r/darknetdiaries

Even though coffee is not really cyber adversed, I bet he has at least some storys to tell, as he has a relatively high exposure to fraudsters and criminals. Also I bet they would be vibing.

I was wondering how Jack chooses the material for his stories. Of course, this is something that only he could answer, and I don't know how responsive he is on social media.

There's this one case, that's still ongoing, about an ex-LAPD officer who was caught and charged with kidnapping for ransom. His name is Eric Halem, and apparently he orchestrated a Bitcoin heist. He and four accomplices, including one who's supposedly tied to the Israeli underground, entered an underage kid's apartment, handcuffed both he and his girlfriend, and forced him to transfer $300k worth of Bitcoin.

I actually know this guy, we worked together nearly 20 years ago, and I honestly never thought he had it in him to do shit like that. He's from a well-off family, grew up in an affluent neighborhood, went to college in Riverside, and had started a couple of businesses, including a luxury car rental business.

But, the part of the story that I'm interested in is not about Eric Halem. I already know his story, a number of articles detail what happened prior to his arrest, including a previous arrest for which he was still under investigation for committing insurance fraud (in connection to his luxury car business). You can look up his case online as well.

I'm actually interested in the other side of the story. The kid who he stole from and kidnapped for ransom, he was 17 at the time of the heist, had his own apartment in Korea Town, and $300k worth of Bitcoin. How does a 17 year old kid have this amount of Bitcoin at that age!? One of the articles mentions that Halem's attorney wanted to have the charges dropped, because the kid supposedly admitted in court that he had acquired the Bitcoin through fraud. Of course, since the kid wasn't on trial, those details weren't relevant to Halem's criminal case, meaning that whatever means the kid used to get that much Bitcoin has no impact on Halem's actions.

I wonder if Jack could get a hold of him and at least get his side of the story.

Security researchers say they have discovered a new way of circumventing Apple’s state-of-the art security technology, using techniques they discovered while testing an early version of Anthropic’s Mythos AI software in April.

The researchers with Calif, a Palo Alto-based security research company, say the software they wrote links together two bugs and a handful of techniques to corrupt the Mac’s memory and then gain access to parts of the device that should be inaccessible.

It is what’s known as a privilege escalation exploit, and if it were chained together with other attacks it could be used by a hacker to seize control of the computer.

The technique is noteworthy because Apple has put so much effort into locking down MacOS, said Michał Zalewski, a security researcher who formerly worked at Google and who reviewed the Calif research but wasn’t involved in the testing.

Apple, which is deploying and testing frontier AI models to test and patch vulnerabilities, is reviewing the Calif report to validate its findings. “Security is our top priority, and we take reports of potential vulnerabilities very seriously,” a company spokeswoman said.

The bug-finding capabilities of the latest AI models from companies such as Anthropic and OpenAI have improved enough in recent months that many cybersecurity experts are now warning of a Bugmageddon, an unprecedented rash of security vulnerability discoveries that could cause headaches for the technology staffers who must patch them, and also represent an unprecedented cybersecurity risk.

Earlier this year, Anthropic’s AI found over 100 high-severity vulnerabilities in the Firefox browser over a two-week period. That is how many the rest of the world typically finds in two months.

Last September, Apple said it leveraged its hardware and operating system expertise into a technology called Memory Integrity Enforcement (MIE), which it described as “the culmination of an unprecedented design and engineering effort, spanning half a decade.”

With Claude, building the code that exploited the two MacOS bugs took five days, Calif says.

The attack couldn’t have been pulled off by Mythos alone and leveraged the very human cybersecurity expertise of some of Calif’s hackers, said Thai Duong, the company’s chief executive. That is because Mythos excels at reproducing previously documented attacks. “We haven’t seen cases where it comes up with new attack techniques,” he said. “This is kind of a new thing.”

While some of the hype around Mythos is “overblown,” Zalewski said it is possible to use the latest tools for “meaningful vulnerability research and code auditing.”

Researchers with the company were so excited about their discovery, they drove down from Palo Alto in person Tuesday to Apple’s Cupertino headquarters to present their 55-page report describing the bugs it exploited. 

Researchers Bruce Dang, in glasses, and Thai Duong at Apple's Cupertino headquarters on Tuesday. Calif

They plan to release details of their attack once Apple has patched the underlying issues. The bugs will likely be fixed pretty quickly, Duong said.

The White House initially opposed Anthropic’s efforts to gradually expand access to Mythos, and concerns about the power of newer AI models have upended the administration’s AI strategy, causing a reassessment of its laissez-faire approach to AI development. Federal officials are now contemplating an executive order that would grant the government oversight of the most-advanced models.

So this is kinda a as it happens idea, as the topic is the hacker group Shiny Hunters. They been around since 2020 and have done some intresting breaches like Rockstar games, carguru, and mathway. All of which they stole data and threatened to leaked they data unless the companies paid the ransom, which most didnt so they then did leak said data. Though very recently they have breached and affected around 9000 schools across the U.S including Harvard, Duke, and many other well known names. Im currently working with the issue myself as I work at one of the said affected colleges. Though im also looking for more insight myself as well as other thoughts and opinions on the idea. Thank yall, and have a great day.

(Typo in title sry 🥲) As we (students) all know… canvas, a widely used learning platform, recently got hacked. Wondering if this will be a good episode? Like if there’s a lot to cover about it.