126: REvil

en-usOctober 18, 2022

Podcast Summary

The Dangers of Online Scams and the Role of Threat Intelligence Analysts in Combatting Cybercrime: Online scams are on the rise and it is crucial to protect personal information and avoid sharing sensitive details on social media. Threat intelligence analysts play a vital role in tracking down malware and combating cybercrime.
The story of Gustavo and his friends, who used stolen identities and money laundering techniques to create fake driver accounts for rideshare and food delivery apps, is an example of the growing issue of online scams that are becoming more prevalent. This highlights the importance of being careful with personal information and avoiding sharing sensitive details, such as drivers licenses, on social media. Threat intelligence analysts, such as Will, play a vital role in combating cybercrime and tracking down malware, such as REvil, which evolved from another malware variant called GandCrab that pioneered 'big game hunting', where entire systems are held hostage until a ransom is paid to regain access.
The Rise of GandCrab and Big Game Hunting Criminals in Ransomware Attacks: Ransomware attacks are becoming more sophisticated and targeting larger organizations with higher payoffs. It is crucial to have strong security measures in place to prevent initial access and protect against ransomware attacks.
GandCrab was a ransomware developed and deployed by a group of criminals that pioneered big game hunting. The group focused on infecting big companies and those that had a lot of money. They would buy their way into the company's network by using initial access brokers. To figure out the demand and the companies to hit, they did OSINT and targeted companies with a lot of money. Companies were paying this ransom hand over fist which contributed to the group claiming that they earned $2 billion. This highlights the importance of having strong security methods in place to stop the initial access and prevent ransomware attacks.
The rise and evolution of ransomware as a service by cybercriminals.: Cybercriminals have adapted to offering ransomware as a service with an emphasis on profit-sharing, while their recruitment efforts have become more sophisticated, and their operations more difficult to shut down.
GandCrab, a ransomware group made huge profits by offering ransomware as a service that allowed people to pay and infect a company with ransomware. GandCrab then took care of everything else from collecting money to decryption. They recruited more people to their team who spoke Russian from forums that they recruited customers from. It was difficult to stop cyber-criminals operating out of Russia because Russia doesn't seem to care too much about attacks on other countries. Eventually, GandCrab retired and reappeared as REvil with a new and improved ransomware malware that was even more profitable. They focused on offering ransomware as a service that allowed criminals all over to infect systems and split the ransom with whoever deployed it on that company.
How the REvil Ransomware Group Attacks Companies: The REvil Ransomware Group gains initial access to networks through vulnerabilities in servers, then wipes out backup servers and demands payment for data recovery. Having reliable security protocols and backups is crucial in preventing and recovering from ransomware attacks.
REvil ransomware group exploits vulnerabilities in public-facing servers to gain initial foothold inside networks, do reconnaissance, spread across the network, and escalate privileges to domain administrator level. Once they gain access to all the computers in the network, they introduce the ransomware and wait for payment from the victim company. They purposely wipe out the backup servers and leave no path for rebuilding so that the victim company has to pay ransom for data recovery. The victim companies do pay ransom to get things up and running because of the high cost of being down and losses; a clear backup plan is crucial. Having backups and reliable security protocols help prevent ransomware attacks.
The Unprecedented Methods and Tactics of the REvil Cyber-Gang: The REvil cyber-gang was more than just a typical ransomware group, engaging in double extortion, DDoS attacks, leaking and stealing data, and using fear and intimidation tactics. Companies needed to be prepared to negotiate and avoid negative consequences.
The REvil cyber-gang was ruthless in their tactics, which went beyond ransomware attacks to include leaking and stealing data on Tor websites, engaging in double extortion, and DDoS attacks. They worked with affiliates to split the ransom and provided a complex decryption system. The cyber-gang leveraged fear and intimidation to extort companies and even left threatening voicemail messages. They were willing to damage businesses and release sensitive data to competitors and the media if demands were not met. Companies needed to negotiate to recover their data and avoid negative consequences. This behavior crossed the line from a ransomware group to street gang behavior.
The Dangerous Tactics of REvil Cyber-Gang: REvil, a financially motivated cyber-gang, utilizes a turnkey solution to target companies, escalate privileges, steal sensitive data, encrypt files, and demand ransom. Victims should take proactive cybersecurity measures to prevent such attacks.
REvil is a dangerous cyber-gang that targets companies and steals data. They deploy a turnkey solution that makes it easy to commit crimes, by selling access to their affiliates who then escalate privileges and steal more data before deploying REvil. They destroy backups and encrypt everything before taunting the victim until they pay the ransom. The Texas government and GSM Law were among the victims who suffered from their attacks. REvil demanded a ransom of $2.3 million from the Texas government for attacking 22 different government entities, while they demanded $42 million from GSM Law for stealing data from their clients, including Donald Trump. Though REvil is believed to operate out of Russia, they claim to be apolitical and are financially motivated criminals.
