Malicious Life by Cybereason tells the unknown stories of the history of cybersecurity, with comments and reflections by real hackers, security experts, journalists, and politicians.
…
continue reading
The Electronic Frontier Foundation, long time critics of the Computer Fraud and Abuse Act, followed Weev's trial - but did not get involved. For the appeal, however, the organization decided to step it. But althought the EFF had some strong points against the CFAA - the justices, appearntly, had something very different on their mind. Advertising I…
…
continue reading
Much like Aaron Swartz did, Andrew "weev" Auernheimer fought against the Computer Fraud and Abuse Act, a law both men belived to be dangerous and unjust. But unlike Swartz, the internet's own boy, weev is an unapologetic troll who spread bile and chaos wherever he goes, a man who seemed to take pleasure in making others miserable. His fight raises …
…
continue reading
APT-10 is a Chinese nation-state threat actor that in recent years has been targeting Japanese IT & Instrastructure organizations using a sophisticated backdoor malware known as LODEINFO. Recently, Jin Ito & Loic Castel, researchers from Cybereason's IR Team, uncovered a new tool used by the group: NOOPDOOR, which incorporates highly sophisticated …
…
continue reading
1
The Man Who Went To War With Anonymous - And Lost
38:05
38:05
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
38:05
Aaron Barr was en-signals intelligence officer specializing in analytics. As part of HBGary Federal, he came up with a plan to unmask the key leaders of Anonymous, the infamous hacker collective. People who worked with Aaron warned him that his data was sub-par, but the determined vet claimed he had a strong "gut feeling" that he was on the right t…
…
continue reading
1
What Can Organizations Learn from "Grim Beeper"? [B-Side]
35:51
35:51
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
35:51
On 17 and 18 of September 2024, thousands of pagers and hand held radio devices used by Hezbollah, exploded simultaneously across Lebanon and Syria, killing at least 42 terrorists and wounding more than 3,000. Devon Ackerman, Cybereason’s Global Head of Digital Forensic and Incident response and a former Special Agent at the FBI's Operational Techn…
…
continue reading
Could thousands of people keep a secret? Common sense says no—secrets spread, and people talk. But for over a decade, from 2006 to 2017, a website managed to stay under law enforcement’s radar, despite the fact that its many users were participating in illegal activities. The website’s users managed to keep it a secret for such a long time, because…
…
continue reading
1
Operation Snow White, Part 2
30:28
30:28
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
30:28
Scientology spies were trained in all covert operations techniques: surveillance, recruiting agents, infiltrating enemy lines, and blackmail. However, a suspicious librarian and a determined FBI agent brought the largest single spy operation in US government history to an end. Advertising Inquiries: https://redcircle.com/brands…
…
continue reading
1
Operation Snow White, Part 1
29:10
29:10
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
29:10
In 1963, the FDA raided the headquaters of a budding new and esoteric religion - The Church of Scientology. In response to this and similar incidents to come, the church's founder - an eccentric science fiction author named L. Ron Hubbard - would go on to lead the single largest known government infiltration operation in United States history Adver…
…
continue reading
1
Caught in the Crossfire: Infighting and Treason in Russia’s Cyber World
26:18
26:18
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
26:18
On Dec. 5, 2016, two senior Russian Intelligence officers and two civilians were arrested and accused of treason. A few weeks later, when Western journalists were finally able to speak with the men’s lawyers, they learned that the case was based on events that were, oddly enough, already widely known. This made the arrests even more peculiar. As mo…
…
continue reading
1
SNAP Fraud: Getting Rich by Stealing from the Poor
29:15
29:15
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
29:15
SNAP - better known as food stamps - goes back to the Great Depression. ,The physical stamps were replaced with EBT cards in the 1990s, but since these cards are without the secure EMV chip techonolgy, enterprising crimilas found ways to drain funds meant for low-income families. Advertising Inquiries: https://redcircle.com/brands…
…
continue reading
1
The Hollywood Con Queen, Part 2
31:29
31:29
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
31:29
Nicole Kotsianas, an investigator with K2 Intelligence, made it her personal mission to hunt down the Hollywood Con Queen, who crulley tormented her victioms and shattered their dreams. Nicole's efforts bore unexpected fruits, when she discovered that the Con Queen was actually... a man. Advertising Inquiries: https://redcircle.com/brands…
…
continue reading
1
The Hollywood Con Queen, Part 1
34:17
34:17
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
34:17
In 2015, two aspiring script writers flew to Indonesia to meet with executives of a large Chinese film corporation. It was a trap: the Hollywood Con Queen not only coned them out of tens of thousands of dollars, she also cruelly ruined their friendship. Two years later, a corporate investigator working for a big shot Hollywood producer, made a disc…
…
continue reading
1
The Doomed Queen’s Secret Ciphers
30:02
30:02
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
30:02
In the pre-internet era, encryption was a matter of life and death, and the motives behind these ciphers were varied and complex. Discover how George Lasry, a modern codebreaker, uncovered the secrets of Mary, Queen of Scots, hidden in the French National Library for over 400 years. This episode delves into the painstaking process and the historica…
…
continue reading
1
Why Did People Write Viruses In The 80s & 90s?
