Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. Being a security researcher is a bit like being a detective:...
Aug 06, 2024•39 min•Season 1Ep. 3
Please enjoy this special encore episode of Word Notes. A type of side channel attack in which an attacker with physical access to a computer performs a memory dump of a computer’s Random Access Memory or RAM during the reboot process in order to steal sensitive data.
Aug 06, 2024•7 min•Season 1Ep. 43
This week we celebrate 300 episodes! Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe and shares a PSA on the CrowdStrike outage. Her story focuses on the Olympics, as this was the first week the Olympics started, and she shares about a recent fraud campaign that is targeting iPhone users in India, posing as India Post through smishing attacks. Our hosts discuss some follow up, from listener Brie, who writes in to share how one police force is helping folks stay safe ...
Aug 01, 2024•48 min•Season 7Ep. 300
On-demand pay-as-you-go Internet delivered compute, storage, infrastructure, and security services that are partially managed by the cloud provider and partially managed by the customer.
Jul 30, 2024•6 min•Season 1Ep. 42
This week, Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe, as they celebrate Maria joining the Hacking Humans podcast every week! Maria's story is from a listener this week who writes in with a story on an IT company that is a third party for a healthcare company, and the dangers that can come from that. Dave and Joe share some listener follow up from Michael, who shares some thoughts on AI. Dave's story follows how a recent study found that 40% of elderly adults in...
Jul 25, 2024•49 min•Season 7Ep. 299
An acronym for Advanced Persistent Threat to describe hacker groups or campaigns normally, but not always, associated with nation state cyber espionage and continuous low-level cyber conflict operations.
Jul 23, 2024•7 min•Season 1Ep. 41
This week, Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe, as they celebrate Maria joining the Hacking Humans podcast every week! Maria's story is on supplement scams, as there has been a significant surge in health-related supplement scams on social media platforms, utilizing advanced technologies like AI-generated images and deepfake videos to promote fake products endorsed by celebrities and medical professionals. Joe's story follows Airplane WiFi, now essential ...
Jul 18, 2024•38 min•Season 7Ep. 298
An undocumented or publicly unknown method to access a computer system undetected or to break a cypher used to encode messages.
Jul 16, 2024•6 min•Season 1Ep. 40
This week Dave shares a story on Business email compromise (BEC) scams, and how they are a major threat, costing $26 billion annually. The story shares how it's crucial for employees to verify suspicious emails through a secondary channel and for companies to foster transparent communication to mitigate such risks. Joe shares two stories with us this week. The first is from a listener named Jay, who received a story from a relative. In this story, someone claiming to be a constable calls to warn...
Jul 11, 2024•31 min•Season 7Ep. 297
From the intrusion kill chain model, a technique where the hacker compromises sites commonly visited by members of a targeted community in order to deliver a malicious payload to the intended victim.
Jul 09, 2024•6 min•Season 1Ep. 39
Blair Cohen from AuthenticID joins Dave to discuss how generative AI and authentication go hand in hand. Joe and Dave share some follow up from listener Robert who discusses an ad for a device that uses ChatGPT to record phone calls on your device. Dave helps his dad out with his computer and shares the tale. Dave also shares a story this week on the FBI warning against scammers who are posing as NFT devs to try and steal your crypto. Joe and Dave test their scammer catching skills while taking ...
Jul 04, 2024•54 min•Season 6Ep. 255
Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. Being a security researcher is a bit like being a detective:...
Jul 02, 2024•29 min•Season 1Ep. 2
Network observation systems designed to monitor globally unreachable but unused Internet address space or the Deep Web in order to study a wide range of interesting Internet phenomena.
Jul 02, 2024•5 min•Season 1Ep. 38
This week Joe and Dave share some interesting follow up from a few episodes ago where Dave shared his love for baby grand pianos and how scammers we're using that to lure people into traps. Listener George wrote in to share about a show on UK Channel 4, called "The Piano," it's a music competition where visitors play a public piano in a train station, judged by hidden famous pianists, with winners performing at the UK Royal Festival Hall. Joe's story is a warning to travel goers using booking.co...
Jun 27, 2024•39 min•Season 7Ep. 296
A best practice for framing cyber intelligence critical information requirements that recommends collecting and consolidating data from three specific sources: endpoint, network and log.
