Where People Go When They Want to Hack You
HTML-код
- Опубликовано: 6 июн 2024
- What do you need to hack any system on the planet? Whatever it is, you can certainly find it on the Zero-day market: a network that consists of the world’s best hackers trading vulnerabilities with governments, cybercriminals and megacorporations. How does this market appear, how does it work and why nobody talks about it?
🎯 Subscribe to @cybernews for more AI news and cybersecurity updates: cnews.link/subscribe/
🎪 Looking for entertainment and more interesting stories? Check out our playlists filled with captivating content that will keep you entertained for hours:
• Infamous Hacks
• Cyber Tops
• Cyber Crime
📰 Stay up-to-date with the latest cybersecurity news and trends by checking out our curated news playlist. We cover the latest threats, trends, and insights from the world of cybersecurity:
• Latest NEWS
💬 Stay connected with us on social media for the latest news, insights, and discussions around cybersecurity: linktr.ee/Cybernews
0:00 Intro
1:16 Part 1. Cracked bricks
4:14 Part 2. People who already did that
8:45 Part 3. Time to use it
10:45 Part 4. Paying the price
15:38 Part 5. The complicated world
20:10 Part 6. Where it gets even worse
22:56 Part 7. Even worse than that
30:14 Part 8. Those who stare into the wall
33:28 Epilogue
🥷 Secure your online activities - Check out a VPN with the best discount - cnews.link/get-nordvpn/TLPHmH...
🔑 Keep your accounts safe - Get THE BEST password manager offer - cnews.link/get-nordpass/TLPHm...
🦠 Protect your devices - Grab an EXCLUSIVE Antivirus deal - cnews.link/get-bitdefender/TL...
Credits:
Producer: Ignas Žadeikis
Writer: Valius Venckūnas
Video Editing: Matas Paskačimas
Narration: Ben Mitchell
Thumbnail: Domantė Janulevičiūtė
Supervising Producer: Aušra Venckutė
All the sources we used in this video can be found here: docs.google.com/document/d/1j...
ℹ️ About us:
We are an independent news outlet with a RUclips channel that posts cybersecurity & tech news videos daily. Our foremost concern is the safety and security of our viewers around the world. We remain vigilant on the issue of hacking and will provide updates as they become available. A number of our investigations and reports have been featured by industry-related publications and global news leaders like Forbes, PC mag, and Techradar.
We are affiliated but not sponsored by any service provider. This means we may receive a small commission when you click on the provided links.
Music license:
MB01Y50OJPFYTY0
MB01QHMCQBFMEDE - Наука
When you randomly bash your keyboard in infinite parallel universes for an infinite amount of time, you'd probably get a fully working exploit chain for the latest ios version some day in Eternity
can you elaborate please? What do you mean by that? Is it so secure to get hacked that even governments can't do it?
@@Ahmn2250 He's likely saying it's UNLIKELY, but the issue with iOS is that since their code base is proprietary and not open source, there are fewer EYES on that could audit it for exploits.
Plus, you have entire nation states and private companies like (formerly) NSO Group spending tens of millions of dollars to develop spyware like Pegasus, etc.
By definition, a 0-DAY exploit is unknown, so you wouldn't even know if someone could hack into your phone.
But, if you're not an important enough target, and your adversary isn't fully technically equipped/capable, you're most likely fine.
If your adversary is the NSA, you're very likely screwed because as the Snowden leaks showed, they had the entire world tapped, including the German Chancellor's phone... and things are much worse now.
@@Ahmn2250 google: Infinite monkey theorem
Yeah, that's called fuzzing. Thankfully computers can type very fast ;)
@@Ahmn2250 Thats just the Infinite monkey theorem
As a Cybersecurity professional, I must say, this complex topic is way much simply explained. The analogy of bricks is really good. Good job and kudos to the creators.
Ok so you are in the know with pc/internet.
Im not so I have a Question? Is vpn safe to use and what do it do? And is a tor browser more safe than Google to use?
we are all "cybersecurity professionals" bro
Bricks in the firewall!
You look like you sell 0 days to hamas
@@dieselgoinhamno he gave it for free to T@lib@n$
As an IT professional, this video does an excellent job of breaking down a very complex subject into terms the average person can easily understand. The brick wall analogy is excellent and one I’ll borrow for future conversations.
Except that there is only a small "suitable" subset of bricks for intrusion in the wall
How common is iOS hacking?
