10/10/iowa-supreme-court-justice-cady-policies-courthouse-break-ins-senate-polk-dallas-burglary-ia-cyber/3930656002/ https://www.desmoinesregister.com/story/news/crime-and-courts/2019/09/19/iowa-state-senator-calls-oversight-committee-investigate-courthouse-break-ins-crime-polk-dallas/2374576001/ https://www.desmoinesregister.com/story/news/crime-and-courts/2019/10/28/iowa-courthouse-break-ins-men-security-firm-plead-not-guilty-trespassing/2488314001/ https://www.desmoinesregister.com/story/news/crime-and-courts/2019/10/30/courthouse-break-in-ceo-cyber-security-coalfire-charges-dropped/4097354002/ https://www.desmoinesregister.com/story/news/crime-and-courts/2020/01/30/courthouse-break-ins-charges-dropped-against-coalfire-employees/4611574002/ Learn more about your ad choices. Visit podcastchoices.com/adchoices

    🔑 Key Takeaways

    • Having a clear understanding of security needs and communication gaps is essential in successful penetration testing. Physical penetration testers use simulated social engineering and physical exploits to identify security flaws and provide solutions.
    • Coalfire evaluates the security measures of financial institutions, including social engineering and employee procedures. They search for vulnerabilities and ensure legal compliance to provide detailed reports for enhanced security.
    • Penetration testing requires not only technical skills, but also the ability to deceive and manipulate employees. With a clipboard, confidence, and convincing lies, a hacker can gain access to secure areas and information.
    • It's important for banks to adopt comprehensive security measures to prevent after-hours break-ins. Educating employees on risks and vulnerabilities and establishing better security protocols is essential.
    • In any security incident, calmly present yourself to police officers and maintain a professional demeanor. Identifying oneself can prevent misunderstandings and provide valuable feedback for future interactions.
    • Clear communication and understanding client expectations is crucial in effective cyber security assessments, as seen in Coalfire's detailed discussions with the Iowa Judicial Branch before conducting a penetration test.
    • Before conducting a penetration test, it's crucial to clearly define the scope and expectations in the agreement document. Coalfire emphasizes the importance of using tools that don't expose any actual vulnerabilities while creating a get-out-of-jail-free card for their clients.
    • Red teams use various techniques to manipulate access control systems, including requesting exit sensors, drones, and analyzing Google Maps. Collaborating with experienced team members can improve facility security by addressing minor vulnerabilities.
    • Blind spots in security cameras and knowledge from previous attempts can be used to improve security measures.
    • Regular maintenance of security systems is crucial to prevent vulnerabilities that can be exploited by hackers and to ensure the proper functioning of the system.
    • Regular security assessments and proper handling of security situations are crucial in maintaining effective security measures in government facilities to avoid potential risks.
    • Being transparent and honest with law enforcement is crucial in avoiding misunderstandings and escalation. Establishing trust and being cooperative can help diffuse potentially dangerous situations. It's important to remain respectful and compliant, as the power dynamic at play is essential to recognize.
    • Being prepared with evidence and not taking law enforcement actions personally can diffuse potentially harmful situations. Initial confrontations may lead to normalcy, allowing for sharing of information.
    • Communication and cooperation are important during arrest, but knowing your legal rights can protect your privacy and prevent unnecessary charges. Be prepared and informed in unfamiliar situations.
    • Having a contingency plan in place and seeking legal help immediately can prevent unnecessary distress. Don't underestimate the severity of legal matters, prioritize legal representation as it can make or break the outcome of legal proceedings.
    • Thorough planning and communication between clients and security testing companies are critical to avoid being wrongly accused. Legal protection for security testers who follow the law is necessary.
    • Even with permission, performing a cybersecurity test without clear communication can lead to charges. It's important to have legal support and a responsible partner, like Coalfire, to ensure protection.
    • It's important for government entities and contractors to understand the legal authority for physical penetration tests on county-owned buildings to avoid prolonged legal battles and negative impacts on offenders' jobs. It's also crucial to ensure safety measures for contractors, local law enforcement, and the public.
    • Being falsely accused of a crime – even if charges are eventually dropped – can have long-lasting consequences on one's personal and professional life. The flaws in the legal system can cause trauma and stress for innocent individuals.
    • The legal system should focus on protecting innocent individuals, not blindly following orders and targeting individuals as scapegoats for the actions of their employers. Empathy and professionalism should guide decision-making.