Jun 25, 2024•5 min•Season 1Ep. 37
Brandon Kovacs, a Senior Red Team Consultant at Bishop Fox, is talking about how Artificial Intelligence is shaping the future of social engineering. Listener Adina wrote in to share their thoughts on an earlier episode on Google. Dave share's listener Tony's write in for his story this week. Joe and Dave discuss some questions Tony shared about preparing for an overseas trip when his bank account was locked due to security measures triggered by setting up a backup phone and using a VPN. Joe has...
Jun 20, 2024•57 min•Season 7Ep. 295
Also known as a third-party attack or a value-chain attack, advisory groups gain access to a targeted victims network by first infiltrating a business partner's network that has access to the victim's systems or data.
Jun 18, 2024•5 min•Season 1Ep. 36
This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria's story covers the escalating efforts of pro-Russian propagandists to tarnish the Paris Summer Olympics and erode Western support for Ukraine, employing bold tactics like using AI to mimic Tom Cruise's voice. Joe and Dave share quite a bit of listener follow up, the first on is regarding the AirBnB story from a few weeks ago, the second one is from listener Lawrence who wrote in to verify dave’s comments ...
Jun 13, 2024•41 min•Season 7Ep. 294
The process of software engineers checking the flow of user input in application code to determine if unanticipated input can affect program execution in malicious ways.
Jun 11, 2024•4 min•Season 1Ep. 35
This week, we are joined by Dr. Chris Pierson CEO at Black Cloak, and he is talking about some of the social engineering attacks his team is tracking. Joe's story follows how Microsoft Threat Intelligence has observed the financially motivated cybercriminal group Storm-1811 misusing the client management tool Quick Assist in social engineering attacks. Dave share's the story of the lure of a free baby grand piano to deceive over 125,000 email recipients, mainly targeting North American universit...
Jun 06, 2024•1 hr 1 min•Season 7Ep. 293
Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. Being a security researcher is a bit like being a detective:...
Jun 04, 2024•22 min•Season 1Ep. 1
The process of stealing ATM customer credentials by means of physically and covertly installing one or more devices onto a public ATM machine.
Jun 04, 2024•5 min•Season 1Ep. 34
This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story from a listener, who writes in on an AirBnB debacle he was dealing with. Joe shares the newly released 2024 Data Breach Investigations Report from Verizon. Dave shares a story From the New York Magazine, written by Ezra Marcus, on a college sophomore from University of Miami who was found to be tangled up in a refund fraud scam that granted him a lavish lifestyle. Our catch of ...
May 30, 2024•51 min•Season 7Ep. 292
A nation-state hacking group’s practice of funding its town activities through cybercrime or cyber mercenary work.
May 28, 2024•5 min•Season 1Ep. 33
This week, we are joined by host of 8th Layer Insights, Perry Carpenter from KnowBe4 and Dr. Jessica Barker from Cygenta to discuss human risk: awareness, behavior and beyond. Joe and Dave share some listener follow up, the first being from Richard, who writes in to share some tips and tricks regarding relationship scams mentioned in a previous show. The second is from Michael, who writes in with some thoughts on social engineering to compromise open source projects from episode 288. Dave shares...
May 23, 2024•1 hr 4 min•Season 7Ep. 291
A device connected to a network that accepts communications from other endpoints like laptops, mobile devices, IoT equipment, routers, switches, and any tool on the security stack.
May 21, 2024•6 min•Season 1Ep. 32
This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story about how ransomware infections are beginning to change to form a more psychological attack against victims' organizations, as criminals are using personal and aggressive tactics to force them to pay. Dave and Joe share some listener follow up, from Bob, who writes in to share how he shares stories with his family members, and mentions one specifically on a Best Buy Geek Squad ...
May 16, 2024•44 min•Season 7Ep. 290
An extension of the traditional Basic Input/Output System or BIOS that, during the boot process, facilitates the communication between the computer’s firmware and the computer’s operating system.
May 14, 2024•6 min•Season 1Ep. 31
Bogdan Botezatu from Bitdefender is discussing research on "Audio deepfakes: Celebrity-endorsed giveaway scams and fraudulent investment opportunities flood social media platforms." Dave and Joe shares some follow up from listener Lara, who writes in to discuss a few topics regarding a previous episode. Joe's story is sharing a game changer in the social engineering world. Dave shares the story of a listener's grandmother who had fallen victim to a pig butchering scam. Our catch of the day comes...
May 09, 2024•1 hr 2 min•Season 7Ep. 289
An operating system program running in the background designed to perform a specific task when certain conditions or events occur.
May 07, 2024•5 min•Season 1Ep. 30
