Hacking Humans

Enjoy this special encore episode. A cryptographic hack that relies on guessing all possible letter combinations of a targeted password until the correct codeword is discovered.

Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe to share her story on how AI-generated scams have infiltrated the world of crochet and other crafts, selling fake patterns that often result in impossible or frustrating projects. Dave's story is on the rise of "digital arrest" scams in India, where criminals posing as law enforcement officers coerce victims into making payments to avoid fake charges against their loved ones. Joe's story come's from a listener this week, and follows the latest evolution of the classic invoice scam, where scammers are now embedding unrelated but meaningful text to bypass spam filters. Our catch of the day comes from listener William, who shares a classic Nigerian Banker Scam. In this version, a young bank employee named Zayas Yovani claims to have discovered your overdue funds at the Central Bank of Nigeria. He offers to release the money if you help him flee the country, requiring you to purchase special hard drives and share your banking details. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: This is what happens when ChatGPT tries to create crochet patterns 'Digital arrest' scams are big in India and may be spreading You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at [email protected].

Enjoy this special encore of Word Notes. A process of converting encrypted data into something that a human or computer can understand.

Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe to share her story from listener Chloe, who shared a post she found on a social media platformed called "Bluesky," where a company is asking for photos and videos of your children to help AI smarter. Our hosts share some listener follow up on how a scammer impersonated a government official to deceive a woman into converting her assets into gold bars, resulting in the theft of over $789,000. They also share some follow up from listener Steve to discuss the "No Numbers Project" from episode 300. Joe's story is on regulators investigating whether major banks, including JPMorgan Chase, Bank of America, and Wells Fargo, are adequately addressing Zelle scams by shutting down accounts used by fraudsters. Dave has the story on the FTC warning that scammers are the only ones who promise to remove all negative details from your credit report. Our catch of the day come from listener Benjamin who shares an email they received claiming to know things about him that he would not want getting out. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Bluesky Second gold bar scam suspect arrested, extradited to Maryland Regulators Probing Big Banks’ Handling of Zelle Scams FTC warns consumers of scammers offering to remove all negative information from credit reports You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at [email protected].

Enjoy this encore episode: A cyber attack designed to impair or eliminate access to online services or data.

Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave to share her story on how recent research by security firm Veriti reveals a phishing campaign targeting Trump’s 2024 supporters, soliciting cryptocurrency donations through fake WinRed-branded domains, with limited transactions and some activity traced to China. Dave and Maria share some follow-up from a listener, including suggestions for protecting Dave's father's computer from phishing scams by using LibreWolf browser, UBlock Origin extension, and NextDNS, as well as a listener sharing insights on the pronunciation of "Ports-Muth." Dave's story follows how in June, Ferrari CEO Benedetto Vigna was impersonated via deepfake technology in an attempted scam to deceive a Ferrari executive into signing a Non-Disclosure Agreement for a fictitious acquisition, but the ruse was detected and the company emerged unscathed. Dave also goes on to share news about his own home state Maryland and their gift card policy. Our catch of the day come from the scam subreddit and follows a text message where a scammer is trying to intimidate the recipient. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Ferrari exec foils deepfake attempt by asking the scammer a question only CEO Benedetto Vigna could answer Maryland becomes first state to pass law against gift card draining TRUMP CAMPAIGN CRYPTO SCAM: UNVEILING THE PHISHING PLOT You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at [email protected].

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the use of AI in cyberattacks Proofpoint recently released two articles on two cyber campaigns: one by the group UNK_SweetSpecter targeting U.S. organizations involved in AI with the SugarGh0st RAT, and another by TA547 targeting German organizations with Rhadamanthys malware. Today we look at what the focus of threat actor objectives are and what that means for defenders.

Please enjoy this special encore episode of Word Notes. A type of side channel attack in which an attacker with physical access to a computer performs a memory dump of a computer’s Random Access Memory or RAM during the reboot process in order to steal sensitive data.

