Hacking Humans podcast | Listen online for free

Available Episodes

5 of 714

Web 3.0 (noun) [Word Notes]
Please enjoy this encore of Word Notes. The potential next evolution of the worldwide web that decentralizes interaction between users and content away from the big silicon valley social media platforms like Twitter, Facebook, and YouTube, and towards peer-to-peer interaction using blockchain as the underlying technology. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/web-30⁠ Audio reference link: “⁠What Elon Musk Just Said about Metaverse, Web3 and Neuralink⁠,” By Clayton Morris, Crypto News Daily, YouTube. 2 December 2021.
--------
7:00
--------
7:00
Pass the intel, please. [OMITB]
Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠, ⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠DISCARDED⁠⁠⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠ ⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠ and ⁠⁠⁠Keith Mularski⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠Qintel⁠⁠⁠. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we explore what makes information sharing actually work. From public-private partnerships to actionable intelligence, our guests discuss how organizations can prioritize, process, and operationalize shared cyber threat data to stay ahead of emerging risks. Plus, catch Dave, Selena, and Keith on their road trip adventure in our video on ⁠YouTube⁠ — full of laughs, unexpected detours, and plenty of sleuthing!
--------
38:06
--------
38:06
The Malware Mash!
Happy Halloween from the team at N2K Networks! We hope you share in our Halloween tradition of listening to the Malware Mash. You can check out our video ⁠here⁠. Lyrics I was coding in the lab late one night when my eyes beheld an eerie sight for my malware threat score began to rise and suddenly to my surprise... It did the Mash It did the Malware Mash The Malware Mash It was a botnet smash It did the Mash It caught on 'cause of Flash The Malware Mash It did the Malware Mash From the Stuxnet worm squirming toward the near east to the dark web souqs where the script kiddies feast the APTs left their humble abodes to get installed from rootkit payloads. They did the Mash They did the Malware Mash The Malware Mash It was an adware smash They did the Mash It caught on 'cause of Flash The Malware Mash They did the Malware Mash The botnets were having fun The DDoS had just begun The viruses hit the darknet, with ransomware yet to come. The keys were logging, phishing emails abound, Snowden on chains, backed by his Russian hounds. The Shadow Brokers were about to arrive with their vocal group, "The NotPetya Five." They did the Mash They played the Malware Mash The Malware Mash It was a botnet smash They did the Mash It caught on 'cause of Flash The Malware Mash They played the Malware Mash Somewhere in Moscow Vlad's voice did ring Seems he was troubled by just one thing. He opened a shell then shook his fist and said, "Whatever happened to my Turla Trojan twist." It's now the Mash It's now the Malware Mash The Malware Mash And it's a botnet smash It's now the Mash It caught on 'cause of Flash The Malware Mash It's now the Malware Mash Now everything's cool, Vlad's a part of the band And the Malware Mash is the hit of the land. For you, defenders, this mash was meant to when you get to my door, tell them Creeper sent you. Then you can Mash Then you can Malware Mash The Malware Mash And be a botnet smash It is the Mash Don't you dare download Flash The Malware Mash Just do the Malware Mash
--------
3:06
--------
3:06
Beware the boo-gus giveaway.
This week, our hosts ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. In our follow up, our hosts respond to a listener who wrote in with an insightful question about the role of wealth in scam susceptibility. Joe's story covers how a fake AI recruiter lures developers with a GitHub “technical assessment” that, when run, unleashes a five-stage malware chain to steal credentials, wallets, and install persistent backdoors. Maria has the story on a Halloween-themed phishing scam that lured victims with a fake Home Depot giveaway, using obfuscated code, stolen email threads, and tracking pixels to trick users into handing over personal and payment information. Dave’s story is on a convincing phishing email claiming Dashlane was hacked, showing how fear and urgency—even in obvious scams—can make anyone second-guess before thinking twice. Our catch of the day is from the scams sub-Reddit thread, and is how one user received a message from their "aunt" who wanted to be nice and grab the user a present. Resources and links to stories: ⁠How a fake AI recruiter delivers five staged malware disguised as a dream job Home Depot Halloween phish gives users a fright, not a freebie Why the Obviously Fake Dashlane Hack Phishing Email Still Made Me Jump ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠[email protected]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.
--------
40:08
--------
40:08
Identity access management (IAM) (noun) [Word Notes]
Please enjoy this encore of Word Notes. A set of solutions for ensuring that the right users can only access the appropriate resources. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/identity-and-access-management⁠ Audio reference link: “⁠The Wrath of Khan (1982) ‘Kirk’s Response⁠,’” by Russell, YouTube, 16 May 2017.
--------
11:55
--------
11:55