Shows
Hacker And The FedZero-Days, Cookies, and the Death of Dial-UpChris and Hector break down a Russian-linked zero-day exploit targeting WinRAR users, why stolen browser cookies bypass MFA, the economic motives behind security features (or lack thereof), and Hector’s nostalgic farewell to AOL dial-up.
Join our new Patreon!
https://www.patreon.com/c/hackerandthefed
Send HATF your questions at questions@hackerandthefed.com2025-08-1443 minHacker And The Fed$48 Billion and No 2FA, What Could Go Wrong?Chris and Hector break down the ransomware attack on Ingram Micro, exposing how a missing MFA on a VPN led to a massive breach. They also dig into the Department of Defense’s new CMMC rules and sound off on Microsoft’s $30 charge for Windows 10 security updates.
Join our new Patreon!
https://www.patreon.com/c/hackerandthefed
Send HATF your questions at questions@hackerandthefed.com2025-08-0750 minHacker And The FedYour Favorite Game Just Stole Your CryptoChris and Hector unpack a big week, they dive into the info-stealing malware hidden inside Steam games, break down how it works, who it targets, and why you should care. Also on the docket, the Pentagon’s rush to secure IT supply chains, and a California broadband subsidy clash that sparks a classic Hector rant.
Join our new Patreon!
https://www.patreon.com/c/hackerandthefed
Send HATF your questions at questions@hackerandthefed.com2025-07-3147 minHacker And The FedZero Trust, Many Fails: Government Cybersecurity ExposedChris and Hector dive into alarming cyber incidents shaking the U.S. government and military. They break down the massive National Guard network compromise by Chinese-linked group Salt Typhoon and the shocking revelation that Microsoft allowed Chinese engineers indirect access to Defense Department systems. Plus, they preview their upcoming Patreon series on the top 10 hacks of all time.
Join our new Patreon!
https://www.patreon.com/c/hackerandthefed
Send HATF your questions at questions@hackerandthefed.com2025-07-2457 minHacker And The FedMcDonald’s Has Been CompromisedChris and Hector then discuss the McDonald’s AI hiring bot breach caused by a weak password, the risks of AI in HR, and why cybersecurity basics still matter. They also touch on hacker penalties in the UK, a hack targeting a security researcher, and answer a listener’s email about a dam breach in Norway.
Join our new Patreon!
https://www.patreon.com/c/hackerandthefed
Send HATF your questions at questions@hackerandthefed.com2025-07-1745 minHacker And The FedAre We Losing the Cyber War?Chris and Hector break down the massive Qantas Airlines data breach, expose the growing threat of ransomware negotiation scams, and discuss a dam hack in Norway that had potentially disastrous consequences. They get into real-world advice on 2FA bypass scams, the importance of network segmentation, and a candid look at why critical infrastructure hacks are so dangerous.
Join our new Patreon!
https://www.patreon.com/c/hackerandthefed
Send HATF your questions at questions@hackerandthefed.com2025-07-1049 minHacker And The FedArrests, Airline Breaches, and the Human Side of HackingChris and Hector dive deep into the latest waves of cybercrime, from the FBI’s battle with the Scattered Spider group targeting airlines, to takedowns of notorious data breach forums. The duo break down government responses, the real risks for average people, and share honest, hard-won advice for young hackers.
Join our new Patreon!
https://www.patreon.com/c/hackerandthefed
Send HATF your questions at questions@hackerandthefed.com2025-07-0346 minHacker And The FedBurning Millions and Breaking MFAChris and Hector break down major cyber attacks, from SIM swaps to insider breaches. They expose weak MFA, vendor failures, and the real cost of outdated systems. They also highlight how even small actions (like a single employee recognizing a phishing attempt) can prevent disaster.
Join our new Patreon!
https://www.patreon.com/c/hackerandthefed
Send HATF your questions at questions@hackerandthefed.com
2025-06-2642 minHacker And The FedYour AI Assistant Just Betrayed YouChris and Hector dive into Europe's move to take back digital control with DNS4EU, questions the integrity of Telegram amid Russian FSB connections, and reflect on turning points in their own journeys.
Join our new Patreon!
https://www.patreon.com/c/hackerandthefed
Send HATF your questions at questions@hackerandthefed.com2025-06-1941 minHacker And The FedWe Fixed Cybersecurity (You're Welcome)Chris and Hector unpack Trump’s new cybersecurity order, contractor reliance in government, and the looming risks of quantum computing — with some shoutouts and listener questions along the way.
Join our new Patreon!
https://www.patreon.com/c/hackerandthefed
Send HATF your questions at questions@hackerandthefed.com2025-06-1252 minHacker And The FedThe $400 Million Mistake, Router Invasions, and Crypto ChaosThis week, Chris and Hector tackle a massive breach at Coinbase, insider threats in India, and a shady delay in reporting. They also explore how state actors are silently hijacking home routers, and why LexisNexis is the latest data broker to drop the ball.
Join our new Patreon!
https://www.patreon.com/c/hackerandthefed
Send HATF your questions at questions@hackerandthefed.com2025-06-0541 minHacker And The FedBackdoors, Breaches, and BitcoinChris and Hector break down a wild crypto kidnapping, supply chain sabotage in U.S. infrastructure, and the growing cyber risks of imported tech. Plus, shoutouts and real talk from the front lines of cybersecurity.
Join our new Patreon!
https://www.patreon.com/c/hackerandthefed
Send HATF your questions at questions@hackerandthefed.com2025-05-2943 minHacker And The FedSIM Swaps, Insider Threats & the Rise of 'Zishing'Chris and Hector break down recent crypto security breaches, including Coinbase’s insider-driven data leak and the SEC’s SIM swap hack. They explore the rise of “Zishing” (Zoom phishing), deepfake scams, and the real-world dangers facing crypto holders.
Join our new Patreon!
https://www.patreon.com/c/hackerandthefed
Send HATF your questions at questions@hackerandthefed.com2025-05-2236 minHacker And The FedLulzSec, LockBit & the Price of Weak SecurityChris and Hector dive into the recent breach of the LockBit ransomware gang and what it reveals about operational security failures—even among hackers. They discuss the fallout from the Pegasus spyware scandal, with NSO Group ordered to pay $168 million, and explore the troubling reliance on vulnerable federal contractors. Plus, Hector delivers one of his signature rants—this time on who’s really watching the watchers.
Join our new Patreon!
https://www.patreon.com/c/hackerandthefed
Send HATF your questions at questions@hackerandthefed.com2025-05-1546 minHacker And The FedJoe Rogan, Ross Ulbricht, and the $1 Billion Disney HackChris and Hector react to Joe Rogan’s take on the Ross Ulbricht case, break down the $1B Disney Slack data breach, and explain why passkeys are the next big thing in cybersecurity.
Join our new Patreon!
https://www.patreon.com/c/hackerandthefed
Send HATF your questions at questions@hackerandthefed.com2025-05-0845 minHacker And The FedCredential Theft, InfoStealers, and the Rise of Cyber Snake OilChris and Hector break down the 2025 Mandiant threat report, expose rising cyberattack trends, rant about bad CISOs, and discuss a wild case of a cybersecurity CEO caught installing malware in a hospital.
