This week, we are joined by Dr. Chris Pierson CEO at Black Cloak, and he is talking about some of the social engineering attacks his team is tracking. Joe's story follows how Microsoft Threat Intelligence has observed the financially motivated cybercriminal group Storm-1811 misusing the client management tool Quick Assist in social engineering attacks. Dave share's the story of the lure of a free baby grand piano to deceive over 125,000 email recipients, mainly targeting North American universit...
Jun 06, 2024•1 hr 1 min•Ep 293•Transcript available on Metacast Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. Being a security researcher is a bit like being a detective:...
Jun 04, 2024•22 min•Ep 1•Transcript available on Metacast The process of stealing ATM customer credentials by means of physically and covertly installing one or more devices onto a public ATM machine.
Jun 04, 2024•5 min•Ep 34•Transcript available on Metacast This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story from a listener, who writes in on an AirBnB debacle he was dealing with. Joe shares the newly released 2024 Data Breach Investigations Report from Verizon. Dave shares a story From the New York Magazine, written by Ezra Marcus, on a college sophomore from University of Miami who was found to be tangled up in a refund fraud scam that granted him a lavish lifestyle. Our catch of ...
May 30, 2024•51 min•Ep 292•Transcript available on Metacast A nation-state hacking group’s practice of funding its town activities through cybercrime or cyber mercenary work.
May 28, 2024•5 min•Ep 33•Transcript available on Metacast This week, we are joined by host of 8th Layer Insights, Perry Carpenter from KnowBe4 and Dr. Jessica Barker from Cygenta to discuss human risk: awareness, behavior and beyond. Joe and Dave share some listener follow up, the first being from Richard, who writes in to share some tips and tricks regarding relationship scams mentioned in a previous show. The second is from Michael, who writes in with some thoughts on social engineering to compromise open source projects from episode 288. Dave shares...
May 23, 2024•1 hr 4 min•Ep 291•Transcript available on Metacast A device connected to a network that accepts communications from other endpoints like laptops, mobile devices, IoT equipment, routers, switches, and any tool on the security stack.
May 21, 2024•6 min•Ep 32•Transcript available on Metacast This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story about how ransomware infections are beginning to change to form a more psychological attack against victims' organizations, as criminals are using personal and aggressive tactics to force them to pay. Dave and Joe share some listener follow up, from Bob, who writes in to share how he shares stories with his family members, and mentions one specifically on a Best Buy Geek Squad ...
May 16, 2024•44 min•Ep 290•Transcript available on Metacast An extension of the traditional Basic Input/Output System or BIOS that, during the boot process, facilitates the communication between the computer’s firmware and the computer’s operating system.
May 14, 2024•6 min•Ep 31•Transcript available on Metacast Bogdan Botezatu from Bitdefender is discussing research on "Audio deepfakes: Celebrity-endorsed giveaway scams and fraudulent investment opportunities flood social media platforms." Dave and Joe shares some follow up from listener Lara, who writes in to discuss a few topics regarding a previous episode. Joe's story is sharing a game changer in the social engineering world. Dave shares the story of a listener's grandmother who had fallen victim to a pig butchering scam. Our catch of the day comes...
May 09, 2024•1 hr 2 min•Ep 289•Transcript available on Metacast An operating system program running in the background designed to perform a specific task when certain conditions or events occur.
May 07, 2024•5 min•Ep 30•Transcript available on Metacast This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story from Canada on a gentleman who thought he was calling Best Buy's Geek Squad, but instead ended up getting scammed out of $25,000. Dave and Joe share quite a bit of listener follow up, the first one is from Raul who shares how they saw an infamous Facebook scam. The second one is from listener Alec who shares some thoughts on episode 286's catch of the day. Lastly, Paula shares ...
May 02, 2024•49 min•Ep 288•Transcript available on Metacast Also known as spyware and adware, it is a software category where developers design the application neither to cause explicit harm nor to accomplish some conventional legitimate purpose, but when run, usually annoys the user and often performs actions that the developer did not disclose, and that the user regards as undesirable.
Apr 30, 2024•5 min•Ep 29•Transcript available on Metacast Roger Grimes, a Data Driven Defense Evangelist from KnowBe4 and author is discussing his new book, "Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing." Dave and Joe share some listener follow up, the first being from listener Tim, who shares a story of him almost falling for a scam involving some of his investment assets. Lastly, Dave and Joe share a story from an anonymous listener who wrote in to share about a LinkedIn imposter nightmare. Dave's story focuses on...
Apr 25, 2024•52 min•Ep 287•Transcript available on Metacast An automatic software bug and vulnerability discovery technique that inputs invalid, unexpected and/or random data or fuzz into a program and then monitors the program's reaction to it.