Bro seriously, editing something like this takes a long time. Very impressive. Keep these docu’s coming, you can become a big youtuber.
Ice
Now watch it without the music.
@@muhcharona I want to make an AI filter that removes music from information videos
@@codywohlers2059ok
@@muhcharona
Hey what is zero day ?
One thing to note about all these walls is that when you buy a 0-day, you don't just pay for knowing about one faulty brick in one wall, you're paying for knowing about such a brick in every single wall of similar design.
Absolutely incorrect. You have no knowledge of what's going on you merely saying things.
Lol
@@gothixxx12 I can see why his comment would make sense, but I also do not have any knowledge about this. Can you explain further why a certain breach cannot be repeated in similar code structure? Maybe they're too precise or specific for each codes?
@@user-km8ul5qb1q It is indeed incorrect, because a zero day of this proportion rarely will be just one line of code that can be reproduced by every engineer. A zero day can be an API that receives data, and then sends it to a function who will turn a string (text) to a JSON (which can contain functions) and then send it to the server, who will execute a malicious code put inside this JSON by a hacker. It involves multiple layers of the system, and all of those layers must fail in preventing that functions are being passed as strings in order to the zero day exist.
Sorry for my english, it might not be so clear to understand, its not my language, but I hope it helps understand why his point is incorrect for most cases
The type of vulnerability that involves multiple layers of a system is the hardest to find, for the hackers and for the engineers. That is why they are so precious. The example that I provided is know as XSS, and it is easy for an experienced engineer to prevent, that is because it only takes a line or a block of code to make the vulnerability, that is the case where the guy commented. But, because this type of vulnerability being so common, it is easy to patch, because a lot of people know about it. A big zero-day exploit is something that is not common at all, and only a few, if not only one person found it, and 90% of the time is something in particular with the way the system works
So if you're a dev at a large software or hardware company, you deliberately sneak in a bug that allows for a very specific 0 day vuln, sell it off to a broker, and the day it's detected by your employer, you come up with a fix and gain a pay rise.
ooof
Well... yes, but if you're caught, it can damage your reputation, and your employer may label you a fraud.
@@andrewnyirenda2364 Not to mention it's technically illegal, but even still, the risk reward is tilted in favor of reward.
Well if that doesn’t make it obvious you’re not an engineer I’m not sure what does 🤷♂️
Till a couple days later when you're colleagues go wtf is this
6:00 that you made Australia upside down, is pure comedy 😂
Who ever animated this is a legend
Yeee. Shalom.
yeah forreal and i bet they did it effortlessly
They rotated the Australian mail in the correct orientation
@@koaglidehow dare you bet this didn't take a quantillion hours to make 😤🤪
@@ReligionAndMaterialismDebunked אני גם יהודי
I want to know who wrote the Apple OS bug that stops recognizing your passwords four times a year. “Forgot your password?” No.
This is one of the best Cyber-sec educational videos that I've ever seen on RUclips. Thanks for all the effort you put into this.
i shall agree. as the exeptional movement of this channel is over the top. of course i can say that there are som damages.. but no one else has none.. and he still has least. as i can say in the kitchen language. one of the beast
This was one of those rare videos on RUclips that really open your eyes and are so well done that they just stay with you. Great job and great video!
Zero day exploits have always mesmerized me, knowing there is someone out there with a critical piece of info that could have so many implications, practically all being negative, is equal parts scary and fascinating to me.
Not really
@@DanielOnFire101wdym not really dummy
I think there's one thing you missed that I think is extremely important: everyday security researchers. There's a lot of hackers out there that are fully public and post about the vulnerabilities they find (after they're patched, usually). However, becoming such a person still requires you to navigate these markets.
They could report it directly to the company, but companies such as Apple have been criticized in the past for low payouts, or not paying at all. This could lead security researchers to go to the grey market instead, hoping for a more guaranteed payday. I think that's a pretty interesting dynamic of the market.
Apple should pay up because I'm tired of them gaslighting with the, macs can't be hacked . The lies! I'm an activist and have been hacked for years. Nothing is safe
Credit to Kaspersky for operation triangulation, they did some amazing work exposing the attack chain. And the cherry on top, they released everything on Christmas for the jailbreak community.
Incroyable.
