Thanks for joining us for our fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Co-hosts Dave Bittner and Joe Carrigan are joined by Rick Howard in this series where they view clips from their favorite movies with examples of the social engineering scams and schemes you hear about on Hacking Humans. In this episode, Dave, Joe and Rick are watching Dave's and Rick's scene picks. They watch each of the selected scenes, describe the on-screen acti...
Dec 22, 2021•22 min•Season 1Ep. 3
Code that fails to protect sensitive information.
Dec 21, 2021•7 min•Season 2Ep. 78
Guest Adam Levin, security expert and podcast host of "What the Hack with Adam Levin," joins Dave to share advice and discuss some experiences shared on his podcast, Dave and Joe have some listener follow up from David with clarification on 2FA, Joe's story is about a job scam for positions at a video game company, Dave's got a story about how tools like Google and smartphones affect our memories and how we judge our own abilities, our Catch of the Day is from a listener named Chris with a fake ...
Dec 16, 2021•46 min•Season 4Ep. 176
The prevention of the first part of an intrusion kill chain model exploitation technique, where the hacker steals valid logging credentials from a targeted victim.
Dec 14, 2021•6 min•Season 2Ep. 77
Guest Dave Senci of Mastercard's NuData Security talks about the security issues with remote access and coaching frauds, Dave's got a story about receiving a "Best Buy gift card" and USB mailing, Joe's story is from the Better Business Bureau about their "12 Scams of Christmas," and our Catch of the Day is from our listener Henry who received an email that appeals to one's faith. Links to stories: PSA: If You Get a 'Best Buy Gift Card' on a USB Drive in the Mail, Don't Plug It Into Your PC The N...
Dec 09, 2021•44 min•Season 4Ep. 175
The process of proactively searching through networks to detect and isolate security threats, rather than relying on security solutions or services to detect those threats.
Dec 07, 2021•7 min•Season 2Ep. 76
Guest Jay Radcliffe from Thermo Fisher Scientific shares his advice and security concerns with smart devices since the holiday gifting season is around the corner, Joe and Dave have some listener follow up about 2FA, Joe's got a story about the Robinhood breach, Dave's story is about numerous LinkedIn requests from HR specialists with GAN images (Generated Adversarial Network), and our Catch of the Day is from listener Michael who was just trying to sell his car and then he got a text message. L...
Dec 02, 2021•47 min•Season 4Ep. 174
The continuous practice of identifying classifying, prioritizing, remediating, and mitigating software vulnerabilities within this.
Nov 30, 2021•8 min•Season 2Ep. 75
Thanks for joining us for our fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Co-hosts Dave Bittner and Joe Carrigan are joined by Rick Howard in this series where they view clips from their favorite movies with examples of the social engineering scams and schemes you hear about on Hacking Humans. In this episode, Dave, Joe and Rick are watching Joe's and Rick's scene picks. They watch each of the selected scenes, describe the on-screen actio...
Nov 25, 2021•18 min•Season 1Ep. 2
A formal record containing the details and supply chain relationships of various components used in building software.
Nov 23, 2021•7 min•Season 2Ep. 74
Guest Blake Hall, CEO and founder of a company called ID.me, discusses protecting your identity online, Dave and Joe have some follow up from listener Rafa on 2FA he uses, Dave has a story about bots that take advantage of 2FA to break into your payment accounts, Joe's story is about scams carried out through QR codes, and our COTD comes from listener Wyatt about an award-winning email from Warren Buffett. Links to stories: The Booming Underground Market for Bots That Steal Your 2FA Codes Fake “...
Nov 18, 2021•51 min•Season 4Ep. 173
A security philosophy that assumes adversaries have already penetrated the digital environment and tries to reduce the potential impact by limiting access by people, devices, and software to only the resources essential to perform their function and nothing more.
Nov 16, 2021•9 min•Season 2Ep. 73
Welcome to a fun new project by the team who brings you Hacking Humans, the CyberWire's social engineering podcast. Co-hosts Dave Bittner and Joe Carrigan are joined by Rick Howard in this series. They view clips from their favorite movies with examples of the social engineering scams and schemes you hear about on Hacking Humans. In this first episode, Dave, Joe and Rick are watching Dave's and Joe's picks. They watch each of the selected scenes, describe the on-screen action for you, and then t...
Nov 11, 2021•25 min•Season 1Ep. 1
Hardware and software designed to detect and prevent cyber adversary campaigns that target industrial operations.
Nov 09, 2021•8 min•Season 2Ep. 72
Guest Dr. Jessica Barker from Cygenta talks with UK correspondent Carole Theriault about how every month should be cyber awareness month, Joe has a story about password spraying (kind of like a credential stuffing attack), Dave's story is about scams carried out through QR codes, and our COTD comes from listener Wyatt about an award-winning email from Warren Buffett. Links to stories: Microsoft warns over uptick in password spraying attacks Scammers are emailing waves of unsolicited QR codes, ai...
