Digital evidence that a system or network has been breached. CyberWire Glossary link: https://thecyberwire.com/glossary/indicator-of-compromise Audio reference link: ” Suicide or Murder? | The Blind Banker | Sherlock ,” uploaded by Sherlock, 18 October 2015
Martin Rehak CEO & Founder from Resistant AI sits down with Dave to discuss how organizations should be worried about shallow fakes vs. deep fakes. Listener Joe writes in with some follow up on Joe's statement about not using legacy OSes, and how it is unfortunately not an option for many. Both Joe and Dave share two stories this week. Dave's first story follows how the Maryland Attorney General, Brian Frosh, is warning residents about purchasing flood-damaged cars. Dave's second story is ab...
A system that monitors for malicious or unwanted activity, and either raises alerts when such activity is detected or blocks the traffic from passing to the target. CyberWire Glossary link: https://thecyberwire.com/glossary/intrusion-detection-system Audio reference link: “ Network Intrusion Detection and Prevention - CompTIA Security+ SY0-501 - 2.1 ,” Professor Messer, uploaded 16 November, 2017...
Thanks for joining us again for another episode of fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Hacking Humans co-host Dave Bittner is joined by Rick Howard in this series where they view clips from their favorite movies and television shows with examples of the social engineering scams and schemes you hear Dave and co-host Joe Carrigan talk about on Hacking Humans. In this episode, Dave and Rick watch each of the selected scenes, describe...
Larry Cashdollar from Akamai sits down with Dave to discuss their research, "The Kit That Wants It All: Scam Mimics PayPal’s Known Security Measures." Joe shares an incredible story regarding impersonation and man sharing his first hand experience with impostors impersonating him to get a job, luckily a good samaritan shared this information before the damage could be done. Dave's story follows raids happening in Cambodia with connection to alleged cyberscam compounds. We have two catches of the...
Hackers bypass, multifactor authentication schemes by sending a blizzard of spamming login attempts until the accounts owner accepts the MFA prompt out of desperation to make the spamming stop. CyberWire Glossary link: https://thecyberwire.com/glossary/mfa-prompt-bombing Audio reference link: movieclips. “ Sneakers (2/9) Movie Clip - Defeating the Keypad (1992) HD. ” YouTube , YouTube, 29 May 2011, https://www.youtube.com/watch?v=oG5vsPJ5Tos....
Pete Ford from QuSecure sits down with Dave to discuss what exactly cyber quantum computing is, what it means for the country, and how other countries are using quantum. Dave and Joe share follow up on 2 stories, one Bleeping Computer reports, discussing the teen that hacked Uber and Rockstar Games has been arrested. Second, we share some listener follow up from last episode about medical documents being shared and how easy it would be to falsify your identity to obtain children's documents. Dus...
An optional security mode for macOS and iOS that reduces the attack surface of the operating system by disabling certain commonly attacked features. Audio reference link: “ How NSO Group’s Pegasus Spyware Was Found on Jamal Khashoggi’s Fiancée’s Phone ,” FRONTLINE, YouTube, 18 July 2021.
This week Carole Theriault sits down to interview author Jamie Bartlett on his book, "The Missing Cryptoqueen - The Billion Dollar Cryptocurrency Con and the Woman Who Got Away with It." Dave and Joe share some follow up from listener Dustin who shares an interesting experience he had involving his child's medical documents and how easy it was to obtain them, making scams even easier. Joe's story follows a young teen hacker and how they allegedly were able to hack Uber and Rockstar Games. Dave h...
A security awareness training technique in which authorized, but fake phishing emails are sent to employees in order to measure and improve their resistance to real phishing attacks. CyberWire Glossary link: https://thecyberwire.com/glossary/simulated-phishing Audio reference link: “Blackhat (2014) - Hacking the NSA Scene (4/10) | Movieclips.” YouTube , YouTube, 19 Apr. 2017....
Guest Jane Lee, Trust and Safety Architect from Sift joins Dave to discuss the rise of fraudulent online content and fake crypto platforms. Dave and Joe share some listener follow up regarding the debate over "mum" versus "mom" and who speaks which pronunciation more. Dave has two stories this week, one story follows a Twitter thread about a man who shared his story about selling a desk on Facebook and the dangers that come with that. His second story is about how hackers are using a clever new ...
The process of installing applications on a device without the use of official software distribution channels. CyberWire Glossary link: https://thecyberwire.com/glossary/sideloading
Thanks for joining us again for another episode of fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Co-hosts Dave Bittner and Joe Carrigan are joined by Rick Howard in this series where they view clips from their favorite movies with examples of the social engineering scams and schemes you hear about on Hacking Humans. In this episode, Dave and Joe are joined on this episode by guest Tracy Maleeff from Krebs Stamos Group – you may know her on ...
Dov Lerner, a Security Research Lead from Cybersixgill, sits down with Dave to discuss how inflation hasn't affected the Dark Web, including how the cratering of cryptocurrency may have affected things. Joe and Dave share some follow up from listener Pelle, who writes in about their grandmother who was scammed over the phone for her PIN, among other information, allowing the scammers to get away with much more than money. This week, Joe's story comes from a listener named Kyle, who shared an art...
A zero trust security technique that isolates application workloads from each other, allowing each one to be protected individually. CyberWire Glossary link: https://thecyberwire.com/glossary/microsegmentation Audio reference link: “ Micro-Segmentation Masterpieces ,” PJ Kirner, Illumio CTO and Co-Founder, Tech Field Day, YouTube, 13 December 2020.
