Malicious Life

By Cybereason

Listen to a podcast, please open Podcast Republic app. Available on Google Play Store.


Category: Technology

Open in Apple Podcasts

Open RSS feed

Open Website
Rate for this podcast
Subscribers: 2101
Reviews: 9
Episodes: 213


 Feb 27, 2023
excellent podcast about the past and present history of cyber security.

ruined
 Jan 29, 2023
why inject liberal bias? i liked this podcast until you went libtard.its only fake news if its not far left. "illegal immigrants today, democrats on welfare tomorrow" - truth. do you live in USA? Did you vote for slobbering idiot monarch?

Arthur
 Mar 24, 2022
One of my favourite podcasts. So many interesting interviews and stories. I nearly always learn something new.


 Oct 15, 2021


 Aug 6, 2021

Description

Malicious Life by Cybereason tells the unknown stories of the history of cybersecurity, with comments and reflections by real hackers, security experts, journalists, and politicians.

Episode Date
The Economics Of Cybersecurity
26:32
The numbers can’t be any clearer: a DDoS attack costs less than a hundred dollars, while the price tag for mitigating it might reach tens if not hundreds of thousands of dollars. A single well crafted phishing email can easily circumvent cyber defenses which cost millions of dollars to set up. How can we change the extreame cost asymmetry between attackers and defenders in cyberspace?
May 15, 2023
The Reason You Don’t Have Data Privacy
37:02
We’ve all experienced the creepiness of modern data trafficking, but that kind of daily annoyance is the surface of a much bigger issue: Big Tech companies such as Amazon & Microsoft are lobbying policymakers to veto laws that harm their business, and often hide their lobbying behind industry coalitions or organizations with names that are vague and seemingly harmless. Will current and future privacy laws actually protect your information, or will they protect the companies collecting your information?
May 01, 2023
How Entire Countries Can Lose the Internet
32:44
Disruptions to the world’s internet cables happen more often than you think: Whether it be ship anchors or animals or saboteurs, cut a few wires in the right places and at nearly the speed of light you can disrupt or shut off the internet for broad populations of people at a time. It is an immense power that runs through these lines -- a power that can be sabotaged or, in the right hands, weaponized.
Apr 17, 2023
Olympic Destroyer
36:00
In the midst of 35,000 exhilarated spectators eagerly chanting the time-honored countdown to kick off the 2018 Pyeongchang Winter Olympics, a sinister malware crept through the games' network, threatening to disrupt the highly-anticipated event. The obvious question in everyone’s minds was - who was responsible for the attack? Who was vile enough to launch such a potentially destructive attack against an event which, more than anything, symbolizes peace and global cooperation?
Apr 03, 2023
The Lawerence Berkeley Hack, Part 2
35:18
Oמ May 23rd, 1989, Karl Koch - a 23 years old West German hacker who worked for the KGB - took a drive, from which he would never return: Nine days later his charred remains were found by the police in a remote forest. Was Koch assasinated by the US or the Sovient Union, or is there another, more 'mystical' explanation for his death?
Mar 20, 2023
The Lawerence Berkeley Hack, Part 1
29:33
Four decades ago, three quarters would’ve gone a lot further than they do today. With that kind of loose change you could’ve picked up some milk from the grocery store, or over half a gallon of gas, or a bus ticket. But that doesn’t explain why, on one fateful day in 1986, a systems administrator at the Lawrence Berkeley National Laboratory in California made such an issue over 75 missing cents.
Mar 08, 2023
Russian Propaganda, Explained [ML B-Side]
33:00
You may have heard of the cyber operations performed by Russia. You definitely heard about the missiles being fired by Russia at Ukraine - but how about the propaganda being distributed through the different media platforms? In this B-Side episode, our Senior Producer Nate Nelson interviewed Dr. Bilyana Lilly - CISSP, a leader in cybersecurity and information warfare with over fifteen years of managerial, technical, and research experience, and author of "Russian Information Warfare" - about the Russian use of instant messaging and social media platforms such as Telegram and Twitter in their war efforts. Dr. Lilly discusses who they are targeting and the real-world impact their propaganda has on various populations. In this B-Side episode, our Senior Producer Nate Nelson interviewed Dr. Bilyana Lilly - CISSP, a leader on cybersecurity and information warfare with over fifteen years of managerial, technical and research experience, and author of "Russian Information Warfare" - about the Russian use of instant messaging and social media platforms such as Telegram and Twitter in their war efforts. Dr. Lilly discusses who they are targeting and the real-world impact their propaganda has on various populations. Dr. Bilyana Lilly, CISSP, is a leader on cybersecurity and information warfare with over fifteen years of managerial, technical and research experience. Dr. Lilly helps boards and senior executives to make strategic decisions while accounting for evolving cyber and geopolitical risk. She is a mentor and speaker at DefCon, CyCon, the Executive Women’s Forum and the Warsaw Security Forum. Dr. Lilly previously worked for the United Nations, Deloitte and the RAND Corporation. She has a PhD and three master’s degrees, including a degree from Oxford University (with distinction). Dr. Lilly has published two books and has been cited in the Wall Street Journal, Foreign Policy, RIA Novosti,, and ZDNet. Jason Bailey is the co-founder and CEO of ClubNFT, a company building the next generation of tools to discover, protect, and share NFTs. Jason is an early collector and proponent of CryptoArt, and he spoke with Nate Nelson, our Sr. producer, about the risks facing sellers and buyers who are unfamiliar with this new technology.
Feb 28, 2023
Operation Ivy Bells
44:31
In the early 1970's, US intelligance pointed at the possibility that the Russians have laid an underwater communication cable between two important naval bases in the Far East. The dangerous mission of installing a listening device on that cable was given to the navy most secretive and unusual submarine.
Feb 20, 2023
Why Do NFTs Disappear? [ML B-Side]
27:21
What happens when an NFT marketplace goes under, and disappears? You would imagine that the users’ NFTs are perfectly safe: after all, the blockchain itself is still there, right? But that’s not how things work in the real world. Jason Bailey is the co-founder and CEO of ClubNFT, a company building the next generation of tools to discover, protect, and share NFTs. Jason is an early collector and proponent of CryptoArt, and he spoke with Nate Nelson, our Sr. producer, about the risks facing sellers and buyers who are unfamiliar with this new technology.
Feb 13, 2023
The (Other) Problem with NFTs
27:45
Physical artworks in museums are usually well-guarded - but digital artworks are something else entirely: in 2021 alone, scammers successfully stole 100 million dollars worth of non-fungible tokens, or NFTs. Yet blockchain technology, where most NFTs live - is one of the most secure technologies in history. Why, then, are NFT collectors keep getting hacked?
Feb 06, 2023
SIM Swapping Follow Up [ML B-Side]
18:18
Today we’re bringing back Haseeb Awan, the founder of Efani Secure Mobile - a bespoke cybersecurity-focused phone service, protecting high-risk individuals against mobile hacks. Haseeb will delve into the technicalities of SIM swapping, explaining the various techniques that hackers use to carry out this fraudulent activity. He will also provide insights into what telecommunication companies can do to prevent SIM swapping and what steps individuals can take to protect themselves from falling victim to this crime. Nate Nelson, our Sr. producer, spoke with Rich Murray, who leads the FBI’s North Texas Cyber unit, about how the Federal Bureau of Investigations dealt with another attack by REvil - this time against the Texas government - and how they managed to figure out who was behind it.
Jan 30, 2023
You Should Be Afraid of SIM Swaps
33:11
If SIM swap stories ever make the news, almost uniformly, they focus on people who lost a lot of money. But SIM swaps also take a psychological toll. Getting cut off from the grid all of a sudden, not knowing why, not being able to call for help. Even when it’s over, you never know if your attackers -- whoever they are -- will come back again.
Jan 23, 2023
FBI vs. REvil [ML BSide]
21:01
A year ago we told you the story of Kaseya: an IT solutions company that was breached on July 2021, and its servers were used to spread ransomware to an estimated 800 to 1500 small to medium-sized businesses. Nate Nelson, our Sr. producer, spoke with Rich Murray, who leads the FBI’s North Texas Cyber unit, about how the Federal Bureau of Investigations dealt with another attack by REvil - this time against the Texas government - and how they managed to figure out who was behind it.
Jan 16, 2023
Cyberbunker, Part 2
31:36
Spamhaus's decision to add Cyberbunker to its list of Spam sources led the Stophaus coalition to initiate a DDoS attack later dubbed “The attack that almost broke the Internet.” The fallout from this attack led to Cyberbunker relocating to a bunker in Germany - but it was the involvement of an Irish drug lord known as 'The Penguin' that led to the bullet-proof hosting company's downfall.
Jan 10, 2023
Cyberbunker, Part 1
27:16
Sven Kamphuis and Herman Johan Xennt are quite dissimilar: one is young, the other is old, one is a Freedom Fighter, the other a businessman. In 1996, their unlikely partnership coalesced around a mutual deep hatred towards authority - and around a very unusual building: a Cold-War era nuclear bunker.
Jan 02, 2023
How Netflix Learned Cloud Security [ML B-Side]
20:15
2011 was a pivotal year for Netflix: the now hugely successful company was then in the midst of a formidable transformation, changing from a mail-based DVD rental service to the modern streaming service that it is today. It was at this crucial point in the company’s history that Jason Chan, our guest in this episode, was hired by Netflix to lay the foundations for its cloud security protocols. Nate Nelson, our Sr. Producer, spoke with Jason about the decade he spent at the company, what he learned during his tenure there, and the ideas that took shape at that time, such as Chaos Engineering.Nate Nelson, our Sr. producer, spoke with Dr. Cohen about his early research into computer viruses, his work with the US army, the panicky response from the US government - and the parallels between computer viruses and mental viruses - i.e. memes.