    đź“ť Podcast Summary

    The Importance of Clear Understanding in Penetration Testing

    The story of the father and son going to the wrong office to meet the dean at a university to get approval for an extra course is a great example of how important it is to have a clear picture of what one needs and where to get it from. Just as hackers must have a clear understanding of a company's security needs when approaching clients and this is where penetration testing comes in to help fill any communication gaps. Physical penetration testers like Justin and Gary ensure the security of an organization by mimicking the tactics that malicious attackers use. They perform physical exploits to gain access to facilities, and simulate social engineering attempts to breach physical and information security measures to provide inroads to possible security flaws.

    Coalfire's Physical Penetration Testing for Financial Institutions

    Coalfire conducts physical penetration tests on financial institutions to test the security of their branches and gain access to restricted areas. The tests involve social engineering aspects and testing of employees to check if they follow the procedures. The rules of engagement and scope of work are discussed with the clients to ensure that the tests are legal and agreed by everyone. Coalfire looks for security flaws such as exposed client information or unlocked computers, and all findings go into the report. The company exploits vulnerabilities such as air conditioning units to gain access to the restricted areas. Coalfire has lawyers to ensure that the tests are conducted within the law.

    The Art of Hacking with a Clipboard: Using Distraction and Misdirection to Gain Access

    A hacker's best tool is a clipboard. With a simple disguise and a confidence, they can access secure areas. Gathering intel is crucial for successful penetration testing. The daily security codes used in the company were discovered during the first branch visit. With this knowledge, they accessed the internal network at the second branch and recovered the security code for the next 24 hours from the software. However, they were caught at the third branch but using the security code and a convincing lie, they were able to continue their assessment. Distraction and misdirection are powerful tools to keep employees occupied while the team gains access to private areas.

    Covert Investigation Reveals Vulnerabilities in Bank Security Systems

    A security team conducted a covert investigation of a bank's security systems, gathering confidential information that would facilitate an after-hours break-in. The team members were successful on the first attempt at one branch but were discovered at the second. They were promptly confronted by the police, who accepted their get-out-of-jail-free card and let them go. The team's tactics demonstrate how easily some banks can be compromised, and suggest that more comprehensive security measures should be adopted to protect against after-hours break-ins. The story highlights the importance of educating employees of their risks and vulnerabilities, and the need for banks to establish better security protocols and procedures.

    Interacting with Police Officers During Security Incidents

    Police officers are professionals who can distinguish people who are up to no good from those who are not. The officers remained calm and professional during the security incident and never overreacted or accused the testers of wrongdoing. It is essential to present yourself to the police before they have to come find you, as this is what you should do in every scenario. The testers received positive feedback from the officers and obtained valuable information on how they could improve their interactions for future scenarios. The client was happy with the test results, and all issues found were fixed. They even invited the testers back the following year to do it again.

    Importance of Detailed Communication in Penetration Testing

    Coalfire was hired by the Iowa Judicial Branch to conduct a penetration test on five Iowa courthouses. During the phone call with the client, the team discussed the rules of engagement, which included various measures such as tailgating, using lockpicks, and digging in dumpsters. They also agreed on areas that were off-limits during the test. The rules of engagement document was 28 pages long, but the conversations with the client were more detailed. Through these discussions, the team was able to clarify what the client expected from the test. The granular level of discussion highlights the importance of communication and understanding client expectations in a cyber security assessment.

    Coalfire's Penetration Testing Strategies and Best Practices

    During penetration testing, Coalfire creates a get-out-of-jail-free card that lists the names, phone numbers and signatures of the people from the company who hired them to do the test. They also use tools like an under-the-door tool and cutting board, which can easily gain access into certain doors. However, they make sure not to expose any actual vulnerabilities so that the security of the place remains intact. It is important to be clear about what exactly is expected during penetration testing and capture all the necessary details in the agreement document before starting the process.

    Bypassing Access Control Systems: Red Team Techniques

    Bypassing the latch is the easiest way to get into 80% of facilities, as per experts in physical access control systems. Red teams use various tools and techniques to manipulate the Von Duprin crash bar or latching mechanism, or even request-to-exit sensors to breach the doors. They assess perimeter, match it with Google Maps and gain entry to the facility. They use drones to spot security issues, and leave a calling card to prove their intrusion. Collaborating with experienced team members is valuable to learn tricks of the trade. Clients can benefit from minor vulnerability fixes to improve facility security. Vigilant measures, including reliable deadlatches, can prevent intrusions.

