Logo
    Search

    Podcast Summary

    • The Increasing Difficulty of Finding Good Social Media Usernames and Tips to Protect Personal AccountsFinding a good social media username can be challenging, and scammers may try to trick users out of their usernames. Protecting personal accounts is crucial. Usernames can also become valuable as a personal brand.

      It's becoming increasingly difficult to find a good username for social media platforms, especially when millions of people are already registered. Some usernames are becoming a valuable commodity, and people are willing to pay for it. Scammers also try to trick people out of their usernames, pretending to be buyers and taking the account without paying. It's important to be careful and protect personal accounts as it represents an online identity. Furthermore, usernames can become valuable as a brand name, and it's necessary to create a strong personal brand out of it just like Miles did by integrating his animal name as his personal brand.

    • Protecting Yourself from SIM-Swapping AttacksBy securing your phone with a passcode, two-factor authentication, and monitoring your accounts, you can protect your phone number and identity from SIM-swapping attacks which can lead to serious consequences such as losing access to your data and accounts.

      SIM-swapping is a type of phone hijacking where hackers take control of your phone number by tricking your mobile provider and getting a new SIM card. The hacker can then reset your passwords, access your email, social media and bank accounts, with serious implications. Phone numbers are often used as a backup recovery method and e-mail providers will store them, sending a text message to verify one's identity. Losing access to one's phone means no network, no data and no connectivity. Therefore, it is important to protect your phone number and identity by securing your phone with a passcode, two-factor authentication, and by monitoring your accounts and transactions.

    • How to Protect Yourself from SIM-Swap Attacks and Social EngineeringStay safe by securing your personal data, using a password manager, and choosing a mobile provider with extra security measures. Be cautious with your phone number and email, especially if you own valuable assets like Bitcoin or usernames on social media.

      A SIM-swap attack can happen to anyone, causing them to lose access to their phone number and email, which can put their sensitive data at risk. Criminals may target people who own a lot of Bitcoin or have valuable social media usernames. The victims can reach out to their tech-savvy friends for help. Miles was lucky to have friends working at Instagram and Twitter who helped him reverse the hack. This experience made Miles realize the importance of securing his personal data and using a password manager. He also switched to a new mobile provider with extra security measures. Social engineering is still a threat, and phone companies can also be vulnerable to it.

    • The Importance of Securing Personal Information OnlineProtecting personal information online is crucial in preventing social engineering attacks. Use security measures like PIN codes and work with service providers to secure accounts and prevent unauthorized access.

      Personal information is scattered all over the internet and it is difficult to remove it entirely, making it easier for hackers to launch informed social engineering attacks. Miles was able to recover from a SIM swap attempt with the help of T-Mobile and secured all his family's phones with PIN codes. He did not give in to the demands of the attacker, who wanted his Instagram handle. The threat of harm to his son was terrifying, but he was strong-willed and worked with T-Mobile to lock everything down. Despite having extra security on his account, the attacker manipulated T-Mobile reps and convinced them to change out the SIM. Having personal information exposed online is a major vulnerability and can lead to serious security breaches.

    • The Unexpected Pizza Attack: a Lesson in CybersecurityStay vigilant by consistently updating security measures, anticipating new types of attacks, and monitoring personal information and online presence to avoid falling prey to cybercrimes.

      Despite having taken several security measures, Miles faced a new type of attack that he hadn't anticipated. He started receiving pizzas at his address without having ordered them, which he suspected to be a hack. The pizza deliveries continued even after informing the pizza companies and they started contacting his girlfriend too. However, no one demanded anything from Miles nor communicated with him in any suspicious manner. This incident highlights the need for continuously updating security measures and being prepared for new types of attacks. It also emphasizes the importance of keeping an eye on one's personal information and regularly monitoring their online presence.

    • The Dark Side of Instagram Handles Market: Harassment and Illegal ActivitiesProtect your online accounts and report any harassment to relevant authorities. Law enforcement agencies need to recognize and take seriously the impact of such harassment on the victims.