Join our new Patreon!
https://www.patreon.com/c/hackerandthefed
Send HATF your questions at questions@hackerandthefed.com2025-05-0154 minHacker And The FedDOGE Drama, Digital Grit, and CVE ChaosChris Tarbell and Hector Monsegur dive into the near-shutdown of the CVE system, a whistleblower’s wild claims about the Doge agency and Russian logins, and why the future of cybersecurity depends on more entrepreneurs stepping up. Sharp takes, tech insights, and signature banter throughout.Join our new Patreon!https://www.patreon.com/c/hackerandthefedSend HATF your questions at questions@hackerandthefed.com2025-04-2451 minHacker And The FedStarlink Bugs, Bank Regulator Breach, and the LastPass FalloutHector’s back from Miami, rubber ducky giveaways in tow, and diving deep into a wild week of cyber news—from Elon Musk’s Starlink bug bounty to a stealthy year-long breach of U.S. bank regulators. The guys unpack major incidents including a Stuxnet-style espionage campaign in Ukraine, AI-powered spear phishing, and yet another haunting update in the LastPass hack saga. But the real fireworks come in Hector’s rant, where he slams the cybersecurity industry's political silence and calls out its leaders for cowardice.Join our new Patreon!https://www.patreon...2025-04-1740 minHacker And The FedOracle Breach, MGM Hacker Busted, North Korean IT ScamsThis week on Hacker in the Fed, Chris and Hector dive into the chaos of the last few weeks in cybersecurity. From Oracle’s alleged breach cover-up and legal trouble to the ongoing threat of North Korean IT infiltration, the guys break down the biggest stories making waves. They also reveal new details behind the infamous Caesars and MGM ransomware attacks — including how one hacker was caught — and share updates on changes coming to the podcast, including a new Patreon!2025-04-1037 minHacker And The FedTelecom Hacks, AI Fears, and the Quantum Threat – Plus, Hector Rants!This week on Hacker in the Fed, Hector shares his recent travels, including a trip to Chicago, while Chris discusses his AI presentation and the evolving concerns around artificial intelligence. They break down the security risks in telecom networks, the dangers of unsecured cloud storage, and the legal gray areas of independent security research. Plus, a special listener shoutout, a discussion on quantum computing’s impact on cybersecurity, and Hector’s weekly rant on the confusing jargon in the cybersecurity industry.Send HATF your questions at questions@hackerandthefed.com.2025-03-2051 minHacker And The FedHacks, Heists, and the Rise of Digital DeceptionIn this episode of Hacker in the Fed, Chris Tarbell and Hector Monsegur discuss their recent travels, major cybersecurity threats, and the dangers of disinformation. Topics include a Bluetooth backdoor affecting a billion devices, a $150M crypto heist linked to the LastPass hack, and malware spreading via GitHub. Plus, Hector’s take on propaganda and narrative warfare.Send HATF your questions at questions@hackerandthefed.com.2025-03-1353 minHacker And The FedSmart Bed Backdoor, Crypto Heists, Router Hacks, and U.S. Cyber Command’s Stand DownIn this episode of Hacker in the Fed, former FBI special agent Chris Tarbell and ex-black hat hacker turned cybersecurity expert Hector Monsegur discuss GrayNoise’s 2025 Mass Internet Exploitation Report, revealing how attackers are exploiting vulnerabilities faster than ever, particularly targeting home routers. The two also cover a shocking backdoor discovery in the Eight Sleep smart mattress, the rising trend of violent crypto-related attacks, and the recent Bybit hack. Hector wraps up with a deep dive into the U.S. Cyber Command's recent decision to halt cyber operations against Russia and what it means for national security.2025-03-0654 minHacker And The FedInside a Ransomware Gang, Leaked Logs, a $1.4B Crypto Heist & Signal Under AttackIn this episode of Hacker in the Fed, former FBI special agent Chris Tarbell and ex-black hat hacker turned cybersecurity expert Hector Monsegur discuss the leaked Black Basta ransomware logs, a $1.4 billion crypto heist, and new threats targeting Signal Messenger. They also share insights from their latest speaking events, the role of AI in cybersecurity, and the pros and cons of IT centralization in government.Send HATF your questions at questions@hackerandthefed.com.2025-02-2748 minHacker And The FedSchool Cyberattacks, Swatting as a Service, and Hector Rants on the Broken Cybersecurity Job MarketIn this episode of Hacker in the Fed, former FBI special agent Chris Tarbell and ex-black hat hacker turned cybersecurity expert Hector Monsegur discuss alarming trends in school cyberattacks and the lack of transparency in reporting breaches, a disturbing case of "swatting as a service," and the ongoing challenges in the cybersecurity job market. Hector delivers a passionate rant on hiring issues in the industry, highlighting unrealistic job requirements and outsourcing concerns.Send HATF your questions at questions@hackerandthefed.com.2025-02-2053 minHacker And The FedSSH Backdoors, the Decline of Ransomware Payments, and Hector Rants on a MASSIVE Insider ThreatThis week on Hacker And The Fed former FBI agent Chris Tarbell and ex-black hat hacker Hector Monsegur discussdiscuss a newly discovered SSH backdoor used by Chinese cyber spies, the alarming rise of insider threats in critical U.S. infrastructure, and the significant drop in ransomware payments in 2024. Hector also delivers a passionate rant about government security oversight and the risks posed by unvetted personnel in federal systems. Plus, the duo shares insights on bypassing corporate security with SSH tunneling, the evolution of cybercrime tactics, and why cybersecurity resilience is more crucial than ever.Send HATF your...2025-02-1354 minHacker And The FedHacked Healthcare, Hacked Cars & The Hidden Risks of Modern TechThis week on Hacker And The Fed former FBI agent Chris Tarbell and ex-black hat hacker Hector Monsegur discuss a shocking backdoor found in healthcare patient monitors linked to China, a major vulnerability in Subaru's Starlink system allowing remote vehicle control, and the ongoing concerns over modern cars collecting unnecessary user data. They also discuss cybersecurity career paths—Blue Team vs. Red Team—and how to build a well-rounded skillset. Plus, plenty of laughs, from muscle car nostalgia to an unexpected debate about pole vs. stripper dancing.Send HATF your questions at questions@hackerandthefed.com.2025-02-0649 minHacker And The FedROSS ULBRICHT PARDONED, Plus Insider Threats, Corporate Security Risks, and A High-Profile Crypto KidnappingThis week on Hacker And The Fed former FBI agent Chris Tarbell and ex-black hat hacker Hector Monsegur talk hector’s much-needed vacation in the rainforest, and onto the major cybersecurity stories they missed while away. They discuss the recent pardon of Ross Ulbricht, second chances in life, and the complexities of law enforcement and the justice system. The conversation covers everything from insider threats, corporate security risks, personal attack surface reduction and even a recent high-profile crypto kidnapping.Send HATF your questions at questions@hackerandthefed.com.2025-02-0148 minHacker And The FedHoliday Reflections: Cybersecurity, Careers, and Christmas CheerThis week on Hacker And The Fed former FBI agent Chris Tarbell and ex-black hat hacker Hector Monsegur celebrate the holidays with heartfelt reflections alongside their standard cybersecurity insights. Hector shares a touching story about family, gratitude, and his journey to providing new opportunities for others. The duo answers listener