98: Zero Day Brokers
Zero day brokers are people who make or sell malware that’s sold to people who will use that malware to exploit people. It’s a strange and mysterious world that not many...
97: The Pizza Problem
What if someone wanted to own your Instagram account? Not just control it, but make it totally theirs. This episode tells the story of how someone tried to steal an Instagram...
96: The Police Station Incident
Nicole Beckwith wears a lot of hats. She’s a programmer, incident responder, but also a cop and Secret Service agent. In this episode she tells a story which involves all of these...
95: Jon & Brian's Big Adventure
Jon and Brian are penetration testers. They’re paid to break into building and hack into networks to test the security of those buildings. In this episode they bring us a story of how they...
Introducing: World's Greatest Con
This is normally my week off, but I wanted to share something with you, another podcast I think is awesome! It's called World's Greatest Con (https://worldsgreatestcon.fireside.fm/). It's a new podcast hosted...
94: Mariposa
Chris Davis has been stopping IT security threats for decades. He’s currently running the company Hyas that he started. In this episode he tells a few tales of some threats that he helped stop.SponsorsSupport...
93: Kik
Kik is a wildly popular chat app. Their website says that 1 in 3 American teenagers use Kik. But something dark is brewing on Kik.
92: The Pirate Bay
The Pirate Bay is a website, a search engine, which has an index of torrent files. A lot of copyrighted material is listed on the site, but the site doesn’t store...
91: webjedi
What happens when an unauthorized intruder gets into the network of a major bank? Amélie Koran aka webjedi was there for one of these intrusions and tells us the story of what happened.You...
90: Jenny
Meet Jenny Radcliffe, the People Hacker. She’s a social engineer and physical penetration tester. Which means she gets paid to break into buildings and test their security. In this episode she tells...
89: Cybereason – Molerats in the Cloud
The threat research team at Cybereason uncovered an interesting piece of malware. Studied it and tracked it. Which lead them to believe they were dealing with a threat actor known as...
88: Victor
Victor looks for vulnerabilities on the web and reports them responsibly. This is the story about discloser number 5780.Listen to episodes 86, and 87 before this one to be caught up on the story leading...
87: Guild of the Grumpy Old Hackers
In 2016 the LinkedIn breach data became available to the public. What the Guild of the Grumpy Old Hackers did with it then is quite the story. Listen to Victor, Edwin, and Mattijs tell their...
86: The LinkedIn Incident
In 2012, LinkedIn was the target of a data breach. A hacker got in and stole millions of user details. Username and password hashes were then sold to people willing to...
85: Cam the Carder
This is the story of Cam Harrison, aka “kilobit” and his rise and fall as a prominent carder.SponsorsSupport for this show comes from IT Pro TV. Get 65 hours of free training...
Linux Kernel Security Done Right
Posted by Kees Cook, Software Engineer, Google Open Source Security TeamTo borrow from an excellent analogy between the modern computer ecosystem and the US automotive industry of the 1960s, the Linux kernel runs well: when driving down the highway,...
Raccoon Stealer Bundles Malware, Propagates Via Google SEO
An update to the stealer-as-a-service platform hides in pirated software, pilfers crypto-coins and installs a software dropper for downloads of more malware.
SAP Customer Survey Reveals False Sense of Security
Many SAP customers have a false sense of security, according to a new report from risk management consultancy Turnkey Consulting and business-critical application security firm Onapsis.
The SAP Security Survey Report 2021 is based on information from over 100 SAP...
BazarCaller – the malware gang that talks you into infecting yourself
Calling someone back feels safer than clicking an unknown link... but it isn't! Remind your friends and family.
‘DeadRinger’ Targeted Exchange Servers Long Before Discovery
Cyberespionage campaigns linked to China attacked telecoms via ProxyLogon bugs, stealing call records and maintaining persistence, as far back as 2017.