27:48
27:48
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
27:48
Why did people write malware in the pre-internet days? Back then, there was no way to make money by writing malware. So why write them in the first place? The lack of a financial motivation meant that virus authors had a plethora of other motives - and this diverse mix of motives had, as we shall hear, an interesting effect on the design and style …
…
continue reading
1
Section 230: The Law that Makes Social Media Great, and Terrible
34:34
34:34
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
34:34
Section 230 is the pivotal law that has enabled the rise of social media -while sparking heated debates over its implications. In this episode, we're charting the history of Section 230, from early landmark legal battles, to modern controversies, and exploring its complexities and the proposed changes that could redefine online speech and platform …
…
continue reading
In 2016, Joe Sullivan, former CISO of Facebook, was at the peak of his career. As Uber's new CISO, he and his team had just successfully prevented data from a recent breach from leaking to the internet. But less than a year later, Sullivan was unexpectedly fired from Uber, and three years later, the US Department of Justice announced criminal charg…
…
continue reading
In this episode of ML, we're exploring the history of the well-known Nigerian Prince scam, also known as 419 or advanced fee scam, from its roots in a Parisian prison during the French Revolution, to the economic and social reason why this particular scam became so popular with African youth. Also, will AI make such scams more dangerous - or, count…
…
continue reading
1
Unmasking Secrets: The Rise of Open-Source Intelligence
33:38
33:38
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
33:38
Dive into the world of open-source intelligence (OSINT) in this episode, where we uncover how ordinary citizens use publicly available data to unravel some of the most complex global mysteries. From tracking conflicts in real-time to exposing the truth behind high-profile incidents like the downing of Malaysia Airlines flight MH17, discover how OSI…
…
continue reading
1
The Source Code of Malicious Life
47:29
47:29
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
47:29
A few weeks ago we had a listener’s meetup in New York, and as part of that meetup, I gave a talk in which I discussed how Malicious Life came to be - a story that goes back to my days as a ship's captain in the Israeli Navy - and then about how me and Nate craft the stories that you hear every other week. That last part, I hope, might also be bene…
…
continue reading
In the waning years of the 20th century, amid growing anxieties about the turn of the millennium, one man, Robert Bemer, observed the unfolding drama from his remote home on King Possum Lake. A revered figure in computing, Bemer had early on flagged a significant, looming issue known as the Y2K bug, which threatened to disrupt global systems as cal…
…
continue reading
In the 1950s and 60s - even leading into the 1990s - the cost of storage was so high, that using a 2-digit field for dates in a software instead of 4-digits could save an organization between $1.2-$2 Million dollars per GB of data. From this perspective, programming computers in the 1950s to record four-digit years would’ve been outright malpractic…
…
continue reading
The 2008 Russo-Georgian War marked a turning point: the first time cyberattacks were used alongside traditional warfare. But what happens when the attackers aren't soldiers, but ordinary citizens? This episode delves into the ethical and legal implications of civilian participation in cyberwarfare, examining real-world examples from Ukraine and bey…
…
continue reading
In 1991, Kevin Mitnick was bouncing back from what was probably the lowest point of his life. He began to rebuild his life: he started working out and lost a hundred pounds, and most importantly - he was finally on the path towards ditching his self-destructive obsession of hacking. But just as he was in the process of turning his life around, his …
…
continue reading
For Kevin Mitnick - perhaps the greatest social engineer who ever lived - hacking was an obsession: even though it ruined his marriage, landed him in scary correction facilities and almost cost him his sanity in solitary confinement, Mitnick wasn't able to shake the disease that compelled him to keep breaking into more and more communication system…
…
continue reading
1
SIM Registration: Security, or Surveillance?
