Logo

    62: Cam

    CSA practices social responsibility while recognizing technical talent, offering someone a second chance and investing in the community, exemplifying steps toward a brighter future.

    en-usMarch 31, 2020

    About this Episode

    Cam’s story is both a cautionary tale and inspirational at the same time. He’s been both an attacker and defender. And not the legal kind of attacker. He has caused half a million dollars in damages with his attacks. Attacks that arose from a feeling of seeing injustices in the world. Listen to his story. Sponsors This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project. Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up. Sources BBC: The teenage hackers who’ve been given a second chance https://www.bbc.com/news/av/technology-40655656/uk-s-first-boot-camp-hopes-to-reform-teenage-hackers https://www.ncsc.gov.uk/ https://www.csa.limited/ https://www.tripwire.com/state-of-security/latest-security-news/teenager-who-ddosed-governments-seaworld-receives-no-jail-time/ https://www.ncsc.gov.uk/section/education-skills/11-19-year-olds Learn more about your ad choices. Visit podcastchoices.com/adchoices

    🔑 Key Takeaways

    • This story highlights the dangers of cybercrime and the need for better cybersecurity measures to protect individuals and businesses from attacks. It also emphasizes the importance of being vigilant and aware of the potential risks that come with online activities.
    • Parents and educators must monitor children's online activities and teach them about ethical behavior and safety to prevent cyber bullying. Victims experience negative emotions and lose interest in online activities due to these actions.
    • Booting people offline or using stressors as weapons is illegal and can cause serious harm. It's important to understand the severity of these actions and the potential consequences they can have.
    • Hacking and denial-of-service attacks may not be effective in changing the behavior of animal parks, but they raise awareness and promote the need for animal rights activism.
    • Age is just a number when it comes to activism. Everyone has the power to make a difference in causes that matter, and sometimes unconventional methods can be effective in raising awareness and driving change.
    • Cybercrime may seem like a form of rebellion for bullied teenagers, but the implications are severe and must be addressed. Educating about cybersecurity and online ethics is crucial to prevent such incidents.
    • Building a system to conduct cyber attacks is illegal and can result in penalties. Authorities can search and confiscate electronic devices, and a network of professionals is monitoring for such attacks. Legal consequences should deter potential cyber criminals.
    • Online actions can have severe consequences. It's crucial to be mindful and aware of the potential impact. Legal professionals should possess knowledge about cybersecurity matters.
    • The UK gives teenage hackers a chance to use their skills for good through community service and cyber-skills apprenticeships, making the country a hub for talented young cybersecurity professionals.
    • Potential candidates in the cybersecurity industry should be recognized for their current skills, knowledge, and attitude towards the field, rather than just focusing on their past mistakes. Passion and expertise, guided by sound ethics and values, can lead to successful careers in cybersecurity.
    • CSA practices social responsibility while recognizing technical talent, offering someone a second chance and investing in the community, exemplifying steps toward a brighter future.
    • CSA hires hackers to teach cyber-security, but the risks of getting caught and facing serious legal consequences are too high for individuals to take. Education is key to preventing cyber-crime.
    • Instead of punishing teenage hackers, the UK is focusing on rehabilitating them through counseling and apprenticeship programs. The approach is experimental and continuously evolving to tackle the problem, as demonstrated by the NCA's boot camp. Cam, a former teenage hacker, now educates young teens about cybersecurity and its implications.
    • Investing in cybersecurity education for troubled teens can offer opportunities for these individuals to turn their lives around while simultaneously serving as a solution to the ever-growing demand for cybersecurity experts.

    📝 Podcast Summary

    A Story of Cybercrime and Revenge in the Gaming World

    The story discusses how a young gamer named Cam took revenge on his opponents in call of duty by using a denial-of-service attack. Cam loaded up a low orbit ion cannon (LOIC) application to flood the target's IP address with millions of packets rendering their internet connection useless. He devised a plan to get the IP address of his in-game opponents by sending a Bitly link to a website which he had control over and capture their IP address. This story reveals how the anonymity and relative ease of cybercrime have brought about innumerable vulnerabilities, as well as the need for better cybersecurity.