Kaspersky IS the hacker. Kaspersky is a major Russian FSB organization
@@borghorsa1902 Which comes around goes around
@@borghorsa1902So what do you sugest instead? NSA? CIA? Who? They are all the same crap...
Do more of these videos.
I loved the animation trying to sell a zero day for TempleOS
Glowies in action.
crazy deep referencing lol
R.i.P Terry A. Davis
BARELY scratched the surface! nice job, well done.
Really insightful. Great analogy - a wall and cracked bricks... really nailed that one!
🤣🤣🤣🤣🤣 DDoS going by this video is a HACK. Clearly you are why companies sell VPN and claim it keeps you free from big bad hackers. But nailed it right. OLOLOLOLOL
At 29:26 that Russian lady's voice sounds like a broken record.... painful to listen to. lol
@@TankerReviewwhat do you think of an Stridsvagn 104?
@@TankerReview I thought it does 😭. What keeps me free from the big bad hackers then? Tails Os + a VPN? Purism devices? Idk ☠️
@@TankerReviewpls reply when u get the time 🙏🏻. Thanks.
Dude your a G not gonna lie. These edits are out of this world 🌎
These hackers need to have some natural ability... no run of the mill hacker can do this.
We all hear of hackers, and know it implies getting into your computers and other systems... but explaining it so the average person can understand it is a talent, the analogies need to be hand picked.... great job. The rabbit hole stop by step.
Pplease make more videos like this, I loved every minute, perfect editing, incredible narration...
I loved this bro
If you could make the next video about Initial access brokers.....
@@AZa4sh1r0 i want vidio about skibiddy toilet and uccp meastery. also fanuc robot!!
I just thought about all of this and realised that right now, there are not only people working on building these weapons but also people developing AI right now, that will be a mass production machinery to create 0-days...
Just insane...
Makes us feel like we are above the tip of ice-berg
Already happening. Jailbroken AI's can compile payloads and assemble code at the edge. It's willd
@@waterillyowo9 can you explain further
I know you are here Susan , you will never get me
Is Susan friends with my ex Jane?
I’ll give her a head start, you’re in Albania.
I will get you eventually, Tom
@@obamatheg2826 that's why I voted Trump , obama care sucks btw 😤
@@bernardnjerumtwaiti6060 nah uhh
My man, DDoS is an attack, not the way to get "to the other side of the wall". It's a denial of service, not something that will get you information. Fix your video.
Distributed denial of service attack.
Correct. (Maybe using the terms for acronym jog his memory idk)
You are 100% correct just trying to help
Tho technically the ddos can be used to slip by (as a separate entity or method… not DDOS , so still I guess incorrect) security measures that are overloaded trying to prevent full shut down of the page’s service / servers
Here we go, Mr know it all - this documentary was meant for the general public
@@youngbassedrob General public or not, this is a fact. Do you know what a fact is and what a misinformation is?
@@youngbassedrobwell it’s wrong, learn shit that isn’t true if you want
This video provided a much clearer and comprehensive understanding of zero-day exploits. It really confirmed some things I thought and also offered new insights. Thanks for doing this.
Actually more companies are sueing hackers, even if they found a flaw just randomly in a ticket system. Lawmakeres should establish laws to punish companies and stop this!
Social engineering, hacking data brokers and bribing corrupt employees are some other ways people get in. *The human will always be the weakest link, like when they setup their servers and their root password is admin*
That's the thing with the cyber-criminal world; You have to do everything right all the time to protect yourself. But them, they have to do it right. One. Singular. Time. And you are now compromised.
One of the most informative, important, and thought out videos I have ever seen about the digital world. And I must say, your video editing skills and graphics are most superb and on point.
Just like a lot of other people are saying this video is stunning I hope your channel goes from strength to strength.
The production quality of your channel is amazing. Thanks for the informative video!
You have a new subscribers. Great job!! Somehow I feel like I have less control on my life now though.
Please keep this type of content coming in!!!! ❤
The most informational and interesting video about zero days, even Mandiant doesnt have that kind of video. Cheers! 🔥
LOLlersk8s
This is probably the best video about out there about zero day marketplaces.
That was thoroughly fascinating and superbly done. I’ll take that 4 hour deep dive tour now please. Heck, make it 40 hours or something, like an awesome series.
It’s quality like this that makes yt premium still worth it. Wow. Best video I’ve watched all year
yt prem is worth it exactly for this reason and so many more. ever scrolled through yt prem not finding something you want to watch? yeah me either.
