Ep 47: Project Raven

en-usSeptember 17, 2019

Podcast Summary

The Internal Conflict of Mercenaries and the Importance of Self-Reflection: Before making important career choices, it's vital to consider not only monetary gains but also personal morals and ethics. Soul-searching can lead to a fulfilling career path and prevent potentially harmful situations.
Mercenaries may work for monetary gains, but they have internal conflict and emotions that can affect their loyalty. David, a former Navy SEAL, rejected the idea of becoming a weapon expert and wanted to make a real difference in people's lives. He pursued a career as an offensive intelligence analyst to track foreign intelligence hacking in the United States. His morals and ethics from majoring in religion and philosophy were still important to him. The rigorous training he underwent made him realize the potential to become someone he didn't want to be. It's important to soul-search and consider the impact of our choices on ourselves and others.
Pushing Boundaries and Pursuing Passion: David's Story of Success in Hacking: To excel in a field, it's important to never give up and constantly find ways to improve. Self-motivation and being open to new opportunities can lead to success beyond limits.
To push beyond your own limits, you have to really want what you're working for. David's story shows the importance of not giving up and always trying to learn to excel in one's field. He built his own lab to practice and improve, and this quality got him recruited into the NSA. With the Navy teaching him formally and his home lab, David became good at hacking and his specialty was not just getting in but also pivoting around, moving laterally, and finding what else is in that network. His story teaches us the benefits of self-motivation, pushing boundaries, and being open to new opportunities.
The Importance of Understanding Job Responsibilities and Contracts.: Before accepting job offers, thoroughly read and understand job responsibilities and contracts to avoid being misled or doing something outside of your comfort zone.
David was recruited by CyberPoint, a hacking company contracted by the US government to conduct offensive work such as tracking terrorist organizations. He and his wife decided to move to Abu Dhabi for a two-year contract with CyberPoint's hacking unit called Project Raven. However, David soon realized that the details given about his duties were not entirely true. He was shown two folders, one for a cover story and the other for his actual offensive cyber operations. Despite the red flags that were present, David thought it was common to experience such fronts and covers for his official duties. This incident highlights the importance of thoroughly understanding job responsibilities and contracts before accepting job offers.
The secret hacking group hired by the UAE government.: The UAE government hired a group of ex-NSA agents and ex-military intelligence-trained individuals to conduct hacking and spying operations. The group used fake identities and Bitcoin to anonymously rent server space to avoid being traced back to the villa.
The UAE government hired a group of mostly American ex-NSA agents and ex-military intelligence-trained individuals to conduct hacking and spying operations. This group, called Project Raven, worked from a villa with facilities like a server room, management office, conference room, operations center, data-processing room, and kitchens. They used fake identities and Bitcoin to anonymously rent server space to avoid being traced back to the villa and the targets included those planning terrorist activity or attacks on UAE infrastructure. It's unclear if Project Raven was legal as sharing classified information is illegal, but David and the mostly Emirati team worked on cyber-spying techniques together to train the Emirati team in hacking.
The Legalities and Consequences of Hacking: Hacking is legal to learn and teach, but hacking into foreign government systems without permission is illegal. Default credentials and common passwords make it easier for hackers to get in, so change your passwords regularly.
Hacking, including setting up phishing emails and using Metasploit, is legal to learn and teach as long as it does not involve proprietary tactics. However, hacking into foreign countries' systems without express written consent from the State Department is illegal. Project Raven, a group working under the UAE government, was collecting communications of potential terrorist threats with the necessary approvals. However, requests to access a foreign government country's network to check if they were funding terrorists and gaining access to the VPN using default credentials was beyond their sanctioned activities. Using easy-to-guess passwords for routers, firewalls, computers, phones, e-mails, and VPN servers makes it easier for hackers to break into the system and move laterally, so it is important to change passwords and not use common ones.
MSPs: A Target for Cyber Espionage: When selecting a managed service provider, organizations must ensure they are cautious and vigilant to protect their sensitive data and prevent potential cyber attacks, as MSPs can be a lucrative target for cyber espionage.
Managed service providers (MSP) are hired by organizations to manage, patch, oversee, and troubleshoot their network devices. Accessing an MSP can provide unauthorized access to numerous clients, making them a lucrative target for cyber espionage. In this case, David's team gained access to the MSP's network, which in turn provided them exposure into multiple government networks including Ministry of Foreign Affairs, their royal family heir line, and military infrastructure among others in the target country. Along with the UAE government, other organizations must be cautious and vigilant while choosing their MSP to ensure the protection of their sensitive data and avoid possible cyber attacks.
Ethical dilemmas faced by cyber-mercenaries and the need for accountability in cybersecurity.: Cybersecurity professionals need to consider the ethical implications of their work, especially when operating in foreign countries, and organizations must be transparent about their objectives while abiding by laws. It's essential to protect civil liberties while using off-the-shelf tools to prevent exploitation.