    The Adverse Effects of Cyber Bullying and Prevention Techniques

    Cyber bullying is a serious issue that has adverse effects on victims. Cam applied various techniques to knock his opponents offline, including IP tracing, clicking links to get IPs, using LOIC, voice chat traffic manipulation in PS3 games, and lagging or disconnecting players to outdraw and kill them. These actions lead to anger, frustration, and a feeling of being trumped among victims, causing them to lose interest in the game. Children should be taught to avoid cyber bullying and understand the negative consequences of their actions. Parents and educators should play a role in monitoring online activities and teach kids about online behavior, ethics, and safety to prevent cyber bullying.

    The Consequences of DoS Attacks and the Misuse of Computers Act

    The act of booting people offline or using stressors to knock them offline is illegal and considered a DoS attack under The Misuse of Computers Act. Cam initially didn't realize the severity of what he was doing until his actions were reported and faced consequences. He continued to refine his methods and even received a stressor from a hacker friend. Stressors are essentially just weapons used to attack victims and are not meant for stress testing. These attacks are often carried out by groups like Anonymous as part of their operations against corporations and governments. It's important to understand the gravity of these actions and the potential harm they can cause.

    The Role of Anonymous in Animal Rights Activism

    Anonymous stands for animal rights and uses hacking to spread their message without mercy or restraint. In 2014, Cam, a 14-year-old boy, joined Anonymous to help attack Sea World and other animal parks due to their cruel practices exposed by the documentary Blackfish. He used stressors to knock websites offline with denial-of-service attacks, which resulted in real-life impacts on these parks. Cam traded with people to get access to more stressors for free to keep up the heat. While these attacks didn’t directly change the parks' behavior, it made them more resilient to further attacks. Animal abuse is not excusable, and it’s time we must stand for animal rights.

    The Teenage Activist who Fought Animal Cruelty through Hacking

    Cam was a teenager who hacked websites to fight against animal cruelty. He gained a following of about 27,000 on Twitter. He did it out of pride and activism, as he saw gruesome pictures of animal abuse. He never felt nervous or hesitant while taking down the websites. He did it to make a difference as a fourteen-year-old with a sign protesting for animal rights would not have made a significant impact. He was an activist in his own right who found a way to make a difference. His actions bring to light the need for better animal welfare laws and the importance of activism in causes that matter.

    The Dangers of Adolescent Rebellion through Cybercrime

    The 14-year-old hacker, Cam, took down Sea World and a Dutch zoo website for a long time, by accidentally forgetting to turn off the attack. He felt like a winning activist hacker which fuelled him to go bigger. Later, he DDoS attacked the Devon and Cornwall Police Department's website using advanced techniques. He spoofed his IP and used NTP amplification attack that asked time in every time zone in the world, resulting in overwhelming traffic. Cam felt like he was being oppressed by police, which combined with his online god-like powers, made him protest against them. This shows how cyberbullied teenagers can turn to hacking as a form of rebellion, but cybercrime has severe implications and must be avoided.

    Risks and Consequences of Illegal Cyber Attacks

    Building a system to conduct cyber attacks and launching it against an organization could result in penalties. It is illegal to launch attacks on websites or networks without permission. Authorities have the right to search, seize and confiscate all electronic devices that have been used to orchestrate an attack. Despite the risks associated with engaging in illegal cyber activities, individuals may still try to do so. However, the likelihood of getting caught is high as a network of professionals is always monitoring for such attacks. The arrest and legal consequences associated with cyber attacks should serve as a deterrent to potential cyber criminals.

    The Consequences of Cyber Attacks for Young Individuals

    Cyber attacks can have severe consequences, even for young individuals. A denial-of-service attack and bomb threat led to an unfair trial, guilty charges, and even potential extradition for a fourteen-year-old. The incident caused immense distress to the individual's mother, but it was also a lesson learned in terms of remorse and regret. The incident highlighted the importance of being mindful of online actions and the consequences they can bring. It also showcased the need for legal professionals to possess knowledge about cybersecurity matters. This story is a cautionary tale for individuals who may take their online activities lightly and must be aware of the severe consequences that may arise from their actions, regardless of whether it was intentional or not.