questions on topics like DDoS attacks, Windows migrations, and breaking into the cybersecurity field, offering practical advice for newcomers and seasoned professionals alike.Send HATF your questions at questions@hackerandthefed.com.2024-12-2645 minHacker And The FedYahoo Red Team Layoffs, North Korea Infiltrating U.S. Companies, Data Breaches, and Protecting your Medical HistoryThis week on Hacker And The Fed former FBI agent Chris Tarbell and ex-black hat hacker Hector Monsegur discuss Yahoo’s controversial decision to lay off its red team, the rise of North Korean IT workers infiltrating U.S. companies, and the ethical dilemmas around hacking. They also reflects on the desensitization to data breaches, debate the significance of protecting medical history, and share candid moments about their personal lives and experiences in the industry.Send HATF your questions at questions@hackerandthefed.com.2024-12-1947 minHacker And The FedTelecom Hacks, Ransomware Fallout, Encrypted Chats, and a Diss Track ChallengeThis week on Hacker And The Fed former FBI agent Chris Tarbell and ex-black hat hacker Hector Monsegur discuss the largest U.S. telecom hack in history attributed to Chinese state-sponsored attackers, the FBI’s surprising push for encrypted communications, and the takedown of an encrypted messaging service used by criminals. They also tackle the bankruptcy of vodka giant Stoli following a devastating ransomware attack and share actionable advice for cybersecurity resilience.Send HATF your questions at questions@hackerandthefed.com.2024-12-1246 minHacker And The FedDB Cooper, ExxonMobil & Corporate Espionage, and Ross Ulbricht's Potential PardonThis week on Hacker And The Fed former FBI agent Chris Tarbell and ex-black hat hacker Hector Monsegur discuss their obsession with the DB Cooper case and the latest potential break in the decades-old mystery. Hector shares stories about his early days as a hacker and the challenges of trust in loosely connected cybercriminal groups. They also tackle corporate espionage and the ethics of hackers-for-hire in light of ExxonMobil’s alleged involvement in a hacking scandal. Wrapping up, they address listener questions about second chances, with Hector reflecting on his journey of redemption, and weigh in on the contentious de...2024-12-0544 minHacker And The FedA THANKSGIVING SPECIAL: Phishing Failures, Red Team Career Advice, and Cybersecurity EthicsThis week on Hacker And The Fed former FBI agent Chris Tarbell and ex-black hat hacker Hector Monsegur discuss key cybersecurity challenges, from the effectiveness of phishing training to the ethical dilemmas of vulnerability disclosure. They explore how technical controls and employee education can work together to defend against increasingly sophisticated attacks, including SMS and social media phishing. They also dive into career advice for transitioning from Blue Team to Red Team roles and the complexities of the cybersecurity job market. And to close out, a heartfelt Thanksgiving message.2024-11-2847 minHacker And The FedItalian Hacking Scandal, NSA Best Practices, Insider Threats & a Former Anonymous Hacker?This week on Hacker And The Fed former FBI agent Chris Tarbell and ex-black hat hacker Hector Monsegur dive into a massive hacking scandal targeting Italian political elites, revealing insider threats and international intrigue. They break down NSA mobile device security best practices and share their own successes (and failures) in following them. Plus, updates on their personal lives, community work, and how ethical hacking can prevent breaches like this.Send HATF your questions at questions@hackerandthefed.com.2024-11-2140 minHacker And The FedWe're Back!Hacker And The Fed is back. Finally rebooting after a temporary hiatus. Former FBI Special Agent, Chris Tarbell, and ex-Anonymous/LulzSec blackhat hacker turned network penetration tester, Hector Monsegur (aka Sabu), once faced off as adversaries in cyberspace before becoming close friends and now podcast co-hosts. Whether you are a legal professional, cybersecurity practitioner, or forensic investigator, Chris and Hector will bring you their unique perspectives on the latest developments in cybersecurity.Send HATF your questions at questions@hackerandthefed.com.2024-11-1429 minHacker And The FedThe Colonial Pipeline Hack, the SEC's X Account, and Special Agent Aron Mann on Homeland Security and CyberOn this episode of Hacker And The Fed we interview Special Agent Aron Mann with Homeland Security Investigations (HSI) Cyber Crime Center about their cyber role and career opportunities. We break down the Colonial Pipeline hack, how the dark web is intensifying the insider threat, and dig into the mother of all breaches. And finally, the SEC's X account was hacked.Links from the episode: https://www.ice.gov/about-ice/homeland-security-investigationshttps://www.ice.gov/partnerships-centers/cyber-crimes-centerhttps://www.usajobs.gov/https://www.usajobs.gov/Search/?k=homeland%20security%20i...2024-01-311h 33Hacker And The FedA Train Hack, $80M Pig Butchering Scheme, and Greg Van Houten of Haynes Boone on the SEC's New Cybersecurity Disclosure RulesThis week on Hacker And The Fed we interview Greg Van Houten of Haynes Boone and policyholderplaybook.com, a seasoned civil litigator who focuses on insurance recovery. We talk to Greg about the SEC's new cybersecurity disclosure rules, which went into effect this month. We also discuss a massive hack that went unreported, a train hack due to a vendor’s geofencing feature, indictments in an 80-million-dollar pig butchering scheme, and a MongoDB security breach.Links from the episode: Greg Van Houten of Haynes Boonepolicyholderplaybook.com SEC’s...2023-12-211h 25Hacker And The FedThe FBI Shares Tactics of a Ransomware Gang, a Ransom Payment Fail, and Cyber Law with Lance TaubinThis week on Hacker And The Fed we speak with Lance Taubin of Alston & Bird about being a cyber lawyer, the FBI shares the tactics of the ransomware gang Scattered Spider, a company pays a ransom and their data is exposed anyway, Alpha BlackCat uses government regulations to further pressure a victim to pay, and the FCC is trying to make SIM swapping more difficult.Links from the episode: FBI Shares Tactics of Notorious Scattered Spider Hacker Collectivehttps://www.bleepingcomputer.com/news/security/fbi-shares-tactics-of-notorious-scattered-spider-hacker-collective/ Dolly.com Pays Ransom, Attac...2023-11-301h 24Hacker And The FedThe SolarWinds hack, North Korea IT Workers, Hackers Targeting a Data Company, and Listener QuestionsThis week on Hacker And The Fed we break down the SolarWinds hack, there are 8 new vulnerabilities found in SolarWinds, thousands of remote IT workers have been working for North Korea, hackers are targeting a company that handles data requests for law enforcement, and we answer listener questions about VPN services, password managers and patch management.Links from the episode: Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeoverhttps://www.darkreading.com/vulnerabilities-threats/critical-solarwinds-rce-bugs-enable-unauthorized-network-takeover Thousands of Remote IT Workers Sent Wages to North Korea to Help Fund Weapons Program, FBI...2023-10-261h 25Hacker And The FedMOVEit and MGM Resorts Hacks, U.S. Senate's Email System Melts Down, Cisco Can't Stop Using Static Passwords, and Listener QuestionsThis week on Hacker And The Fed we offer updates on the MOVEit and MGM Resorts hacks, the US State Department has no idea if its IT security actually works, the Senate's email system melts down in the face of a security test, Cisco can't stop using static passwords, and