This week we celebrate 300 episodes! Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe and shares a PSA on the CrowdStrike outage. Her story focuses on the Olympics, as this was the first week the Olympics started, and she shares about a recent fraud campaign that is targeting iPhone users in India, posing as India Post through smishing attacks. Our hosts discuss some follow up, from listener Brie, who writes in to share how one police force is helping folks stay safe from scam callers. They also share a story from listener Mark, who writes in about his 77-year-old mom's Facebook account being hacked, and she was tricked into downloading an app and opening her banking app while on a fake customer service call. Dave's story is on Gina Russell, who posed as a psychic and led an elaborate extortion scheme with her family, coercing victims into giving them millions of dollars under threats of harm. Joe has the story of social media giant Meta saying sextortion scams are increasing, with criminals from Nigeria often targeting adult men in the U.S.. Our catch of the day comes from an anonymous listener, who shared a post they found on the social media platform "Shared," about a scammer getting messed with. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Phishing Campaign Targeting Mobile Users in India Using India Post Lures Sextortion scams run by Nigerian criminals are targeting American men, Meta says ‘Psychic’ and family of extortionists scam Md. man out of $4.2 million You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at [email protected].

On-demand pay-as-you-go Internet delivered compute, storage, infrastructure, and security services that are partially managed by the cloud provider and partially managed by the customer.

This week, Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe, as they celebrate Maria joining the Hacking Humans podcast every week! Maria's story is from a listener this week who writes in with a story on an IT company that is a third party for a healthcare company, and the dangers that can come from that. Dave and Joe share some listener follow up from Michael, who shares some thoughts on AI. Dave's story follows how a recent study found that 40% of elderly adults in the UK regularly face phone-based fraud attempts, with significant impacts on their mental health and quality of life. Joe follows a Scottsdale couple, Alexandra Gehrke and Jeffrey King, and how they have been indicted for a $900 million fraud scheme targeting hospice patients, receiving $330 million in illegal kickbacks used to purchase luxury items. Our catch of the day comes from listener Jim who writes in with a letter about a concerned beneficiary who received a letter from the FBI about their overdue inheritance with the National Bank of Belgium. The message confirmed the legitimacy of their claim but warned of potential scams by individuals impersonating bank officials. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Two-Fifths of Senior Citizens Suffer Frequent Fraud Attempts ‘It’s really disgusting’: Scottsdale couple accused of $900 million fraud scheme targeting hospice patients, according to DOJ You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at [email protected].

An acronym for Advanced Persistent Threat to describe hacker groups or campaigns normally, but not always, associated with nation state cyber espionage and continuous low-level cyber conflict operations.

This week, Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe, as they celebrate Maria joining the Hacking Humans podcast every week! Maria's story is on supplement scams, as there has been a significant surge in health-related supplement scams on social media platforms, utilizing advanced technologies like AI-generated images and deepfake videos to promote fake products endorsed by celebrities and medical professionals. Joe's story follows Airplane WiFi, now essential for many travelers, and how it poses unexpected risks as recent incidents highlight dangers like "evil twin" attacks, urging caution with VPNs and verifying network legitimacy to safeguard personal data midair. Dave has the story on 2 women charged in a romance scheme, defrauding elderly men out of $7 million. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Deep Dive on Supplement Scams: How AI Drives ‘Miracle Cures’ and Sponsored Health-Related Scams on Social Media Federal Agency Issues New Security Advice If You Use Airplane WiFi 2 women charged in 'romance schemes' to defraud elderly men out of $7 million, feds say You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at [email protected].

An undocumented or publicly unknown method to access a computer system undetected or to break a cypher used to encode messages.

This week Dave shares a story on Business email compromise (BEC) scams, and how they are a major threat, costing $26 billion annually. The story shares how it's crucial for employees to verify suspicious emails through a secondary channel and for companies to foster transparent communication to mitigate such risks. Joe shares two stories with us this week. The first is from a listener named Jay, who received a story from a relative. In this story, someone claiming to be a constable calls to warn about a person who has gift cards with the victim's name on them, then tries to get the caller to call the police to confirm. Joe's second story comes from Allison Gormly at Consumer reporter at WTHR in Indianapolis. Allison share's videos videos on Instagram that all start with “Hey Allison,” this one starts with Hey Allison, a stranger sent me money on Venmo, should I send it back? Our catch of the day comes from listener Cameron, who shares how he is a business owner with a public-facing email address, and how he gets his fair share of scam emails, but this one takes the cake. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: How to Spot a Business Email Compromise Scam Scam alert on Venmo, CashApp & Zelle! Have a Catch of the Day you'd like to share? Email it to us at [email protected].

From the intrusion kill chain model, a technique where the hacker compromises sites commonly visited by members of a targeted community in order to deliver a malicious payload to the intended victim.