Dec 26, 2022
Fred Cohen: The Godfather of Computer Viruses [ML B-Side]
29:53
In his 1984 seminal paper - "Computer Viruses: Theory and Experiments" - Dr. Fred Cohen not only introduced the name ‘computer virus’, a term invented by his mentor, Leonard Adelman, but was also the first to analyze computer viruses in a rigorous mathematical way, proving that computer viruses were not only practical - but that they were in fact inevitable. Nate Nelson, our Sr. producer, spoke with Dr. Cohen about his early research into computer viruses, his work with the US army, the panicky response from the US government - and the parallels between computer viruses and mental viruses - i.e. memes.
Dec 19, 2022
Thamar Reservoir
36:19
Thamar Gindin is an Israeli scholar whose research focuses on the Persian language. For the past seven years (at least) Thamar has been a target for an endless stream of spear-phishing attempts by the Iranian regime, trying to take over her email account and lure her away from her country's borders. Her family, friends, and colleagues have also suffered numerous attacks. So, how does it feel to live for years with a virtual target mark on your back?...
Dec 13, 2022
The Problem With Kernel-Mode Anti-Cheat Software [ML B-Side]
33:39
Nobody likes cheaters, especially in video games: we play games to have fun, and nothing hurts the joy of playing a good game more than losing to a cheater. That is why EA is not the only publisher to implement kernel-mode anti-cheat software in their games: League of Legends and Valorant, for example, use similar software. Yet some people warn that installing such kernel-level systems is extremely dangerous. So, what's the problem with kernel-mode anti-cheat software?
Dec 06, 2022
Norse Corp.: How To NOT build a cybersecurity startup
39:08
When it was founded in 2011, Norse Corp. - which described itself as "the world's largest dedicated threat intelligence network" - had everything a promising startup could wish for: a charismatic and experienced founder, a rare and valuable technology, and few tens of millons of dollars from investors. Less than six years later, it all came crashing down in the most horrible death a business can experience. What went wrong in Norse Corp.?
Nov 28, 2022
Jailbreaking Tractors [ML BSide]
24:06
John Deere, an American agricultural machinery manufacturer, has recently enraged many farmers and digital rights activists due to the restrictive fixing policy of its tractors. Now, an Australian white hat hacker named Sick Codes has demonstrated not only how he was able to jailbreak the company’s tractors and run Doom on them (because why not) - but also hack into its global operations center, demonstrating how hackers can easily take over a huge number of farming machines all over the world.
Nov 23, 2022
The Russian Business Network
31:28
In 2006 the Russian Business Network pivoted its business: the once legitimate ISP became a ‘bullet-proof' hosting service, catering to the needs of cybercriminals. It quickly became the largest player in the Russian cybercrime landscape, with ~60% of all cybercrime activity related to Russia connected to it in some way. Following the Russian government’s years-old tradition of collaborating with organized crime, it's no wonder that the Russian Business Network quickly became Putin’s informal cyber attack arm.
Nov 14, 2022
What can chess grandmasters teach us about Cyber? [ML BSide]
23:42
Sports is not something that you usually hear mentioned when people talk about cybersecurity - but Chris Cochran and Ron Eddings, co-founders of Hacker Valley Media, believe that cyber professionals can take inspiration from MMA wrestlers and Chess Grandchampions to get to their own version of Peak Performance.
Nov 08, 2022
LabMD Vs. The FTC
39:04
One day in 2008, Michael Daugherty - CEO and owner of LabMD, a cancer detection lab - got a call from an executive of TiVera, a cybersecurity company. The caller said that a file containing private medical data of some 9000 of LabMD's patients has been discovered online. When Michael refused to pay for TiVersa's hefty "consultation fee", it reported the incident to the FTC. This was the beginning of a ten-year-long legal battle that ultimately destroyed LabMD - but cost the Federal Agency dearly.
Oct 31, 2022
What Would Happen if CBS Got Hacked? [ML BSide]
22:14
Media companies probably get hacked no more than other, non-media oriented organizations such as hospitals, banks, etc. But these hacks are often more visible and more memorable because… well, media companies are more public facing by their very nature. How can these organizations be hacked, and why should we care about such attacks? Nate Nelson spoke with Joel Molinoff, former chief information risk officer for CBS Corporation, and Dan Vasile, former vice president of information security at Paramount. 
Oct 24, 2022
Hacking Stock Markets, Part 2
29:43
Financial markets make good targets for criminals: after all, that's where the big money is. Surprisingly, many of these criminals are not your run-of-the-mill black hat hacker, but brokers registered with the SEC: Genuine finance industry professionals.
Oct 18, 2022
Vishing: Voice Scams [ML BSide]
25:23
Authentication has come a long way since the 1980s or 90s. But when it comes to phone calls - we’re still in the Middle Ages. Vishing, or Voice Scams, are probably as old as the Telephone itself, yet it is still very easy to impersonate someone over the phone or spoof a phone call’s origin. Rachel Tobac is a hacker and the CEO of SocialProof Security, where she helps people and companies keep their data safe by training and pen-testing them on social engineering risks. Rachel spoke with Nate Nelson, our Sr. producer, about Vishing: how common is it, where attackers get the information they need to impersonate someone from, and the many many psychological tricks they can employ to fool the person on the other side of the call.
Oct 10, 2022
Hacking Stock Markets, Part 1
29:57
In any trading market, at any time in history, no matter where you are, the most important thing you can possess isn’t actually money, or influence, or anything like that. Knowledge -- in particular, knowing something before everybody else -- is far more valuable. Some traders are willing to go to great lengths to get it before anyone else. In some cases, they’ll apply great ingenuity to the problem - but in others, they’ll use manipulation -- hacking into these technologies to gain an unfair advantage, and make a fortune along the way.
Oct 04, 2022
What it’s Like to Fight LulzSec [ML B-Side]
24:24
The name Lulzsec is probably very familiar to listeners who were around in 2011, when this hacking group was at the peak of its nefarious activity. As their name implies, Lulzsec was known for trolling their victims: their childish behavior might have fooled some people into thinking that Lulzsec was mostly harmless - but as the story you’re about to hear will show, they were anything but.
Sep 27, 2022
“King Kimble”: Kim DotCom
32:49
The US government says that Kim Schmitz, better know as Kim DotCom, is the leader of a file sharing crime ring. He sees himself as a an internet freedom fighter: a fugitive on the run from vindictive overly-powerful governments. Can King Kimble escape the wrath of the USA?
Sep 19, 2022
Hacking Multi-Factor Authentication [ML B-side]
26:06
Multi-Factor Authentication (MFA) is usually considered a better solution for authentication than just using passwords. But Roger Grimes, a veteran security professional, and a Data-Driven Defense Evangelist claims that the sense of security current MFA solutions provides us - is false.
Sep 13, 2022
Hacking Language Models
27:31
Language models are everywhere today: they run in the background of Google Translate and other translation tools; they help operate voice assistants like Alexa or Siri; and most interestingly, they are available via several experiential projects trying to emulate natural conversations, such as OpenAI’s GPT-3 and Google’s LaMDA. Can these models be hacked to gain access to the sensitive information they learned from their training data?
Sep 05, 2022
Software Bill of Materials (SBOM) [ML B-side]
25:20
In May 2021, Following the Solarwinds and the Colonial Pipeline attacks, the Biden administration published a presidential Executive Order mandating the use of SBOMs - Software Bill of Materials - in all government agencies. What are SBOMs and how useful are they in cybersecurity? Nate Nelson talks to two experts: Allan Friedman (CISA) and Chris Blask (Cybeats).
Aug 31, 2022
Leo Kuvayev– The Czar of Spammers
32:06
Criminals, particularly cyber criminals, aren’t “good” people; in most cases, they do have their own personal boundaries. Every once in a while, you encounter a criminal who’s different. Someone who seems not to have limits at all. A ruthless person, for whom the goal truly justifies the means. Leo Kuvayev is that kind of a person - and that made him so successful as a cyber-criminal. But even a genius criminal can go just one step too far.
Aug 22, 2022
“A CISO’s Nightmare”: Israel Baron on Railway Security [ML B-side]
26:26
Railway systems are a mess of old systems built on top of older systems, running ancient operating systems and exposing their most sensitive inner workings to commuters via WIFI. Why are railway systems so difficult to defend, and what are the most probable attack vectors against them? Nate Nelson, our senior producer, speaks with Israel Baron, Israel Railway's first ever CISO.
Aug 15, 2022
“Designed by criminals, for criminals”: Operation Trojan Shield
27:12
The Anom was the holy grail of dark, illegal communication: a mobile phone that could send encrypted messages, and even included a secret Kill-Switch to foil attempts by law enforcement agents to get to its contents. Thousands of criminals used the Anom, certain that they were completely safe from the police... They were wrong.
Aug 08, 2022
Andrew Ginter: A 40-Year-Old Backdoor [ML B-Side]
29:18
Ken Thompson is a legendary computer scientist who also made a seminal contribution to computer security in 1983, when he described a nifty hack that could allow an attacker to plant an almost undetectable malicious code inside a C compiler. Surprisingly, it turns out a very similar hack was also used in the Solarwinds attack.
Aug 01, 2022
Silk Road: The Amazon of drugs, Part 2
33:56
Silk Road’s success did more than bring the site more sellers and buyers, it also brought it more attention from law enforcement agencies as well as malicious hackers and other shady characters. Some of these shady characters, it turns out, were part of the task force aiming to shut down Silk Road...
Jul 25, 2022
Kurtis Minder: Ransomware Negotiations [ML B-Side]
30:20
Your organization was hit by ransomware, and it is now time to reach out to the hackers and negotiate the terms of a deal that will bring back your data, and (hopefully) won’t leave the company’s coffers empty. But before you sit down in front of your computer and fire off a message to the hackers - stop. Are you sure that you know what you’re doing? Are you certain that you won’t screw up the negotiations and do more harm than good? 