we answer listener questions about Single Sign-on, circumventing company IT rules, and LinkedIn profiles.Links from the episode:MOVEit Maker Announces New Critical Vulnerability Affecting a Different File Transfer Toolhttps://therecord.media/progress-new-file-transfer-vulnerability MGM Resorts Hack Update...2023-10-191h 24Hacker And The FedAre Paying Ransoms Illegal? Ransomware Shuts Down a 158 Year Old Company, Fido2 Security Keys, and Hacktivist RulesThis week on Hacker And The Fed Microsoft releases their 2023 digital defense report, are paying ransoms illegal in the United States? The NSA and CISA red and blue teams share top 10 cyber security misconfigurations, a 158 year old company shuts down because of a ransomware attack, and we answer listener questions about fido2 security keys and "hacktivist" rules.Links from the episode:Microsoft Releases Its Yearly Digital Defense Reporthttps://www.microsoft.com/en-us/security/security-insider/microsoft-digital-defense-report-2023 Are Paying Ransoms Illegal in the U.S.?https://www.huntonprivacyblog.co...2023-10-121h 14Hacker And The FedArtificial Intelligence Doxxing in Viral Videos, Billions of Usernames and Passwords Exposed, and a HATF ContestThis week on Hacker And The Fed the end of privacy with AI being used to dox people in viral videos, billions of usernames and passwords are exposed, nationstate hackers are hiding in router firmware updates, we answer listener questions about working with the FBI, setting up a cyber security business, and safely using data sent to you be others. Finally, we announce Hacker And The Fed's first contest for cyber security awareness month.Links from the episode:The End of Privacy is a Taylor Swift Fan TikTok Account Armed with Facial Recognition Tech2023-10-051h 12Hacker And The FedEquifax Breach, a Hack of 27 Crypto Companies, and the Arrest of a Department of State IT ContractorThis week on Hacker And The Fed we break down how Equifax was breached, is Google Authenticator MFA Cloud Sync feature responsible for a hack into 27 crypto companies? Google’s Threat Analysis Group announces an in-the-wild 0-day exploit chain for iPhones, the year of the insider threat continues with the arrest of a Department of State IT Contractor on espionage charges.Links from the episode:How Equifax Was Breached in 2017https://blog.0x7d0.dev/history/how-equifax-was-breached-in-2017/https://twitter.com/vxunderground/status/1700335482440204521 Retool Blames Breach on Google Auth...2023-09-281h 13Hacker And The FedFinding out our Relative is a Hacker, Working for the FBI, Prepping for a Technical Interview, and More Listener QuestionsThis week on Hacker And The Fed we answer listener questions about finding out our relative is a hacker, applying for a cyber security job as a chemical engineer, preparing you for a technical interview, the FBI being a great place to work, is MFA once every 24 hours too much, and much more.Get your Hacker and the Fed merchandise at hackerandthefed.comSend HATF your questions at questions@hackerandthefed.com2023-09-211h 10Hacker And The FedYour Car and Your Sex Life, US Departments of State and Commerce Compromised, Iran and North Korea Hacking Crews, and Victories Over Russian HackersThis week on Hacker And The Fed your car may know all the details about your sex life, the Swiss fined an insurer 3 million dollars for horrible cyber security practices, the US Departments of State and Commerce were compromised because of a two-year-old Windows crash report, Iran and New Korea hacking crews have active campaigns against security researchers, and two victories over Russian hackers for the US government.Links from the episode:Insurer Fined $3M for Exposing Data of 650k Clients for Two Yearshttps://www.bleepingcomputer.com/news/security/insurer-fined-3m-for-exposing-data-of-650k-clients-for-two-years/2023-09-141h 05Hacker And The FedThe FBI's Operation "Duck Hunt" Takes Down a Botnet, NYC Subway Allows Users to be Tracked Online, and Why Chris Left the FBIThis week on Hacker And The Fed the FBI's Operation "Duck Hunt" takes down a ransomware botnet, we disclose the secret weapon hackers use for doxing, the New York City subway system allows its users to be tracked online, and we answer listener questions about leaving the FBI, getting jobs in cyber security, and Hector's detailed description of a red teamer.Links from the episode:How the FBI Took Down the Notorious Qakbot Botnethttps://techcrunch.com/2023/09/01/fbi-qakbot-takedown-operation-duck-hunt/ The Secret Weapon Hackers Can Use to Dox Nearly Anyone in Am...2023-09-071h 29Hacker And The FedHacking Through a Fire Stick, a Danish Cloud Provider Loses all Their Customer Data, an Active Hacker Becoming a White HatThis week on Hacker And The Fed a Danish cloud provider loses all of their customer's data, a hacker in custody continues hacking through a fire stick, there are two great write ups about a zero day vulnerability and HTML smuggling, cyber security entry jobs should be just that, entry into the industry, and we answer listener questions that include an ongoing dialogue with an active hacker about becoming a white hat.Links from the episode:Criminals Go Full Viking on CloudNordic, Wipe All Servers and Customer Datahttps://www.theregister.com/AMP/2023/08/23/ransom...2023-08-311h 29Hacker And The FedDemystifying Internet Honeypots and Getting into Cyber Security with Andrew Morris, Founder and CEO of GreyNoiseThis week on Hacker And The Fed we have Andrew Morris, CEO and founder of GreyNoise on the show. GreyNoise is a cybersecurity company that collects and analyzes mass internet data to remove pointless security alerts, find compromised devices, or identify emerging threats. We talk internet honeypots, how to get into the cyber security industry and much more.Links from the episode:Andrew Morris, CEO & Founder of GreyNoisehttps://www.greynoise.io/https://twitter.com/Andrew___Morrishttps://twitter.com/GreyNoiseIO Support our sponsor:2023-08-2450 minHacker And The FedZoom and AI, the NSA and DARPA Presenting Challenges to the Cyber Security Community and Listener QuestionsThis week on Hacker And The Fed Zoom wanted to use your calls to train artificial intelligence, the NSA and DARPA are presenting challenges to the cyber security community, and we answer listener questions from a US military chaplain about justice, a former black hat about a career in cyber security, and even a hacker who used a compromised email account to ask us how to stop hacking.Links from the episode:Zoom walks back controversial privacy policyhttps://www.thestreet.com/technology/zooms-latest-move-may-make-you-reconsider-using-the-service Microsoft Exposes Russian Hackers' Sneaky Ph...2023-08-171h 34Hacker And The FedChinese Malware, a Year in Review of Zero-day Exploits, a Ransomware Study, and Listener QuestionsThis week on Hacker And The Fed the US hunts Chinese malware that could disrupt American Military operations, a year in review of zero-day exploits, a study finds no evidence that ransomware victims with cyber insurance pay up more often, there's fighting words between Tenable CEO and Microsoft, and we answer listener questions from a listener in Greece, Holland, and a new minted NSA hacker.Links from the episode:U.S. Hunts Chinese Malware That Could Disrupt American Military Operationshttps://dnyuz.com/2023/07/29/u-s-hunts-chinese-malware-that-could-disrupt-american-military-operations/ The Ups and Downs of 0-day...2023-08-101h 18Hacker And The FedAuthentication Attacks, US Government Domains, and New Cyber Incident Disclosure GuidelinesThis week on Hacker And The Fed what authentication attacks might look like