The Low Down

Low Level

the internet's best podcast about hacking

Puntate

  1. 2 gg fa

    The GDID Controversy: Is Microsoft Tracking Your Every Move?

    Welcome to The Low Down, the best show on the internet for hackers The Low Down is presented by Maze. LinkedIn: https://www.linkedin.com/company/mazehq/ X: https://twitter.com/Maze_Security Follow Us! https://www.instagram.com/lowdown.pod This week we're diving deep into one of the most viral cybersecurity controversies in recent memory: Microsoft's Global Device Identifier and what it means for privacy, tracking, and operational security. Today we're talking about: The Scattered Spider Arrest & Court Documents Breaking down the arrest of a young Scattered Spider hacker and the court documents that revealed how law enforcement tracked them down. From diamond "Hack the Planet" necklaces to Discord flexing, we examine how poor OPSEC led to their capture. Microsoft's GDID: The Controversy Explained What is the Global Device Identifier, how does it work, and why did VX Underground's 1.2 million view tweet spark massive debate? We break down the forensic reality of this hardware identifier and whether it's truly undocumented or just misunderstood. Hardware Identifiers Meet Web Activity Tracking Exploring how Microsoft tied hacking activity to specific individuals through GDID, PUID (Passport Unique Identifier), and telemetry data. We discuss the marriage of hardware identifiers with web activity, gaming profiles, and Microsoft online accounts. The Privacy Implications: How Deep Does It Go? Is Microsoft collecting every website you visit, every program you execute, and every online account you access? We separate fact from fiction, examining what telemetry actually collects versus what law enforcement pieced together through multiple warrants. VPNs, OPSEC & Marcus Hutchins' Warning Marcus Hutchins weighs in with a stark warning: if your OS install has ever connected to the internet without a VPN, it's a matter of time. We discuss whether VPNs truly protect you when telemetry can see VPN software execution, keying material, and destination IPs. The Forensic Reality Check Cybersecurity professionals explain this is standard forensic technique, not some secret backdoor. We compare this to the moment normies discovered EDR capabilities and realized their IT departments can see everything on corporate devices. Allison Nixon on Tracking The Comm Threat intelligence expert Allison Nixon shares her perspective on tracking these threat actors, why "Scattered Spider" is a marketing term, and what The Comm really represents in the cybercrime ecosystem.

    The GDID Controversy: Is Microsoft Tracking Your Every Move?
  2. 6 lug

    Fable Ban Fallout, Nightmare Eclipse's Microsoft Revenge, and the $40M iOS Exploit Kit

    Welcome to The Low Down, the best show on the internet for hackers The Low Down is presented by Maze. LinkedIn: https://www.linkedin.com/company/mazehq/ X: https://twitter.com/Maze_Security Follow Us! https://www.instagram.com/lowdown.pod This week we're broadcasting live from the PlanetScale office at the AI Engineering Conference in San Francisco, diving deep into the most pressing issues in cybersecurity right now. Today we're talking about: The Fable Ban & AI Export Controls Breaking down the unprecedented government intervention that pulled Fable from public access, the Free Fable movement, and what this means for AI security research going forward. We discuss the export control implications and why this sets a dangerous precedent. Mythos, Project Glasswing & The Future of Exploit Development Why Mythos and Fable aren't uniquely dangerous despite the government narrative, how AI is genuinely changing vulnerability research, and the philosophical questions around automated exploitation capabilities. Open Weight Models & The China Question Examining DeepSeek, Kimi, and other Chinese models that are rapidly catching up to frontier capabilities, plus Meta's internal restrictions on competitor model usage and what it reveals about the industry. Beats by Dre Bluetooth RCE Vulnerability A year-old vulnerability finally patched that gave attackers remote code execution on Bluetooth headphones, allowing microphone access, call initiation, and complete device control within proximity range. Nightmare Eclipse & The Rogue Planet Exploit The latest Windows Defender zero day from the controversial researcher, featuring a race condition that allows malware placement in System32. We discuss the painful disclosure saga, MSRC's reputation crisis, and what this means for bug bounty programs. The Bug Bounty Crisis Why researchers are revolting against major programs like MSRC and Apple, the broken social contract of responsible disclosure, and how AI is reshaping the economics of vulnerability research. Karuna & Darksword: The $40 Million Exploit Kit Discussing the leaked government contractor iOS exploits found on public websites and what it tells us about the crashing value of zero days in the AI era.

    Fable Ban Fallout, Nightmare Eclipse's Microsoft Revenge, and the $40M iOS Exploit Kit

Descrizione

the internet's best podcast about hacking

Potrebbero piacerti anche…