What does it have to do with RUclips Premium?
Very high quality video, thank you!
Amazing documentary. One of the best videos I've seen on RUclips.
Great production quality on the video. Just subbed to ya keep it up!
Fantastic video!! The wall visual will stay with me forever
This video is amazing! You got my attention on watching this video. It was like a ELI5 but with visuals and a very simplified explanation! 👏👏👏👏
Incredible work making this video. Your ability to take complex techniques/events on this topic and simplify them something easy for everyone to understand is truly remarkable. Combined with the seamless editing creates a perfect pair for educational infosec content. Keep up the great work and I encourage you to continue creating more content like this!
Not really
Terrific Video and Content....keep up doing such great work. 👍🏻
The amount of information and the way it is explained. Absolutely loved it. This video is Gold😢🎉❤.
Thanks a lot team, fantastic work.
Man I loved this!! You've got a lifetime subscriber now. Very informative and painted a great picture
you ever get that snippet of information and it just hits different, daaamn
Love how easy you made this for the newbies to understand.
Seeing malware Jake pop up in the video was awesome! Great video and good experts.
the animations maybe look easy and they are but planning out the structure of the video is really impressive
I remember your shady rat video. This video and that one are just amazing... No matter how deep your knowledge is of this area it's still a great watch!
I didn't personally learn anything from this but it was really well done. Just enjoyable to watch.
If companies were the highest bidder for their own 0-days this problem would cease to exist or atleast be limited to criminals who keep their secrets
Amazing video and visual representations! Great insight and definitely I’m a lot more educated now.
This was really complex and interesting watch. Thankyou for all the effort put into this
This is fascinating. I plan to show it to my cybersecurity courses.
Damn this video is so good. I stopped and watched the entire video in one shot. Excellent. Expecting more videos like this.
Thank you for this, very insightful.
The comments section as well.
24:05 An American saying "African nations that have horrific human rights records" is the most outlandish and horrific lie and speaks her arrogance, ignorance and double standards
i can assure you when the bashing is intensive enough you get success 👀
Is this a Bourne-Again SHell joke? Because it's funny.
It opens up windows
or a concussion
True
@@eldiablo1221 brute-force
Quality content, subscribed!
Very very good explanation for the masses. Much appreciated! Keep up the great work!
Bro this video is so good! Thank you very much for it
Actually magnificent video. I really just sat through all of it with maximum interest.
The best cyber documentary on the world. More please.
Great video. I also read Nicole's book, certainly an eye opener!
Great video. Thank you for sharing!
One of the best videos I have ever seen on RUclips.
I was watching this on my TV in bed, and I had to find my phone to subscribe and comment. What a well made video.
Awesome video guys. Subscribed
Wonderfully edited and explained, enjoyed a lot
Great video! Really enjoyed this!
Excellent video. Subscribed.
Nice editing and simplifying 👌👍
You did a really good job, making this video
Great video, cool animations and very informative!
This material is extremely well-made. Loved it
Unreal cool video. Very cool release. Thank you!
Great video thanks and subbed ❤
fantastic work as always
This channel's writing, design, and overall production quality is very impressive! Im pretty sure bots aren't making this 😅 Subscribed
It's not sloppy code. It's intentionally written to be exploited by the NSA until their tools get leaked. Then, it's a critical update.
🧐🤔💡
Lol. That makes zero sense. Pleaae educate yourself before vomitting comments out
This is the best explanation for this I've ever seen.
very good video. well done. keep them coming
its all fun and games until someone balckmails u with ur browser history
It's okay. What could be there other than some porn sites?
@@pranshuprapranshu304 well I've seen someone with fairly odd parents feet corn
thank you for the high quality content
Your wall reminds me of Arkanoid. Subbed 🤙
This is really great, I gained so much knowledge from this. Thank you :)
Great video, thanks!
sparked so much inspiration and curiosity. outstanding work.
great vid, mate! super interesting...
Best video I have ever watched😮, love it❤❤❤
Great production quality
Thank you for this brilliant essay.
Lovely video.
Really enjoyed it and learnt a lot
Thanks for the info
This was overall a really great vid, but I did laugh at the part "Week old bugs are as good as patched". As a researcher, some companies do not give a sh*t about patching vulnerabilities for years on end.
absolutly informational video !!! thanks for complaining it !
Amazing video very entertaining and great editing,
I like this long format videos