    Reforming Teenage Hackers: The UK Approach

    The UK has a unique approach towards reforming teenage hackers by giving them an opportunity to use their skills for good. Cam, a reformed hacker, received an apprenticeship with an IT company in networking security and monitoring on the SIEM after completing community service and facing intensive surveillance from the NCA. Through a cyber-skills apprenticeship program, various UK companies partner with the NCA to hire reformed hackers, especially teenagers who are interested in cybersecurity. Unlike the US, where teenage hackers are punished severely and prohibited from using computers for years, the UK focuses on guiding them towards using their talent for good. This approach helps in making the UK a haven for talented young cybersecurity professionals.

    Overcoming Past Mistakes with Passion and Expertise in Cybersecurity

    Passion and expertise in the cybersecurity industry can overcome a candidate's past mistakes. Sean Tickle, the SOC manager at Cyber Security Associates, saw the potential in Cam despite his past involvement in cyber-attacks. Cam's passion for the industry and his understanding of the latest technologies proved that he had evolved from his previous actions. The key takeaway here is that companies should recognize a candidate's potential by focusing on their current skills, knowledge, and attitude towards the industry rather than only considering their past mistakes. Passion and expertise can be crucial in cybersecurity, and if nurtured and guided with sound ethics and values, it can lead to a successful career in the field.

    CSA Hires Ex-Hacker Despite Past Damage

    Many companies do not give hackers a second chance, but CSA actively encouraged and hired Cameron, an ex-hacker who caused a million dollars in damages to Sea World, because of his technical skill and passion for animal welfare. Cameron was only 14 when he hacked Sea World and showed genuine remorse for his actions during the interview. Despite the risks, Sean joined CSA because of their mentality around cyber-security and their willingness to help the community, including investing in a cyber-zone for students. CSA's directors, Jamie and Dave, were quick to jump on board with hiring Cameron because they wanted to give him a second chance and help him succeed in the industry.

    UK government partners with progressive company to educate students on cyber-security

    The National Cyber Security Center (NCSC) is a UK government organization that aims to educate people on cyber-security. The NCSC partnered with CSA to teach students and teenagers more about cyber-security. CSA is a progressive company and they hired hackers like Cam and Jack. Jack stole seven thousand credit card details and databases around the world. Though he never used the credit cards, he got caught by the red light when he used his card to pay for a virtual private server. However, he was lucky enough to not get charged as every charge carries two years in prison and there is no limit. CSA believes taking chances with hackers like Jack and Cam is worth it, as they indulged in hacking just because they could and were misguided.

    The Rehabilitative Approach towards Teenage Hackers in the UK.

    The approach towards teenage hackers in the UK is proactive and rehabilitative. Instead of punishing them with legal action, they are counseled to use their skills for good, such as through apprenticeship programs. The NCA launched a boot camp to reform teenage hackers in 2017, which teaches them that their skills are in demand and that they can get paid for it legally. Programs like these are experimental and continuously evolving to tackle the problem. Cam, a former teenage hacker, now tells his story in front of young teens as a part of the CyberFirst program to teach about the dangers of cybersecurity and its implications.

    Cybersecurity Apprenticeship Program: Turning Troubled Teens into Productive Members of Society.

    The apprenticeship program is giving troubled teens an opportunity to turn their lives around and become productive members of society. The program employs former hackers who have now turned their skills towards cybersecurity to impart their knowledge to the apprentices. The team is highly productive and gets along well, showing that diversifying with people from various backgrounds can work well in the long run. It is crucial to invest time and money in educating teenagers on cybersecurity, especially those who use it as a weapon. By embracing technology and not banning it, opportunities can open up for those who have a passion for it but may have gotten lost in the frenzy. Everyone has two sides, good and evil, and it is how you treat that person that determines what you see.

