CYBER

This week, CYBER speaks to Oxblood Ruffin, a long-time member of the legendary hacking group Cult of The Dead Cow, or cDc. Ruffin told us about the cDc, its historical importance, and why it's a big deal that a US presidential candidate was once part of the group. Hosted on Acast. See acast.com/privacy for more information.

In the lead up to the 2016 US presidential elections, the Russian government allegedly used internet trolls, fake Facebook accounts, and hackers in a coordinated disinformation campaign. What did we learn from it? And how is the world preparing to deal with this new kind of information operations that straddle between the online and real world? We spoke to Roel Schouwenberg, the director of intelligence and research at Celsus Advisory Group, a consulting firm based in the US that helps clients deal with disinformation operations. Hosted on Acast. See acast.com/privacy for more information.

Very few people have heard of them, but "dev-fused" iPhones sold on the grey market are one of the most important tools for the best iOS hackers in the world. Lorenzo Franceschi-Bicchierai talks about his blockbuster investigation, and host Ben Makuch talks to someone who sells these prototype phones. Hosted on Acast. See acast.com/privacy for more information.

Last year, investors poured $5 billion in cybersecurity startups. The whole industry will be worth $170 billion in three years, according to a recent estimate. There’s so many infosec companies it's hard to keep track of them. And yet, are we all really secure? Is the infosec industry really keeping us safe? Is it even focusing on the right problems?Next week, tens of thousands of people will meet in San Francisco for the year’s biggest information security gathering focused on business: the RSA Conference.Kelly Shortridge is the vice president of product strategy at Capsule8, a New York City-based security startup. Kelly has a background in economics, investment banking, and has studied the infosec market. She’s here today to help us understand why the infosec industry is so big, and what’s wrong with it. Hosted on Acast. See acast.com/privacy for more information.

In spring, 2017, a teenager walked up behind a woman leaving the Metro in Northeast Washington DC and put her in a chokehold: "Be quiet," he said. And "delete your iCloud." He grabbed her iPhone 6S and ran away.The iCloud security feature has cut down on the number of iPhones that have been stolen, but enterprising criminals have found ways to remove iCloud in order to resell devices. To do this, they phish the phone’s original owners, or scam employees at Apple Stores. Thieves, coders, and hackers participate in an underground industry designed to remove a user’s iCloud account from a phone so that they can then be resold.Motherboard Editor-in-Chief Jason Koebler and senior staff writer Joseph Cox spent the last few months diving into the notably complicated world of “iCloud Unlocks” and the ways in which it involves not only physical and cybercrime, but also the otherwise legitimate independent iPhone repair industry. Hosted on Acast. See acast.com/privacy for more information.

Discover the booming business of tracking hacking groups, with Google leading the charge. Uncover insights from Google's Threat Analysis Group on monitoring criminal and government hackers. Explore global trends in state-sponsored cyber attacks, threat intelligence adoption, and the challenges of defending against APT attacks and two-factor authentication vulnerabilities.

Citizen Lab, a human rights watchdog, tracks governments who do bad things online, and learned that slain journalist Jamal Khashoggi's phone was bugged. Soon after that revelation, Citizen Lab's researchers began getting weird requests to meet in person from companies that didn't exist. They surmised that they were being spied on, and so they decided to turn the tables—and an Associated Press reporter was along for the ride. Hosted on Acast. See acast.com/privacy for more information.

This week, we talk to Jek, a physical penetration tester whose job is to infiltrate offices, data centers, store stockrooms, and other supposedly "secure" locations and either steal information or install a tool so that other hackers can exfiltrate data. She relies on the most reliable vulnerability of all: human weakness. Jek tells host Ben Makuch how she does it, some of her most memorable operations, and why other hackers think that what she does is "witchcraft." Hosted on Acast. See acast.com/privacy for more information.

Earlier this month, Motherboard sent $300 to a bounty hunter. Within moments, he sent us a Google Maps screenshot with the real-time location data of a phone that we'd asked him to track. Motherboard editor-in-chief Jason Koebler and senior staff writer Joseph Cox go deep on the shady—but legal—market of data aggregators and brokers who sell smartphone location data to bounty hunters, bail bondsmen, landlords, used car salesmen, and anyone who can afford it.We learn how bounty hunters go right up to the edge of what the law allows and use "neurolinguistic mind manipulation" to get people to give them information. CYBER host Ben Makuch also talks to Oregon Senator Ron Wyden, who has legislation pending that would ban these practices and would help protect Americans' privacy. Hosted on Acast. See acast.com/privacy for more information.

This week, CYBER presents an episode from Malicious Life, one of our favorite hacking podcasts. In this episode, host Ran Levi takes a deep dive into how Ashley Madison, "the dating site for people who want to have an affair," got hacked. More importantly, the episode looks into the fallout of that hack. You can subscribe to Malicious Life on whichever podcast app you're using now. CYBER will be back with another new episode next week. Hosted on Acast. See acast.com/privacy for more information.