    Hackers successfully breach courthouse security

    In their attempt to get into a courthouse, the hackers tried different techniques and found blind spots in security cameras, which helped them avoid being detected by a security guard making rounds. They were also able to gain access to the room with all the security cameras. However, they accidentally triggered an alarm when they propped open a door in a holding room. Through their exploration, they completed their security assessment and successfully got out unnoticed. In their next attempt at a different courthouse, they used the knowledge gained from the previous one to avoid detection. The small town of Adel, IA has a historic vibe with a rustic downtown area covered in red cobblestone brick.

    Importance of Proper Maintenance for Security Systems.

    Breaking into a historic courthouse in a small town, the hackers make a strategic move not to bypass the alarm system as instructed, to maintain the security. But they jiggled the door of the courthouse and found it open, with the alarm not going off as expected. They assumed it was due to a fault setting or an imperfect closing of the door. They tried using a cloned badge to enter but decided against it and closed the door properly. This incident highlights the importance of ensuring the proper functioning of security systems and the need for regular maintenance to prevent vulnerabilities that can be exploited by threat actors.

    Importance of Proper Security and Professional Handling of Security Assessments in Government Facilities.

    The security alarm of a government facility was expected to go off during a security assessment by Iowa State Courts, and it did. While other locations did not have a response when they gained access, this facility had a quick response time from the police. It is not uncommon for alarms to not be connected or configured properly. The security assessment team communicated with the police officer, explaining why they were there and offered their documentation to prove it. It is important to handle situations like this professionally and properly to avoid risks. This incident demonstrated the importance of having proper security for government facilities and highlights the need for continuous security assessments to ensure that the measures in place are working effectively.

    Importance of Honesty and Cooperation with Law Enforcement to Avoid Misunderstandings and Escalation

    It's important to be honest and upfront when dealing with law enforcement. The Coalfire employees were able to diffuse a potentially dangerous situation simply by presenting their paperwork and being transparent about their purpose. The officers were professional and thorough in verifying their information, but also recognized that the employees were not engaging in any illegal activity. It's crucial to establish trust with law enforcement and be cooperative in order to avoid any misunderstandings or escalation of the situation. The sudden shift in mood when the sheriff arrived serves as a reminder of the power dynamic at play in these situations and the importance of remaining respectful and compliant.

    Remaining Calm and Confident in a Difficult Situation

    Even when faced with a difficult situation, it is important to remain calm and confident in your actions if you have done nothing wrong and have the evidence to prove it. Gary and Justin's calm responses to being arrested for trespassing and burglary show that being prepared and having all necessary documentation can help diffuse a potentially harmful situation. It is also important to remember that law enforcement officials are just doing their jobs, and not take their actions personally. Finally, sometimes situations can turn to normalcy after an initial confrontation, as Gary and Justin were still able to share information about their work with the police even after being arrested.

    Importance of Knowing Your Legal Rights During Arrest

    It is rare for someone to get detained or arrested in response to a law enforcement incident. However, when Gary and Justin were mistakenly arrested and taken to the jailhouse, they tried to reason with the sheriff to avoid charges. Despite their cooperation and providing proof of their innocence, they were booked for burglary and possession of burglary tools. They faced a lot of inconvenience in providing personal details and going through the entire process. This indicates that people must have information about their rights while getting arrested. Communication and cooperation are essential, but one must also be aware of their privacy and legal rights during the arrest process, especially in unfamiliar situations.

    The importance of legal assistance in times of crisis.

    In situations of crisis, it is crucial to have a plan of action and to seek legal help immediately. The lack of urgency shown in this situation led to unnecessary distress and discomfort for Gary and Justin. To avoid such a scenario, it is vital to have a contingency plan in place and to keep lawyers in the loop even in late hours. Gary's assumption that everything will be okay, without any legal assistance, showcases the importance of not underestimating the severity of legal matters. It is important to prioritize legal representation and not assume that it is unnecessary, as it can often make or break the outcome of legal proceedings.

    The Importance of Communication in Security Testing

    Gary and Justin were wrongly accused of burglary and possession of burglary tools, despite being hired by the Iowa State Court Administration to test their security system. The judge charged them with bail of $5,000 and accused them of not telling the truth. Neither the Coalfire employees nor their contacts showed up to defend them, leaving them irate and helpless. The state employees didn't believe them and accused them of being a flight risk. This incident highlights the importance of thorough planning and communication between clients and security testing companies to avoid such situations. It also shows the need for legal protection for security testers who work within the law to find vulnerabilities and provide solutions.