The story highlights the ethical dilemma faced by David, a cyber-mercenary, who was hired to fight terrorism but was eventually asked to collect intelligence on journalists and human rights activists. The story highlights the need for cybersecurity professionals to consider ethical implications, even when working in a foreign country. David's questioning of his work and Lori's suspicion of the motives of UAE underline the need for organizations to clearly convey their objectives and abide by the laws of the land. The story also emphasizes the importance of using off-the-shelf tools to avoid exposing exploits to potential hackers and the need to protect First Amendment rights to protect the freedom of press and right to peaceably assemble.
Standing up against unethical orders in Project Raven and paving the way for human rights advocacy.: Speak up against unethical practices, prioritize human rights, and strive for a positive change.
Project Raven was asked by the UAE to consider targeting US computers and collecting data on US citizens, which went against the laws set by FISA. David and Lori raised concerns and advised management to push back on this objective. The work done by Project Raven made some of its employees feel uneasy and hesitant. David and several other employees left for the United States. Project Raven continued operations and tasks. Rori Donaghy set up a human rights group that highlighted human rights abuses in the UAE, which gained attention from bigger journalists and changed the international image of the UAE.
UAE Government Targeting Journalists and Activists with Digital Surveillance: Citizen Lab helps protect privacy and security of those targeted by government surveillance. It's crucial to condemn human rights abuses and safeguard the rights of journalists and activists.
The UAE government is surveilling and targeting journalists and activists, including infiltrating their computers and phones to spy on them. The government uses common tactics like controlling social media accounts of arrested dissidents to lure in more activists. This is a frightening and effective way of surveillance that can happen silently and pervasively without the victim's knowledge. Citizen Lab helps those who suspect they're being targeted by spyware or malware from a government. The incident highlights the importance of protecting the privacy and security of journalists and activists, and the need to condemn such human rights abuses.
Human rights activist Ahmed Mansoor imprisoned and spied on by UAE government: The UAE government employs tactics such as imprisonment, false charges, and surveillance to silence those who speak out against their policies, even respected human rights activists like Ahmed Mansoor.
The UAE government is capable of torturing and imprisoning people who speak up against their policies. Ahmed Mansoor, a respected human rights activist, was arrested and charged with a made-up crime of damaging the country's unity. He was sentenced to ten years in prison and his family is also spied on. His arrest was due to him being the lone light in covering human rights abuses in the UAE for many years and his growing stature as an international human rights defender. The government hired ex-NSA people to spy on him and was surveilled through a hacking tool called Karma which was purchased from an outside vendor.
Project Raven: The Secret Surveillance Operation Targeting Journalists: The UAE's Project Raven, with the help of DarkMatter, targeted journalists using the Karma tool which exploited Apple's iMessage flaws. The operation exemplifies the need for more accountability and transparency in government-led cyber espionage.
Project Raven, a secret surveillance operation carried out by the UAE and previously contracted by DarkMatter targeted journalists, including American citizens, through a tool called Karma that exploited flaws in Apple's iMessage. The FBI is investigating the operation and DarkMatter is still operating and working with the UAE government. Lori Stroud, a former employee of Project Raven, came forward with her story to Reuters earlier this year. The story sheds light on the extent of cyber-espionage carried out by governments through private contractors and highlights the need for greater transparency and accountability in such operations.
Controversial Hacking Unit and Company DarkMatter Come Under Fire: Project Raven's offensive missions highlight a lack of oversight from Cyber Point, while DarkMatter faces consequences as major browsers revoke their certificate authority. Google's investigation sheds light on potential vulnerabilities.
Project Raven, a hacking unit based in Baltimore, was set up to help the Emiratis defend their network but over time, the missions changed and it became offensive all on its own without proper oversight from Cyber Point. DarkMatter, a company denied any wrongdoing when Reuters published a report about Project Raven, was granted a sort of certificate authority in 2017. Now, certificates from DarkMatter will show up as untrusted sources after Firefox and Google revoked their root certificate from being trusted. Natalie Silvanovich from Google's Project Zero team took a deep dive to find vulnerabilities in software and tried to figure out how Karma could have worked, after hearing about Project Raven's activities.
Natalie Uncovers iPhone Vulnerabilities & Warns Against Foreign Contracting Jobs: Think twice before accepting overseas contracting jobs. Do research on job responsibilities, location, and company background. Stay vigilant and disclose vulnerabilities to companies to prevent exploitation.
Natalie, a researcher at Project Zero, found three vulnerabilities on iPhone due to which she warned Apple and waited for the company to patch their phones. She then published her report in Black Hat citing that by sending a zip file, an object file inside it could instruct the phone to open a URL that could give a rough idea of a person's location and execute a payload to perform malicious activities. This exploit could make Karma, a notorious spyware tool that uses such vulnerabilities, completely useless. The speaker also cautioned about taking foreign contracting jobs and advised creating a safety net before accepting such offers. One should be aware of the job responsibilities, location, and company's background before going overseas.

