The speaker is contemplating whether to leave a hacker logged into a system to avoid missing out on information they need to catch the hacker, or to revoke their access immediately and eliminate the risk of further harm.
The domain controller of a bank was found sending data to China, which meant hackers had gained access. The domain controller handles all authentication and connectivity between Windows computers, giving them admin access to pretty much any other system on the network.
Adam, a former IT employee, destroys an entire company's data infrastructure after being fired and takes revenge against his former employer.
The process of pushing program and logic files to the safety controller, and comparing them with what is running on the system to ensure reliability and security, is explained by a guest on the podcast. The importance of pulling logs and artifacts from devices amidst potential threats from untrusted parties is emphasized.
A cyber attacker was able to gain access to a city's server through the mayor's home computer, which had been compromised through a phishing email scam. The attacker then logged into the police department's computer to obtain further information.