Hacking Humans - podcast cover

Hacking Humans

N2K Networksthecyberwire.com
News
Tech News
Technology
Deception, influence, and social engineering in the world of cyber crime.
Last refreshed:
Follow on
Apple Podcasts
Spotify
RSS
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Podcasts are better in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episodes

Collaboration platforms are a gateway for ransomware attacks.

Guest Gil Friedrich from Avanan joins Dave to discuss how collaboration platforms, like Microsoft Teams, Slack and others, opened up a new gateway to ransomware attacks, Joe's story comes from listener Matt shared as a COTD candidate that's a phishing scam, Dave's got a story about China and Russia trying to turn your employees into spies, and our Catch of the Day comes from a listener named Iain with a timely story "from" Afghanistan. Links to stories: Guarding Against the Chinese Domain Name E...

Sep 09, 202133 minSeason 4Ep. 164

Don't blindly test your colleagues.

Guest Javvad Malik from KnowBe4 shares his thoughts on bad security training with the CyberWire's UK correspondent Carole Theriault, Dave's story is about deepfake technology being used for business cases, Joe's gives a synopsis of Proofpoint's most recent State of the Phish report, our very first Catch of the Day about Discord comes from a listener named Henning. Links to stories: Deepfakes Are Now Making Business Pitches Proofpoint's 2021 State of the Phish Report Have a Catch of the Day you'd...

Sep 02, 202140 minSeason 4Ep. 163

incident response (noun) [Word Notes]

A collection of people, process, and technology that provides an organization the ability to detect and respond to cyber attacks.

Aug 31, 20218 minSeason 1Ep. 62

Companies don't want their customers to be victims of fraud.

Guest Brandon Hoffman from Intel 471 joins Dave to talk about how cybercriminals are going after large retail and hospitality companies, Joe shares some advice for college students to avoid scams and ID theft, Dave got an edit to the tale of the lightning rod, our Catch of the Day comes from listener Shannon who received a beneficiary scam email. Links to stories: BBB Scam Alert: 6 Scams for College Students to Avoid BBB Tip: 9 Tips for college students to avoid ID theft Have a Catch of the Day ...

Aug 26, 202139 minSeason 4Ep. 162

script kiddies (noun) [Word Notes]

Cybercriminals who lack the expertise to write their own programs use existing scripts, code, or tools authored by other more skilled hackers.

Aug 24, 20216 minSeason 1Ep. 61

Effective cybersecurity training has to be meaningful to employees.

Guest Jann Yogman, entertainment industry veteran and writer of Mimecast Awareness Training, joins Dave to share his thoughts on the ransomware epidemic and the cybersecurity awareness training problem, Joe's got a story about scams targeting families eligible for the IRS' child tax credit, Dave's story is about scams and fraud experienced by US military veterans, personnel, and their families, our Catch of the Day comes from listener Sawyer Dicky on Reddit who insists he's not the right guy. Li...

Aug 19, 202137 minSeason 4Ep. 161

sandbox (noun) [Word Notes]

An isolated and controlled set of resources that mimics real world environments and used to safely execute suspicious code without infecting or causing damage to the host machine, operating system, or network.

Aug 17, 20216 minSeason 1Ep. 60

The attackers keep coming every single day.

Guest Andrew Rubin, CEO and co-founder of Illumio, joins Dave to discuss Zero Trust, Dave and Joe share some follow-up from several listeners including one with a variation on prison pen pals we discussed some time ago and some advice on Dave's Google Authenticator issue he mentioned last week, Dave's story is about non-delivery scams, Joe's got a story on Imperial Kitten doing some catphishing, and our Catch of the Day comes from listener Timothy about with a sextortion campaign. Links to stori...

Aug 12, 202145 minSeason 4Ep. 160

Acceleration of our digital lives and impacts on cybercrime.

Guest Darren Shou, Chief Technology Officer of NortonLifeLock, shares insight on some of the scams he and his colleagues have been tracking, Joe and Dave share some follow up from listener Robert about free learning resources, Joe's story comes from listener Sedric who is new to real estate Investing and was looking for a hard money loan, rather than a story, Dave continues the conversation on passwords and multi-factor authentication with comments from listener Coinsigliere , and our Catch of t...

Aug 05, 202144 minSeason 4Ep. 159

What are our devices doing to our compassion?

Guest Dr. Charles Chaffin, author of the book "Numb: How the Information Age Dulls Our Senses and How We Can Get them Back," joins Dave this week, we have some listener follow up from John with a tip on ATM security, Dave's got a two-fer this week including a useful site called www.shouldiclick.org and a Twitter report on multi-factor authentication thanks Rachel Tobac for calling our attention to it, Joe's story is from Microsoft on trends in tech support scams, and our Catch of the Day is from...

Jul 29, 202147 minSeason 4Ep. 158

secure access service edge (SASE) (noun) [Word Notes]

A security architecture that incorporates the cloud shared responsibility model, a vendor provided security stack, an SD-WAN abstraction layer, and network peering with one or more of the big content providers and their associated fiber networks.

Jul 27, 20218 minSeason 1Ep. 57

It's ok to be trusting, just be careful.

Guest Gil Friedrich from Avanan joins Dave to talk about how bad actors are infiltrating organizations using collaboration apps, we have two pieces of listener follow up from Michael and Tobias, Joe has a story about fake information, Dave's story is about message spam on LinkedIn, and our Catch of the Day is from a listener named Lucio with a questionable Reddit communication. Links to stories: Propaganda as a Social Engineering Tool Annoying LinkedIn Networkers Actually Russian Hackers Spreadi...