    Coalfire Cybersecurity Testers Arrested for Burglary

    Gary and Justin were arrested for breaking into a courthouse, but they had permission to perform a cybersecurity test from the state department that runs these courthouses. They were charged with third-degree burglary and possession of burglary tools, and their bail was set ten times higher. The situation was frustrating, and they hoped their contacts would sort everything out. Coalfire bailed them out and immediately started working to help. They were let go after 20 hours, and Coalfire gave them permission to get out of that state. Gary and Justin went back home and got individual lawyers. The local news ran a story, and people had different opinions. The Judicial Branch did not intend for them to break in.

    Legal Authority for Physical Penetration Tests on County-Owned Buildings

    The issue surrounding the Coalfire Iowa courthouse break-in was primarily whether the state had legal authority to authorize a test on county property. The state and county are two different entities and the prosecutors initially held their position. However, during the third-party investigation, it was found that the state had the legal authority to conduct physical penetration tests on county-owned buildings as they are technically the tenants of that property. The prolonged legal battle and felony charges had negative impacts on the offenders' jobs, as clients wanted to know about the Iowa incident and some sensitive building checks required background checks for the penetration testers. The incident also raised concerns about the government hiring outside companies to commit crimes which put contractors, local law enforcement, and members of the public in danger.

    The Injustice of Being Falsely Accused

    Gary and Justin were hired by the state to run security tests in a courthouse, and were arrested on felony charges of burglary. Even though the charges were eventually dropped and they were declared innocent, their criminal record still shows an arrest for burglary. This could affect their future job applications and other situations, even though they were innocent. This experience was traumatic and stressful for them, and shows the flaws in the legal system that can hold innocent people accountable for something they did not do.

    The Flawed Legal System: Ignoring Innocence and Empathy.

    The legal system failed Gary and Justin, who were wrongfully arrested and charged despite having no malicious intentions. The lack of professionalism, empathy, and sympathy shown towards them by those who had the power to drop the charges was appalling. Although the charges were eventually dropped, their records will forever bear the mark of a wrongful arrest. This situation highlights the flawed logic of targeting individuals instead of the companies or organizations they work for, particularly in cases where they are simply following orders. The legal system should strive to do what's right and protect innocent until proven guilty, not take advantage of their power by ignoring the human beings behind the charges.

    Recent Episodes from Darknet Diaries

    145: Shannen

    145: Shannen
    Shannen Rossmiller wanted to fight terrorism. So she went online and did. Read more about her from her book “The Unexpected Patriot: How an Ordinary American Mother Is Bringing Terrorists to Justice”. An affiliate link to the book on Amazon is here: https://amzn.to/3yaf5sI. Thanks to Spycast for allowing usage of the audio interview with Shannen. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    144: Rachel

    144: Rachel
    Rachel Tobac is a social engineer. In this episode we hear how she got started doing this and a few stories of how she hacked people and places using her voice and charm. Learn more about Rachel by following her on Twitter https://twitter.com/RachelTobac or by visiting https://www.socialproofsecurity.com/ Daniel Miessler also chimes in to talk about AI. Find out more about him at https://danielmiessler.com/. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    143: Jim Hates Scams

    143: Jim Hates Scams
    Jim Browning has dedicated himself to combatting scammers, taking a proactive stance by infiltrating their computer systems. Through his efforts, he not only disrupts these fraudulent operations but also shares his findings publicly on YouTube, shedding light on the intricacies of scam networks. His work uncovers a myriad of intriguing insights into the digital underworld, which he articulately discusses, offering viewers a behind-the-scenes look at his methods for fighting back against scammers. Jim’s YouTube channel: https://www.youtube.com/c/JimBrowning Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. This episode is sponsored by Intruder. Growing attack surfaces, dynamic cloud environments, and the constant stream of new vulnerabilities stressing you out? Intruder is here to help you cut through the chaos of vulnerability management with ease. Join the thousands of companies who are using Intruder to find and fix what matters most. Sign up to Intruder today and get 20% off your first 3 months. Visit intruder.io/darknet. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    142: Axact

    142: Axact
    Axact sells fake diplomas and degrees. What could go wrong with this business plan? Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    141: The Pig Butcher

    141: The Pig Butcher
    The #1 crime which results in the biggest financial loss is BEC fraud. The #2 crime is pig butchering. Ronnie Tokazowski https://twitter.com/iHeartMalware walks us through this wild world. Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR & many other compliance frameworks, and provides 24-hour continuous control monitoring so you focus on scaling securely. Listeners of Darknet Diaries can get 10% off Drata and waived implementation fees at drata.com/darknetdiaries. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    139: D3f4ult