      Short and sweet Instagram account handles are in high demand, leading to a marketplace for buying and selling them. However, not all methods of obtaining these handles are legal or ethical, and some individuals resort to harassing and bullying their owners to obtain them, with the intention of making money by flipping them on such marketplaces. This type of harassment can lead to serious consequences such as swatting and fire-trucking, and can leave the victims feeling vulnerable and powerless. It is important to take measures to protect one's online accounts and report any harassment to the relevant authorities. It is also important for law enforcement agencies to recognize and take seriously the impact of such harassment on the victims.

    • Reporting cyber harassment may not guarantee a resolution.Though reporting cyber harassment is essential, the current resources may not provide immediate action. In extreme cases, victims may have to abandon their online presence for safety.

      In situations of cyber harassment, local police and the FBI often have limited resources and may not be able to provide immediate help. It's important to take the issue seriously and report it, but also recognize that this may not guarantee a fully resolved outcome. In extreme cases, victims may have to consider giving up their online presence to protect themselves and their loved ones. It's a sad reality that more needs to be done to protect people from online harassment, especially when it starts to impact personal safety and mental health.

    • Protecting Yourself from Social Media HarassmentEducation is key in preventing social media harassment and cyberattacks. We must be aware of the dangers and take proactive measures to protect ourselves and those around us.

      Social media harassment is a very real and commonly ignored problem that can put people in danger. Traditional law enforcement agencies may not be able to help, leaving victims to find creative ways to protect themselves. It's alarming to know that even people in the tech industry can use their skills to cause harm to others for their own personal gain. However, it's important to understand how these security breaches occur to prevent them from happening in the first place. By educating people about the dangers of social media and cyberattacks, we can hopefully prevent future incidents and protect those who have already fallen victim.

    • The Importance of Protection against Online Harassment and Building a BrandProtecting personal information, understanding the seriousness of harassment, and building a brand on social media require proper measures. Empathy is crucial in dealing with cyberbullying, and laws must exist to ensure accountability for such actions.

      Online harassment can have serious consequences even if the tone seems friendly. Empathy and understanding are crucial in such situations. It is important to safeguard personal information and accounts from potential threats. Bullies use various tactics to gain control, and it is challenging to catch them without proper measures in place. It is necessary to understand the gravity of such actions and protect oneself and loved ones. Harassment is never justified, and it is essential to have laws and mechanisms in place to ensure accountability. Building a brand or persona on social media takes effort, and it is crucial to protect it from misuse and abuse by others.

    • The Importance of Comprehensive Education for Police Officers on Cyber-CrimePolice officers must receive education on cyber-crime, including IP addresses, social media profiles, digital forensics, and OSINT investigations. Failure to take cyber-crime seriously can have tragic outcomes, and victims should report to local and federal agencies. Free training is available to improve knowledge and response.

      Police officers need to have comprehensive education on cyber-crime, including IP addresses, social media profiles, digital forensics, and OSINT investigations. Nicole Beckwith, a former IT security professional and police officer, highlights the lack of knowledge of police officers on cyber-crime and recommends courses to be included in their training. Failure to take cyber-crime seriously by law enforcement can result in tragic outcomes, such as the murder of a stalking victim. Victims of cyber-harassment are advised to report to their local police departments and escalate to federal agencies if necessary. Nicole Beckwith offers free training to police departments to improve their knowledge on cyber-crime.

    Recent Episodes from Darknet Diaries

    146: ANOM

    146: ANOM

    In this episode, Joseph Cox (https://x.com/josephfcox) tells us the story of anom. A secure phone made by criminals, for criminals.

    This story comes from part of Joseph’s book “Dark Wire” which you should definitely read. Get yours here https://www.hachettebookgroup.com/titles/joseph-cox/dark-wire/9781541702691.

    Darknet Diaries
    en-usJune 04, 2024

    145: Shannen

    145: Shannen
    Shannen Rossmiller wanted to fight terrorism. So she went online and did. Read more about her from her book “The Unexpected Patriot: How an Ordinary American Mother Is Bringing Terrorists to Justice”. An affiliate link to the book on Amazon is here: https://amzn.to/3yaf5sI. Thanks to Spycast for allowing usage of the audio interview with Shannen. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    144: Rachel

    144: Rachel
    Rachel Tobac is a social engineer. In this episode we hear how she got started doing this and a few stories of how she hacked people and places using her voice and charm. Learn more about Rachel by following her on Twitter https://twitter.com/RachelTobac or by visiting https://www.socialproofsecurity.com/ Daniel Miessler also chimes in to talk about AI. Find out more about him at https://danielmiessler.com/. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    143: Jim Hates Scams

