Hacking Humans

N2K Networks
undefined
Jun 22, 2021 • 6min

keylogger (noun) [Word Notes]

Software or hardware that records the computer keys pressed by a user. 
undefined
Jun 17, 2021 • 37min

Answering a job ad from a ransomware gang.

Guest Mantas Sasnauskas from CyberNews joins Dave to talk about how he and his colleagues applied for a job with a ransomware gang, Joe and Dave reply to a listener named Christopher about certifications, Dave's story is about credential stuffing with payroll companies for $800,000,Joe shares a story about lewd phishing lures sent to people's email accounts, and our Catch of the Day is from from a listener named Stof who says, he “received this call just now, never heard one this convincing, nearly got me too!"Links to stories: How to hack into 5500 accounts… just using “credential stuffing” Lewd Phishing Lures Aimed at Business Explode Million-dollar deposits and friends in high places: how we applied for a job with a ransomware gang Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.
undefined
Jun 15, 2021 • 6min

non-fungible tokens (NFT) (noun) [Word Notes]

Digital assets that are cryptographically protected on a blockchain and contain unique identification codes and metadata that makes them one of a kind.
undefined
Jun 10, 2021 • 39min

Pandemic taxes: later due dates afford more time for scams.

Guest Robert Capps of NuData Security joins Dave to discuss what businesses can do to bolster their protection against tax fraud, Joe and Dave have some follow-up from 2 episodes ago when they discussed a BazarLoader scam: Wired has a recent article with a twist about a totally fake streaming site called BravoMovies, Joe shares a story from a listener Jason about a friend of his who was targeted by a scammer on Facebook Marketplace, Dave's story is about scammers demanding ransom from families who report missing persons on social media, and our Catch of the Day is from Reddit on a Tron cryptocurrency scam.Links to stories: The Bizarro Streaming Site That Hackers Built From Scratch  Scammers Target Families Who Post Missing Persons on Social Media COTD post on Reddit: Crypto scammer doesn't understand compound interest and gives me a rate that would give me all of the crypto after 9 hours. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.
undefined
Jun 8, 2021 • 6min

multi-factor authentication (noun) [Word Notes]

The use of two or more verification methods to gain access to an account.
undefined
Jun 3, 2021 • 39min

The fight in the dog.

Guests Jan Kallberg and Col Stephen Hamilton of Army Cyber Institute at West Point join Dave to talk about cognitive force protection, Joe and Dave have some follow-up from a listener named Obada about Apple only allowing 2FA through SMS, Dave shares a story about Google's plan to require MFA for all users, Joe's story is about a couple who had their Fidelity retirement account defrauded to the tune of $40,000, and our Catch of the Day is from a listener named Doal about becoming named the beneficiary of a similarly-named deceased person.Links to stories: Google to make multi-factor authentication its default mode ‘Sleeping Giant:' Thieves Target Retirement Accounts How to protect troops from an assault in the cognitive domain Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.
undefined
Jun 1, 2021 • 6min

machine learning (noun) [Word Notes]

A programming technique where the developer doesn't specify each step of the algorithm in code, but instead teaches the algorithm to learn from the experience.
undefined
May 27, 2021 • 39min

Hacking people vs. hacking technologies to get into companies.

Guest Tim Sadler from Tessian on how oversharing on social media and in OOO messages can open the door for hackers, Joe shares a story about vishing emails from "Amazon" that had spam confidence levels of 1, Dave's story is about an elaborate BazarLoader campaign counting on a lot of human interaction, and our Catch of the Day is from a listener named Scott about a phishing fax, that's right, we said fax.Links to stories: Hello, Is It Me You’re Phishing For: Amazon Vishing Attacks BazarCall Method: Call Centers Help Spread BazarLoader Malware Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.
undefined
May 25, 2021 • 6min

intelligence (noun) [Word Notes]

The process of turning raw information into intelligence products that leaders use to make decisions with.
undefined
May 20, 2021 • 34min

Whaling attacks are more targeted than phishing or spearphishing.

Guest Kev Breen from Immersive Labs joins Dave to talk about how to address whaling attacks, Dave shares a discussion he had with. a colleague about password managers and elderly parents and Joe weighs in, Dave's story is about a smishing Trojan impersonating a Chrome app, Joe has a story about URL redirection making more effective phishing attacks, and our Catch of the Day is from a listener named Vaughn about a snail mail fraud scheme that references a website.Links to stories: Beware of this smishing trojan impersonating the Chrome app Exploiting common URL redirection methods to create effective phishing attacks Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
Get the app