Nov 04, 2021•34 min•Season 4Ep. 172
The difference between organizational employee job requirements and the available skillsets in the potential employee pool.
Nov 02, 2021•8 min•Season 2Ep. 71
Oct 29, 2021•3 min
Guest Brandon Hoffman from Intel 471 is back sharing some research on business email compromise, Dave's got a story on buying collectable sneakers and how bots make that really hard to do, Joe has two stories with different spins on romance scams: one notes they are the most prevalent scams targeting older adults; and the second is about a group of Nigerian men preying on women through money scams, and our Catch of the Day comes from reddit user steev p (Steve P) about a benefit scam from an imp...
Oct 28, 2021•42 min•Season 4Ep. 171
The use of technology to radically improve the performance or reach of the business.
Oct 26, 2021•7 min•Season 2Ep. 70
UK Correspondent Carole Theriault returns with an interview with Paul, a spam analyst, Dave and Joe have some follow-up, Joe revisits NFTs with rug pull scams, Dave's story is about phishers using a symbol in place of the Verizon logo, and our Catch of the Day comes from listener Rafael in Spain about a Steam account takeover scam attempt his son experienced on Discord. Links to stories: Phishers Get Clever, Use Math Symbols for Verizon Logo Have a Catch of the Day you'd like to share? Email it ...
Oct 21, 2021•37 min•Season 4Ep. 170
Cloud services intended for cyber criminals and other bad actors designed to obstruct law enforcement and other kinds of government investigations, and to provide some protection against competitors.
Oct 19, 2021•7 min•Season 2Ep. 69
Guest Marina Ciavatta CEO at Hekate talks with Dave about some of her social engineering and pen testing experiences, Dave's got a story is about getting your family to use a password manager, Joe's story is about NFTs (non-fungible tokens) and scams that have arisen around them, and our Catch of the Day is from listener William and it turns out Dave is in trouble with the IRS again on this one. Links to stories: How to Get Your Family to Actually Use a Password Manager THE NFT SCAMMERS ARE HERE...
Oct 14, 2021•47 min•Season 4Ep. 169
The practice of securing a device that connects to a network in order to facilitate communication with other devices on the same or different networks.
Oct 12, 2021•9 min•Season 2Ep. 68
Guest Zach Schuler of NINJIO joins Dave to discuss measuring the effectiveness of awareness training, Joe's got a story about a school nurse who was scammed with a "Bank of America" Zelle transaction, Dave's story is about a phone scam a therapist received from a local "Sheriff's office," and our Catch of the Day is from Hacking Humans Senior producer Jennifer Eiben about some pricey potatoes and chocolate chip cookies she "ordered." Links to stories: School nurse falls victim to scam targeting ...
Oct 07, 2021•50 min•Season 4Ep. 168
President Biden's May, 2021 formal compliance mandate for federal civilian executive branch agencies, or FCEBs, to include specific shortterm and longterm deadlines designed to enhance the federal government's digital defense posture.
Oct 05, 2021•8 min•Season 2Ep. 67
Guest Chris Kirsch, DefCon 25 Social Engineering Capture The Flag winner and Co-Founder and Chief Executive Officer at Rumble, talks with our UK Correspondent Carole Theriault about his experience at the event, Dave's story is about scammers bypassing social engineering and going directly to pitch employees to install ransomware, Joe's got a story about travel scams he came across while planning a recent trip, our Catch of the Day comes from Reddit about some text messages which cause emotions t...
Sep 30, 2021•40 min•Season 4Ep. 167
Phase of a typical cyber adversary group's attack sequence, after the initial compromise and usually after the group has established a command and control channel, where the group moves through the victims network by compromising as many systems as it can, by looking for the data, it has come to steal or to destroy.
Sep 28, 2021•8 min•Season 2Ep. 66
Guest Alex Hinchliffe, Threat Intelligence Analyst from Unit 42 at Palo Alto Networks joins Dave to talk about some of his team's ransomware research, Joe's story is about a new jury duty scam that is out there (hint, they will not call you on the phone), Dave's got a story about Microsoft rolling out passwordless login options, our Catch of the Day comes from a listener named Lucio who shared several social engineering ploys with us. Links to stories: Brand New Jury Duty Scam You Can Now Ditch ...
Sep 23, 2021•39 min•Season 4Ep. 166
A public list sponsored by the US government and designed to uniquely identify, without the need to manually cross- reference, all the known software vulnerabilities in the world.
Sep 21, 2021•7 min•Season 2Ep. 65
Guest Etay Maor of Cato Networks joins Dave Bittner to discuss the impact that deepfakes will have on our society, we share some fun feedback on the Lightning Rod story edit, Dave's story talks about how some of the most successful and lucrative online scams employ a “low-and-slow” approach, Joe's story is about 2 Arkansas farmer that scammed investors out of money for wind turbines, but used it for houses, cars and Disney World, and our Catch of the Day is from an unnamed listener with a suppos...
Sep 16, 2021•44 min•Season 4Ep. 165