Recent Episodes from Darknet Diaries

In this episode, Geoff White (https://x.com/geoffwhite247) tells us what happened to Axie Infinity and Tornado cash. It’s a digital heist of epic proportions that changes everything.

This story comes from part of Geoff’s book “Rinsed” which goes into the world of money laundering. Get yours here https://amzn.to/3VJs7pb.

Darknet Diaries

en-usJuly 02, 2024

146: ANOM

In this episode, Joseph Cox (https://x.com/josephfcox) tells us the story of anom. A secure phone made by criminals, for criminals.

This story comes from part of Joseph’s book “Dark Wire” which you should definitely read. Get yours here https://www.hachettebookgroup.com/titles/joseph-cox/dark-wire/9781541702691.

Darknet Diaries

en-usJune 04, 2024

145: Shannen

Shannen Rossmiller wanted to fight terrorism. So she went online and did. Read more about her from her book “The Unexpected Patriot: How an Ordinary American Mother Is Bringing Terrorists to Justice”. An affiliate link to the book on Amazon is here: https://amzn.to/3yaf5sI. Thanks to Spycast for allowing usage of the audio interview with Shannen. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usMay 07, 2024

undercover operations

144: Rachel

Rachel Tobac is a social engineer. In this episode we hear how she got started doing this and a few stories of how she hacked people and places using her voice and charm. Learn more about Rachel by following her on Twitter https://twitter.com/RachelTobac or by visiting https://www.socialproofsecurity.com/ Daniel Miessler also chimes in to talk about AI. Find out more about him at https://danielmiessler.com/. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

en-usApril 02, 2024

143: Jim Hates Scams

Jim Browning has dedicated himself to combatting scammers, taking a proactive stance by infiltrating their computer systems. Through his efforts, he not only disrupts these fraudulent operations but also shares his findings publicly on YouTube, shedding light on the intricacies of scam networks. His work uncovers a myriad of intriguing insights into the digital underworld, which he articulately discusses, offering viewers a behind-the-scenes look at his methods for fighting back against scammers. Jim’s YouTube channel: https://www.youtube.com/c/JimBrowning Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. This episode is sponsored by Intruder. Growing attack surfaces, dynamic cloud environments, and the constant stream of new vulnerabilities stressing you out? Intruder is here to help you cut through the chaos of vulnerability management with ease. Join the thousands of companies who are using Intruder to find and fix what matters most. Sign up to Intruder today and get 20% off your first 3 months. Visit intruder.io/darknet. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

en-usMarch 05, 2024

142: Axact

Axact sells fake diplomas and degrees. What could go wrong with this business plan? Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usFebruary 06, 2024

information questioning

deceptive situations

ethical practices

141: The Pig Butcher

The #1 crime which results in the biggest financial loss is BEC fraud. The #2 crime is pig butchering. Ronnie Tokazowski https://twitter.com/iHeartMalware walks us through this wild world. Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR & many other compliance frameworks, and provides 24-hour continuous control monitoring so you focus on scaling securely. Listeners of Darknet Diaries can get 10% off Drata and waived implementation fees at drata.com/darknetdiaries. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usJanuary 02, 2024

online identity verification

online relationships

social stigmas

financial scams

emotional manipulation

crypto investments

bec attacks

cybersecurity awareness

fraud prevention

secure transactions

140: Revenge Bytes

Madison's nude photos were posted online. Her twin sister Christine came to help. This begins a bizarre and uneasy story. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usDecember 05, 2023

139: D3f4ult

This is the story of D3f4ult (twitter.com/_d3f4ult) from CWA. He was a hacktivist, upset with the state of the way things were, and wanted to make some changes. Changes were made. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from Quorum Cyber. Their mantra is: “We help good people win.” If you’re looking for a partner to help you reduce risk and defend against the threats that are targeting your business — and especially if you are interested in Microsoft Security — reach out to Quorum Cyber at www.quorumcyber.com/darknet-diaries. Sources https://www.vice.com/en/article/z3ekk5/kane-gamble-cracka-back-online-after-a-two-year-internet-ban https://www.wired.com/2015/10/hacker-who-broke-into-cia-director-john-brennan-email-tells-how-he-did-it/ https://www.hackread.com/fbi-server-hacked-miami-police-data-leaked/ https://archive.ph/Si79V#selection-66795.5-66795.6 https://wikileaks.org/cia-emails/John-Brennan-Draft-SF86/page-7.html Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usNovember 07, 2023