Greg Otto from Intel 471 joins Dave to discuss the findings of their work on "Cybercriminals preying on a travel surge with a host of different scams." Dave and Joe share some interesting listener follow up from Kevin, who writes in about the deepfakes episode and shares his comments on how scary the topic can be, especially with politicians. Dave shares a story about Charles Egunjobi, an auditor with the D.C. government, and how he fell victim to an online love scam costing elderly U.S. citizen...
The use of similar-looking characters in a phishing URL to spoof a legitimate site. CyberWire Glossary link: Audio reference link: “ Mission Impossible III 2006 Masking 01 ,” uploaded by DISGUISE MASK, 28 July 2018.
This week Carole Theriault interviews Chuck Everette from Deep Instinct on public and private partnerships. Dave and Joe share some listener follow up from Rodney who writes in about flexible spending cards and chips inside them as well as sharing technology that helps keep the scammers away. Joe's story follows the trend of fake invoicing, specifically through PayPal and the newest string of scammers getting people to call in about a pending charge. Dave shares a story where people are getting ...
The deployment of rules to the security stack across all data islands, cloud, SaaS applications, data centers, and mobile devices designed to manifest an organization's cybersecurity first principle strategies of zero trust, intrusion kill chain prevention, resilience, and risk forecasting. CyberWire Glossary link: https://thecyberwire.com/glossary/policy-orchestration Audio reference link: “ The Value of Using Security Policy Orchestration and Automation ,” by David Monahan, uploaded by EMARese...
Guest Etay Maor of Cato Networks joins Dave Bittner to discuss the impact that deepfakes will have on our society, we share some fun feedback on the Lightning Rod story edit, Dave's story talks about how some of the most successful and lucrative online scams employ a “low-and-slow” approach, Joe's story is about 2 Arkansas farmer that scammed investors out of money for wind turbines, but used it for houses, cars and Disney World, and our Catch of the Day is from an unnamed listener with a suppos...
Software designed to prevent cheating in video games. CyberWire Glossary link: https://thecyberwire.com/glossary/anti-cheat-software Audio reference link: “ The BIG Problem with Anti-Cheat ,” by Techquickie, YouTube, 5 June 2020
Mallory Sofastaii from Baltimore's WMAR 2 News sits down with Joe to talk about some recent stories on scams she's covered on Matter for Mallory. Dave and Joe share some listener follow up from Robert who writes in about the technical means to protect phones from robocalls. He shares some insight on how carriers up in the north are able to protect phones. Dave shares a twitter thread from Brian Jay Jones, who is an author of biographies of Jim Henson, George Lucas and Dr. Seuss, who shares how h...
Malware, in the guise of ransomware, that destroys data rather than encrypts. CyberWire Glossary link: https://thecyberwire.com/glossary/pseudoransomware Audio reference link: “ Some Men Just Want to Watch the World Burn | the Dark Knight ,” by YouTube, 2 November 2019.
Ari Parker, Lead Advisor from Chapter, discussing "Tips for Avoiding Medicare Scams." Joe and Dave share some follow up from several listeners, who write in about various scams they have encountered. Joe's story is on Facebook messenger and how more and more victims are being claimed to scams and cons through the popular social media app. Dave's story shares disturbing information regarding LinkedIn scams, explaining how North Koreans are stealing resumes off the job site in a new crypto job sea...
A browser configuration control that prevents accessing resources within a private network. CyberWire Glossary link: Audio reference link: “ TPM (Trusted Platform Module) - Computerphile ,” Computerphile, 23 July 2021
Raj Sarkar, CMO from 1Password and Julien Benichou, Senior Director of Partnership, Strategy, and Execution from Gen.G, join Dave to discuss making the online world a safer place and talk about helping reduce the risk of gamers being the target of hackers. Joe and Dave share some followup from listener Ryan who writes in about the catch of the day from last week's episode, and what struck him most with the scam. Dave's story is on how the government was able to seize millions in stolen cryptocur...
A browser configuration control that prevents accessing resources within a private network. CyberWire Glossary link: Audio reference link: “ Chrome Limits Access to Private Networks ,” by Daniel Lowrie, ITProTV, YouTube, 19 January 2022.
Romain Basset, Director of Customer Service, at Vade joins Dave to discuss the threat of initial contact spearphishing emails now that many employees are returning to the office. Dave and Joe share some listener follow up from listener Will who writes in about a troubling debate over if it should be "Joe and Dave" or "Dave and Joe." Will shares a website about ablaut reduplication, sharing his thoughts on the matter. Joe shares some good news following a story of a homeless man being robbed of $...
This week, Carole Theriault sits down to talk with Paul Ducklin from Sophos on extortion scams targeting LGBTQ+ communities. Joe and Dave share multiple pieces of listener follow up, the first from Matt and Kevin, who write in to share a Wikipedia link regarding N.B. (Nota Bene, or note well) and an ad from 1801. The second one is a write in from someone who is referred to as "P," who shares more information on the Facebook link shortener discussion. Finally, Joe and Dave get a great piece of li...
The potential next evolution of the worldwide web that decentralizes interaction between users and content away from the big silicon valley social media platforms like Twitter, Facebook, and YouTube, and towards peer-to-peer interaction using blockchain as the underlying technology. CyberWire Glossary link: https://thecyberwire.com/glossary/web-30 Audio reference link: “ What Elon Musk Just Said about Metaverse, Web3 and Neuralink ,” By Clayton Morris, Crypto News Daily, YouTube. 2 December 2021...
