In this episode we hear some penetration test stories from Ed Skoudis (twitter.com/edskoudis). We also catch up with Beau Woods (twitter.com/beauwoods) from I am The Cavalry (iamthecavalry.org). Sponsors Support for this show comes from Axonius. Securing assets — whether managed, unmanaged, ephemeral, or in the cloud — is a tricky task. The Axonius Cybersecurity Asset Management Platform correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Zscalar. Zscalar zero trust exchange will scrutinize the traffic and permit or deny traffic based on a set of rules. This is so much more secure than letting data flow freely internally. And it really does mitigate ransomware outbreaks. The Zscaler Zero Trust Exchange gives YOU confidence in your security to feel empowered to focus on other parts of your business, like digital transformation, growth, and innovation. Check out the product at zscaler.com/darknet. Support for this podcast comes from Cybereason. Cybereason reverses the attacker’s advantage and puts the power back in the defender’s hands. End cyber attacks. From endpoints to everywhere. Learn more at Cybereason.com/darknet. View all active sponsors. Attribution Darknet Diaries is created by Jack Rhysider. Editing by Damienne. Assembled by Tristan Ledger. Sound designed by Andrew Meriwether. Episode artwork by odibagas. Audio cleanup by Proximity Sound. Theme music created by Breakmaster Cylinder.
Sometimes I think I'm just like one click away from a total catastrophe.
The perfectly crafted email at the perfect time can cause major damage.
Just look at what happened to Barbara Kokoren.
She's the judge on the tv show Shark Tank.
Here's a clip from CB's this morning.
I've got a very important warning of a financial scam here.
One of the stars of the reality show Shark Tank says she was a victim of.
They're calling it a phishing scam, but really it's a digital con job.
Barbara Corcoran, this is what happened last.
Week, her bookkeeper received an email about.
An invoice, and it appeared to be from Corcoran's assistant, a trusted source approving payment for a real estate renovation.
So her bookkeeper was told to send about $400,000 to someone regarding some real estate expense.
The email looked like it came from Barbara's assistant, a trusted person.
And since Barbara was a real estate investor, this looked like a typical money transferred.
So her bookkeeper wired the money to this person, and it turns out it was all just a phishing email.
Barbara lost $400,000 because of a single spoofed email.
This hack wasn't technical.
It was manipulating a person, not a machine or a computer.
And I fear that we may always be vulnerable to this type of attack.
We can't update the firmware in our brain, and yes, we can be educated on how to spot this type of thing and avoid it.