    143: Jim Hates Scams
    Jim Browning has dedicated himself to combatting scammers, taking a proactive stance by infiltrating their computer systems. Through his efforts, he not only disrupts these fraudulent operations but also shares his findings publicly on YouTube, shedding light on the intricacies of scam networks. His work uncovers a myriad of intriguing insights into the digital underworld, which he articulately discusses, offering viewers a behind-the-scenes look at his methods for fighting back against scammers. Jim’s YouTube channel: https://www.youtube.com/c/JimBrowning Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. This episode is sponsored by Intruder. Growing attack surfaces, dynamic cloud environments, and the constant stream of new vulnerabilities stressing you out? Intruder is here to help you cut through the chaos of vulnerability management with ease. Join the thousands of companies who are using Intruder to find and fix what matters most. Sign up to Intruder today and get 20% off your first 3 months. Visit intruder.io/darknet. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    142: Axact

    142: Axact
    Axact sells fake diplomas and degrees. What could go wrong with this business plan? Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    141: The Pig Butcher

    141: The Pig Butcher
    The #1 crime which results in the biggest financial loss is BEC fraud. The #2 crime is pig butchering. Ronnie Tokazowski https://twitter.com/iHeartMalware walks us through this wild world. Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR & many other compliance frameworks, and provides 24-hour continuous control monitoring so you focus on scaling securely. Listeners of Darknet Diaries can get 10% off Drata and waived implementation fees at drata.com/darknetdiaries. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    139: D3f4ult

    139: D3f4ult
    This is the story of D3f4ult (twitter.com/_d3f4ult) from CWA. He was a hacktivist, upset with the state of the way things were, and wanted to make some changes. Changes were made. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from Quorum Cyber. Their mantra is: “We help good people win.” If you’re looking for a partner to help you reduce risk and defend against the threats that are targeting your business — and especially if you are interested in Microsoft Security — reach out to Quorum Cyber at www.quorumcyber.com/darknet-diaries. Sources https://www.vice.com/en/article/z3ekk5/kane-gamble-cracka-back-online-after-a-two-year-internet-ban https://www.wired.com/2015/10/hacker-who-broke-into-cia-director-john-brennan-email-tells-how-he-did-it/ https://www.hackread.com/fbi-server-hacked-miami-police-data-leaked/ https://archive.ph/Si79V#selection-66795.5-66795.6 https://wikileaks.org/cia-emails/John-Brennan-Draft-SF86/page-7.html Learn more about your ad choices. Visit podcastchoices.com/adchoices

    138: The Mimics of Punjab

    138: The Mimics of Punjab
    This episode is about scammers in the Punjab region. Tarun (twitter.com/taruns21) comes on the show to tell us a story of what happened to him. Naomi Brockwell (twitter.com/naomibrockwell) makes an appearance to speak about digital privacy. To learn more about protecting your digital privacy, watch Naomi’s YouTube channel https://www.youtube.com/@NaomiBrockwellTV. And check out the books Extreme Privacy (https://amzn.to/3L3ffp9) and Beginner’s Introduction to Privacy (https://amzn.to/3EjuSoY). Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from SpyCloud. It’s good practice to see what data is getting passed around out there regarding you, your employees, your customers, and your business. The dark web is a place where this data is traded and shared. SpyCloud will help you find what out there about you and give you a report so you can be aware. Then they’ll continuously monitor the dark web for any new exposures you should be aware of. To learn more visit spycloud.com/darknetdiaries. Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    137: Predator

    137: Predator
    A new type of mercenary spyware came on the radar called Predator. It’ll infect a mobile phone, and then suck up all the data from it. Contacts, text messages, location, and more. This malware is being sold to intelligence agencies around the world. In this episode we hear from Crofton Black at Lighthouse Reports who spent 6 months with a team of journalists researching this story which was published here: https://www.lighthousereports.com/investigation/flight-of-the-predator/. We also hear from Bill Marczak and John Scott-Railton from Citizen Lab. If you want to hear about other mercenary spyware, check out episodes 99 and 100, about NSO group and Pegasus. To hear another episode about Greece check out episode 64 called Athens Shadow Games. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Akamai Connected Cloud (formerly Linode). Akamai Connected Cloud supplies you with virtual servers. Visit linode.com/darknet and get a special offer. Learn more about your ad choices. Visit podcastchoices.com/adchoices