    Recent Episodes from Darknet Diaries

    144: Rachel

    144: Rachel
    Rachel Tobac is a social engineer. In this episode we hear how she got started doing this and a few stories of how she hacked people and places using her voice and charm. Learn more about Rachel by following her on Twitter https://twitter.com/RachelTobac or by visiting https://www.socialproofsecurity.com/ Daniel Miessler also chimes in to talk about AI. Find out more about him at https://danielmiessler.com/. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices
    Darknet Diaries
    en-usApril 02, 2024

    143: Jim Hates Scams

    143: Jim Hates Scams
    Jim Browning has dedicated himself to combatting scammers, taking a proactive stance by infiltrating their computer systems. Through his efforts, he not only disrupts these fraudulent operations but also shares his findings publicly on YouTube, shedding light on the intricacies of scam networks. His work uncovers a myriad of intriguing insights into the digital underworld, which he articulately discusses, offering viewers a behind-the-scenes look at his methods for fighting back against scammers. Jim’s YouTube channel: https://www.youtube.com/c/JimBrowning Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. This episode is sponsored by Intruder. Growing attack surfaces, dynamic cloud environments, and the constant stream of new vulnerabilities stressing you out? Intruder is here to help you cut through the chaos of vulnerability management with ease. Join the thousands of companies who are using Intruder to find and fix what matters most. Sign up to Intruder today and get 20% off your first 3 months. Visit intruder.io/darknet. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices
    Darknet Diaries
    en-usMarch 05, 2024

    142: Axact

    142: Axact
    Axact sells fake diplomas and degrees. What could go wrong with this business plan? Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    141: The Pig Butcher

    141: The Pig Butcher
    The #1 crime which results in the biggest financial loss is BEC fraud. The #2 crime is pig butchering. Ronnie Tokazowski https://twitter.com/iHeartMalware walks us through this wild world. Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR & many other compliance frameworks, and provides 24-hour continuous control monitoring so you focus on scaling securely. Listeners of Darknet Diaries can get 10% off Drata and waived implementation fees at drata.com/darknetdiaries. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    140: Revenge Bytes

    140: Revenge Bytes
    Madison's nude photos were posted online. Her twin sister Christine came to help. This begins a bizarre and uneasy story. Learn more about your ad choices. Visit podcastchoices.com/adchoices
    Darknet Diaries
    en-usDecember 05, 2023

    139: D3f4ult

    139: D3f4ult
    This is the story of D3f4ult (twitter.com/_d3f4ult) from CWA. He was a hacktivist, upset with the state of the way things were, and wanted to make some changes. Changes were made. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from Quorum Cyber. Their mantra is: “We help good people win.” If you’re looking for a partner to help you reduce risk and defend against the threats that are targeting your business — and especially if you are interested in Microsoft Security — reach out to Quorum Cyber at www.quorumcyber.com/darknet-diaries. Sources https://www.vice.com/en/article/z3ekk5/kane-gamble-cracka-back-online-after-a-two-year-internet-ban https://www.wired.com/2015/10/hacker-who-broke-into-cia-director-john-brennan-email-tells-how-he-did-it/ https://www.hackread.com/fbi-server-hacked-miami-police-data-leaked/ https://archive.ph/Si79V#selection-66795.5-66795.6 https://wikileaks.org/cia-emails/John-Brennan-Draft-SF86/page-7.html Learn more about your ad choices. Visit podcastchoices.com/adchoices

    138: The Mimics of Punjab

    138: The Mimics of Punjab
    This episode is about scammers in the Punjab region. Tarun (twitter.com/taruns21) comes on the show to tell us a story of what happened to him. Naomi Brockwell (twitter.com/naomibrockwell) makes an appearance to speak about digital privacy. To learn more about protecting your digital privacy, watch Naomi’s YouTube channel https://www.youtube.com/@NaomiBrockwellTV. And check out the books Extreme Privacy (https://amzn.to/3L3ffp9) and Beginner’s Introduction to Privacy (https://amzn.to/3EjuSoY). Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from SpyCloud. It’s good practice to see what data is getting passed around out there regarding you, your employees, your customers, and your business. The dark web is a place where this data is traded and shared. SpyCloud will help you find what out there about you and give you a report so you can be aware. Then they’ll continuously monitor the dark web for any new exposures you should be aware of. To learn more visit spycloud.com/darknetdiaries. Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    137: Predator