Blair Cohen from AuthenticID joins Dave to discuss how generative AI and authentication go hand in hand. Joe and Dave share some follow up from listener Robert who discusses an ad for a device that uses ChatGPT to record phone calls on your device. Dave helps his dad out with his computer and shares the tale. Dave also shares a story this week on the FBI warning against scammers who are posing as NFT devs to try and steal your crypto. Joe and Dave test their scammer catching skills while taking a test to see if they are smarter than the average scammer. Our catch of the day comes from listener Steve who writes in to share a receipt he received that looked quite suspicious. Links to stories: FBI warns of scammers posing as NFT devs to steal your crypto Are you smarter than a scammer? Play this game. Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about "Operation Endgame." Operation Endgame is a strategy by Western law enforcement to counter Russian cybercriminals through psychological tactics. This involves creating distrust among hackers, exposing their internal communications, and dismantling their anonymity to hinder their operations. You can find more information on Operation Endgame here. Today we look at the new tactics used to disrupt these criminals by eroding trust among them and undermining their anonymity.

Network observation systems designed to monitor globally unreachable but unused Internet address space or the Deep Web in order to study a wide range of interesting Internet phenomena.

This week Joe and Dave share some interesting follow up from a few episodes ago where Dave shared his love for baby grand pianos and how scammers we're using that to lure people into traps. Listener George wrote in to share about a show on UK Channel 4, called "The Piano," it's a music competition where visitors play a public piano in a train station, judged by hidden famous pianists, with winners performing at the UK Royal Festival Hall. Joe's story is a warning to travel goers using booking.com, as they share scams are at a all time high. Dave's story follows some neighborhood Facebook groups, and how they are inundated with posts about air duct cleaning services, prompting an investigation that reveals a scam involving fake profiles, telemarketers in Pakistan, and local technicians. Our catch of the day comes from listener Christopher, who writes in to share an outlandish message he received from a hacker with too much time on their hands. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Note by Note: The Making of a Steinway Piano | Musical Instrument | ENDEVR Documentary Booking.com warns of up to 900% increase in travel scams Air Duct Cleaning Scam Exposed! Have a Catch of the Day you'd like to share? Email it to us at [email protected].

A best practice for framing cyber intelligence critical information requirements that recommends collecting and consolidating data from three specific sources: endpoint, network and log.

Brandon Kovacs, a Senior Red Team Consultant at Bishop Fox, is talking about how Artificial Intelligence is shaping the future of social engineering. Listener Adina wrote in to share their thoughts on an earlier episode on Google. Dave share's listener Tony's write in for his story this week. Joe and Dave discuss some questions Tony shared about preparing for an overseas trip when his bank account was locked due to security measures triggered by setting up a backup phone and using a VPN. Joe has two stories for this week, one from Blair Young at WBAL, where Maryland Lottery is warning the public about a phone scam claiming Powerball winnings. The second comes from listener Don who shares a story on people who hold posters up saying they need money for children's funerals. Our catch of the day comes from a listener that found a "task scam" on Reddit. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Maryland Lottery warns public about phone scam claiming Powerball winnings ‘It’s a scam’: Poster-holders aren’t really raising money for a child’s funeral Have a Catch of the Day you'd like to share? Email it to us at [email protected].

Also known as a third-party attack or a value-chain attack, advisory groups gain access to a targeted victims network by first infiltrating a business partner's network that has access to the victim's systems or data.

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria's story covers the escalating efforts of pro-Russian propagandists to tarnish the Paris Summer Olympics and erode Western support for Ukraine, employing bold tactics like using AI to mimic Tom Cruise's voice. Joe and Dave share quite a bit of listener follow up, the first on is regarding the AirBnB story from a few weeks ago, the second one is from listener Lawrence who wrote in to verify dave’s comments about American Express, and the last one is from listener Tait, who shares some info on how they stay safe with banking. Joe has two stories for this week, the first one is on how the FBI is investigating the city of Gooding after they sent $1 million to a contractor for a wastewater project but later learned it was the victim of a scam. Joe's second story follows how a scammer dupes a Las Vegas woman out of $9,000 using a simple trick after turning up on her doorstep. Dave shares Avast's Q1, 2024 threat report. Our catch of the day comes from listener Clinton who wrote in to share and invoice he received from Apple Global requesting almost $1400. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: City of Gooding scammed out of $1 million, officials say Scammer dupes Las Vegas woman out of $9,000 using a simple trick after turning up on her doorstep... so can you spot it? Avast Q1/2024 Threat Report Russians target Olympics with fake AI-generated Tom Cruise video You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at [email protected].