in a phishing resistant future, the SEC now requires companies to disclose cyber attacks, there are many more US government domains in the .com world than you might think, and other news stories from this week in cyber security.Links from the episode:What might authentication attacks look like in a phishing-resistant future?https://blog.talosintelligence.com/what-might-authentication-attacks-look-like-in-a-phishing-resistant-future/The Messaging Layer Security (MLS) Protocolhttps://datatracker.ietf.org/doc/html/rfc9420...2023-08-031h 13Hacker And The FedThousands of Intelligence and Defense Employees Exposed, a Hacker Infects His Own Computer, Google Accuses Apple Employee of Not Reporting a Zero-dayThis week on Hacker And The Fed new cyber security labels proposed by the US government could help us buy our new devices, an employee exposes thousands of intelligence and defense employees, Google may be restricting internet access to some employees to reduce their cyber attack risk, a hacker infects his own computer, and Google says an Apple employee found a zero-day but didn't report it, and we answer listener questions about our phones getting searched and email encryption.Links from the episode: White House teams with Amazon, Google and Qualcomm on cybersecurity labels for ga...2023-07-271h 27Hacker And The FedThe Dangers of Googling Phone Numbers, an Attack on a Security Platform, and Typo Squatting on US Military DomainsThis week on Hacker And The Fed you can't always count on Google for the right telephone number for an airline, an American cloud based directory as a service platform announces that they were hacked by a state sponsored threat actor, millions of US military emails may be ending up in the wrong hands, a new ransomware looks like a windows update, we answer listener questions, and Hector tells a fascinating story about a hacking methodology.Links from the episode:Airline Fake Contact Number on Google Mapshttps://twitter.com/Shmuli/status/16806699384684994582023-07-201h 23Hacker And The FedAre Your Lightbulbs a Security Risk? Voice Authentication May be Broken, and Logistics SecurityThis week on Hacker And The Fed your lightbulbs may be giving away the location of your house, could Microsoft end ransomware right now? Also, voice authentication may be broken, the latest ransomware attack shows us the important of logistics security, convenience has once again jeopardized Google authenticator security, and a listener shares a wild car theft story.Links from the episode:Your lightbulbs may be giving out your exact locationtwitter.com/haxrob/status/1676416949499338752 Microsoft Can Fix Ransomware Tomorrowdarkreading.com/vulnerabilities-threats/microsoft-can-fix-ransomware-tomorrow...2023-07-131h 11Hacker And The FedYour Car’s Data Might Be For Sale, a New Malware Payload Vector Using DNS, and Listener QuestionsThis week on Hacker And The Fed your car may be collecting up to 25 GB per hour of data about you and a new malware payload vector is using DNS, what is “encryptionless ransomware”. We also answer listener questions about a variety of topics, including how to prepare for a cybersecurity career in the US government, banking security, and hack-backs.Links from the episode:How Your New Car Tracks Youhttps://www.wired.com/story/car-data-privacy-toyota-honda-ford/ DNS TXT Records Can Be Used by Hackers to Execute Malwar...2023-07-061h 19Hacker And The FedA Hack-Back Lands a CEO in Prison, Repo Jacking, and When to Use a VPNThis week on Hacker And The Fed a CEO did a hack back and was sentenced to prison, Reddit hackers demanded a price roll back, repo jacking and fake Github repositories, and we answer listener questions about Hector's old hacks and VPNs.Links from the episode:I Was Sentenced to 18 Months in Prison for Hacking Back - My Storytwitter.com/silascutler/status/1671144482769608705 -> https://hackernoon.com/i-was-sentenced-to-18-months-in-prison-for-hacking-back-my-story Reddit hackers demand $4.5 million ransom and API pricing changestheverge.com/2023/6/19/23765895/reddit-hack-phishing-leak-api-pricing-steve-huffman Gi...2023-06-301h 12Hacker And The FedA Massive Ongoing Ransomware Attack, Google Claims to Catch Chinese Hackers, and the Feds Arrest a Russian Hacker in ArizonaThis week on Hacker And The Fed a ransomware group hacked a widely used file transfer software and began leaking stolen data, Google claims it caught Chinese government hackers red-handed breaking into hundreds of networks, the Feds arrest a ransomware perpetrator in Arizona, and we nerd out on security researchers taking over various countries domains.Links from the episode:MOVEit Cyber Attack: Personal Data Of Millions Stolen From Oregon, Louisiana, U.S. Agencyforbes.com/sites/maryroeloffs/2023/06/16/moveit-cyber-attack-personal-data-of-millions-stolen-from-oregon-louisiana-us-agency/?sh=3cf2b1b46b05 US govt offers $10 m...2023-06-221h 09Hacker And The FedChina's Tik Tok "God Credential" Allegation, a New Phishing and Email Takeover Campaign, and Listener QuestionsThis week on Hacker And The Fed we discuss the latest development in the Tik Tok controversy, how to detect and mitigate a new phishing and email takeover campaign, Google's new top-level domain, and some interesting statistics in the new Verizon breach investigation report.Links from the episode:Former exec at TikTok's parent company says Communist Party members had a 'god credential' that let them access Americans' databusinessinsider.com/communist-party-god-credential-data-bytedance-tiktok-former-executive-alleges-2023-6 Detecting and mitigating a multi-stage AiTM phishing and BEC campaignmicrosoft.com/e...2023-06-151h 06Hacker And The FedZero-click Exploits Attacking iPhones, PC Motherboards Downloading Malware, and a New Dutch MandateThis week on Hacker And The Fed we discuss another zero-click exploit attacking iPhones via the iMessage app, millions of PC motherboards may be downloading malware, the FTC slams another company for violations, security researchers find a vulnerability in Gmail's checkmark system that is already being abused. And the Dutch government now mandates an easy way to contact website administrators.Links from the episode:Operation Triangulation: iOS devices targeted with previously unknown malwaresecurelist.com/operation-triangulation/109842/thehackernews.com/2023/06/new-zero-click-hack-targets-ios-users.html Millions of PC mot...2023-06-081h 05Hacker And The FedAn Insider Exploits A Ransomware Attack, AI Photos, And Hector's Indonesian HackThis week on Hacker And The Fed we dive into the world of ransomware. An insider exploits a ransomware attack for personal gain and a CISO's biggest lessons from quarterbacking a ransomware attack. We discuss AI generated photos and what happened to the stock market. And then we answer listener questions about geopolitics, Hector's hack on the Indonesian government and victims keeping their hacks a secret. Links from the episode:IT employee impersonates ransomware gang to extort employerbleepingcomputer.com/news/security/it-employee-impersonates-ransomware-gang-to-extort-employer/AI Generated Photostwitter.com/jsrailton/s...2023-06-0157 minHacker And The FedPig Butchering And Crypto Crime-fighting With Erin WestThis week on Hacker And The Fed we speak with Erin West, a Santa Clara County Deputy District Attorney, Founder of the “Crypto Coalition”, an over 800-member group of active law enforcement partners sharing cryptocurrency crime-fighting techniques, and the very tip of the spear for Pig Butchering – the latest online romance scam. We learn about the incredible work Erin is doing via Operation Shamrock and how we can