    139: D3f4ult
    This is the story of D3f4ult (twitter.com/_d3f4ult) from CWA. He was a hacktivist, upset with the state of the way things were, and wanted to make some changes. Changes were made. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from Quorum Cyber. Their mantra is: “We help good people win.” If you’re looking for a partner to help you reduce risk and defend against the threats that are targeting your business — and especially if you are interested in Microsoft Security — reach out to Quorum Cyber at www.quorumcyber.com/darknet-diaries. Sources https://www.vice.com/en/article/z3ekk5/kane-gamble-cracka-back-online-after-a-two-year-internet-ban https://www.wired.com/2015/10/hacker-who-broke-into-cia-director-john-brennan-email-tells-how-he-did-it/ https://www.hackread.com/fbi-server-hacked-miami-police-data-leaked/ https://archive.ph/Si79V#selection-66795.5-66795.6 https://wikileaks.org/cia-emails/John-Brennan-Draft-SF86/page-7.html Learn more about your ad choices. Visit podcastchoices.com/adchoices

    138: The Mimics of Punjab

    138: The Mimics of Punjab
    This episode is about scammers in the Punjab region. Tarun (twitter.com/taruns21) comes on the show to tell us a story of what happened to him. Naomi Brockwell (twitter.com/naomibrockwell) makes an appearance to speak about digital privacy. To learn more about protecting your digital privacy, watch Naomi’s YouTube channel https://www.youtube.com/@NaomiBrockwellTV. And check out the books Extreme Privacy (https://amzn.to/3L3ffp9) and Beginner’s Introduction to Privacy (https://amzn.to/3EjuSoY). Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from SpyCloud. It’s good practice to see what data is getting passed around out there regarding you, your employees, your customers, and your business. The dark web is a place where this data is traded and shared. SpyCloud will help you find what out there about you and give you a report so you can be aware. Then they’ll continuously monitor the dark web for any new exposures you should be aware of. To learn more visit spycloud.com/darknetdiaries. Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    137: Predator

    137: Predator
    A new type of mercenary spyware came on the radar called Predator. It’ll infect a mobile phone, and then suck up all the data from it. Contacts, text messages, location, and more. This malware is being sold to intelligence agencies around the world. In this episode we hear from Crofton Black at Lighthouse Reports who spent 6 months with a team of journalists researching this story which was published here: https://www.lighthousereports.com/investigation/flight-of-the-predator/. We also hear from Bill Marczak and John Scott-Railton from Citizen Lab. If you want to hear about other mercenary spyware, check out episodes 99 and 100, about NSO group and Pegasus. To hear another episode about Greece check out episode 64 called Athens Shadow Games. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Akamai Connected Cloud (formerly Linode). Akamai Connected Cloud supplies you with virtual servers. Visit linode.com/darknet and get a special offer. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    136: Team Xecuter

    136: Team Xecuter
    Team Xecuter was a group involved with making and selling modchips for video game systems. They often made mods that allowed the video game system to rip games or play pirated games. It was a crowd favorite in the modding scene. Until it all fell apart. The story of what happened to Team Xecuter must be heard to believe. This episode features Gary Bowser. You can find more about Gary here: https://twitter.com/Bowser_GaryOPA https://garyopa.com/ https://www.gofundme.com/f/garyopa-restarting-his-life?utm_location=darknetdiaries Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. Sources https://www.washingtonpost.com/archive/politics/1994/10/27/ringleader-pleads-guilty-in-phone-fraud/56e551bb-a727-43e8-a3ca-1c1f4cf6ef82/ https://www.justice.gov/sites/default/files/usao/legacy/2010/10/12/usab4304.pdf https://www.eurogamer.net/nintendo-to-appeal-not-guilty-judgement-of-flash-cart-sellers-7 https://www.gamesindustry.biz/nintendo-pounces-on-global-piracy-outfit https://www.justice.gov/opa/pr/two-members-notorious-videogame-piracy-group-team-xecuter-custody https://medium.com/swlh/watch-paint-dry-how-i-got-a-game-on-the-steam-store-without-anyone-from-valve-ever-looking-at-it-2e476858c753#.z05q2nykc https://www.lemonde.fr/police-justice/article/2022/05/27/voler-des-societes-qui-font-des-milliards-qu-est-ce-que-j-en-ai-a-faire-max-louarn-c-ur-de-hackeur_6127821_1653578.html https://www.theverge.com/2020/11/20/21579392/nintendo-big-house-super-smash-bros-melee-tournament-slippi-cease-desist https://www.youtube.com/watch?v=U7VwtOrwceo https://www.youtube.com/watch?v=5sNIE5anpik Learn more about your ad choices. Visit podcastchoices.com/adchoices