Jul 18, 2022
Silk Road: The Amazon of drugs, Part 1
21:42
Ross Ulbricht always had a thing with testing his limits. He was also an avid libertarian who wanted to change the world. And so, in 2010, he came up with the idea to build a truly free market: a website where anybody can buy and sell anything - including illegal drugs - anonymously: the ultimate experiment in individual freedom.
Jul 11, 2022
Jacob Goldstein: The Future Of Bitcoin [ML B-Side]
23:00
Will BitCoin and the other cryptocurrencies be able to replace money as we know it today? will governments embrace a future where they have no control over their currencies? Jacob Goldstein (Planet Money, What's Your Problem) talks to Nate Nelson about what the future holds for BitCoin.
Jul 04, 2022
The “Cypherpunks” Who Invented Private Digital Money
32:56
Years before credit cards transactions gave banks and data-brokers free access to our private financial information, a man named David Chaum became the first person to really, materially grapple with the problem of privacy in money. His ideas inspired a movement of "Crypto Anarchists" who aspired to change money, forever.
Jun 27, 2022
Malicious LIVE: Celebrating 5 Years of Malicious Life
56:12
A recording of last week's special Malicious Live Ask Us Anything event: How did Malicious Life come to be? How do we choose the stories we tell, who was Ran's most memorable guest - and why does Nate keep inserting weird names into the scripts?...
Jun 20, 2022
Hackers vs. Spies: The Stratfor Leaks, Pt. 2
32:09
In June 2011, a Con Edison truck was parked outside of Hector Monsegur's New York apartment, every day for over a week. But Hector - better known as Sabu, the ringleader of the LulzSec hacking group -wasn't fooled: he guessed, correctly, that the FBI was on to him. But it turned out that of all the people who broke or disregarded the law in this particular story, only one man had a reason to worried: Jeremy Hammond.
Jun 14, 2022
Hackers vs. Spies: The Stratfor Leaks, Pt. 1
34:07
George Friedman and Jeremy Hammond are two very different people: the former is a capitalist middleman, the latter an anarchist-communist hacker. A spy - and a hacker. But in certain respects, they’re actually quite similar: in what lines are they willing to cross to get to their goal.
Jun 07, 2022
Catching A Cybercriminal [ML B-Side]
28:43
AbdelKader Curnelius, a German Threat Researcher and an expert on the cybercrime ecosystem in German-speaking countries - shares a story about how he helped the German police put a sophisticated local cybercriminal behind bars, by uncovering tiny mistakes that this hacker did in the past.
May 30, 2022
What The LinkedIn Hack Taught Us About Storing Passwords
30:28
In June 2012, an anonymous hacker posted a list of 6.5 Million encrypted passwords belonging to LinkedIn users on a Russian hacker forum. It was soon discovered that these passwords were hashed using an outdated and vulnerable hashing algorithm - and were also unsalted. The lawsuits followed suit shortly… what is 'hashing' and 'salting', and can we trust big organizations to keep our secrets safe?
May 24, 2022
Operation CuckooBees [ML B-Side]
26:06
Assaf Dahan, Threat Research Lead at Cybereason's Nocturnus team, describes a recently discovered cyber-espionage campaign targeting the Defense, Energy, Aerospace, Biotech and Pharma industries conducted by APT 41, AKA Winnti Group - a Chinese state-sponsored APT group known for its stealth and sophistication.
May 17, 2022
How to Russia-Proof Your Democracy [ML B-Side]
27:11
In 2007, Estonia - then already a technologically advanced country - suffered a large-scale DDoS attack which crippled many organizations and digital services. Joseph Carson, a Security Scientist and an adviser to several governments and conferences, talks with Nate Nelson about the lessons learned from that event, and how Estonia became what he calls 'A Cloud Country'."
May 09, 2022
Operation Sundevil and the Birth of the EFF
24:01
In May 1990, officials from several law enforcement agencies gathered in Phoenix, Arizona, to announce a nationwide crackdown on illegal computer activity. This massive operation, carried out by hundreds of Secret Service and FBI agents, was focused on a new type of crime: Hacking. Yet as Isaac Newton said, for every action there is an equal and opposite reaction, and the reaction to Operation Sundevil was the birth of a new power in the cybersphere: the Electronic Frontier Foundation.
May 02, 2022
MITRE Attack Flow [ML B-Side]
34:28
The MITRE Attack Flow Project is essentially a new way to visualize, analyze and share knowledge about sequences of adversary behavior. Ingrid Skoog, Ass. Director of R&D at the Center for Threat-Informed Defense, and Israel Barak - Cybereason's CISO, spoke with Nate Nelson about the benefits of the MITRE Attack Flow project to defenders and executives alike.
Apr 25, 2022
The Aaron Swartz Story
31:46
When 24-year-old Aaron Swartz was caught scraping millions of science articles off of JSTOR, he faced up to 35 years in prison plus a fine of up to 1 million dollars. Did Aaron's crime justify such a harsh punishment?
Apr 19, 2022
The Russia-Ukraine Cyberwar [ML B-Side]
35:08
Before it invaded Ukraine, Russia was considered - and rightfully so - a cyber superpower. But a month and a half into the war, the lights in Ukraine are still on, as well as cellular communications and other important infrastructure. Lior Div (Cybereason's CEO), Yonatan Striem-Amit (CTO & Co-founder), and Sam Curry (CSO), talk about what we learned so far about the conflict - and what we might see in the future.
Apr 11, 2022
DIE – A New Paradigm for Cybersecurity [ML B-Side]
It’s not every day that we have a guest who’s suggesting a new paradigm for cybersecurity. Sounil Yu, CISO and Head of Research at JupiterOne, talks about a new framework for designing secure systems, a framework he calls D.I.E: acronym for Distributed, Immutable and Ephemeral. Sounil asks us to treat our precious data less like Pets, and more like Cattle. Sounds confusing? New paradigms always are.
Mar 28, 2022
Cyber PTSD
We usually count the damage from a cyberattack in Dollars and Euros, but the psychological damage to the victims is rarely discussed, if at all. So, what is the psychological and emotional toll from cyberattacks? Can scams, hacks, and breaches lead to Cyber Post-Traumatic Stress Disorder?
Mar 22, 2022
How Resilient Is Our Banking System? [ML B-Side]
What is the most critical of all critical infrastructure? Is it Electricity? Water Supply? According to Jeff Engles, CEO of Conquest Cyber, it's our Banking and Finance systems. Jeff spoke with Nate Nelson, our Senior Producer, about the resilience of our financial system, worst-case scenarios, and will backups be able to save our butts if and when?
Mar 16, 2022
Crypto AG, Part 3: The Truth Is Revealed
By the 1970s, Crypto AG was a large and thriving company, employing over 400 people. This final episode of the series is going to explore how a spying operation affecting over 100 countries, for 70 years, was kept secret the whole time -- from governments, from militaries and intelligence services, and even the company’s own personnel.
Mar 08, 2022
Quantum Cyber Security [ML B-Side]
28:53
Quantum Computing is a fascinating and revolutionary technology that has been gaining significant ground in the past decade, with researchers from both academia and the commercial sector - such as Google and IBM - announcing major breakthroughs every few weeks. Mike Redding, CTO of Quantropi, a company specializing in Quantum Encryption - claims that this revolution is even closer than most of us think.
Feb 28, 2022
Crypto AG, Part 2: The Death of Bo Jr.
How did Boris Hagelin succeed in selling compromised cipher machines to half the world, for more than 50 years? Some have speculated that it was some kind of backdoor. But, no - it was more clever than that... but Bo Jr., Hagelin's son, who became an important part of his father's company, did not approve of the secret deal with the NSA...
Feb 21, 2022
Why Do APTs Use Ransomware? [ML B-Side]
17:05
Assaf Dahan, Head of Threat Research with the Cybereason Nocturnus Team, discusses new discoveries about Iranian APTs Moses Staff and Phosphorus that blur the line between state-sponsored attacks and criminal activity.
Feb 14, 2022
Crypto AG – The Greatest Espionage Operation Ever, Part 1
27:10
General McArthur, Egpyt's Anwar Sadat, and Iran's Ayatollah Khomeini: These are just a few of the dozens, likely hundreds of targets of arguably the biggest, most ambitious hacking operation ever. A secret mission that lasted nearly a century, and influenced the course of so many of the most important events of history. The history you thought you knew.
Feb 07, 2022
Why aren’t SMBs investing in Cyber Security? [ML B-Side]
22:51
Attacks against Small-to-Medium size businesses currently represent roughly 40% to 50% of all data breaches. Josh Ablett, founder and CISO of Adelia Risk, speaks with Nate Nelsn about the kind of security he usually finds in SMBs when he’s called in to make an initial security assessment - spoiler: not a pretty picture - the impact of data breaches on SMBs, and what role do insurance companies play in improving the state of security in that often overlooked segment of the industry.
Jan 31, 2022
The Bloody Origins of Israel’s Cyber Security Industry
35:46
Israel is a small country - yet its cyber security industry is exceptionally successful. In this episode, we go back to the Yom Kippur War of 1973, to discover how a national trauma and an Intelligence failure paved the way for Israel to become a cyber security mini-empire.
Jan 25, 2022
Hacker Highschool: Pete Herzog [ML BSide]
28:53
Pete Hertzog is a security expert and an educator with a vision: he wants our kids to learn about cybersecurity, and not just about not talking to strangers online - he wants them to learn even more advanced stuff, such as security analysis and hacking. Pete spoke with Nate Nelson about his Hacker Highschool initiative, and the lessons he learned from it.
Jan 17, 2022
The Mystery of Cicada 3301
35:00
"Hello. We are looking for highly intelligent individuals. To find them, we have devised a test." These words, found in a message posted on 4Chan in January 2012, started a global 'treasure hunt' - with thousands of puzzle-loving and curious individuals desperately competing with one another to be the first to crack the devilish puzzles created by the mysterious Cicada 3301. Who is Cicada, and what are their goals?