protect ourselves and our loved ones from being victimized.Links from the episode:SCARS: Society of Citizens Against Relationship Scamsagainstscams.orgAdvocating Agains...2023-05-2547 minHacker And The FedVehicle Location Data Leaked For Over 2 million Drivers, Another US Government Breach, And D.B. CooperThis week on Hacker And The Fed, up to 10 years of your location data may have been exposed if you’ve driven vehicles from a certain manufacturer, stolen private keys may lead to insecure boot ups of your computer, Congress gets another notification of a US government breach, and we answer more listener questions about failed hacks and intentional exploits. And we talk about D. B. Cooper!Links from the episode:Toyota: Car location data of 2 million customers exposed for ten yearsbleepingcomputer.com/news/security/toyota-car-location-data-of-2-million-customers-exposed-for-ten-years/Intel OEM Private Key...2023-05-181h 00Hacker And The FedChinese State Hackers, Ransom Negotiation, And Listener QuestionsThis week on Hacker And The Fed we discuss private data leaking due to a misconfiguration, and no one is listening to the researchers. We are shown the mindset of hackers during a ransom negotiation, a cell phone provider is hacked for the 9th time in 6 years, there are 50 Chinese state hackers for every FBI cyber agent, and using AI to help hack. And finally, we answer listener questions about .xyz, pen testing tools, and possible Hacker And The Fed swag.Links from the episode:Many Public Salesforce Sites are Leaking Private Datakr...2023-05-1159 minHacker And The FedCyber Insurance With Michelle Chia, Head Of Cyber Insurance At Zurich North AmericaThis week on Hacker And The Fed we sit down with Michele Chia, Head of Cyber Insurance at Zurich North America. We ask a number of questions including what is cyber insurance? Who needs it? And How much coverage is needed? Does cyber insurance cover an insider threat attack? What does a ransomware attack look like when you have cyber insurance? And finally, we find out how our guest cultivated such a successful career in cyber insurance.Link from the episode:zurichna.com/knowledge/experts/michelle-chia--For more information on...2023-05-0447 minHacker And The FedSearch Engine Vulnerabilities, Ghost Tokens, Anna KournikovaThis week on Hacker And The Fed security researchers find a vulnerability allowing them to run code on Search Engine computers, ghost tokens could be used to totally control Search Engine Workplace accounts, we let you know what a Pumpkin Sandstorm and a Spandex Tempest are, how long does it take to crack your password in 2023, we answer listener questions about the FBI and diversity in cyber security appliances, and we talk about Anna Kournikova.Links from the episode:Remote Code Execution Vulnerability in Google They Are Not Willing To Fixgiraffesecurity.dev...2023-04-2758 minHacker And The FedThe Classified Document Leak, A Hacker Gets Hacked, And Can A Video Silently Hack Your Phone?This week on Hacker And The Fed internet videos may be able to silently hack your phone with a "Near Ultrasound Inaudible Trojan” (NUIT). Companies have more access to your data than you may know, including pictures of you. We also discuss how better access controls may have prevented the recent classified documents leak and share a story about a hacker getting hacked.Links from the episode:Hey Siri, use this ultrasound attack to disarm a smart-home systemhttps://www.theregister.com/2023/04/04/siri_alexa_cortana_google_nuit/Tesla workers shared sensitive im...2023-04-2056 min
Big Phish: Adventures in TechFrom Black Hat Hacking to White Glove ProtectionHow does one go from being an Anonymous and LulzSec hacker to Director of Research at Alacrinet, where he works with clients to assist them in maturing their security program and strengthening their security posture?Hector Monsegur, known by the pseudonym Sabu in his hacktivist days in the early 2000's, infiltrated or compromised the systems of governments around the world before eventually being caught by the FBI. More specifically Special Agent Chris Tarbell. Today, he hosts a podcast called Hacker and the Fed with Tarbell. And at Alacrinet, Monsegur uses his unique expertise to provide clients with...2023-04-1349 minHacker And The FedHackers Stealing Your Car And Internet Bandwidth, And A Massive Corporate Security BreachThis week on Hacker And The Fed a researcher gains access to millions of Office 365 accounts, cyber criminals are stealing and selling your internet bandwidth, and now hackers can remotely open your garage door and start your car in order to steal it.Links from the episode:Researcher gained access to millions of Office365 accounts:https://twitter.com/hillai/status/1641146508639600646https://www.wiz.io/blog/azure-active-directory-bing-misconfiguration Cybercriminals may be stealing and selling your Internet bandwidth:https://sysdig.com/blog/proxyjacking-attackers-log4j-exploited/And now hackers can r...2023-04-131h 00Hacker And The FedCity Cyber Security with NYC CISO Kelly MoanThis week on Hacker And The Fed we speak with Kelly Moan, who serves as the Chief Information Security Officer (CISO) of New York City. We talk trends and cyber threats against the city. She also details the significant volume of attacks against the city on a weekly basis and gives us tips for getting into cyber security.Links from the episode:nyc.gov/content/oti/pages/meet-the-team/cyber-commandnyc.gov/jobsMore info on the JSOC + Cyber Command’s authorities via Executive Order 10:
nyc.gov/office-of-the-mayor/news/088-22/mayor-adams-governor-hochul-joint-security-operations-center-combat-cybersecurity#/0
nyc.gov...2023-04-0646 minHacker And The FedWho Can Read Your Emails, And Busting DDoS For HireThis week on Hacker And The Fed we discuss what email security should look like over the next 12 months, who has the ability to read your emails, and law enforcement busting people using DDoS for hire.Links from the episode:Email Security Nightmare as 75% Of CISOs Expect a Severe Email-Borne Attack in the Next 12 Monthscpomagazine.com/cyber-security/email-security-nightmare-as-75-of-cisos-expect-a-severe-email-borne-attack-in-the-next-12-months/Who reads your email?twitter.com/jschauma/status/1634032554603945984netmeister.org/blog/mx-diversity.htmlFake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts...2023-03-301h 00Hacker And The FedListener Questions: How To Protect Your Kids Online, Advanced Personal Cybersecurity, And What A “Red Team” IsThis week on Hacker And The Fed we catch up on some questions from our listeners: we discuss what a red teamer does, how the FBI works with other law enforcement agencies, how to upgrade your personal cyber security once you’ve got the basics down, and protecting children on the Internet.Support this episode's sponsors:Drata: Listeners of Hacker and the Fed can get 10% off Drata and waived implementation fees at drata.com/partner/hacker-fedBetterHelp: Hacker and the Fed is sponsored by BetterHelp. Visit BetterHelp.com/HATF today to get 10% off your...2023-03-231h 05Hacker And The FedJobs, Academics, And The Future Of Cybersecurity With Professor Bill GardnerThis week on Hacker And The Fed we sit down with Bill Gardner, professor and Chair Department of Cyber Forensics & Security at Marshall University. Bill offers insight into the professional and academic path into the industry and the future of cybersecurity.Links from the episode:Follow Bill Gardner:Twitter: https://twitter.com/onceeLinkedin: https://www.linkedin.com/in/304blogs/Marshall University Prospective StudentsTwo papers written by Bill Gardner“I Did What I Believe