Chris Rock, a seasoned security researcher and black hat incident responder, shares gripping tales from his unconventional career. He dives into the chilling mindset of cyber criminals involved in digital bank robbery, revealing their anti-forensic tactics. Rock recounts thrilling investigations, including a covert operation in the Middle East that exposed vulnerabilities in a finance firm. He tackles the ethical dilemmas hackers face when retrieving stolen money, and even touches on the shocking vulnerabilities in online death registries. It's a deep dive into the shadowy world of cybersecurity.
57:57
forum Ask episode
web_stories AI Snips
view_agenda Chapters
auto_awesome Transcript
info_circle Episode notes
question_answer ANECDOTE
Middle East Job
Chris Rock, a security researcher, was hired for a job in the Middle East.
It involved investigating a suspected theft of money and intellectual property.
insights INSIGHT
Plausible Deniability
Clients in the Middle East often use intermediaries ("skirt wearers") to maintain plausible deniability.
This shields them from direct links to hired hackers.
volunteer_activism ADVICE
Targeting Strategy
When targeting someone like "Bob," start by compromising their outer circle (level three, then two).
This helps understand their communication style before targeting them directly.
Get the Snipd Podcast app to discover more snips from this episode
Chris Rock is known for being a security researcher. But he’s also a black hat incident responder. He tells us about a job he did in the middle east.
https://x.com/chrisrockhacker
Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet.
Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.
Support for this show comes from Flare. Flare automates monitoring across the dark & clear web to detect high-risk exposure, before threat actors have a chance to leverage it. Their unified solution makes it easy to rapidly identify risks across thousands of sources, including developers leaking secrets on public GitHub Repositories, threat actors selling infected devices on dark web markets, and targeted attacks being planned on illicit Telegram Channels. Visit http://try.flare.io/darknet-diaries to learn more.
Darknet Diaries 