The process of software engineers checking the flow of user input in application code to determine if unanticipated input can affect program execution in malicious ways.

This week, we are joined by Dr. Chris Pierson CEO at Black Cloak, and he is talking about some of the social engineering attacks his team is tracking. Joe's story follows how Microsoft Threat Intelligence has observed the financially motivated cybercriminal group Storm-1811 misusing the client management tool Quick Assist in social engineering attacks. Dave share's the story of the lure of a free baby grand piano to deceive over 125,000 email recipients, mainly targeting North American university students and faculty, earning at least $900,000. Our catch of the day comes from listener Chuck who writes in to share some of his junk mail he has been receiving recently, and shares concerns for other listeners. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Threat actors misusing Quick Assist in social engineering attacks leading to ransomware Free Piano phish targets American university students, staff Have a Catch of the Day you'd like to share? Email it to us at [email protected].

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about "The curious case of the missing IcedID." IcedID is a malware originally classified as a banking trojan and was first observed in 2017. It also acts as a loader for other malware, including ransomware, and was a favored payload used by multiple cybercriminal threat actors until fall 2023. Then, it all but disappeared. In its place, a new threat crawled: Latrodectus. Named after a spider, this new malware, created by the same people as IcedID, is now poised to take over where IcedID melted off. Today we look back at what happened to the once prominent payload, and what its successor’s spinning web of activity means for the overall landscape.

The process of stealing ATM customer credentials by means of physically and covertly installing one or more devices onto a public ATM machine.

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story from a listener, who writes in on an AirBnB debacle he was dealing with. Joe shares the newly released 2024 Data Breach Investigations Report from Verizon. Dave shares a story From the New York Magazine, written by Ezra Marcus, on a college sophomore from University of Miami who was found to be tangled up in a refund fraud scam that granted him a lavish lifestyle. Our catch of the day comes from Joe's mother this week. She happened to receive an email with the subject line being "your order is confirmed," coming from what looks to be "McAfee." Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: The Package King of Miami 2024 Data Breach Investigations Report You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at [email protected].

A nation-state hacking group’s practice of funding its town activities through cybercrime or cyber mercenary work.

This week, we are joined by host of 8th Layer Insights, Perry Carpenter from KnowBe4 and Dr. Jessica Barker from Cygenta to discuss human risk: awareness, behavior and beyond. Joe and Dave share some listener follow up, the first being from Richard, who writes in to share some tips and tricks regarding relationship scams mentioned in a previous show. The second is from Michael, who writes in with some thoughts on social engineering to compromise open source projects from episode 288. Dave shares a story on researchers observing millions of daily emails from "Jenny Green," facilitated by the Phorpiex botnet, distributing LockBit 3.0 ransomware that has affected millions of people. Joe share's Paul Raffile's story, a gentleman who got fired from Facebook before he even started. Our catch of the day comes from listener Gordy who shared an email with us regarding his "McAfee security." Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Security Experts Issue Jenny Green Email Warning For Millions LinkedIn Paul Raffile (Part 1) LinkedIn Paul Raffile (Part 2) Have a Catch of the Day you'd like to share? Email it to us at [email protected].

A device connected to a network that accepts communications from other endpoints like laptops, mobile devices, IoT equipment, routers, switches, and any tool on the security stack.

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story about how ransomware infections are beginning to change to form a more psychological attack against victims' organizations, as criminals are using personal and aggressive tactics to force them to pay. Dave and Joe share some listener follow up, from Bob, who writes in to share how he shares stories with his family members, and mentions one specifically on a Best Buy Geek Squad scam. Dave share's a story on bank scams, and how scammers are using genuine push notifications to trick their victims. Joe shares a story regarding email security loopholes, and how these loopholes are the latest path for North Korean social engineering attacks. Our catch of the day is from our follow up listener Bob, as he shares the story of trying to figure out the difference between a real email from the U.S social security department and a fake one. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Ransomware crooks now SIM swap executives' kids to pressure their parents Bank scammers using genuine push notifications to trick their victims Email security loopholes are latest path for North Korean social engineering attacks You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at [email protected].