Is Right”: A Study of Neutralizations among Anonymous Operation ParticipantsSoci...2023-03-1658 minHacker And The FedFake Google Ads, Law Firms Under Attack, And The White House Announces New National Cybersecurity StrategyThis week on Hacker And Fed we discuss fake Google advertisements, law firms under attack from cyber criminals, and the Whitehouse announcing a new national security strategy.Support this episode's sponsors:Drata: Get 10% off and waived implementation fees at drata.com/partner/hacker-fedDeleteMe: Visit JoinDeleteMe.com/FED and use promo code: FED20Links from the episode:twitter.com/doctorow/status/1628948906657878016thehackernews.com/2023/03/cybercriminals-targeting-law-firms-with.html?m=1twitter.com/dcuthbert/status/1631302488996364288/photo/1whitehouse.gov/briefing-room/statements-releases/2023/03/02/fact-sheet-biden-harris-administration-announces-national-cybersecurity-strategy/whitehouse.gov/wp-content/uploads/2023/03/National-Cybersecurity-Strategy-2023.p...2023-03-0951 minHacker And The FedA Leaked Ransomware Negotiation, Twitter Security, And NSA Best Practices For Securing Your Home NetworkThis week on Hacker And Fed we discuss a leaked ransomware negotiation, how Twitter's new verification system may improve security, and the NSA releases its best practices for securing your home network.Support this episode's sponsor, Drata. For 10% off and waived implementation fees visit drata.com/partner/hacker-fed.Links from the episode:pwndefend.com/2023/02/15/lockbit-3-0-and-royal-mail-chats-published/dice.com/career-advice/cybercriminals-increase-recruiting-tech-and-it-pros-across-the-darknetgizmodo.com/facebook-instagram-verified-elon-musk-was-right-twitter-1850139933media.defense.gov/2023/Feb/22/2003165170/-1/-1/0/CSI_BEST_PRACTICES_FOR_SECURING_YOUR_HOME_NETWORK.PDF--For more information on...2023-03-0246 minHacker And The FedInsider Threat Attacks, Malware Used To Steal Crypto, And Hector’s Embarrassing StoryThis week on Hacker And Fed we update a story from a few episodes ago about a woman driving with a suspicious eavesdropping device near the embassies in Paris, Credit Suisse suffers a insider threat attack, an old attack methodology is updated to steal cryptocurrency, a hacker utilizes screen-capturing malware to cherry-pick their victims, regulators propose a rule to have cyber educated board members, Hector receives a phishing email that turns out to be a much larger issue, and finally Hector pays off his losing Super Bowl bet.Links from the episode:francetvinfo.fr/faits-divers/e...2023-02-231h 08Hacker And The FedInsider Threat Attacks, Malware Used To Steal Crypto, And Hector’s Embarrassing StoryThis week on Hacker And Fed we update a story from a few episodes ago about a woman driving with a suspicious eavesdropping device near the embassies in Paris, Credit Suisse suffers a insider threat attack, an old attack methodology is updated to steal cryptocurrency, a hacker utilizes screen-capturing malware to cherry-pick their victims, regulators propose a rule to have cyber educated board members, Hector receives a phishing email that turns out to be a much larger issue, and finally Hector pays off his losing Super Bowl bet.Links from the episode:francetvinfo.fr/faits-divers/e...2023-02-231h 08Hacker And The FedA Major Phishing Attack, TikTok In Texas, And FBI Customer ServiceThis week on Hacker And Fed Reddit suffers a phishing attack, the FBI offers "Ritz Carlton" level customer service, Texas bans TikTok on state owned devices, and a researcher documents the methodology of finding a major network flaw.Links from the episode:reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/govconwire.com/2022/10/bryan-vorndran-outlines-tenets-of-fbi-role-in-cyber-ecosystem/beckershospitalreview.com/legal-regulatory-issues/fbi-aiming-to-protect-give-ritz-carlton-level-customer-service-to-companies-that-report-cyberattacks.htmlgov.texas.gov/news/post/governor-abbott-announces-statewide-plan-banning-use-of-tiktokeaton-works.com/2023/02/06/toyota-gspims-hack/--For more information on Chris and his c...2023-02-1644 minHacker And The Fed"Malvertising" and Stolen Background Check DataThis week on Hacker And The Fed we discuss how Search Engine Ads are being used to spread malware through "malvertising". We also cover the impact of a breach involving data for over 20,000 individuals stolen from a firm that aggregates public records and sells background checks online.--For more information on Chris and his current work visit naxo.comFollow Hector @hxmonsegur2023-02-0947 minHacker And The FedThe FBI Take Down Of Hive Ransomware Network & Questions About The FBIThis week on Hacker And Fed we discuss the FBI's takedown of Hive, the Ransomware group with over 100 million in ransom payments. We also talk about the FBI's insider threat brochure, giving companies indicators on what to look for internally. And finally, Hector asks Chris some questions about the FBI.Links from the episode:justice.gov/opa/pr/us-department-justice-disrupts-hive-ransomware-variantfbi.gov/file-repository/insider_threat_brochure.pdfcisa.gov/insider-threat-cyber--For more information on Chris and his current work visit naxo.comFollow Hector @hxmonsegur2023-02-0254 minHacker And The Fed2023 Hacking Predictions, Bug Bounty Hunters, And The Super Bowl Sunday HackThis week on Hacker And Fed Hector makes some predictions of the hacks we will see in 2023. We also discuss bug bounty hunters, how they're not getting paid what they deserve and why they may take their exploits to the dark web. We touch on another big API data leak and Hector tells a story of a hack he did on Super Bowl Sunday. And finally we help a listener with spoofed calls and text messages.T-Mobile Filed Form 8-K with the US SEC--For more information on Chris and his current...2023-01-2649 minHacker And The FedCyber In The News: Important Stories Slipping Under The RadarThis week on Hacker and the Fed we discuss a variety of recent news stories, including a report of a messaging service selling access to user data, bootleg network devices being sold through certified vendors, Gmail offering end-to-end encryption, lessons learned from a not so secure encrypted messaging application, cell phone software that was stolen and made public, and a password problem at a major US executive department.--For more information on Chris and his current work visit naxo.comFollow Hector @hxmonsegur2023-01-1951 minHacker And The FedTwitter's Data Leak, Russian Hacking Crew "Cold River", and Listener QuestionsThis week on Hacker And Fed we discuss Twitter's data leak, explaining APIs and how to better protect ourselves. We also touch on the Russian hacking crew "Cold River" and answer some listener questions. --For more information on Chris and his current work visit naxo.comFollow Hector @hxmonsegur2023-01-121h 00Hacker And The FedCell Phone Eavesdropping, Tupac and Biggie in New Zealand, and BotnetsThis week on Hacker And Fed we tackle IMSI Catchers, or cell phone eavesdropping devices after one was found by French authorities in the back of a vehicle near the US embassy in Paris. We also cover Hector's PBS Hack, his thought process and attack vector. And finally we have a conversation about Botnets and some of the risks they present.--For more information on Chris and his current work visit naxo.comFollow Hector @hxmonsegur2023-01-0549 minHacker And The FedCyber Warfare With Special Guest Jeffrey CarrThis week on Hacker And Fed we tackle cyber warfare with special guest Jeff Carr. Jeff authored the book "Inside Cyber Warfare: Mapping the Cyber Underworld" and is an expert on how nation-states, groups, and individuals around the world wage digital war on one another. We cover a wide range of topics from how to define "cyber war" to the insider perspective on the war in Ukraine.Check out Jeff's book here!