The Growing Threat of Ransomware and the Lucrative Business Behind It: Ransomware has become a lucrative way for cybercriminals to make money, with criminal groups making millions of dollars. Companies need to take the threat seriously and be prepared to deal with negotiations and money laundering tactics.
Ransomware has become a lucrative way for cybercriminals to make money by putting a network hostage and demand large ransom payments in Bitcoin. Criminal groups like REvil and DarkSide have made millions of dollars using ransomware attacks, and other criminal groups like FIN7 have switched from robbing banks to ransomware as a service business. Due to the ease of making money with ransomware, criminals are beginning to focus on developing their own ransomware to avoid giving a cut to others. When companies pay ransomware in Bitcoin, it can be a wild negotiation process, and criminals like REvil are good at laundering money by converting it into untraceable Monero. Ransomware is a growing threat that companies need to take seriously.
The Role of Ransomware Negotiators in Cybersecurity: Ransomware negotiators assist companies in paying ransoms, but buying large amounts of Bitcoin can be challenging. Choosing a reputable and trustworthy negotiation firm is essential, and the JBS attack emphasizes the need for secure supply chain management.
Ransomware negotiation firms are experts in guiding companies on paying ransoms, buying cryptocurrency, and making sure all checks and balances are met. However, buying large amounts of Bitcoin can become a huge ordeal as exchanges have daily limits and can raise red flags if they suspect the Bitcoin is being used for ransom payments. Ransomware negotiators keep track of all the wallets and contact details of each ransomware group, and there are legitimate companies providing negotiation and payment services. However, some companies can take advantage of the situation and charge higher fees. The JBS ransomware attack highlights the importance of having a secure supply chain as critical infrastructure, and the company paid $11 million as a ransomware equivalent.
The Rising Threats of Sophisticated and Costly Ransomware Attacks: Ransomware attacks are a growing threat to businesses and individuals, targeting their supply chains and demanding high ransom fees. Cyber insurance can cover the costs of such attacks, but proactive cyber protection measures are crucial to prevent them from happening.
Ransomware attacks are becoming more sophisticated and devastating, with cybercriminals targeting not just individual companies but also their supply chains and insurance companies. The latest attack by the REvil group on Kaseya and its customers impacted as many as 1,500 networks and resulted in one of the highest ransom demands in history. Cyber insurance is becoming increasingly important as it can cover the cost of both the ransom and the expensive cleanup and restoration process that follows. The US government is taking a stronger stance against such attacks and is investigating whether Russia was involved. As these attacks are not going away, companies and individuals alike need to be vigilant and proactive in protecting themselves against cyber threats.
Kaseya collaborates with FBI in ransomware attack.: Collaborating with law enforcement agencies during a cyber attack can lead to faster resolution and recovery. The decision to contact the FBI or local authorities will depend on the severity and impact of the attack.
Kaseya didn't pay the ransom demanded by REvil, but called the FBI for assistance, who sprang right into action and provided their expertise and intelligence to help Kaseya and its customers. FBI was able to obtain a decryption key that unlocked Kaseya's customers' data and strategized with inner agency partners to help the most companies possible, both by providing the key and by maximizing the government's impact on adversaries. This case demonstrates the importance of working with law enforcement in situations like ransomware attacks and extortion. However, individuals may wonder what level of cyberattack warrants contacting the FBI rather than local authorities. The threshold and protocol for contacting law enforcement may depend on the severity and impact of the cybercrime.
FBI's decryption key and international cooperation lead to arrest of ransomware attacker: The FBI's successful arrest of a ransomware attacker highlights the importance of international collaboration in cybercrime investigations and the value of open-source intelligence in identifying perpetrators. However, reporting a computer problem to the FBI does not guarantee a response due to high volume.
The FBI was able to obtain a decryption key for the REvil ransomware attack, leading to the indictment and arrest of Yaroslav Vasinskyi, the alleged author of the malware. The arrest disrupted REvil, and the FBI also seized funds from another attacker. The FBI's success in this case highlights the importance of international cooperation in combating cybercrime, as most of the people involved with REvil were in Russia and cannot be easily prosecuted. Additionally, open-source intelligence (OSINT) played a significant role in identifying Vasinskyi and his associates. It's worth noting that if you've ever called the FBI with a computer problem, it's unlikely that they would be able to get back to everyone who reports a problem given the high volume of calls and problems they receive.
The Arrest of REvil Cyber-Gang: What It Signifies for the Future of Ransomware Attacks and Media Control: While holding cyber criminals accountable is important, caution must be exercised to ensure that the news cycle is not being manipulated for political gains. As other groups step up to fill the gap, investigating cyber-attacks will become more crucial.
The arrest of REvil cyber-gang might not be what it seems, and could be an attempt by Russia to control the news cycle. Although they claimed to have arrested the alleged criminals, it is unclear if they were actually punished or if it was just a way to recruit them for the Russian government. This creates a suspicious and uncertain future for ransomware gangs, as other groups like Evil Corp, Conti, and LockBit step up to fill the gap. It is important to continue investigating cyber-attacks and hold criminals accountable, but it is also crucial to be aware of potential manipulation and control of the media narrative.