Jan 10, 2022
How the Internet Changed the NSA [ML BSide]
36:13
In the late ’80s to early 2000s, the NSA transitioned from being a hardware-first organization - that is, creating and operating physical spying devices - to software-first: excelling in hacking networks, tracking people online, etc. That transition was by no means easy: the NSA, by that point, was a huge organization - and big organizations are notorious for being very resistant to change. Jeff Man, our guest today, was one of the first people at the NSA to make the transition from hardware to software, and he shares with us his experiences from that period.
Jan 03, 2022
Does Code === Free Speech?
30:36
When the FBI asked Apple, following the 2015 mass shooting in San Bernardino, to write code that would give the FBI access to a suspect's iPhone - Apple refused, arguing that forcing it to write code goes against the First Amendment. Apple's claim wasn't the first time that this highly controversial claim was invoked in judicial proceedings…
Dec 27, 2021
A digital ‘vaccine’ for Log4Shell [ML BSide]
19:12
A digital 'vaccine' was released to address Log4Shell, which has been called 'the single biggest, most critical vulnerability ever.' Nate Nelson talks to Yonatan Striem-Amit, CTO & Co-Founder of Cybereason (our sponsor) about the vulnerability, and about Cybereason's unusual vaccine: software that uses the same vulnerability to close the breach.
Dec 20, 2021
Shawn Carpenter: A Cyber Vigilante
37:07
In 2003, Shawn Carpenter - an employee of Sandia National Laboratory - was at a crossroads: should he ignore a Chinese attack against U.S. targets, as his superiors ordered him to do - or do what he thinks is right, and continue investigating the case on his own?
Dec 14, 2021
“Ransomware Attackers Don’t Take Holidays” [ML BSide]
21:25
Last month, in November of 2021, Cybereason - our show’s sponsor - released a special report titled: “Organizations at Risk: Ransomware Attackers Don’t Take Holidays”, focusing on the threat of ransomware attacks during weekends and holidays. Nate Nelson, our Sr. producer, talked with Ken Westin, Cybereason’s Director of Security Strategy, about why attackers love holidays and weekends, and why ransomware attacks during these times are so effective and dangerous.
Dec 06, 2021
Tay: A Teenage Bot Gone Rogue
28:45
In March, 2016, Microsoft had something exciting to tell the world: the tech giant unveiled an AI chatbot with the personality of a teenager. Microsoft Tay - as it was nicknamed - could tweet, answer questions and even make its own memes. But within mere hours of going live, Tay began outputting racist, anti-Semitic and misogynist tweets.
Nov 30, 2021
Wild West Hackin’ Fest [ML BSide]
36:14
The Wild West Hackin’ Fest is a unique security conference. Not only because it's held in South Dakota and not only because of the Wild West visual vibe - but also because of the emphasis it puts on diversity and lowering the entry barriers for people who wish to join the world of information security. Eliad Kimhy talks to John Stand, one of the conference's founders.
Nov 23, 2021
Operation Flyhook, Part 2
27:15
To capture Alexey Ivanov and his business partner and bring them to justice, the FBI created an elaborate ruse: a fake company named 'Invita', complete with a fake website and a fake office building. Ray Pompon, a security professional, was brought in as an 'evil security consultant", to convince Alexey to demonstrate his hacking skills on a pre-arranged honeypot...Alexey came up with a 'brilliant' idea: hacking American corporations, and then blackmailing them - forcing them to hire his services as a 'security consultant.'
Nov 15, 2021
IP Hijacking [ML BSide]
36:17
by China Telecom and routed through China. In 2017, traffic from Sweden and Norway to a large American news organization in Japan was hijacked - also to China - for about 6 weeks. What is IP Hijacking (a.k.a. BGP Hijacking), and what are its security implications? Nate Nelson talks to Dr. Yuval Shavitt, from from Tel Aviv University‘s Cyber Research Center.
Nov 09, 2021
Operation Flyhook, Part 1
27:39
Alexey Ivanov was exactly the kind of person to benefit from the early-2000's dot-com boom: He was bright, talented, and knew his stuff. His only problem was the fact that he was born in Chelyabinsk, a sleepy Russian town in the middle of nowhere…when he sent his resume to American companies, nobody was willing to bet on him. Alexey came up with a 'brilliant' idea: hacking American corporations, and then blackmailing them - forcing them to hire his services as a 'security consultant.'
Nov 01, 2021
In Defense Of The NSA [ML B-Side]
35:20
The NSA is one of the world's most formidable and powerful intelligence agencies. Some people fear that the National Security Agency’s advanced capabilities would one day be directed inwards, instead of outwards. Are those fears justified? Is the NSA more dangerous than it is useful? Nate Nelson spoke with Ira Winkler, who started his career at the NSA.
Oct 26, 2021
Marcus Hutchins: A Controversial Hero
33:58
In May 2017, Marcus Hutchins - AKA MalwareTech - became a hero for stopping WannaCry, a particularly nasty ransomware that spread quickly all over the world. Yet his fame also brought to light his troubled past as the teenage Black Hat hacker who created KRONOS, a dangerous rootkit. Should a criminal-turned-hero be punished for his past crimes?…
Oct 18, 2021
Operation GhostShell [ML B-Side]
22:43
In July, 2021, Nocturnus - Cybereason’s Threat Research and Intelligence team - was called to investigate an espionage campaign targeting Aerospace and Telecommunications companies, mainly in the Middle East. Their investigation resulted in the discovery of a new threat actor that has been operating since at least 2018, and new and sophisticated malware that abuses Dropbox. Nate Nelson, Our Sr. producer, spoke with Assaf Dahan - senior Director and Head of Threat Research at Nocturnus - about the investigation. Find the full report about "Operation GhostShell" at: www.cybereason.com/ghostshell
Oct 11, 2021
Smart TVs: A New Battlefield
34:10
Smart Homes are slowly but surely becoming a part of our everyday lives, and so far it seems that Smart TVs - equipped with microphones, cameras, and an internet connection - are the weakest link. What are the current and potential threats against smart TVs - and is a person's smart home, still his castle?...
Oct 04, 2021
The MITRE ATT&CK Framework [ML B-Side]
24:13
In some ways, cyber security is like Art - and that’s not a good thing… MITRE’s ATT&CK framework tries to make sense of the collective knowledge of the security community, and share that knowledge so that cyber defence become less an art form, and more about using the correct tools and technique. Nate Nelson, our Sr. producer, talks with Israel Barak - Cybereaon’s CISO and a regular guest of our podcast - about MITRE ATT&CK, and how it can help your organization stay safe.
Sep 27, 2021
Should The U.S. Ban Chinese and Russian Technology?
35:24
Every year, seemingly, there’s a new story of some software - like 'Tik Tok' or 'FaceApp' - from a hostile country that may or may not be a security threat to us in the west. So what should be done in cases like this? What if the U.S. just banned all technology from Russia and China? Is it a good idea? Is it even possible?
Sep 20, 2021
Jack Rhysider, Darknet Diaries [ML B-Side]
32:44
Darknet Diaries, Jack Rhysider's show, is the most popular cyber security podcast - and one of the most successful tech podcasts in the US in general. Eliad Kimhy spoke with Jack about the origins of Darknet Diaries, his heroes and role models, and the effect the show’s success has had on his personal life - which, you might be surprised to discover, wasn’t always 100% positive.
Sep 13, 2021
The Tesla Hack
31:08
It's every company's nightmare: a mysterious stranger approached an employee of Tesla's Gigafactory in Nevada, and offered him 1 million dollars to do a very simple job - insert a malware-laden USB flash drive into a computer in the company, and keep it running for 8 hours.
Sep 06, 2021
Understanding China [ML B-Side]
19:07
Lt. Colonel (Ret.) Bill Hagestad talks to Nate Nelson about how China's culture and troubled history of western colonialization influence its goverment views and actions regarding the global internet, and its interactions with western technology companies such as Google and Nortel.
Aug 30, 2021
John McAfee
47:39
What do you get when you take a hypersexual, drug enthusiast gun-toting paranoid - and add some serious amounts of money to the mix? You get a life so bizarre, so unbelievably extreme, that people will tell its story even after you’re long gone. Murder, rape, drugs, lies and a possible Dead Man's Switch... it's all part of John McAfee's story.
Aug 23, 2021
RSA Breach FollowUp: Are We Doing Security Right? [ML B-Side]
45:09
Nate Nelson talks to Art Coviello, Former CEO of RSA Security, and Malcolm Harkins, Vice President & Chief Security Officer at Intel, about the current cyber security landscape - 10 years after the RSA Breach.
Aug 16, 2021
DeadRinger [ML B-Side]
38:11
Nate Nelson talks to Assaf Dahan, Sr. Director and Head of Threat Research at Cybereason’s Nocturnus team about a recent attack they uncovered, on multiple major Telecommunication companies.
Aug 10, 2021
The Jester
35:05
The Jester is a patriotic, pro-American Hacktivist that since 2010 has waged a personal cyberwar against an array of targets he considers to be “the bad guys.” But detractors have insinuated that some of the Jester's operations were little more than internet sleight-of-hand. So, who is The Jester and what can we make of his reported exploits?
Aug 03, 2021
The State of Credit Card Security [ML B-Side]
22:56
In 2005, when Albert Gonzalez was hacking his way into the networks of many retail chains in the US, credit cards were still very insecure: magnetic stripes and signed receipts did little to stop smart hackers such as Gonzalez and his crew. Sherri Davidoff talks to Nate Nelson about the past and present state of credit card security.
Jul 26, 2021
Albert Gonzalez, Part 3
31:14
In early 2007, a Secret Service agent operating out of San Diego takes a flight halfway across the world. He’s going to meet with Europe’s most prolific stolen card salesman. It is this meeting that will be the beginning of the end for Albert Gonzalez and his 'All Star' crew of hackers, international businessmen and mules.