An extension of the traditional Basic Input/Output System or BIOS that, during the boot process, facilitates the communication between the computer’s firmware and the computer’s operating system.

Bogdan Botezatu from Bitdefender is discussing research on "Audio deepfakes: Celebrity-endorsed giveaway scams and fraudulent investment opportunities flood social media platforms." Dave and Joe shares some follow up from listener Lara, who writes in to discuss a few topics regarding a previous episode. Joe's story is sharing a game changer in the social engineering world. Dave shares the story of a listener's grandmother who had fallen victim to a pig butchering scam. Our catch of the day comes from listener Kenneth who shares an email he received from a "Cardiologist" on some puppies. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Audio deepfakes: Celebrity-endorsed giveaway scams and fraudulent investment opportunities flood social media platforms PCI DSS v4.0 a game-changer in social engineering awareness, prevention Have a Catch of the Day you'd like to share? Email it to us at [email protected].

An operating system program running in the background designed to perform a specific task when certain conditions or events occur.

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story from Canada on a gentleman who thought he was calling Best Buy's Geek Squad, but instead ended up getting scammed out of $25,000. Dave and Joe share quite a bit of listener follow up, the first one is from Raul who shares how they saw an infamous Facebook scam. The second one is from listener Alec who shares some thoughts on episode 286's catch of the day. Lastly, Paula shares some thoughts on a recent discussion on why people are on the phone when a flight gets cancelled. Joe brings back answers to an old scam featured on an episode back in January on toll scams, as well as sharing about how the OpenSSF and OpenJS Foundations have issued an alert for social engineering takeovers of open source projects. Dave shares updates from the ex-athletic director accused of framing principal with AI and how he was arrested at the airport with a gun. Our catch of the day comes from listener Kenneth who shares an email from a "doctor" who has puppies for sale. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: An Ontario senior thought he called Geek Squad for help with his printer. Instead, he got scammed out of $25,000 Smishing Scam Regarding Debt for Road Toll Services Open Source Security (OpenSSF) and OpenJS Foundations Issue Alert for Social Engineering Takeovers of Open Source Projects Ex-athletic director accused of framing principal with AI arrested at airport with gun You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at [email protected].

Also known as spyware and adware, it is a software category where developers design the application neither to cause explicit harm nor to accomplish some conventional legitimate purpose, but when run, usually annoys the user and often performs actions that the developer did not disclose, and that the user regards as undesirable.

Roger Grimes, a Data Driven Defense Evangelist from KnowBe4 and author is discussing his new book, "Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing." Dave and Joe share some listener follow up, the first being from listener Tim, who shares a story of him almost falling for a scam involving some of his investment assets. Lastly, Dave and Joe share a story from an anonymous listener who wrote in to share about a LinkedIn imposter nightmare. Dave's story focuses on a how the LabHost PhaaS platform was disrupted by a year-long global law enforcement operation, resulting in the arrest of 37 suspects, including the original developer. Joe shares the story of an 81 year old Ohio man, who was arrested after shooting a woman after both of them got wrapped up in a phone call scam. Our catch of the day comes from Robert, who writes in with what he believes is a email scam from a Chinese company called "Infoonity." Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: LabHost phishing service with 40,000 domains disrupted, 37 arrested Ohio Man - Daily Mail Have a Catch of the Day you'd like to share? Email it to us at [email protected].

An automatic software bug and vulnerability discovery technique that inputs invalid, unexpected and/or random data or fuzz into a program and then monitors the program's reaction to it.

Trevin Edgeworth, Red Team Practice Director at Bishop Fox, is discussing how change, like M&A, staff, tech, lack of clarity or even self-promotion within and around security environments presents windows of opportunity for attackers. Joe and Dave share some listener follow up, the first one comes from Erin, who writes in from Northern Ireland, shares an interesting new find about scammers now keeping up with the news. The second one comes from listener Johnathan who shared thoughts on reconsidering his view on defining Apple's non-rate-limited MFA notifications as a "vulnerability." Lastly, we have follow up from listener Anders who shares an article on AI. Joe shares a story from Amazon sellers, and how they are being plagued in scam returns. Dave brings us the story of how to save yourself and your loved ones from AI robocalls. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Theory Is All You Need: AI, Human Cognition, and Decision Making Amazon Sellers Plagued by Surge in Scam Returns How to Protect Yourself (and Your Loved Ones) From AI Scam Calls News Insights: Does X Mark a Target? with Trevin Edgeworth, Director of Red Team Have a Catch of the Day you'd like to share? Email it to us at [email protected].

