The ability of computers to execute tasks typically associated with human intelligence, including natural language processing, problem solving, and pattern recognition. CyberWire Glossary link: https://thecyberwire.com/glossary/ai Audio reference link: Staff, 2016. Alan Turing - The Imitation Game - Can Machines Think? [YouTube Video]. Learn Understand Create. URL www.youtube.com/watch?v=Vs7Lo5MKIws.
Kathleen Smith, CMO from ClearedJobs.Net sits down with Dave to talk about how job seekers are susceptible to employment fraud. Joe and Dave share some listener follow up from Steve, who writes in to share a scary and frustrating story as hackers were able to scam their way into his and his wife’s Verizon Wireless account. Dave's story follows giveaway scams, which are scams that impersonate celebrities and brands, most notably Elon Musk and the companies he is associate with, to try and get vic...
A credential demonstrating an individual's knowledge in the field of cybersecurity, usually obtained by passing an exam or series of exams. CyberWire Glossary link: https://thecyberwire.com/glossary/certification Audio reference link: Bombal, D., 2022. Are certifications important in Cybersecurity? [Video]. YouTube. URL www.youtube.com/watch?v=Zdgf_Wr82rs.
Thanks for joining us again for another episode of fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Hacking Humans co-host Dave Bittner is joined by Rick Howard in this series where they view clips from their favorite movies and television shows with examples of the social engineering scams and schemes you hear Dave and co-host Joe Carrigan talk about on Hacking Humans. In this episode, Dave and Rick watch each of the selected scenes, describe...
On this episode, the CyberWire's UK Correspondent Carole Theriault talks with Iain Thomson from the Register about why he has no IoT in his house and what advice he offers for those who do. Joe's story features ten social engineering techniques. Dave has a story starts with an order by the FTC against Epic Games for tricking users to make in-game purchases in Fortnite using dark patterns. Our Catch of the Day comes from listener Lauren sharing a phishing attempt at her company where the scammers...
A technique used to create virtual networks within a shared physical network infrastructure. CyberWire Glossary link: https://thecyberwire.com/glossary/network-slicing Audio reference link: Whitehead, D.N., 2021. 5G Smart Networks Part 1: Network Slicing [Video]. YouTube. URL www.youtube.com/watch?v=dCt3rYODZ7g.
Eric Olden, Chief Executive at Strata, sits down with Dave to discuss the changing face of identity; where we’ve been, where are going, and the bumps along the way. Dave and Joe share some listener follow-up from Michael, who writes in about advertisements on YouTube and other social networks claiming magical results. Dave's story follows a new tool released by the National Center for Missing and Exploited Children (NCMEC) to help with slow and stop the spread of sextortion of minors. Joe's stor...
The process of verifying that a device is known, secure, and uncompromised before allowing it to connect to a network or access resources. CyberWire Glossary link: https://thecyberwire.com/glossary/device-trust Audio reference link: “Favorite Scene of Alan Rickman from Die Hard.” YouTube, YouTube, 14 Jan. 2016, https://www.youtube.com/watch?v=mklnXM3LIXo.
Mallory Sofastaii from Baltimore's WMAR 2 News sits down with Joe to talk about some recent stories on scams she's covered on Matter for Mallory. Dave and Joe share some listener follow up from Robert who writes in about the technical means to protect phones from robocalls. He shares some insight on how carriers up in the north are able to protect phones. Dave shares a twitter thread from Brian Jay Jones, who is an author of biographies of Jim Henson, George Lucas and Dr. Seuss, who shares how h...
A technology set design to support the cybersecurity first principle strategy of zero trust, that limits device people and software component access to only designated authorized resources and nothing more. CyberWire Glossary link: https://thecyberwire.com/glossary/zero-trust-network-access Audio reference link: “Zero Trust Explained by John Kindervag.” YouTube, YouTube, 2 Oct. 2022, https://www.youtube.com/watch?v=-LZe4Vn-eEo.
Dan Golden and Renee Dudley, reporters at ProPublica and authors of "The Ransomware Hunting Team: A Band of Misfits' Improbable Crusade to Save the World from Cybercrime," discuss their book. Dave and Joe share some follow up form listener Ignacio who writes in to share thoughts on Joe's preference to using open source options for password managers. Joe's story this week follows Coinbase, who recently had a cybersecurity breach but their cyber controls prevented the attacker from gaining direct ...
A data privacy legal framework that applies to all countries in the European Union, regulating the transmission, storage, and use of personal data associated with residents of the EU. CyberWire Glossary link: https://thecyberwire.com/glossary/general-data-protection-regulation Audio reference link: “Mr. Robot Predicts JPM Coin!” YouTube, YouTube, 14 Feb. 2019, https://www.youtube.com/watch?v=1ee-cHbCI0s.
Corie Colliton Wagner from Security.org joins to discuss the company’s research of password manager tools and their benefits, identity theft, and the market outlook for PW managers. Dave and Joe share quite a bit of follow up from listeners Mitch, Neville, and Richard. Mitch writes in to share about gift card scams, and Neville and Richard both share their thoughts on the pros and cons of having a cloud-based password manager. Dave's story is about employees around the globe and their internet h...
A conversational language model developed by the company OpenAI. CyberWire Glossary link: https://thecyberwire.com/glossary/chatgpt Audio reference link: jeongphill. “Movie - Her, First Meet OS1 (Operation System One, Os One, OS1).” YouTube, YouTube, 29 June 2014, https://www.youtube.com/watch?v=GV01B5kVsC0.
Mathieu Gorge from VigiTrust sits down to discuss the different ways that online attackers target younger and older generations, and what the cybersecurity industry can and should do to protect them. Dave and Joe share some listener follow up from Greg who writes in regarding porch pirates possibly finding a new way to steal packages. In Joe's story this week, we learn that while ransomware was down last year, more and more people are clicking on phishing emails. Dave's story follows Ahad Shams,...