Jul 20, 2021
DerbyCon – Dave Kennedy [ML B-Side]
36:58
DerbyCon was all about making the community - a family. Dave Kennedy, one of the founders of DerbyCon, talks about the unique vibe of the conference, his fear of clowns, and why he'll never - NEVER - listen to a Busta Rhymes album again.
Jul 13, 2021
Albert Gonzalez, Part 2
37:26
Working with the Secret Service, Albert Gonzalez was outstanding. He was such a good employee, in fact, that they had him do seminars, and speak at government conferences. At one point he met personally with the then Director of the Secret Service. Albert gave a presentation, and got to shake the man’s hand. It’s a remarkable redemption story, you’d have to say. There was just one caveat. You see, Albert Gonzalez went from stealing millions of credit cards to quarterbacking the largest cyber crime bust in U.S history. And then? He went back to the Dark Side.
Jul 07, 2021
Jeff Moss: DEF CON [ML B-Side]
36:41
Jeff Moss, founder of the DEF CON Hacker convention (and also the BlackHat convention), talks to Eliad about the origins of DEF CON, its "interesting" relationship with law enforcement agencies, and some of the notable shenanigans the conference attendees pulled off over the years...
Jun 28, 2021
Albert Gonzalez, Part 1
27:01
It was as a teenager that Albert Gonzalez--one of the few greatest cybercriminals in history--developed the obsession that would go on to ruin his life. Gonzalez and some of his friends would go on to pull off some of the most remarkable crimes in the history of computers - but they just didn’t know when to stop. If they did, they might have gotten away with it. They might not have ruined their lives.
Jun 21, 2021
The History of THOTCON Hacking Conference [Malicious B-Side]
30:43
THOTCON is not your ordinary, run-of-the-mill security conference - and it's even obvious from the moment you browse their website. How did a local, small-scale event in Chicago, grow to become a major cybersecurity conference, and what is its connection to The Matrix movie? Producer Eliad Kimhy talks to Nick Percoco and Jonathan Tomek, two of THOTCON's founders.
Jun 15, 2021
China’s Unrestricted Warfare, Part 3
35:48
For more than a decade, China orchestrated a sophisticated espionage campaign against Nortel Networks, using Huawei, Chinese civilians working in Canada, and even organized crime gangs to steal important technical and operational information. When Nortel finally fell, the Chinese were there to reap the rewards of their death.
Jun 08, 2021
Colonial Pipeline & DarkSide: Assaf Dahan [B-Side]
29:49
On Friday, May 7th, 2021, Colonial Pipeline suffered a cyberattack that forced the company to shut down its operations. As a result, gasoline outages were reported in many East Coast states. The entity behind the attack is a criminal group known as DarkSide. Nate Nelson, our Sr. producer, spoke with Assaf Dahan - Head of Threat Research at Cybereason - about the Colonial Pipeline attack: how & why it happened, and its implications - both for the security of critical infrastructure in the US, and for the criminal underworld of Ransomware groups. That last one is particularly interesting, since it seems that the Colonial Pipeline attack has set off a somewhat unexpected trend on the dark web.
Jun 01, 2021
RSA Breach, Part 2
29:32
In the wake of RSA's disclosure of the breach, the company cyber analysts chose not to boot the attackers of their network - but followed their activities closely, trying to figure out their identities and motives. For the first time since the actual breach, a decade ago, we'll get the (surprising) answers to those questions - and more.
May 24, 2021
RSA Breach: The Untold Story, Part 1
25:17
In the early 2000s, Nortel was consciously, intentionally, aggressively positioning itself as a partner and a friend of China. At the same time, it was China's number one target for corporate espionage - and an early victim of its new 'Unrestricted Warfare' doctrine.
May 20, 2021
China’s Unrestricted Warfare, Part 2
28:42
In the early 2000s, Nortel was consciously, intentionally, aggressively positioning itself as a partner and a friend of China. At the same time, it was China's number one target for corporate espionage - and an early victim of its new 'Unrestricted Warfare' doctrine.
May 11, 2021
The History of Security BSides Conferences with Jack Daniel [ML B-Side]
30:24
Security BSides - or just 'BSides', for short' - is the first grassroots, DIY, open security conference in the world - with more than 650 events in more than 50 countries. Jack Daniel, one of BSides' founders, recalls how the conference started, and what do such 'community-oriented' events contribute that other events often cannot.
May 04, 2021
China’s Unrestricted Warfare, Part 1
33:57
Back in the 1990s, Cyberwarfare was a word rarely used in the West - and definitely unheard of in China, which was just taking it's first steps in the Internet. Two Chinese military officers, veterans of the semi-conflict with Taiwan, helped shape the role of cyber in modern warfare in China and beyond.
Apr 27, 2021
Can Nuclear Power Plants Be Hacked?
24:25
Andrew Ginter, VP of Industrial Security at Waterfall Security Solutions, speaks to Sr. Producer Nate Nelson about the cybersecurity of Nuclear facilities. How protected are modern nuclear power plants?
Apr 19, 2021
Shutting Down The Internet in 30 Minutes: Chris Wysopal [ML B-Side]
40:17
Chris Wysopal, a cyber security pionneer and one of L0pht's founding members, talks about the group's 1998 testimony in the Senate, how they used shaming to force cooporations to fix their software, and the (not so fortunate) consequenses of the sale to @stake.
Apr 12, 2021
‘L0pht’, Part 2 – The End
44:38
In the early days, the L0pht guys tinkered with what they already had laying around, or could find dumpster diving. But things change, of course. By the end of the ‘90s many of the L0pht hackers had quit their day jobs, incorporating under the name “L0pht Heavy Industries”, and moving into a nicer space, the “new L0pht.” Seven days after Y2K, they merged with @stake, an internet security startup. It was a signal that hacking wasn’t just for the kids anymore.
Apr 05, 2021
The Story of ‘L0pht’, Part 1
39:21
'L0pht', or 'L0pht Heavy Indutries', was one of the most infuencial hacker collectives of the 90's: it's members were even invited to testify infront of the Congress on the current state of Internet security. In this episode, four L0pht's founding members - Count Zero, Weld Pond, Kingpin & Dildog - talk about the begining and influence of the L0pht on cyber security.
Mar 30, 2021
The MS Exchange Hack [ML B-Side]
24:17
Israel Barack, Cybereason's CISO and an expert on cyber-warfare, on the recent MS Exchange hack that hit thousands of organizations worldwide: what happened, what were the vulenrabilites expolited in the attack - and what can we do to defend against such attacks in the future.
Mar 22, 2021
NotPetya, Part 2
26:18
When the NotPetya pandemic hit, Cyber Analyst Amit Serper was sitting in his parents' living room, getting ready to go out with a few friends. He didn't have most of his tools with him, but he nonetheless took a swipe at the malware. An hour later, he held the precious vaccine.
Mar 15, 2021
NotPetya, Part 1
32:49
On June 28th, 2017, millions of Ukranians were celebrating 'Constitution Day.' Their national holiday turned into a nightmare, as tens of thousands of computers all over the country were infected by a mysterious malware. By that afternoon, the cyber-pandemic was already going global.
Mar 01, 2021
Facial Recognition in Law Enforcement, Pt. 2
32:04
It seems likely that legislation alone won't be able to regulate the widespread use of facial recognition. Andrew Maximov, who uses AI to fight Belarus's dictatorship, shows us another way facical recognition can be used - this time for us, instead of against us.
Feb 16, 2021
Should Law Enforcement Use Facial Recognition? Pt. 1
48:47
There are plenty of reasons why Police should use AI for facial recognition: after all, Humans are notoriously bad eye witnesses. However, placing AI in the hands of law enforcement does have its dangers - due to the limitations of the technology itself, and the biases of the officers who use it.
Feb 03, 2021
Clearview AI
44:58
Clearview AI scrapes billions of images off social media and the open web, applies facial recognition algorithms on them - and sells that data to law enforcement agencies all over the world. But who are the people behind this secretive company, and what did a breach into its databases reveal?
Jan 21, 2021
Breaking Into Secure Buildings
35:09
FC, aka 'Freaky Clown', is an expert in "Physical assessments" - otherwise known as breaking into ultra-secure office buildings. FC shares some of his (incredible) adventures, as well as some tips and tricks on how to protect your organization's HQ from hackers such as himself.
Jan 07, 2021
Special: The SolarWinds Hack
34:58
Ran talks to Israel Barak, Cybereason's CISO and a Cyber-defense and Warfare expert, about the recent SolarWinds hack that impacted upto 18,000(!) enterprise organizations in the US. What is a Supply Chain Attack, how can organizations defend against it - and what does all this have to do with Evolution and Natural Selection?...
Dec 28, 2020
100th Episode Special
41:31
For our 100th episode, we bring you three stories that tie in to previous episodes of the show: Shadow Inc. (Election Hacking), J&K (Max Headroom) and T-Shirt-Gate (Yahoo's Ugly Death). Enjoy :-)
Dec 21, 2020
Jan Sloot’s Incredible Data Compression System
54:39
In the mid-90's, a Dutch TV repairman claimed he invented a revolutionary data compression technology that could compress a full-length movie into just 8KB.
Dec 07, 2020
Op. GUNMAN & The World’s First Keylogger
41:11
In 1983, the US got word that an ally's embassy - probably France's - was bugged by the Soviets. This reports triggered Operation GUNMAN: a complete removal & de-bugging of *all* electronic devices in the US embassy in the USSR. This secretive operation resulted in a surprising discovery - and made the NSA what it is today.
Nov 22, 2020
Election Hacking, Part 2
42:06
Georgia's elections infrastructure had been hacked multiple times since 2014 - both by Russian Intelligence and local White Hat hackers. The upcoming elections are plagued with uncertainty - and uncertainty and democracy go together like wet hands and electrical outlets.