Recent Episodes from Darknet Diaries

In this episode, Geoff White (https://x.com/geoffwhite247) tells us what happened to Axie Infinity and Tornado cash. It’s a digital heist of epic proportions that changes everything.

This story comes from part of Geoff’s book “Rinsed” which goes into the world of money laundering. Get yours here https://amzn.to/3VJs7pb.

Darknet Diaries

en-usJuly 02, 2024

146: ANOM

In this episode, Joseph Cox (https://x.com/josephfcox) tells us the story of anom. A secure phone made by criminals, for criminals.

This story comes from part of Joseph’s book “Dark Wire” which you should definitely read. Get yours here https://www.hachettebookgroup.com/titles/joseph-cox/dark-wire/9781541702691.

Darknet Diaries

en-usJune 04, 2024

145: Shannen

Shannen Rossmiller wanted to fight terrorism. So she went online and did. Read more about her from her book “The Unexpected Patriot: How an Ordinary American Mother Is Bringing Terrorists to Justice”. An affiliate link to the book on Amazon is here: https://amzn.to/3yaf5sI. Thanks to Spycast for allowing usage of the audio interview with Shannen. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usMay 07, 2024

undercover operations

144: Rachel

Rachel Tobac is a social engineer. In this episode we hear how she got started doing this and a few stories of how she hacked people and places using her voice and charm. Learn more about Rachel by following her on Twitter https://twitter.com/RachelTobac or by visiting https://www.socialproofsecurity.com/ Daniel Miessler also chimes in to talk about AI. Find out more about him at https://danielmiessler.com/. Sponsors Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

en-usApril 02, 2024

143: Jim Hates Scams

Jim Browning has dedicated himself to combatting scammers, taking a proactive stance by infiltrating their computer systems. Through his efforts, he not only disrupts these fraudulent operations but also shares his findings publicly on YouTube, shedding light on the intricacies of scam networks. His work uncovers a myriad of intriguing insights into the digital underworld, which he articulately discusses, offering viewers a behind-the-scenes look at his methods for fighting back against scammers. Jim’s YouTube channel: https://www.youtube.com/c/JimBrowning Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. This episode is sponsored by Intruder. Growing attack surfaces, dynamic cloud environments, and the constant stream of new vulnerabilities stressing you out? Intruder is here to help you cut through the chaos of vulnerability management with ease. Join the thousands of companies who are using Intruder to find and fix what matters most. Sign up to Intruder today and get 20% off your first 3 months. Visit intruder.io/darknet. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