--For more information on Chris and his current work visit naxo.comFollow Hector @hxmonsegur2022-12-2949 minHacker And The FedThe Perspective Of A Hacker, Questions For SabuThis week on Hacker And Fed we select a number of audience questions specifically directed toward Hector, and he answers them from the perspective of his former self, Sabu. We cover questions like "what is a hack?" "What are the hardest security controls to beat?" "What do Hackers do with your stolen data?" And finally, Sabu reveals his coolest hack.--For more information on Chris and his current work visit naxo.comFollow Hector @hxmonsegur2022-12-221h 03Hacker And The FedThe Infamous Shadow Brokers and Apple's New Security PostureThis week on Hacker And The Fed we discuss the infamous Shadow Brokers, a group (or individual hacker) who compromised the NSA back in 2016. We explore and explain this hack from the perspective of a former FBI agent and a former black hat hacker. We also detail Apple's new security posture deploying end-to-end encryption.--For more information on Chris and his current work visit naxo.comFollow Hector @hxmonsegur2022-12-1950 minHacker And The FedCISA’s Small Business Security Guidance and Listener QuestionsThis week on Hacker And The Fed we discuss a recent paper published by CISA (The Cybersecurity and Infrastructure Security Agency) detailing how to help secure your small business online. We also answer a number of listener questions. You all have been sending us some great questions in the past week, today we answer a few of our favorites.--For more information on Chris and his current work visit naxo.comFollow Hector @hxmonsegur2022-12-0856 minHacker And The FedSabu and Recursion Face to Face, Former Hackers Reunite Over War StoriesThis week on Hacker And The Fed we have our first ever guest. Former Black Hat and former member of LulzSec, Cody Kretsinger. Hector and Cody go back nearly 20 years to the earliest days of online hacking when they spent years partnering to infiltrate major computer networks around the world. Despite that long history, they’ve never actually met in the flesh. We cover a lot as they speak together for the first time, from hacking origin stories to life after federal prison.--For more information on Chris and his current work visit naxo.com...2022-12-0158 minHacker And The FedHector's Decision To Work With The FBIThis week on Hacker And The Fed we discuss Hector's decision to work with the FBI. To change the course of his life and begin the journey to where he is now. We explore his moral considerations as well as the very practical implications of such a decision. We also hear the story of Hector's first hack and answer a listener question on NSO group and high level hacking.--For more information on Chris and his current work visit naxo.comFollow Hector @hxmonsegur2022-11-2443 min
Lex Fridman Podcast#340 – Chris Tarbell: FBI Agent Who Took Down Silk RoadChris Tarbell is a former FBI special agent and cybercrime investigation specialist who brought down Ross Ulbricht and Silk Road, and Hector Monsegur (aka Sabu) of LulzSec and Anonymous. Please support this podcast by checking out our sponsors:
– True Classic Tees: https://trueclassictees.com/lex and use code LEX to get 25% off
– InsideTracker: https://insidetracker.com/lex to get 20% off
– ExpressVPN: https://expressvpn.com/lexpod to get 3 months free
– BetterHelp: https://betterhelp.com/lex to get 10% off
– Blinkist: https://blinkist.com/lex to get 25% off premiu...2022-11-223h 02Hacker And The FedThe Silk Road Bitcoin HackThis week on Hacker And The Fed we discuss the recent seizure related to Silk Road, the black market website Chris took down in 2013. Silk Road is back in the news as the IRS just recently caught a man who stole 50,000 bitcoin from the site.--For more information on Chris and his current work visit naxo.comFollow Hector @hxmonsegur2022-11-1726 minHacker And The FedThe Dropbox Hack And Questions About The FBIThis week on Hacker And The Fed we discuss the recent DropBox hack that relied on a phishing attack to steal credentials as well as multi-factor authentication codes. We also discuss other tactics attackers use to work around multi-factor authentication as well as a technology that may replace the applications and codes you use today. And finally, we respond to a few user questions about the FBI.--For more information on Chris and his current work visit naxo.comFollow Hector @hxmonsegur2022-11-1046 minHacker And The FedNSO Group’s Pegasus & IRC WarsThis week on Hacker And The Fed we discuss the NSO Group’s zero-click iPhone exploit, also known as Pegasus, a powerful tool that can be used to take full control of a target’s iPhone without their knowledge.We break down how it all works and how to think about this tool and others like it.We also answer a question from the audience about Hector’s experience using IRC, an old internet chat tool where Hector had “wars” with other hackers.--For more information on Chris and his current wo...2022-11-0346 minHacker And The FedCyber Security Whac-A-Mole, Getting Arrested By The FBI, And Protecting Your Small BusinessThis week on Hacker And The Fed we answer audience questions. We discuss the future of cyber security and whether we will ever get ahead of the bad guys. We also detail what it's like to be arrested by the FBI as Hector recounts his experience following the knock on the door. And finally, we respond to a small business owner on how to secure her social media accounts and website from potential threats.--For more information on Chris and his current work visit naxo.comFollow Hector @hxmonsegur2022-10-2744 minHacker And The FedSocial Engineering & "Vishing"This week on Hacker And The Fed we discuss voice fishing, or "vishing," and the social engineering tactics behind this attack.You know those spam calls you get? Well sometimes those are actually social engineering attacks aimed at convincing you to send money to scammers. It's a relatively new twist on phishing and it employs many of the same basic tactics.We detail what these attacks look like, tell a few stories of our own experience with social engineering, and leave you with some key takeaways for how to keep yourself and loved ones safe a...2022-10-2032 minHacker And The FedThe Origin StoryOn this first episode of Hacker And The Fed, Chris and Hector tell their origin story. Hector details the journey from his first time on the internet to becoming a globally infamous black hat hacker. And Chris tells of growing up in Virginia next to the chief of police to ultimately joining the FBI and dedicating his life to fighting cyber crime.The two outline their story from the moment Chris arrested Hector, ultimately leading to a long time collaboration and lifelong friendship.For more information on Chris and his current work visit naxo.com...2022-10-1356 minHacker And The FedIntroducing Hacker And The FedFormer FBI special agent Chris Tarbell and former Anonymous blackhat Hector Monsegur (aka Sabu) first faced-off as adversaries in cyberspace before becoming close friends and podcast co-hosts. Listen to Tarbell, co-founder of an elite cybersecurity firm NAXO, and Monsegur, a top network penetration tester and security engineer, break down the must-know cybersecurity news and topics of the day. You’ll walk away from each episode with unique perspectives on how to keep your family, your company, and your personal cyber footprint safe from attacks.2022-10-1202 min