A cyber attack technique where adversaries intercept communications between two parties in order to collect useful information or to sabotage or corrupt the communication in some manner. CyberWire Glossary link: https://thecyberwire.com/glossary/man-in-the-middle-attack
Welcome to Season 3 of Hacking Humans Goes to the Movies. Thanks for joining us again for another episode of fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Hacking Humans co-host Dave Bittner is joined by Rick Howard in this series where they view clips from their favorite movies and television shows with examples of the social engineering scams and schemes you hear Dave and co-host Joe Carrigan talk about on Hacking Humans. In this episode,...
Keith Jarvis, Senior Security Researcher from Secureworks Counter Threat Unit (CTU), shares his thoughts on the alarming rise of infostealers and stolen credentials. Dave and Joe share some listener follow-up from Ron who writes in about a book, entitled "Firewalls Don't Stop Dragons" by Carey Parker, which he finds as a helpful resource when it comes to cybersecurity. Dave's story follows password management companies and how they might not be as safe as what we presume them to be, most notably...
A branch of the US Department of Commerce whose stated mission is to “promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.” CyberWire Glossary link: https://thecyberwire.com/glossary/national-institute-of-standards-and-technology Audio reference link: Center, M.I., 2022. 2022 Meridian Summit: Cultivating Trust in Technology with NIST Director Laurie Locascio [WWW ...
J. Bennett from Signifyd discusses the fraud ring that has launched a war on commerce against US merchants over the past few months. Joe and Dave share some listener follow up from Jon who writes in about an email he almost fell victim to. Joe shares two stories this week, the first on how scammers were seen posing as tech support at two US agencies in an attempt to hack their employees. Joe's second story is on a woman trying to steal 2.8 million for an elderly Holocaust survivor. Dave's story ...
A team responsible for responding to and managing cybersecurity incidents involving computer systems and networks in order to minimize the damage and to restore normal operations as quickly as possible. CyberWire Glossary link: https://thecyberwire.com/glossary/cirt Audio reference link: Avery, B., 2017. 24 TV May 05 Season4 [WWW Document]. YouTube. URL https://www.youtube.com/watch?v=Gq_2xPuqI-E&list=PLGHedLavrFoGsea1ZCHBm9-nK5FdM3_Kd&index=10.
Cybersecurity interview with ChatGPT. In part one of CyberWire’s Interview with the AI, Brandon Karpf interviews ChatGPT about topics related to cybersecurity. Rick Howard joins Brandon to analyze the conversation and discuss potential use cases for the cybersecurity community. ChatGPT is a chatbot launched by OpenAI and built on top of OpenAI’s GPT-3 family of large language models. Cyber questions answered by ChatGPT in part one of the interview. What were the most significant cybersecurity in...
Nadine Michaelides from Anima People sits down with Dave to discuss preventing insider threat using behavioral science and psych metrics. Joe and Dave share some follow up regarding a Facebook scammer who is targeting Joe, as well as a letter from listener Richard who write in about business emails and the compromised warning signs they send about dangerous emails coming from outside the company. Dave shares a story about hackers who are setting up fake websites to promote malicious downloads th...
A software program installed unintentionally by a user that typically performs tasks not asked for by the installer. CyberWire Glossary link: https://thecyberwire.com/glossary/potentially-unwanted-program Audio reference link: Butler, S., 2022. Potentially Unwanted Programs (PUPS) EXPLAINED [Video]. YouTube. URL https://www.youtube.com/watch?v=5L429Iahbww (accessed 1.6.23).
Rohit Dhamankar from Fortra’s Alert Logic joins Dave to discuss the decline in ransomware attacks and lessons learned from the front lines. Dave and Joe share some listener follow up from Keith regarding Dave's story from last episode and how he recognizes the scams being mentioned and offers his opinions on the matter. Joe shares two stories this week, one about his ironclad gift he gave to his wife, with his second story following the buzz surrounding OpenAI, creators of ChatGPT, their new int...
Malware that disables a system in exchange for a ransom, usually by encrypting the system's data until the user pays for the decryption key. CyberWire Glossary link: https://thecyberwire.com/glossary/ransomware Audio reference link: https://watch.amazon.com/detail?gti=amzn1.dv.gti.d6a9f744-47b0-ac70-aa56-b31fd0f58482&territory=US&ref_=share_ios_season&r=web
Chip Gibbons, CISO at Thrive, sits down with Dave to talk about how to defend against social engineering attacks in banking. Dave starts us off this week with a story about Amazon opening up its selling market to Pakistani residents, and what consequences that led to for the organization’s business. Joe's story follows a scam targeting soldiers in the Army. The Army warns against unknown individuals purporting to be noncommissioned officers that are calling said soldiers and asking them for mone...
The name of a wireless access point. CyberWire Glossary link. Audio reference link: SSID Management - CompTIA Security+ SY0-401: 1.5, Professor Messer, uploaded August 3rd, 2014.
Guest Eric Levine, Co-founder and CEO at Berbix, joins Dave to discuss identity fraud. Dave and Joe share comments from listener Chris on a series of SMS messages he got from "Wells Fargo." Joe's story previews what is coming for social engineering attacks in 2023 and how to prepare to improve your safety online, while Dave's story is about sextortion scammers in rural India and how they are blackmailing victims. Our catch of the day comes from listener George who's been receiving a lot of scam ...
A U.S. Government specification for data encryption using an asymmetric key algorithm. CyberWire Glossary link: https://thecyberwire.com/glossary/advanced-encryption-standard Audio reference link: papadoc73. “Claude Debussy: Clair De Lune.” YouTube, YouTube, 6 Oct. 2008.