en-usMarch 05, 2024

142: Axact

Axact sells fake diplomas and degrees. What could go wrong with this business plan? Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usFebruary 06, 2024

information questioning

deceptive situations

ethical practices

141: The Pig Butcher

The #1 crime which results in the biggest financial loss is BEC fraud. The #2 crime is pig butchering. Ronnie Tokazowski https://twitter.com/iHeartMalware walks us through this wild world. Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR & many other compliance frameworks, and provides 24-hour continuous control monitoring so you focus on scaling securely. Listeners of Darknet Diaries can get 10% off Drata and waived implementation fees at drata.com/darknetdiaries. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify’s single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usJanuary 02, 2024

online identity verification

online relationships

social stigmas

financial scams

emotional manipulation

crypto investments

bec attacks

cybersecurity awareness

fraud prevention

secure transactions

140: Revenge Bytes

Madison's nude photos were posted online. Her twin sister Christine came to help. This begins a bizarre and uneasy story. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usDecember 05, 2023

139: D3f4ult

This is the story of D3f4ult (twitter.com/_d3f4ult) from CWA. He was a hacktivist, upset with the state of the way things were, and wanted to make some changes. Changes were made. Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from Quorum Cyber. Their mantra is: “We help good people win.” If you’re looking for a partner to help you reduce risk and defend against the threats that are targeting your business — and especially if you are interested in Microsoft Security — reach out to Quorum Cyber at www.quorumcyber.com/darknet-diaries. Sources https://www.vice.com/en/article/z3ekk5/kane-gamble-cracka-back-online-after-a-two-year-internet-ban https://www.wired.com/2015/10/hacker-who-broke-into-cia-director-john-brennan-email-tells-how-he-did-it/ https://www.hackread.com/fbi-server-hacked-miami-police-data-leaked/ https://archive.ph/Si79V#selection-66795.5-66795.6 https://wikileaks.org/cia-emails/John-Brennan-Draft-SF86/page-7.html Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usNovember 07, 2023

138: The Mimics of Punjab

This episode is about scammers in the Punjab region. Tarun (twitter.com/taruns21) comes on the show to tell us a story of what happened to him. Naomi Brockwell (twitter.com/naomibrockwell) makes an appearance to speak about digital privacy. To learn more about protecting your digital privacy, watch Naomi’s YouTube channel https://www.youtube.com/@NaomiBrockwellTV. And check out the books Extreme Privacy (https://amzn.to/3L3ffp9) and Beginner’s Introduction to Privacy (https://amzn.to/3EjuSoY). Sponsors Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from SpyCloud. It’s good practice to see what data is getting passed around out there regarding you, your employees, your customers, and your business. The dark web is a place where this data is traded and shared. SpyCloud will help you find what out there about you and give you a report so you can be aware. Then they’ll continuously monitor the dark web for any new exposures you should be aware of. To learn more visit spycloud.com/darknetdiaries. Support for this show comes from ThreatLocker. ThreatLocker has built-in endpoint security solutions that strengthen your infrastructure from the ground up with a zero trust posture. ThreatLocker’s Allowlisting gives you a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker provides zero trust control at the kernel level. Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Darknet Diaries

en-usOctober 03, 2023

limited law enforcement resources

Related Episodes

Six Days of Chaos at MGM’s Casinos

A gang of young criminals. A more than $30 million ransom. Casinos in disarray. WSJ’s Robert McMillan brings us inside a cyberattack that brought mayhem to the Las Vegas Strip. Further Reading: - The Audacious MGM Hack That Brought Chaos to Las Vegas Further Listening: - How North Korea’s Hacker Army Stole $3 Billion in Crypto - Hacking the Hackers - Hack Me If You Can Learn more about your ad choices. Visit megaphone.fm/adchoices

The Journal.

enMarch 29, 2024

press freedom

ransomware attacks

cybersecurity measures

star fraud

imposter attacks

The Growing Ransomware Threat: Targets, Insights, and Strategies with Halcyon's Jon Miller | E1877

This Week in Startups is brought to you by…

Scalable Path. Want to speed up your product development without breaking the bank? Since 2010, Scalable Path has helped over 300 companies hire deeply vetted engineers in their time zone. Visit http://www.scalablepath.com/twist to get 20% off your first month.