Nov 03, 2020
Election Hacking, Part 1
36:39
Today we’re talking about just one state. One which, depending on which way it leans, might bring the entire electoral college with it. One which, as of this writing, is absolutely, positively, neck and neck. Dead heat. A few votes one way or the other could swing it. In other words: this is the kind of state that cannot afford to be hacked. But might be.
Oct 22, 2020
MDR Vs. The TrickBot Gang
24:59
About a year ago, Cybereason's Managed Detection and Response team (aka MDR) stumbled upon a attack involving Russian cybercriminals, POS devices and an entire new family of previously undiscovered malware.
Oct 12, 2020
Yahoo’s Ugly Death, Part 2
43:17
Between 2010 and 2014, Yahoo was hacked numerous times - each time setting a new 'world record' for the largest data breach in history. It also hid those breaches from it's investors, customers and the SEC.
Sep 25, 2020
Yahoo’s Ugly Death, Part 1
33:57
When Marissa Mayer joined Yahoo as CEO, the company's stock rose 2% the day of the announcement. But the new CEO was basically initiated into her job by a major data breath - and the worst was yet to come.
Sep 11, 2020
The Great Firewall of China, Pt. 2: Cisco’s Trial
28:29
Falun Gong is a religious movement heavily persecuted in China. In 2017, members of the movement sued Cisco Systems for aiding and abetting the Chinese government in this persecution - since Cisco helped China erect 'Golden Shield'": the massive Chinese IT infrastructure project which combined internet censorship and pervasive Chinese state cyberspying.
Aug 27, 2020
The Great Firewall of China – Part 1
40:09
The Great Firewall is just mind-bogglingly big, repressing freedom of speech and information for over 800 million Chinese internet users every year. The Great Firewall is so big that it’s worth asking: how did the Chinese manage to build it in the first place? 20 years ago, our info-sec technology was much less advanced than it is today. China was a second-rate technology power, not even comparable to their position today. Most of all: a firewall, like the one they proposed, had never existed before--or, for that matter, since. How, then, did they pull it off?
Aug 14, 2020
Multi-Stage Ransomware (Live!)
47:07
Ran & Israel Barak, Cybereason's CISO, discuss the latest development in ransomware evolution: multi-stage attacks in which the attackers infiltrate the target network, steal data and gather intelligence - before detonating the ransomware to cause maximal denial-of-service to the victim organization. What does this new tactic mean for the use of backups as a mean to mitigate the risk from ransomware? This episode was recorded live on July 29th, 2020.
Aug 02, 2020
Protecting The “Panama Papers” Whistleblower
39:56
In 2015 Bastian Obermayer, an investigative journalist for the Süddeutsche Zeitung, received a message every journalist dreams of: the biggest leak in journalism history. But dealing with the massive 2.7 Terabyte data-dump, 11.5 million documents - while making sure his source's identity could not be uncovered, turned out to be a huge challenge.
Jul 16, 2020
From Ransomware To Blackmail, With Assaf Dahan
14:40
Hackers keep modifying and improving their methods of operations. Assaf Dahan, Sr. Director and Head of Threat Research at Cybereason, tells us about the recent shift to Blackmail - as a way to pressure Ransomware victims to pay the ransom.
Jul 07, 2020
SegWit2x, Part 3
59:10
On August 1st, 2017, Bitcoin forked. But it wasn't the SegWit2x fork everyone was talking about - It was a different fork, supported by a coalition of miners who, in doing what they were doing, were essentially ditching SegWit2x in favor of their own scaling solution. What happened here? Who betrayed SegWit2x?
Jul 03, 2020
SegWit2x, Part 2
49:47
SegWit2x was proposed as a solution to Bitcoin's network problems - but some people in the anti-2x movement claimed that it is nothing less than a cyber-attack: a 51% attack on Bitcoin, to be precise. This is getting ugly.
Jun 19, 2020
Hacking Fortnite Accounts (CPRadio)
29:05
A black market economy has developed around Fortnite's in-game currency. Cyber criminals are hacking user accounts, juicing credit cards, and selling virtual currency for real-life dollars and cents. To ensure fun and safety for players, the cycle must be stopped.
Jun 11, 2020
SegWit2x, or – The Year Bitcoiners Will Never Forget, Part 1
36:15
In 2017, Bitcoin was winning. Money, attention, success poured out of every seam. It appeared that a golden age had dawned. But just under the surface, the network was teetering on the verge of collapse. Technical problems that were just nuisances when the community was small now became glaring and potentially lethal. Debates among tight communities of knowledgeable users and developers ballooned into full-on internet wars. Factions hardened. Heroes became enemies of the people.
Jun 04, 2020
No Honor Among Thieves
40:46
Amit Serper was doing a routine inspection on a client's network, when he came across a suspicious-looking pen-testing tool, exhibiting RAT-like behavior. We'll follow Amit's investigation, and in the process learn the basics of cyber research.
May 22, 2020
Cybersecurity during a crisis: how remote work has impacted security – With Sam Curry
15:14
The COVID19 pandemic forced organizations to transition to a work-from-home model - and many of them were unprepared for such a radical departure from the ‘normal’ security perimeter. Sam Curry, Cybereason's CSO, talks to Ran about the lessons learned from COVID19, and what steps should Cyber Security professionals take in order to be ready for a future outbreak.
May 14, 2020
The Problem With Passwords
44:24
At the end of our last episode, it kind of seemed like Huawei--the Chinese telecommunications company accused of aiding in state cyberspying--was completely innocent. They were being accused of crimes they may not have committed, based on evidence that largely did not exist. The conspiracies around them seemed unfair at best, malicious at worst. But there’s another side to this story, of course. Huawei didn’t end up on people’s radars for no reason. They’ve earned their notoriety.
May 08, 2020
The Huawei Ban, Part 2
37:04
At the end of our last episode, it kind of seemed like Huawei--the Chinese telecommunications company accused of aiding in state cyberspying--was completely innocent. They were being accused of crimes they may not have committed, based on evidence that largely did not exist. The conspiracies around them seemed unfair at best, malicious at worst. But there’s another side to this story, of course. Huawei didn’t end up on people’s radars for no reason. They’ve earned their notoriety.
Apr 23, 2020
The Huawei Ban, Part 1
30:41
Over the past 20 years, western governments have accused Huawei of everything from IP theft to financial fraud to cyber spying. Often, these claims are made either with no evidence, or only circumstantial evidence. Is Huawei really a national security threat, or are they a political scapegoat?
Apr 09, 2020
The Max Headroom Signal Hijack
36:00
On November 22nd, 1987, a hacker took over the signals of two Chicago-area TV stations and broadcast two bizarre and somewhat vulgar messages. In this episode we explore this notorious hack, and its implications on the nature of hacking in general.
Mar 24, 2020
ToTok, Part 3: Becoming a Spyware Superpower
34:59
The fact that ToTok came out of the United Arab Emirates is no surprise: in recent years, the UAE has deployed some of the most sophisticated mobile device exploits ever seen. But they got a lot of help from one country in particular... today’s episode is about the UAE. But it’s really about the Americans.
Mar 15, 2020
ToTok, Part 2: The Masterminds of Mobile Malware
25:58
The corporate structure supporting ToTok involved at least half a dozen real companies, shell companies and intelligence groups, with the individuals who actually operated the app being hidden behind other individuals given sinecure jobs and ponied around to the public as the supposed developers. Ultimately, though, every path that begins with ToTok ends with one very rich and powerful man at the heart of the Emirati state. His name is Sheikh Tahnoon bin Zayed al-Nahyan.
Mar 10, 2020
ToTok, Part 1: How to Convince Someone to Download Spyware
31:41
Only a few months after its release, ToTok - an ordinary messaging app, with no exceptional features - had over five million downloads, and held the number 4 position in Apple's App Store global charts. So what was it that made ToTok so popular, so quickly? The answer: nothing good.
Mar 05, 2020
How To Defend A Bank, Part 2: Right Of Bang
28:35
As much as we can imagine what it’s like to be a defender in a cyber-conflict, we don’t really know what it is - unless we’re in the shoes the time of it happening. That's what simulations are for.
Feb 27, 2020
How To Defend A Bank, Part 1: Fusion Centers
27:04
Banks & other financial institutions face a variety of security threats: from state-sponsored cyber-attacks, to smaller acts of fraud, to thousands of random malware attacks from the web. To survive in this hostile landscape, these organizations turned to the military for inspiration.
Feb 13, 2020
Triton, Part 2: The World’s Most Dangerous Malware
38:48
Petro Rabigh were facing lots of problems in defending their systems. But they did get lucky in one sense: their hackers were unprepared when their plan went awry. Who were the hackers that infiltrated the Saudi petrochemical plant, and what can this breach teach us?
Jan 30, 2020
Triton: A Malware Designed To Kill Humans, Part 1
36:22
Industrial Security requires a different skill set--really, an entirely different mindset than working in IT does. In this episode we dive into the story of one of the most dangerous malware ever to be discovered in the wild: Triton/Trisis.
Jan 16, 2020
Deep Fakes, Part 2: Man Vs. Machine
37:36
Deep Fakes are set to revolutionize content creation, but alongside this technology's benefits, it also has the potential two sow havoc, fear, and distrust via Social Networks. Just this week, Facebook disclosed a network of fake users it found, whose profile images were all deep faked. So, how can we identify deep fakes - even before they go online?
Jan 02, 2020
GAN and Deep Fakes, Part 1
43:28
Over the past two years, the internet has been inundated with celebrity Deep Fake videos of all kinds: Obama, Putin, and Trump deliver speeches they never gave, Gal Gadot "stars” in a porn video, and professional comedians such as Bill Hader eerily turn into the people they impersonate, like Tom Cruise and Arnold Schwarzenegger. What all of these videos have in common is that they were mostly created by amateur developers or small startups with tight budgets - but their quality is surprisingly good, and in some cases as good as what the biggest movie studios were able to produce with huge budgets just a few years ago. So what happened in the last five years, that turned special effects from being the exclusive domain of industry experts - into something a 14-year-old can create more or less at the touch of a button? Like the top end of a floating glacier, Deep Fakes are by and large only the visible product of a fascinating - and much deeper - technological revolution in the field of artificial intelligence. As we shall soon see, this revolution has the potential to put some very powerful tools in the hands of both attackers and defenders in the world of cyber-security.
