Darknet Diaries

166: Maxie

Maxie Reynolds loves an adventure, especially the kind where she’s breaking into buildings (legally). In this episode, she shares stories from her time as a professional penetration tester, including high-stakes physical intrusions, red team chaos, and the unique adrenaline of hacking the real world. Her book: The Art of Attack: Attacker Mindset for Security Professionals [https://amzn.to/4ojYSVZ] (https://amzn.to/4ojYSVZ) Her data center: www.subseacloud.com/ [https://www.subseacloud.com/]

165: Tanya

Tanya Janca is a globally recognized AppSec (application security) expert and founder of We Hack Purple. In this episode, she shares wild stories from the front lines of cybersecurity. She shares stories of when she was a penetration tester to an incident responder. You can sign up for her newsletter at https://newsletter.shehackspurple.ca/ [https://newsletter.shehackspurple.ca/] SPONSORS Support for this show comes from ThreatLocker® [https://www.threatlocker.com/]. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com [https://www.threatlocker.com/]. This episode is sponsored by Hims [https://hims.com/darknet]. Hims offers access to ED treatment options ranging from trusted generics that cost up to 95% less than brand names to Hard Mints, if prescribed. To get simple, online access to personalized, affordable care for ED, Hair Loss, Weight Loss, and more, visit https://hims.com/darknet [https://hims.com/darknet]. Support for this show comes from Drata [https://drata.com/darknetdiaries]. Drata is the trust management platform that uses AI-driven automation to modernize governance, risk, and compliance, helping thousands of businesses stay audit-ready and scale securely. Learn more at drata.com/darknetdiaries [https://drata.com/darknetdiaries]. View all active sponsors. [https://darknetdiaries.com/sponsors/] BOOKS * Alice and Bob Learn Secure Coding by Tanya Janca [https://amzn.to/4qFzZqc] * Alice and Bob Learn Application Security by Tanya Janca [https://amzn.to/4qC3M30]

164: Oak Cliff Swipers

He started small, swiping cards, buying gift cards, and cashing out. It spiraled into a full‑blown criminal enterprise. Dozens of co‑conspirators, stacks of stolen plastic, and a lifestyle built on chaos. Meet Nathan Michael, leader of Oak Cliff Swipers. SPONSORS Support for this show comes from ThreatLocker® [https://www.threatlocker.com/]. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com [https://www.threatlocker.com/]. Support for this show comes from Pantheon [https://pantheon.io/]. Pantheon keeps your site fast, secure, and always on. That means better SEO, more conversions, and no lost sales from downtime. But this isn’t just a business win; it’s a developer win too. Your team gets automated workflows, isolated test environments, and zero-downtime deployments. Visit Pantheon.io [https://pantheon.io/], and make your website your unfair advantage. Support for this show comes from Adaptive Security [https://www.adaptivesecurity.com/]. Deepfake voices on a Zoom call. AI-written phishing emails that sound exactly like your CFO. Synthetic job applicants walking through the front door. Adaptive is built to stop these attacks. They run real-time simulations, exposing your teams to what these attacks look like to test and improve your defences. Learn more at adaptivesecurity.com [https://www.adaptivesecurity.com/].

163: Ola

In 2019, Ola Bini, a Swedish programmer and privacy advocate, was arrested in Ecuador for being a Russian hacker. Find Ola on X: https://x.com/olabini [https://x.com/olabini]. Or visit his website https://olabini.se/blog/ [https://olabini.se/blog/]. Or check out his non-profit https://autonomia.digital/ [https://autonomia.digital/]. SPONSORS Support for this show comes from ThreatLocker® [https://www.threatlocker.com/]. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com [https://www.threatlocker.com/]. This show is sponsored by Miro [https://miro.com/]. AI doesn’t have to be intimidating—in fact, it can help your team thrive. Miro’s Innovation Workspace changes that by bringing people and AI together to turn ideas into impact, fast. Whether you’re launching a new podcast, streamlining a process, or building the next big thing, Miro helps your team move quicker, collaborate better, and actually enjoy the work. Learn more at https://miro.com/ [https://miro.com/]. This show is sponsored by Thales [http://thalesgroup.com/cyber]. With their industry-leading platforms, you can protect critical applications, data and identities – anywhere and at scale with the highest ROI. That’s why the most trusted brands and largest banks, retailers and healthcare companies in the world rely on Thales to protect what matters most – applications, data and identities. Learn more at http://thalesgroup.com/cyber [http://thalesgroup.com/cyber]. View all active sponsors. [https://darknetdiaries.com/sponsors/] SOURCES * https://www.eff.org/deeplinks/2019/08/ecuador-political-actors-must-step-away-ola-binis-case [https://www.eff.org/deeplinks/2019/08/ecuador-political-actors-must-step-away-ola-binis-case] * https://www.eff.org/deeplinks/2025/04/six-years-dangerous-misconceptions-targeting-ola-bini-and-digital-rights-ecuador [https://www.eff.org/deeplinks/2025/04/six-years-dangerous-misconceptions-targeting-ola-bini-and-digital-rights-ecuador] * https://peoplesdispatch.org/2019/04/12/ola-bini-detained-in-ecuador-for-90-days/ [https://peoplesdispatch.org/2019/04/12/ola-bini-detained-in-ecuador-for-90-days/] * https://globalvoices.org/2022/10/21/ola-bini-the-cyberactivist-who-causes-panic-in-ecuador/ [https://globalvoices.org/2022/10/21/ola-bini-the-cyberactivist-who-causes-panic-in-ecuador/] * https://www.amnesty.org/en/latest/news/2019/09/ecuador-allanamiento-violento-pone-en-riesgo-juicio-justo-ola-bini-2/https://en.wikipedia.org/wiki/Ola_Bini [https://www.amnesty.org/en/latest/news/2019/09/ecuador-allanamiento-violento-pone-en-riesgo-juicio-justo-ola-bini-2/https://en.wikipedia.org/wiki/Ola_Bini]

162: Hieu

All Hieu Minh Ngo wanted was to make money online. But when he stumbled into the dark web, he found more than just opportunity, he found a global dark market. What started as a side hustle turned into an international crime spree. Find Hieu on X: https://x.com/HHieupc [https://x.com/HHieupc]. SPONSORS Support for this show comes from ThreatLocker® [https://www.threatlocker.com/]. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com [https://www.threatlocker.com/]. Support for this show comes from Drata [https://drata.com/darknetdiaries]. Drata is the trust management platform that uses AI-driven automation to modernize governance, risk, and compliance, helping thousands of businesses stay audit-ready and scale securely. Learn more at drata.com/darknetdiaries [https://drata.com/darknetdiaries]. This show is sponsored by Red Canary [https://redcanary.com/]. Red Canary is a leading provider of Managed Detection and Response (MDR), helping nearly 1,000 organizations detect and stop threats before they cause harm. With a focus on accuracy across identities, endpoints, and cloud, we deliver trusted security operations and a world-class customer experience. Learn more at redcanary.com [https://redcanary.com/].