Northwest Registered Agent. When starting your business, it's important to use a service that will actually help you. Northwest Registered Agent is that service. They'll form your company fast, give you the documents you need to open a business bank account, and even provide you with mail scanning and a business address to keep your personal privacy intact. Visit http://www.northwestregisteredagent.com/twist to get a 60% discount on your next LLC.

Vanta. Compliance and security shouldn't be a deal-breaker for startups to win new business. Vanta makes it easy for companies to get a SOC 2 report fast. TWiST listeners can get $1,000 off for a limited time at http://www.vanta.com/twist

Today’s show:

Jon Miller, CEO and Founder of halcyon joins Jason to discuss how ransomware attackers get away with it and stay anonymous (6:12), hacker markets, bounties, tools, and AI's role (16:20), proactive measures for startups to safeguard themselves (34:42), and more!

Timestamps:

(0:00) Jon from Halcyon joins host Jason.

(2:52) Delving into the renaissance of ransomware.

(6:12) How ransomware attackers get away with it and stay anonymous.

(8:27) Strategies for counteraction and policy implications.

(10:10) Scalable Path - Get 20% off your first month at http://www.scalablepath.com/twist

(11:31) 2023 ransomware attacks on MGM and Caesar's in Las Vegas.

(13:52) Halcyon's endpoint agent: a solution to thwart threats.

(16:20) Exploring hacker markets, bounties, tools, and AI's role.

(19:57) Northwest Registered Agent - Get a 60% discount on your next LLC at http://www.northwestregisteredagent.com/twist

(21:55) The effectiveness of multi-factor authentication and strong passwords.

(22:49) Comparing financial vs. espionage attacks and the Colonial Pipeline event.

(29:26) The escalating danger for companies and the Uber cyber attack.

(31:27) Vanta - Get $1000 off your SOC 2 at http://www.vanta.com/twist

(32:35) AI and quantum computing: new frontiers for hackers.

(34:42) Proactive measures for startups to safeguard themselves.

(37:08) Growing hacker sophistication in places like China, North Korea and Iran.

(41:00) How the USA ranks in the world with cybersecurity and computer hacking.

(43:41) Your privacy is an illusion and a look at the information available on TikTok.

(48:01) The biggest threat that keeps Jon up at night.

(50:36) American Power Grid Vulnerabilities and ways to be prepared.

Check out halcyon: https://www.halcyon.ai

Thanks to our partners:

(10:10) Scalable Path - Get 20% off your first month at http://www.scalablepath.com/twist

(19:57) Northwest Registered Agent - Get a 60% discount on your next LLC at http://www.northwestregisteredagent.com/twist

(31:27) Vanta - Get $1000 off your SOC 2 at http://www.vanta.com/twist

Follow Jon:

X: https://twitter.com/HalcyonAi

LinkedIn: https://www.linkedin.com/in/jonmillerhalcyon

Follow Jason:

X: https://twitter.com/jason

Instagram: https://www.instagram.com/jason

LinkedIn: https://www.linkedin.com/in/jasoncalacanis

Great 2023 interviews: Steve Huffman, Brian Chesky, Aaron Levie, Sophia Amoruso, Reid Hoffman, Frank Slootman, Billy McFarland

Check out Jason’s suite of newsletters: https://substack.com/@calacanis

Follow TWiST:

Substack: https://twistartups.substack.com

Twitter: https://twitter.com/TWiStartups

YouTube: https://www.youtube.com/thisweekin

Subscribe to the Founder University Podcast: https://www.founder.university/podcast

This Week in Startups

en-usJanuary 09, 2024

cyber threats

ransomware attacks

soc 2 compliance

cybersecurity measures

quantum-resistant cryptography

Tech-Infused Social Engineering - A conversation with Frank McKenna, Chief Fraud Strategist, PointPredictive

In episode 13 of Scam Rangers podcast, we chat with Frank McKenna, a fraud and scam fighter with 30 years of experience. We discuss the use of technology in combination with social engineering tactics to execute online scams, including bots, voice imitation, and deep fakes. Frank emphasizes the need for proactive measures to stop fraudulent transactions, and the importance of being passionate about fraud-fighting. The episode offers valuable insights and advice for both fraud fighters and non-fraud fighters, highlighting the importance of staying informed and vigilant to protect ourselves and our finances from scams.