A family of multitasking, multi-user computer operating systems that derive from the original Unix system built by Ken Thompson and Dennis Ritchie in the 1960s.

Dr. Robert Blumofe, CTO at Akamai, sits down to talk about the AI doomsday versus a "very bad day" scenario. Dave shares a story from The Knowledge Project Podcast, where the host talks to Adam Robinson, a multifaceted individual known for his work as an author, educator, entrepreneur, and hedge fund advisor, and he talks about what is all incorporated into the term "stupidity." Dave goes on to share that while most people may feel stupid when falling for a scam, this research suggests otherwise, and you should never feel that way for falling for any scam. Joe's story comes from Hayley Compton at BBC, and is on a Facebook scam sneaking it's way into a family's home after a couple just had their first child. Our catch of the day comes from listener Michael, who shares an email he received that caught him off guard at first. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: How Not to Be Stupid 'Facebook scammer tricked his way into our home' Have a Catch of the Day you'd like to share? Email it to us at [email protected].

A network monitoring and filtering technique that examines both the header information and the payload of every packet traversing a network access point.

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story about Apple users reporting that they are being targeted in elaborate phishing attacks that involve's a bug in Apple’s password reset feature. Joe and Dave share some listener follow up from Leo who shares some thoughts on episode 282 and the recruiter scam that was discussed. Dave shares a story from Mexico on one of the most violent criminal groups and drug cartels, Jalisco New Generation. They have been running call centers that offer to buy retirees’ vacation properties and then empty the victims’ bank accounts. Joe has the story of Facebook spying on users' Snapchats in a secret project. Our catch of the day comes from listener Van, who writes in to share a voicemail they received related to a tax scam. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Recent ‘MFA Bombing’ Attacks Targeting Apple Users A Mexican Drug Cartel’s New Target? Seniors and Their Timeshares Facebook snooped on users’ Snapchat traffic in secret project, documents reveal You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at [email protected].

A clandestine set of applications designed to give hackers access and control over a target device.

Graham Cluley joins to discuss trends he’s been seeing lately in online scams. N2K's very own Gina Johnson shares some insights on a discussion a few episode ago on why people need a prescription for oxygen in the US. Joe brings up the topic of getting and exploiting access to your infrastructure, and shares an article that deals with the rise of social engineering fraud in business email compromise. Dave shares a personal story this week, on how he got scammed from a Facebook post, sharing that it can happen to anyone. Our catch of the day comes from listener Vance, who writes in to share a scam he found via "snail mail," regarding a life insurance policy that he needs to collect on. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: The Rise of Social Engineering Fraud in Business Email Compromise How Sophisticated Social Engineering Attacks Are Targeting IT Service Desks Have a Catch of the Day you'd like to share? Email it to us at [email protected].

A set of behaviors that precisely describes a cyber adversary attack campaign.

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. She shares the story on scammers posing as recruiters on LinkedIn to get you to fall for an age old phishing scam. Dave and Joe share some listener follow up, the first being from listener Alex who shared a video on scammers being forced to prove they are not robots. Listener Chloe wrote in with a question, asking about a potential scam she encountered. Joe has a story from the BBC this week regarding a love scam in the Philippines. Finally, Dave shares the story on the FCC approving a voluntary cybersecurity labeling program for wireless IoT products. Our catch of the say comes from Mark, who shares a personal story on a recruiting scam nightmare. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Heads Up, Tech Professionals: Protect Yourself From Phishing Scams Presenting as Recruiters Forcing Scammers To Prove They're Not Robots Hundreds rescued from love scam centre in the Philippines FCC adopts voluntary 'Cyber Trust Mark' labeling rule for IoT devices You can hear more from the T-Minus space daily show here. And be sure to join our live webinar: CISOs are the new Architects (of the Workforce) Join N2K’s Simone Petrella and Intuit’s Kim Jones on Wednesday, March 27th for an online discussion about the pivotal role security leaders play in shaping the security workforce landscape, and how we can start showing up for the future of our industry. Learn more and register on the event page. Have a Catch of the Day you'd like to share? Email it to us at [email protected].

Information used by leadership to make decisions regarding the cybersecurity posture of their organization.