31:12
31:12
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
31:12
Right now, hundreds of thousands of people in the southern African country of Namibia are faced with a choice. At the end of next month, their phone service is going to be shut off permanently: to prevent that from happening, they’ll have to give up their data privacy. As a result, nearly two million Namibian citizens are facing a data privacy prob…
…
continue reading
In 2008, The 12 million PCs strong Mariposa Botnet infected almost half of Furture 100 companey - but the three men who ran it were basiclly script kiddies who didn't even knew how to code. Advertising Inquiries: https://redcircle.com/brandsDoor Malicious Life
…
continue reading
1
The Real Story of Citibank’s $10M Hack
32:48
32:48
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
32:48
Valdimir Levin is often presented as "the first online bank robber," and appeares on many lists of the "Top 10 Greatest Hackers." But a few veteran Russian hackers cliam that Levin's infamous hack had been mangled by the journlists who wrote about it. What's the truth behind the 1994 $10.7 million Citibank hack?... Advertising Inquiries: https://re…
…
continue reading
1
How to Hack Into Satellites
30:14
30:14
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
30:14
About a year ago, six academics from Ruhr University Bochum and the CISPA Helmholtz Center for Information Security set out to survey engineers and developers on the subject of satellite cybersecurity. But most of these engineers were very reluctant to share any details about their satellites and their security aspects. Why were satellite engineers…
…
continue reading
When investigators discovered in 1996 that US military networks were being extensively hacked, they didn't realize they were witnessing the birth of what would become Russia's formidable Turla APT espionage group. We uncover the 20-year metamorphosis of this original group of hackers into one of the most sophisticated and dangerous state-sponsored …
…
continue reading
In August 2021, a port in Houston, Texas, was attacked. Over the following months, a series of attacks occurred in various locations, reminiscent of a serial killer's pattern. Targets included telecommunications companies, government agencies, power plants, and water treatment facilities. How did Volt Typhoon manage to evade authorities and analyst…
…
continue reading
By the time Forbidden Stories published its “Pegasus Project” in 2021, NSO was already knee deep in what was probably the worst PR disaster ever suffered by a cybersecurity company - and then, in November 2021, came the fateful blow: the US Dept. of Commerce added NSO to its “Entity List.” Is NSO to blame for its troubles? Could the company have ac…
…
continue reading
NSO Group, creator of the infamous Pegasus spyware, is widely regarded as a vile, immoral company: a sort of 21st century soldier of fortune, a mercenary in the service of corrupt and evil regimes. Yet among its many clients are many liberal democracies, including the US, Germany, the Netherlands and Spain, to name but a few. So, is NSO really as e…
…
continue reading
1
Should You Pay Ransomware Attackers? A Game Theory Approach
32:38
32:38
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
32:38
The FBI explicitly advises companies against paying ransomware attackers - but itself payed 4.4 million dollars worth of Bitcoin after the Colonial Pipeline attack. So, should you listen to what the experts say, or follow what they occasionally do? It’s complicated, but we can model this problem. Advertising Inquiries: https://redcircle.com/brands…
…
continue reading
1
Silent Firewalls: The Underrepresentation of Women in Cyber
29:57
29:57
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
29:57
In the vast landscape of STEM, women constitute a mere 28% of the workforce. Yet, when we zoom into the realm of cybersecurity, the number dwindles even further to a startling 20 to 24 percent. What are the underlying reasons behind this disparity? Advertising Inquiries: https://redcircle.com/brandsDoor Malicious Life
…
continue reading
In 1981, during the G7 Summit in Quebec, French president Francois Mitterand handen President Raegan a top secret collection of documents, called "Farewell Dossier." The information found in the dossier allowed the US to devise a cunning plan - the very first supply chain attack, if you will - to bring a firey end to one of largest industrial espio…
…
continue reading
1
Can We Stop the AI Cyber Threat?
27:07
27:07
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
27:07
Much of the cybersecurity software in use today utilizes AI, especially things like spam filters and network traffic monitors. But will all those tools be enough to stop the proliferation of malware that will come from generative AI-driven cyber attacks? The potential of AI to disrupt cyberspace is far greater than any solutions we’ve come up with …
…
continue reading
1
Is Generative AI Dangerous?
37:58
37:58
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
37:58
Every so often, the entire landscape of cybersecurity shifts, all at once: The latest seismic shift in the field occurred just last year. So in this episode of Malicious Life we’re going to take a look into the future of cybersecurity: at how generative AI like ChatGPT will change cyberspace, through the eyes of five research teams breaking ground …
…
continue reading
1
Why aren't there more bug bounty programs?
33:54
33:54
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
33:54
On the face of it, there's an obvious economic incentive for both vendors and security researchers to collaborate on disclosing vulnerabilities safely and privately. Yet bug bounty programs have gained prominence only in the past decade or so, and even today only a relatively small portion of vendors have such programs at place. Why is that? Advert…
…
continue reading
The constant battle between those who wish to encrypt data and those who wish to break these ciphers has made modern encryption schemes extremely powerful. Subsequently, the tools and methods to break them became equivalently sophisticated. Yet, could it be that someone in the 15th century created a cipher that even today’s most brilliant codebreak…
…
continue reading
1
Roman Seleznev: Did the Punishment Fit the Crime?
