Darknet Diaries 103: Cloud Hopper
70 snips
Oct 26, 2021 Fabio Viggiani, a seasoned incident responder and threat analyst at TruSec, shares chilling insights from the frontlines of cybersecurity. He recounts a harrowing breach involving Mimikatz, revealing how compromised systems can unleash chaos by exposing sensitive credentials. The podcast also highlights the intricacies of digital forensics, where subtle signs can uncover malware. Fabio discusses the fallout from a major security breach linked to a cyber espionage plot, emphasizing the dire need for vigilance against evolving threats.
AI Snips
Chapters
Transcript
Episode notes
The Initial Call
- In 2016, Fabio Viggiani, an incident responder, received a call from a Swedish company.
- The Swedish Security Service had contacted them about one of their servers communicating with a command-and-control server in a foreign country.
The Jump Server
- The compromised server turned out to be a jump server used by a Managed Service Provider (MSP).
- This was a critical vulnerability as the jump server had access to almost every other server in the network.
Accessing the Server
- The MSP initially resisted giving Fabio access to the server, citing service level agreements (SLAs).
- Eventually, the client company demanded access, allowing the investigation to proceed.