Jul 22, 202142 minSeason 4Ep. 157

red teaming (noun) [Word Notes]

The practice of emulating known adversary behavior against an organization's actual defensive posture.

Jul 20, 20216 minSeason 1Ep. 56

Threat actors changing ransomware tactics.

Guest Kurtis Minder from GroupSense joins Dave to discuss divergent ransomware trends, the guys have a listener reminder about it being CompTIA, Joe, Dave has a story about a coupon scam in the Houston area, Joe's story is about a real estate rental scam and a scammer who likes to talk about his work, and our Catch of the Day is from a listener named Craig with an email about an unprofessional colleague and a questionable attachment. Links to stories: A ‘dark-side coupon group’ scammed stores ou...

Jul 15, 202141 minSeason 4Ep. 156

next generation firewall (noun) [Word Notes]

A layer seven security orchestration platform deployed at the boundary between internal workloads slash data storage and untrusted sources that blocks incoming and outgoing network traffic with rules that tie applications to the authenticated user and provides most of the traditional security stack functions in one device or software application.

Jul 13, 20217 minSeason 1Ep. 55

Introducing 8th Layer Insights: Deceptionology 101: Introduction to the Dark Arts

Have you ever noticed how fundamental deception is to the human condition? Deception and forms of social engineering have been with us since the beginning of recorded history. And yet, it seems like we are just as vulnerable to it as ever. But now the stakes are higher because technology allows social engineers to deceive at scale. This episode explores the psychology of deception, provides a foundation for understanding social engineering, offers a few mental models for exploration and exploita...

Jul 11, 202159 minSeason 1Ep. 4

Collaboration, data portability, and employee mobility fuel insider risk.

Guest Joe Payne of Code 42 joins Dave to discuss insider risks Joe has a story about Frank Abagnale who's conned everyone one way or another, Dave's story is about a real estate scam conning a single mother of her life savings, and our Catch of the Day is from listener Michael with an "Extremely Urgent Attention Required" email. Links to stories: Confessions of a Famous Fraudster: How and Why Social Engineering Scams Work Real estate scam robs Florida mom of $63K in life savings Have a Catch of ...

Jul 08, 202141 minSeason 4Ep. 155

fast flux (noun) [Word Notes]

A network designed to obfuscate the location of a cyber adversary's command and control server by manipulating the domain name system, or DNS, in a way that rotates the associated IP address among large numbers of compromised hosts in a botnet.

Jul 06, 20217 minSeason 1Ep. 54

An inside view on North Korean cybercrime.

The CyberWire's UK correspondent Carole Theriault returns to share an interview with Geoff White, reporter from the BBC and co-host of the Lazarus Heist podcast, Joe has some listener follow-up from Mike looking for advice on certifications for getting into cybersecurity, Dave's story is from Brian Krebs about catching an ATM shimmer gang, Joe's got a piece from MalwareBytes Labs about phishing for Bitcoin recovery codes, and our Catch of the Day is from listener Rohit with a pretty genuine-look...

Jul 01, 202136 minSeason 4Ep. 154

encryption (noun) [Word Notes]

The process of converting plain text into an unrecognizable form or secret code to hide its true meaning.

Jun 29, 20217 minSeason 1Ep. 53

Bad password hygiene jeopardizes streaming services.

Guest Matthew Gracey-McMinn joins us from Netacea to speak with Dave about security issues with streaming services, Joe shares some follow-up from listener Jason about a bracelet sale mentioned a few episodes ago, Joe's story is from UMBC about AI-generated fake news reports, Dave's got a story about a replacement scam for a hardware wallet used for storing cryptocurrency, and our Catch of the Day comes from a listener called R about a vishing scam for DirectTV. Links to stories: Study shows AI-...

Jun 24, 202140 minSeason 4Ep. 153

Answering a job ad from a ransomware gang.

Guest Mantas Sasnauskas from CyberNews joins Dave to talk about how he and his colleagues applied for a job with a ransomware gang, Joe and Dave reply to a listener named Christopher about certifications, Dave's story is about credential stuffing with payroll companies for $800,000,Joe shares a story about lewd phishing lures sent to people's email accounts, and our Catch of the Day is from from a listener named Stof who says, he “received this call just now, never heard one this convincing, nea...

Jun 17, 202137 minSeason 4Ep. 152

non-fungible tokens (NFT) (noun) [Word Notes]

Digital assets that are cryptographically protected on a blockchain and contain unique identification codes and metadata that makes them one of a kind.

Jun 15, 20216 minSeason 1Ep. 51

Pandemic taxes: later due dates afford more time for scams.

Guest Robert Capps of NuData Security joins Dave to discuss what businesses can do to bolster their protection against tax fraud, Joe and Dave have some follow-up from 2 episodes ago when they discussed a BazarLoader scam: Wired has a recent article with a twist about a totally fake streaming site called BravoMovies, Joe shares a story from a listener Jason about a friend of his who was targeted by a scammer on Facebook Marketplace, Dave's story is about scammers demanding ransom from families w...

Jun 10, 202139 minSeason 4Ep. 151
← PrevNext →
For the best experience, listen in Metacast app for iOS or Android