38:04
38:04
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
38:04
In 2019, Roman Seleznev, a 34 years-old Russian national, was sentenced to 27 years in prison: A sentence that’d make any criminal quiver. Seleznev's deeds had a horrendous effect on the 2.9 million individuals whose credit cards he stole and sold to cyber criminals for identity theft and financial crimes. On one hand, it’s hard to imagine any nonv…
…
continue reading
1
Sony BMG's Rootkit Fiasco
41:25
41:25
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
41:25
"We made a mistake and Sony paid a terrible price.” A terrible price indeed: an arrogant and ill-advised decision to include a rootkit in its music CDs cost Sony BMG a lot of money - and painted it as a self-centered, self-serving company that cares more about its bottom line than its customers. Why did Sony BMG make such a poor decision? Advertisi…
…
continue reading
In the last episode of our show, we heard the story of Methbot: an army of hundreds of thousands of bots, programmatically viewing thousands of advertisements on thousands of made-up websites in order to siphon away millions of dollars worth of ad revenue. But even the giant Methbot scam was just a drop in the ocean that is ad fraud. Putting Zhukov…
…
continue reading
Right now, a man named Aleksandr Zhukov is sitting in jail for one of the most financially ruinous schemes ever invented for the internet. Zhukov is guilty. He was caught and convicted under a mountain of evidence against him. Except the deeper you look into it, the deeper the well goes. In this episode, we’ll learn how Aleksandr Zhukov defrauded s…
…
continue reading
1
The Economics Of Cybersecurity
26:32
26:32
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
26:32
The numbers can’t be any clearer: a DDoS attack costs less than a hundred dollars, while the price tag for mitigating it might reach tens if not hundreds of thousands of dollars. A single well crafted phishing email can easily circumvent cyber defenses which cost millions of dollars to set up. How can we change the extreame cost asymmetry between a…
…
continue reading
1
The Reason You Don’t Have Data Privacy
37:01
37:01
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
37:01
We’ve all experienced the creepiness of modern data trafficking, but that kind of daily annoyance is the surface of a much bigger issue: Big Tech companies such as Amazon & Microsoft are lobbying policymakers to veto laws that harm their business, and often hide their lobbying behind industry coalitions or organizations with names that are vague an…
…
continue reading
1
How Entire Countries Can Lose the Internet
32:43
32:43
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
32:43
Disruptions to the world’s internet cables happen more often than you think: Whether it be ship anchors or animals or saboteurs, cut a few wires in the right places and at nearly the speed of light you can disrupt or shut off the internet for broad populations of people at a time. It is an immense power that runs through these lines -- a power that…
…
continue reading
In the midst of 35,000 exhilarated spectators eagerly chanting the time-honored countdown to kick off the 2018 Pyeongchang Winter Olympics, a sinister malware crept through the games' network, threatening to disrupt the highly-anticipated event. The obvious question in everyone’s minds was - who was responsible for the attack? Who was vile enough t…
…
continue reading
1
The Lawerence Berkeley Hack, Part 2
35:17
35:17
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
35:17
Oמ May 23rd, 1989, Karl Koch - a 23 years old West German hacker who worked for the KGB - took a drive, from which he would never return: Nine days later his charred remains were found by the police in a remote forest. Was Koch assasinated by the US or the Sovient Union, or is there another, more 'mystical' explanation for his death? Advertising In…
…
continue reading
1
The Lawerence Berkeley Hack, Part 1
29:32
29:32
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
29:32
Four decades ago, three quarters would’ve gone a lot further than they do today. With that kind of loose change you could’ve picked up some milk from the grocery store, or over half a gallon of gas, or a bus ticket. But that doesn’t explain why, on one fateful day in 1986, a systems administrator at the Lawrence Berkeley National Laboratory in Cali…
…
continue reading
1
Russian Propaganda, Explained [ML B-Side]
33:00
33:00
Later Afspelen
Later Afspelen
Lijsten
Vind ik leuk
Leuk
33:00
You may have heard of the cyber operations performed by Russia. You definitely heard about the missiles being fired by Russia at Ukraine - but how about the propaganda being distributed through the different media platforms? In this B-Side episode, our Senior Producer Nate Nelson interviewed Dr. Bilyana Lilly - CISSP, a leader in cybersecurity and …
…
continue reading