    137: Predator
    A new type of mercenary spyware came on the radar called Predator. It’ll infect a mobile phone, and then suck up all the data from it. Contacts, text messages, location, and more. This malware is being sold to intelligence agencies around the world. In this episode we hear from Crofton Black at Lighthouse Reports who spent 6 months with a team of journalists researching this story which was published here: https://www.lighthousereports.com/investigation/flight-of-the-predator/. We also hear from Bill Marczak and John Scott-Railton from Citizen Lab. If you want to hear about other mercenary spyware, check out episodes 99 and 100, about NSO group and Pegasus. To hear another episode about Greece check out episode 64 called Athens Shadow Games. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Akamai Connected Cloud (formerly Linode). Akamai Connected Cloud supplies you with virtual servers. Visit linode.com/darknet and get a special offer. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    136: Team Xecuter

    136: Team Xecuter
    Team Xecuter was a group involved with making and selling modchips for video game systems. They often made mods that allowed the video game system to rip games or play pirated games. It was a crowd favorite in the modding scene. Until it all fell apart. The story of what happened to Team Xecuter must be heard to believe. This episode features Gary Bowser. You can find more about Gary here: https://twitter.com/Bowser_GaryOPA https://garyopa.com/ https://www.gofundme.com/f/garyopa-restarting-his-life?utm_location=darknetdiaries Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. Sources https://www.washingtonpost.com/archive/politics/1994/10/27/ringleader-pleads-guilty-in-phone-fraud/56e551bb-a727-43e8-a3ca-1c1f4cf6ef82/ https://www.justice.gov/sites/default/files/usao/legacy/2010/10/12/usab4304.pdf https://www.eurogamer.net/nintendo-to-appeal-not-guilty-judgement-of-flash-cart-sellers-7 https://www.gamesindustry.biz/nintendo-pounces-on-global-piracy-outfit https://www.justice.gov/opa/pr/two-members-notorious-videogame-piracy-group-team-xecuter-custody https://medium.com/swlh/watch-paint-dry-how-i-got-a-game-on-the-steam-store-without-anyone-from-valve-ever-looking-at-it-2e476858c753#.z05q2nykc https://www.lemonde.fr/police-justice/article/2022/05/27/voler-des-societes-qui-font-des-milliards-qu-est-ce-que-j-en-ai-a-faire-max-louarn-c-ur-de-hackeur_6127821_1653578.html https://www.theverge.com/2020/11/20/21579392/nintendo-big-house-super-smash-bros-melee-tournament-slippi-cease-desist https://www.youtube.com/watch?v=U7VwtOrwceo https://www.youtube.com/watch?v=5sNIE5anpik Learn more about your ad choices. Visit podcastchoices.com/adchoices

    135: The D.R. Incident

    135: The D.R. Incident
    Omar Avilez worked in the CSIRT of the Dominican Republic when a major cyber security incident erupted. Omar walks us through what happened and the incident response procedures that he went through. Breakmaster Cylinder’s new album: https://breakmastercylinder.bandcamp.com/album/the-moon-all-that. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Flare. Flare automates monitoring across the dark & clear web to detect high-risk exposure, before threat actors have a chance to leverage it. Their unified solution makes it easy to rapidly identify risks across thousands of sources, including developers leaking secrets on public GitHub Repositories, threat actors selling infected devices on dark web markets, and targeted attacks being planned on illicit Telegram Channels. Visit https://flare.io to learn more. Sources https://www.wired.com/story/costa-rica-ransomware-conti/ https://malpedia.caad.fkie.fraunhofer.de/details/win.bandook https://www.youtube.com/watch?v=QHYH0U66K5Q https://www.youtube.com/live/prCr7Z94078 https://www.eff.org/deeplinks/2023/02/uncle-sow-dark-caracal-latin-america https://www.bleepingcomputer.com/news/security/quantum-ransomware-attack-disrupts-govt-agency-in-dominican-republic/ https://www.welivesecurity.com/2021/07/07/bandidos-at-large-spying-campaign-latin-america/ Attribution Darknet Diaries is created by Jack Rhysider. Assembled by Tristan Ledger. Episode artwork by odibagas. Mixing by Proximity Sound. Theme music created by Breakmaster Cylinder. Theme song available for listen and download at bandcamp. Or listen to it on Spotify. Learn more about your ad choices. Visit podcastchoices.com/adchoices