Darknet Diaries

144: Rachel

Apr 2, 2024

Rachel Tobac, a social engineer and founder of Social Proof Security, shares her fascinating journey from aspiring spy to cybersecurity innovator. She discusses her experiences in social engineering at DEF CON, revealing how she used charm and tactics to extract sensitive information. The conversation also touches on the ethical dilemmas of voice cloning technology and its implications. Additionally, Tobac and Daniel Miessler dive into the rising threats in cybersecurity and the importance of awareness in navigating these challenges.

01:02:30

Creator website

Episode guests

Rachel Tobac

AI Summary

Highlights

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Rachel Tobac shares her journey into social engineering and the importance of identifying vulnerabilities to prevent attacks.

Social engineering tactics exploited by Rachel Tobac emphasize human vulnerabilities in accessing sensitive information and the need for enhanced security protocols.

Discussion on AI-generated voice cloning highlights the challenges posed by deepfakes in verifying authenticity and the evolving security measures required to combat fraudulent activities.

Deep dives

The Lucky Stock Scammer

A scammer randomly calling people, accurately predicting stock price increases using a deception strategy. The scammer claimed an algorithm helped him and aimed to manipulate victims into investing more money. The mystery was unveiled when a stock broker explained the scammer's method of misleading multiple people until a small pool of 'successful' individuals emerged.

Playing a Math Game

00:30

Email SPF Records vs. Phone Numbers Vulnerability

00:36

Utilizing Company Information for Targeting

00:46

Future of Narration Technology

00:31

Intro

3min

Intricate Deceptions and Cybersecurity Solutions

4min

Journey from Aspiring Spy to Tech Innovator

2min

Unmasking Social Engineering at DEF CON

20min

Navigating Corporate Secrets and Information Leaks

2min

Unveiling Insider Threats

16min

The Ethics of Deception: Hacking and Voice Cloning

16min

Embracing the Future of Technology and Security

2min

Rachel Tobac is a social engineer. In this episode we hear how she got started doing this and a few stories of how she hacked people and places using her voice and charm.

Learn more about Rachel by following her on Twitter https://twitter.com/RachelTobac or by visiting https://www.socialproofsecurity.com/

Daniel Miessler also chimes in to talk about AI. Find out more about him at https://danielmiessler.com/.

Sponsors

Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet.

Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.

Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Darknet Diaries

144: Rachel

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Lucky Stock Scammer

The World of Social Engineering

Rachel Tobac's Penetration Testing Stories

Impersonating a Candidate and Extracting M&A Info

AI Voice Cloning and Implications for Security

Playing a Math Game

Email SPF Records vs. Phone Numbers Vulnerability

Utilizing Company Information for Targeting

Future of Narration Technology

Remember Everything You Learn from Podcasts