Dec 19, 2019
Sam Curry: The 2020 Crystal Ball
15:32
Sam Curry is Cybereason's Chief Security Officer and an award-winning cyber security visionary. Sam & Ran discuss Sam's upcoming webinar, in which he will present his insights into what 2020 will bring for the security industry: the rise of 5G cellular networks, The US Presidential Elections, the 2020 Tokyo Olympics and more.
Dec 10, 2019
Human Side Channels
33:39
Even the best hackers are human, and humans are inescapably unique. Forensic Linguistics, Behavioral Signatures and Cultural Captchas can help defenders identify and (maybe) catch even the best of hackers.
Dec 05, 2019
What’s the problem with Cyber Insurance?
35:52
Thousands of companies are losing millions of dollars to cyber attacks. An insurance seems an ideal solution to their woes - yet this kind of insurance is much less common today, than it should be. What's the problem with Cyber insurance?
Nov 21, 2019
Gozi B-Side: Amit Serper & Sam Curry
19:09
Nate Nelson speaks with Amit Serper & Sam Curry, notable veteran in Cyber Security, about Malware-As-A-Service, bullet-proof hosting, avoiding the lure of the 'dark side' and more.
Nov 19, 2019
Gozi, Part 2
35:08
In 2010, Nikita Kuzmin returned to the malware scene with Gozi 2.0, an improved version of the successful banking Trojan. How did Gozi 2.0 fair against Zeus & the new generation of Trojans, and what can we learn from Nikita's story about how does one become a malicious hacker in the first place?
Nov 14, 2019
B-Side: Lodrina Cherne On Stalkerware
18:17
In this out-of-band episode, we're bringing you the full interview with Lodrina Cherne, a Digital Forensics Expert, on Spyware : what is it, how it works, who sells it, and how you can avoid it yourself.
Nov 08, 2019
Gozi, Part 1: The Rise of Malware-as-a-Service
29:20
Nikita Kuzmin could have been a whiz programmer or a CEO of a successful startup. But as a teen in Moscow, he fell in with the wrong crowd, and his entrepreneurial skills found a different path: Gozi, the oddest and most brilliant malware operation ever conceived to that point in time.
Oct 31, 2019
How is Spyware Legal?
41:30
Today's Cyber Stalkers have free access to almost government-grade spyware software with which they can terrorize their victims. Who's enabling the commercial spyware market?
Oct 17, 2019
Listeners Survey Special
28:32
Ran and Eliad Kimhi, one of the show's top producers, discuss the recent Listener's Survey results: what do like and dislike about the show, ideas you gave us for future improvements - and what do our listeners think about Ran's accent?...
Oct 10, 2019
Operation Aurora, Part 2
32:51
Google, it turned out, was only one of 35 major US corporations hit in Aurora. Was is an espionage campaign, or could it be that it all began with one top ranking Chinese official who googled his own name - and wasn't happy with the search results?...
Sep 26, 2019
Operation Aurora, Part 1
34:05
In January 2010, Google revealed in its blog that it was hacked. This attack, since known as Operation Aurora, is attributed to China. In this series of episodes, we'll expose the complicated and often turbulent relationship between the world's largest internet company, and the world's most populated nation.
Sep 12, 2019
Responding to a Cyber Attack with Missiles
55:12
Is the use of deadly force a legitimate – and practical – response to cyber attacks? what lessons did Israel learn from the Yom Kippur War of 1973 about the best way to manage it’s offensive cyber units? How can governments ‘signal’ to their opponents their cyber power, without actually deploying cyber weapons? Join us […]
Aug 29, 2019
Are Ad Blockers Malicious?
33:22
Ad Blockers, such as AdBlock Plus, provide an important service to users who find web ads annoying, creepy and sometimes even dangerous. In recent years, how ever, the business models adopted by some blockers present us with a moral dilemma.
Aug 15, 2019
Conficker
40:16
Can a malware be *too* successful? This is the story of Conficker, one of the most advanced worms in history - and how its success led to its ultimate failure.
Jul 18, 2019
Operation SoftCell
34:18
A rare, inside look, at how Cybereason's researchers were able to uncover one of the largest Cyber Espionage campaigns ever discovered, against multiple Telecommunications companies around the world.
Jul 04, 2019
‘Pa Bell’ Vs. Youth International Party Line
40:04
The YIPL phreaking magazine was the spiritual predecessor to the better-known '2600' zine, and it was founded by a ideological party determined to bring down the largest monopoly in US history: Bell Telephone.
Jun 13, 2019
The U.S vs. Gary McKinnon
39:14
After the Challenger Disaster of 1986, NASA had a hard time convincing the public that the Galileo spacecraft, fueled by radioactive Plutonium, is safe to launch. The WANK worm, it turns out, was a message aim at NASA - from the two most powerful hackers in the world.
May 27, 2019
The WANK Worm, Part 2
39:13
After the Challenger Disaster of 1986, NASA had a hard time convincing the public that the Galileo spacecraft, fueled by radioactive Plutonium, is safe to launch. The WANK worm, it turns out, was a message aim at NASA - from the two most powerful hackers in the world.
May 10, 2019
The WANK Worm, Part 1
34:46
On October 16th, 1989, NASA's scientists went into work preparing to launch a spacecraft that very day. But when they sat down to their computers, they were met with an unexpected greeting: “Your system has been officially WANKed. You talk of times of peace for all, and then prepare for war.”
Apr 25, 2019
The Equifax Data Breach Pt. II: The Bits Hit The Fan
31:04
After its momentous breach, Equifax's CEO Richard Smith said: “Equifax will not be defined by this incident, but rather by how we respond.” Well, he was spot on, but not in a good way.
Apr 11, 2019
The Equifax Data Breach Pt. I: A Big Data Bubble
3:28
In their 120 year history, Equifax never sold anything, or provided any service to ordinary folks - except collect DATA. In 2017, that huge data repository, a 1000 times larger then the Library of Congress, got hacked.
Mar 27, 2019
DeCSS: Hackers Vs Hollywood
44:56
Twenty years ago, a 15-years old Norwegian kid was put on trial for breaking the DVD Copy Prevention system. His case spawned a whole new "artistic" movement...
Mar 13, 2019
Marconi & The Maskelyne Affair
42:48
Guglielmo Marconi--the beloved, hated, disputed inventor of radio--gets trolled by a mustached magician in the world’s first ever, wireless, grey hat hack.
Feb 21, 2019
The Fall Of Mt. Gox – Part 2
46:35
In its prime, Mt. Gox was essentially the place where Bitcoin happened. But for two years, Mt. Gox was imploding from the inside - while soaring to unprecedented success on the outside. 
Feb 06, 2019
The Fall Of Mt. Gox – Part 1
49:51
In its prime, Mt. Gox was essentially the place where Bitcoin happened. But for two years, Mt. Gox was imploding from the inside - while soaring to unprecedented success on the outside. 
Jan 22, 2019
Dave Kennedy: The Psychological Principles of Social Engineering
37:45
Today on Malicious Life, tens of thousands of people get robbed.  Then a community gets together to ask: should we take our money back, or let the hacker walk with it?
Dec 25, 2018
The Ethereum DAO Hack
39:47
Today on Malicious Life, tens of thousands of people get robbed.  Then a community gets together to ask: should we take our money back, or let the hacker walk with it?
Dec 13, 2018
The Jerusalem Virus, Part 2
28:19
How did the Jerusalem virus trigger the birth of the entire Anti Virus industry in Israel? A high-stakes wager on Live TV, and more.
Nov 26, 2018
The Jerusalem Virus, Part 1
24:07
Although scary, the Jerusalem virus, discovered in Israel in 1987, was in fact a rather simple virus. How, then, did the virus trigger the birth of an entire national industry?
Nov 15, 2018
Gene Spafford on the Morris Worm & Cyber-security in the 1980’s
55:42
Eugene Spafford (aka Spaf), a professor of computer science at Purdue University, was the first researcher to publish a detailed analysis of the infamous Morris Worm. Gene talks to Ran about this incident, as well as how was security different in the 1980’s.
Oct 31, 2018
China Vs. Github
41:11
It’s a weapon that harnessed the strength of millions of computers at once: a cannon so powerful it could break through any wall, take down any website. It is “the Great Cannon”.
Oct 16, 2018
The Ashley Madison Hack, Part 2
32:43
On the second installment of our Ashely Madison hack retelling, we look at the fallout of one of the hack, and the people who’ve suffered from it.
Oct 04, 2018
The Ashley Madison Hack, Part 1
29:48
When Ashley Madison got hacked, it made international headlines. Why? Because it wasn’t just a major event. It demonstrated how there’s information even more sensitive, even more significant than your credit card, or your social security number: your secrets.
Sep 19, 2018
Interview Special: Graham Cluley
53:56
As we prepare to release an awesome 2-part story in two weeks, we decided to give you a chance to go back to some old favorites and check out some of the behind-the-scenes interviews of Malicious Life. Graham Cluley tells about his entry into the world of security. There are stories aplenty in this interview- Graham […]
Sep 05, 2018
The Target Hack
33:54
If movies have taught me anything, it’s that if you want to rob a bank, you dress as the cleaning crew. The people behind the Target hack must have seen one action film too many, because when they decided to hack one of the biggest retailers in the world, they did so via the HVAC […]
Aug 23, 2018
WoW: Corrupted Blood
26:59
How does the outbreak of a “plague” inside a video game- a bug, essentially- affect real-life disease research?