Frank on Fraud: https://frankonfraud.com

ScamRanger: hrrps://scamranger.ai

This podcast is hosted by Ayelet Biger-Levin https://www.linkedin.com/in/ayelet-biger-levin/ who spent the last 15 years building technology to help financial institutions authenticate their customers and identify fraud. She believes that when it comes to scams, the story starts well before the transaction. She has created this podcast to talk about the human side of scams, and to learn from people who have decided to dedicate their lives to speaking up on behalf of scam victims and who take action to solve this problem. Be sure to follow her on LinkedIn and reach out to learn about her additional activities in this space.

enMarch 29, 2023

Crypto Investment Scams: How it started. How it's going, with Cezary Podkul ,Reporter at ProPublica

In this fascinating episode of Scam Rangers we discuss the atmosphere that allowed the evolution of financial grooming, AKA Pig Butchering scams, as well as how these scams have evolved over time and the trajectory in which they are going. Despite a number of arrests and crackdowns, the picture is not pretty.

Additional Resources mentioned in the podcast:

CloudSEK report about the task scams:

https://assets-global.website-files.com/635e632477408d12d1811a64/651f4de17bc41545fc74598a_Webwyrm-%20A%20Vast%20Network%20of%20Deception%20by%20Impersonating%20Thousands%20of%20Brands%20-%20Final%20Report.pdf

Humanity Research Consultancy report on cyber-scamming and forced labor:

https://humanity-consultancy.com/wp-content/uploads/2022/09/HRC-Briefing_Cyber-Slavery-in-the-Scamming-Compounds.pdf

And all the links to my stories from 2021 & today that are related to the issues we discussed:

Pig-butchering scams and human trafficking articles by Cezary Podkul:

https://www.propublica.org/article/casinos-cambodia-myanmar-laos-southeast-asia-fraud-cybercrime

https://www.propublica.org/article/whats-a-pig-butchering-scam-heres-how-to-avoid-falling-victim-to-one

https://www.propublica.org/article/pig-butchering-scams-raided-cambodia-apple-trafficking

https://www.propublica.org/article/human-traffickers-force-victims-into-cyberscamming

This podcast is hosted by Ayelet Biger-Levin who spent the last 15 years building technology to help financial institutions authenticate their customers and identify fraud. She believes that when it comes to scams, the story starts well before the transaction. She has created this podcast to talk about the human side of scams, and to learn from people who have decided to dedicate their lives to speaking up on behalf of scam victims and who take action to solve this problem. Be sure to follow her on LinkedIn and reach out to learn about her additional activities in this space. https://www.linkedin.com/in/ayelet-biger-levin/

enNovember 21, 2023

Ep 115- Digital Security and Protecting Your Home Tech

In this episode of the State 48 Homeowner Podcast, join Scott Kooiman and T.J. Watson as they dive into the world of digital security and protecting your home tech. With an increasing number of scams and cyber threats, it's crucial to take steps to keep your personal information safe. T.J. Watson, owner of Bits and Bytes Computers in Mesa, shares valuable insights and tips for safeguarding your devices, passwords, and online presence. From the importance of strong, unique passwords and using password management apps to understanding the significance of software updates and two-factor authentication, they cover practical strategies for a safer digital experience. Learn how to secure your home Wi-Fi network, prevent hacking incidents, and properly recycle old electronics while keeping your data secure. Tune in to ensure your home tech remains safe and your digital life stays protected.

Digital security, online scams, cyber threats, password management, software updates, two-factor authentication, home Wi-Fi network, hacking prevention, electronic recycling, data security.

#DigitalSecurity #HomeTechSafety #CyberSafety #PasswordProtection #OnlinePrivacy #HackingPrevention #TechSecurity #DataProtection #EwasteRecycling #CyberAwareness

State48 Homeowner Podcast

enOctober 16, 2023

two-factor authentication