138: The Mimics of Punjab

This episode is about scammers in the Punjab region. Tarun (twitter.com/taruns21) comes on the show to tell us a story of what happened to him. Naomi Brockwell (twitter.com/naomibrockwell) makes an appearance to speak about digital privacy. To learn more about protecting your digital privacy, watch Naomi’s YouTube channel https://www.youtube.com/@NaomiBrockwellTV. And check out the books Extreme Privacy (https://amzn.to/3L3ffp9) and Beginner’s Introduction to Privacy (https://amzn.to/3EjuSoY). Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from SpyCloud. It’s good practice to see what data is getting passed around out there regarding you, your employees, your customers, and your business. The dark web is a place where this data is traded and shared. SpyCloud will help you find what out there about you and give you a report so you can be aware. Then they’ll continuously monitor the dark web for any new exposures you should be aware of. To learn more visit spycloud.com/darknetdiaries. Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usOctober 03, 2023

limited law enforcement resources

Related Episodes

72: Bangladesh Bank Heist

A bank robbery with the objective to steal 1 billion dollars. This is the story of the largest bank robbery in history. And it was all done over a computer. Our guest this episode was Geoff White. Learn more about him at geoffwhite.tech. Check out Geoff’s new book Crime Dot Com. Affiliate link: https://www.amazon.com/gp/product/1789142857/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=1789142857&linkCode=as2&tag=darknet04-20&linkId=bb5a6aa7ba980183e0ce7cee1939ea05 Sponsors This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25. Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up. Learn more about your ad choices. Visit podcastchoices.com/adchoices

en-usAugust 18, 2020

Equifax, Google Chrome, KRACK, and Adobe - Hack Naked News #145

Paul talks about Equifax, TPMs security flaw in Infineon smart cards, Google removes more malicious Chrome extensions from Web Store, a Linux Kernel Privilege Escalation bug discovered, and Equifax. Don Pezet from ITProTV joins us for the expert commentary. Stay tuned, on this episode of Hack Naked News!

→Full Show Notes: https://wiki.securityweekly.com/HNNEpisode145
→Visit our website: https://www.securityweekly.com
→Follow us on Twitter: https://www.twitter.com/securityweekly
→Like us on Facebook: https://www.facebook.com/secweekly

Security Weekly News (Video)

enOctober 17, 2017

Flaw in Apache, Wikileaks Unveils Project Protego, and Linux 4.13 - Paul's Security Weekly #529

The nightmare that is patching IoT devices, essential bug bounty programs, controlling voice assistants, flaws in Apache Struts2, and more security news!

Full Show Notes: https://wiki.securityweekly.com/Episode529

Security Weekly Podcast Network (Video)

enSeptember 12, 2017

2017 Wrap-Up - Secure Digital Life #46

This week, Doug and Russ talk about what's coming up in 2018 and what are the important flashbacks from 2017!

→Full Show Notes: https://wiki.securityweekly.com/SDL_Episode46
→Visit our website: https://www.securityweekly.com
→Follow us on Twitter: https://www.twitter.com/securityweekly
→Like us on Facebook: https://www.facebook.com/secweekly

Secure Digital Life (Video)

enJanuary 02, 2018

Ep 42: Mini-Stories: Vol 2

Three stories in one episode. Listen in on one of Dave Kennedy's penetration tests he conducted where he got caught trying to gain entry into a datacenter. Listen to a network security engineer talk about the unexpected visitor found in his network and what he did about it. And listen to Dan Tentler talk about a wild and crazy engagement he did for a client. Guests A very special thanks to Dave Kennedy. Learn more about his company at trustedsec.com. Thank you Clay for sharing your story. Check out the WOPR Summit. Viss also brought an amazing story to share. Thank you too. Learn more about him at Phobos.io. I first heard Clay's story on the Getting Into Infosec Podcast. Thanks Ayman for finding him and bring that story to my attention. Sponsors This episode was sponsored by CMD. Securing Linux systems is hard, let CMD help you with that. Visit https://cmd.com/dark to get a free demo. This episode was sponsored by Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn't be. Check them out at https://canary.tools. For more show notes and links check out darknetdiaries.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

en-usJuly 09, 2019