Apr 23, 2024•5 min•Ep 28•Transcript available on Metacast Trevin Edgeworth, Red Team Practice Director at Bishop Fox, is discussing how change, like M&A, staff, tech, lack of clarity or even self-promotion within and around security environments presents windows of opportunity for attackers. Joe and Dave share some listener follow up, the first one comes from Erin, who writes in from Northern Ireland, shares an interesting new find about scammers now keeping up with the news. The second one comes from listener Johnathan who shared thoughts on reconside...
Apr 18, 2024•1 hr 4 min•Ep 286•Transcript available on Metacast A family of multitasking, multi-user computer operating systems that derive from the original Unix system built by Ken Thompson and Dennis Ritchie in the 1960s.
Apr 16, 2024•5 min•Ep 27•Transcript available on Metacast Dr. Robert Blumofe, CTO at Akamai, sits down to talk about the AI doomsday versus a "very bad day" scenario. Dave shares a story from The Knowledge Project Podcast, where the host talks to Adam Robinson, a multifaceted individual known for his work as an author, educator, entrepreneur, and hedge fund advisor, and he talks about what is all incorporated into the term "stupidity." Dave goes on to share that while most people may feel stupid when falling for a scam, this research suggests otherwise...
Apr 11, 2024•55 min•Ep 285•Transcript available on Metacast A network monitoring and filtering technique that examines both the header information and the payload of every packet traversing a network access point.
Apr 09, 2024•6 min•Ep 26•Transcript available on Metacast This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story about Apple users reporting that they are being targeted in elaborate phishing attacks that involve's a bug in Apple’s password reset feature. Joe and Dave share some listener follow up from Leo who shares some thoughts on episode 282 and the recruiter scam that was discussed. Dave shares a story from Mexico on one of the most violent criminal groups and drug cartels, Jalisco N...
Apr 04, 2024•47 min•Ep 284•Transcript available on Metacast A clandestine set of applications designed to give hackers access and control over a target device.
Apr 02, 2024•7 min•Ep 25•Transcript available on Metacast Graham Cluley joins to discuss trends he’s been seeing lately in online scams. N2K's very own Gina Johnson shares some insights on a discussion a few episode ago on why people need a prescription for oxygen in the US. Joe brings up the topic of getting and exploiting access to your infrastructure, and shares an article that deals with the rise of social engineering fraud in business email compromise. Dave shares a personal story this week, on how he got scammed from a Facebook post, sharing that...
Mar 28, 2024•1 hr 1 min•Ep 283•Transcript available on Metacast A set of behaviors that precisely describes a cyber adversary attack campaign.
Mar 26, 2024•7 min•Ep 24•Transcript available on Metacast This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. She shares the story on scammers posing as recruiters on LinkedIn to get you to fall for an age old phishing scam. Dave and Joe share some listener follow up, the first being from listener Alex who shared a video on scammers being forced to prove they are not robots. Listener Chloe wrote in with a question, asking about a potential scam she encountered. Joe has a story from the BBC this week regarding a love sc...
Mar 21, 2024•44 min•Ep 282•Transcript available on Metacast Information used by leadership to make decisions regarding the cybersecurity posture of their organization.
Mar 19, 2024•6 min•Ep 23•Transcript available on Metacast This week we are joined by N2K CyberWire's very own Catherine Murphy, and she is sharing her family's experiences with Lurie Children's Hospital's recent cybersecurity incident. Dave shares a story on the dangers of Googling airline customer service numbers when an issue occurs. Joe shares another story on scary scams that are costing people millions of dollars, now getting the FBI involved. Our catch of the day was found from the Washington University in St. Louis from their Scam of the Month p...
Mar 14, 2024•53 min•Ep 281•Transcript available on Metacast In this case Identity is the set of credentials, usually electronic that vouch for who you are and theft is to steal. The theft of a person's identity for purposes of fraud.
Mar 12, 2024•4 min•Ep 22•Transcript available on Metacast This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. She discusses how AI is being used as a possible solution to one of the oldest scams in the book in Japan. Dave and Joe share some listener follow up, one from listener Alan and one from Clinton, who both write in about a recent episode and they share their thoughts on the story of Charlotte Cowles being scammed out of $50,000. Dave shares a story about calendar meeting links, from Calendly, a popular applicati...
Mar 07, 2024•49 min•Ep 280•Transcript available on Metacast A probability simulation technique used to understand the impact of risk and uncertainty in complex problems.
Mar 05, 2024•6 min•Ep 21•Transcript available on Metacast Mike Kosak, Principal Intelligence Analyst at LastPass, is discussing passkeys, threat actors, and Volt Typhoon. Joe shares a new free certification you could get if you are looking to get into the field. Joe also shares a terrifying story about how everyone can be conned, and it's not as obvious as it may seem sometimes. Dave's story is warning Costco members of a new phishing scam that attempts to steal their credit card information. Our catch of the day comes from listener Pryce who shares an...
Feb 29, 2024•46 min•Ep 279•Transcript available on Metacast 