    Related Episodes

    Super Stoked - ESW #172

    Super Stoked - ESW #172

    This week, we talk Enterprise News, to talk about Salt Security API Protection Explained, Thycotic Leads the Way for Cloud-based Privileged Access Management, ZeroFOX launches AI-powered Advanced Email Protection for Google and Microsoft platforms, Elastic Stack 7.6 delivers automated threat analysis and response, and 12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks! In our second segment, we welcome David Waugh, Chief Revenue Officer at Managed Methods, to discuss how K-12 schools are victims of lateral phishing campaigns! In our final segment, we welcome Jeff Deininger, Principal Sales Engineer for the Cloud at ExtraHop, to discuss How to Secure Cloud Workloads & Reduce Friction with Cloud-Native Network Detection & Response!

     

    Show Notes: https://wiki.securityweekly.com/ESWEpisode172

    Visit https://www.securityweekly.com/esw for all the latest episodes!

     

    Follow us on Twitter: https://www.twitter.com/securityweekly

    Like us on Facebook: https://www.facebook.com/secweekly

    Enterprise News - ESW #158

    Enterprise News - ESW #158

    This week, In our first segment, we talk Enterprise News, discussing how ManageEngine launched a holistic take on privileged access security, Avast faced a security breach aimed at messing up its CCleaner, Recorded Future enhanced partnership with ServiceNow to reduce organizational risk, and the Sophos Cloud Optix are now available on AWS marketplace!

    Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode158

    Doom & Gloom - ESW #182

    Doom & Gloom - ESW #182

    This week, we talk Enterprise News, to discuss how Microsoft is to buy Israeli cybersecurity startup CyberX, ExtraHop Data Shows Shifts in IoT Device Usage During COVID-19 Have Broad Security Implications, Immuta and Snowflake help customers share data with automated privacy protection, Code42 Integrates with Palo Alto Networks Cortex XSOAR to Speed and Automate Insider Threat Incident Response, and more! In our second segment, we welcome Matt Cauthorn and Ted Driggs of ExtraHop, to talk about Why the Cloud Stall is Now the Cloud Surge! In our final segment, we welcome Justin Buchanan, Senior Manager of Solutions, Vulnerability Management and Offensive Security at Rapid7, to discuss Effective Goal Setting and Tracking!

     

    Show Notes: https://wiki.securityweekly.com/ESWEpisode182

    To learn more about Rapid7, or to request a Demo, visit: https://securityweekly.com/rapid7

    To learn more about ExtraHop, visit: https://securityweekly.com/extrahop

     

    Visit https://www.securityweekly.com/esw for all the latest episodes!

    Follow us on Twitter: https://www.twitter.com/securityweekly

    Like us on Facebook: https://www.facebook.com/secweekly

    Zoombombers, CyberHeroes, & Bad Bots - SWN #23

    Zoombombers, CyberHeroes, & Bad Bots - SWN #23

    This week, Zoombombers threatened with jail time by FBI, Cybercriminals are trying to cash in on Zoom use, How to protect your Zoom calls, Bad Bots in 2020, CyberHero Comics: Defending your Health, and zoom configurations along with the lack of effective zooming on the zoom camera application!

     

    Show Notes: https://wiki.securityweekly.com/SWNEpisode23

    Visit https://www.securityweekly.com/swn for all the latest episodes!

     

    Follow us on Twitter: https://www.twitter.com/securityweekly

    Like us on Facebook: https://www.facebook.com/secweekly

    Audio Security - PSW #620

    Audio Security - PSW #620

    Wes Widner is the Cloud Engineering Manager at CrowdStrike. Wes will be talking about personal voice assistants are the wave of the future. So naturally we should wonder about the unique attack vectors they pose. I'd like to discuss my research into this field and share a few tips on how you can keep yourself safe around voice assistants. Full Show Notes: https://wiki.securityweekly.com/Episode620

    Visit https://www.securityweekly.com/psw for all the latest episodes!