Jul 25, 2018
The Stuxnet Virus Pt. 3
30:00
Stuxnet was a devastating weapon, but who wielded it? That is the question we try to answer with the final installment of our Stuxnet series. In this episode, we explore other, similar battles of the modern cyber war, and look further into the topic of Zero Day vulnerabilities. With special guests: Andrew Ginter, and Blake […]
Jul 12, 2018
The Stuxnet Virus Pt. 2
27:22
Stuxnet was a weapon, a kind of a smart bomb- perhaps one of the smartest bombs ever created. A bomb that couldn’t rely on operators, cameras, and laser targeting, instead it had to “think” its way to its destination. An invisible commando unit, dropped deep behind enemy lines. And its payload- not explosives, but lines […]
Jul 12, 2018
The Stuxnet Virus Pt. 1
33:46
Where armies once fought with bullets and bombs, they now engage in clandestine, invisible warfare. In 2010 a virus was discovered that would change the world’s perception of cyber warfare forever. Dubbed Stuxnet, this malicious piece of code has a single focus- to stop to development of Iran’s nuclear program. Part one of this three […]
Jul 12, 2018
Shamoon – The Biggest Hack In History
26:45
The Shammon Virus. There is a single company, run by a royal family, which employs the majority of the Saudi working population. It’s worth more than Apple, Google, and Amazon…by a lot. The Saudi Aramco oil company is one of the most significant commercial entities in human history. It’s hard to imagine, then, what could […]
Jun 29, 2018
The Melissa Virus
21:41
Not all malware is created equal. Some malware will attempt to erase your files, demand ransom, or steal your information. Others will do no such thing- and still end up being worse. Don’t believe us? What if a virus made your computer send pornography to fifty of your closest friends and family? Yes, including your […]
Jun 14, 2018
GhostNet
28:20
A young woman is arrested by the Chinese government while trying to cross the border to Tibet. Her interrogator, a Chinese spy, pulls out a dossier full of information regarding her activity online. It turns out she’s been visiting pro-Tibet websites, and for that, she’s sentenced to two months in jail. What is GhostNet? Find […]
May 30, 2018
The Morris Worm Pt. 2
22:23
In an attempt to halt the Morris worm’s path of destruction, a systems administrator at Harvard shut down the university router through which Andy Sudduth’s message would be sent to the internet.  The post didn’t go through until after it was too late.  In a tragic movie-twist, the fix that everybody needed was heard by […]
May 16, 2018
The Morris Worm Pt. 1
26:49
We’ve introduced you to some of the seminal malware attacks that have shaped cybersecurity history. Perhaps no other incident in history, though, has had the effect on how we think about computer security today as the Morris worm.
May 02, 2018
The Half Life 2 Hack
38:00
How far should a die-hard fan go, in order to bring closer to them the thing that they love? In one of the most interesting, yet relatively unknown cybersecurity stories, a young hacker attempts to steal his favorite game prior to its release and then attempts to blackmail his victims into hiring him. An evil […]
Apr 18, 2018
The Legalities of the Cyber War
22:40
Catching a criminal is by no means easy, but there’s something we take for granted in any crime: that the criminal has a face and a name, that they used a specific weapon on a specific target, and that the crime had ended once it was complete.   But what about a crime without a […]
Apr 04, 2018
Fancy Bear, Cozy Bear
30:35
When representatives from the Democratic National Committee reached out to a silicon valley cybersecurity company, to investigate a potential breach in their computer system, it’s hard to imagine what they might have expected to come of it. It didn’t take long to discover that something was amiss.  Red flags were popping up all over the […]
Mar 21, 2018
Hack Back
33:59
Those who have experienced a cybercrime know the feelings of frustration and helplessness that come along with it. A hacker could be halfway across the world when they attack you, and you might have no way of figuring out who it was or catching them even if you could. So frustrating. But is there really nothing we […]
Mar 07, 2018
Cyber Terrorism
31:23
What governments and powerful organizations regularly use, others will find ways to use as well. Cyber activity fits so incredibly well with terrorism. Actors can remain hidden, or reveal themselves to the world; Create propaganda campaign, or aim for real damage. Join us on this episode of Malicious Life, as we learn the story of […]
Feb 21, 2018
Super Spies
34:48
The NSA has many means at its disposal. But how does it use these means, and for what goals? Discover the (literally) secret history of the NSA’s cyber activity. Travel with us to Russia and back, learn the origins of FISA, and find out more about the government agency so secret it was once dubbed […]
Feb 07, 2018
The Trojan Horse Affair
22:25
The early 2000s were an interesting time in Information Security. This is roughly the period when malware transitioned from viruses written by teenagers for fun, to cybercrime tools in the hands of sophisticated criminals. This week’s story took place in that time frame – and was a precursor of that transition. It is also a cautionary […]
Jan 24, 2018
Friend or Foe
36:24
The largest hack in U.S military history may have been conducted by… The NSA. In 1997, a wargame conducted by the NSA showed just how unprepared we were for a potential cybernetic strike- in 4 days, NSA hackers were able to take down entire military networks. It revealed the dire consequences of a possible cyberattack, and even […]
Jan 10, 2018
Amit Serper Interview- Holiday Special Episode
39:08
It’s the holidays and everyone’s on vacation – but the Internet never rests and neither do the bad guys in cybersecurity. So, for this holiday special, we figured we’ll air an interesting interview we did a few weeks back with Amit Serper, Principal Security Researcher at Cybereason, NotPetya vaccinator, and former cyber warrior for the […]
Dec 27, 2017
Deception
29:50
From the Bulgarian hacker scene of the 90’s, featured in episodes 1 and 2, we now move to the vibrant underground hacker scene of West and East Berlin. Working secretly for the KGB, a young Berliner hacker attempts to hack the U.S military network, only to be stopped by a curious, and inventive astronomer. A […]
Dec 13, 2017
Weapons of Mass Disruption
41:00
The threat of fire and fury stands at the center of all modern conflicts- nuclear bombs that can eradicate life in seconds are the ultimate weapon of war, as they pose a huge threat to centers of population. But what of the cyber war? What threat could it possibly pose to life as we know […]
Nov 29, 2017
The Soldiers of North Korea
33:34
Guerrilla warfare has been around for as long as conventional warfare has. The idea that a small force, through cunning and brazen action, could overtake a larger force is an old one. From pirates who would take merchant ships by surprise, to lengthy military campaigns against an enemy that is hiding in plain sight. The […]
Nov 15, 2017
The Propaganda
39:58
Governments around the world have been making devious use of the internet as a platform to spread, not malware, but propaganda. As in all wars, propaganda is a huge part of the modern cyber war. Join us as we explore the roots, and the most creative uses of the internet to spread information and disinformation […]
Nov 01, 2017
The Whistleblowers
6:32
WikiLeaks has ushered in a new age in whistle blowing: Modern leakers such as Chelsea Manning – who’s story is the focus of our current episode – expose huge amounts of confidential information. But can these mega-leaks really influence the actions and policies of governments?
Oct 17, 2017
Stuxnet, part 3
29:46
Stuxnet was a devastating weapon, but who wielded it? That is the question we try to answer with the final installment of our Stuxnet series. In this episode, we explore other, similar battles of the modern cyber war, and look further into the topic of Zero Day vulnerabilities. With special guests: Andrew Ginter, and Blake […]
Oct 02, 2017
Stuxnet, part 2
27:01
Stuxnet was a weapon, a kind of a smart bomb- perhaps one of the smartest bombs ever created. A bomb that couldn’t rely on operators, cameras, and laser targeting, instead it had to “think” its way to its destination. An invisible commando unit, dropped deep behind enemy lines. And its payload- not explosives, but lines […]
Sep 18, 2017
Stuxnet, part 1
33:46
Where armies once fought with bullets and bombs, they now engage in clandestine, invisible warfare. In 2010 a virus was discovered that would change the world’s perception of cyber warfare forever. Dubbed Stuxnet, this malicious piece of code has a single focus- to stop to development of Iran’s nuclear program. Part one of this three […]
Aug 30, 2017
Hell to Pay
37:27
A global FBI manhunt for the world’s most wanted cyber criminal ends in the capture of a massive criminal network, but with the escape of the man himself. Security experts who operate within the gray areas of morality develop botnets that destroy personal devices infected with malicious botnets in what they call “the chemotherapy of […]
Aug 21, 2017
The Roots of Evil
30:23
WannaCry’s widespread cyber attack on more than 200,000 computers all over the world made headlines – but only a few people remember a similar attack, named The AIDS Trojan, almost 30 years earlier… In this episode of Malicious Life, we go deep into the world of ransomware to examine its roots, the tools used and […]
Aug 07, 2017
Big Cannons
44:52
2016 is known throughout the circles of information security as “The Year of The DDoS Attacks”, and rightfully so: 5 large scale DDoS attacks – ‘Distributed Denial Of Service’ – shocked the technology world. In this episode of Malicious Life, we examine how the power of the internet itself can be harvested and deployed to […]
Jul 24, 2017
Spam Empire
31:00
In this episode of Malicious Life, we take a look at one of the oldest forms of criminal activity on the web- the spam empires of the 90’s and 2000’s. Find out how these multi-million dollar industries operated, how they served as a half step towards the organized online crime groups of the modern age, […]
Jul 06, 2017
The Dark Avenger
30:29
In 1989, a message was found in a virus: “Eddie Lives…Somewhere in Time!”. ‘Eddie’ was a particularly nasty virus, and its discovery led a young Bulgarian security researcher down a rabbit hole, on a hunt for the prolific creator of the Eddie virus: The Dark Avenger. With special guests: Vesselin Bontchev, Graham Cluley.
Jun 30, 2017
Ghost In The Machine
26:09
Cybercrime is one of the most notable threats we face as computer users, nowadays. But it wasn’t always so. Those of us who’ve been in the field long enough may remember a time when computer viruses were much more innocent, and virus authors were usually just bored computer geeks- not members of a sophisticated, well-organized […]
Jun 28, 2017