Podcast appearances and mentions of dave bittner

  • 29PODCASTS
  • 287EPISODES
  • 32mAVG DURATION
  • 5WEEKLY NEW EPISODES
  • May 30, 2025LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about dave bittner

Latest podcast episodes about dave bittner

Grumpy Old Geeks
699: TACO 2025

Grumpy Old Geeks

Play Episode Listen Later May 30, 2025 77:31


In this week's “we told you so” edition, we kick things off with the latest AI faceplant—go ahead, Google “Is it 2025?” and try not to spit coffee on your keyboard. Meanwhile, over at Meta, Zuckerberg's brilliant idea to loosen content moderation has, shocker, led to more harassment and violent content. Elsewhere in tech dystopia: Texas is trying to ground all minors off social media, Germany wants to slap a 10% tax on Silicon Valley, and Anthropic is handing out free search powers and a board seat to Netflix's Reed Hastings. Because nothing says “trusted AI governance” like a guy who greenlit Love Is Blind.But wait, crypto bros are having their own John Wick arc: a luxury townhouse, a missing wallet, and possibly an NYPD detective tangled in a real-life “crypto millionaire torture” flick. As if that isn't enough, Trump Media is fundraising to buy $2.5B in Bitcoin—and DJT stock promptly nosedived. Also feuding this week: Marjorie Taylor Greene vs. Grok, because nothing screams Christian values like rageposting at Elon's AI. And speaking of Elon, he's now in bed with Telegram to the tune of $300 million, which we're sure won't be a disinformation factory.MEDIA CANDY is stacked: from the Murderbot diaries to a My Dinner with Andre rewatch, and yes, the Wheel of Time got axed after 3 seasons. Apps? Opera Neon is a UI fever dream, Starling Home Hub adds more smarts to your house, and WhatsApp finally arrives on iPad—welcome to 2016. In THE DARK SIDE, Dave Bittner brings the latest digital dirt, including the CIA's bonkers Star Wars fan site op. And if you're hitting the library, grab The AI Con or something more romantic—like Love, Sex and the Alien Apocalypse. Just be careful if you read that on public transit.Sponsors:DeleteMe - Head over to JoinDeleteMe.com/GOG and use the code "GOG" for 20% off.Private Internet Access - Go to GOG.Show/vpn and sign up today. For a limited time only, you can get OUR favorite VPN for as little as $2.03 a month.SetApp - With a single monthly subscription you get 240+ apps for your Mac. Go to SetApp and get started today!!!1Password - Get a great deal on the only password manager recommended by Grumpy Old Geeks! gog.show/1passwordShow notes at https://gog.show/699FOLLOW UPDon't Google "Is it 2025?" unless you want to laugh at the state of AIIN THE NEWSFacebook sees rise in violent content and harassment after policy changesWhat we know about the NYC crypto kidnapping and torture caseManhattan Crypto Kidnapping and Torture Case: What We KnowNYPD detective on Adams' security detail may be tied to crypto millionaire torture case: SourcesJudge denies bail to crypto investor charged with kidnapping and torturing man in posh NYC townhouseTrump Media Raises Money to Buy $2.5 Billion in BitcoinTrump administration ramps up push as crypto allyDJT shares drop after Trump Media announces bitcoin raise - CNBCTexas is getting ready to ban social media for anyone under 18Texas enacts age-verification law for app storesGermany is considering a 10 percent digital service tax on US tech giantsEU regulators are investigating Pornhub and three other sitesAnthropic brings web search to free Claude usersReed Hastings appointed to Anthropic's board of directorsAnthropic appoints Netflix Chairman Reed Hastings to board - CNBCNetflix co-founder Reed Hastings joins Anthropic's board | TechCrunchRFK Jr.'s ‘Make America Healthy Again' Report Cites Fake StudiesMarjorie Taylor Greene feuds with AI bot over her Christian credTelegram CEO announces $300 million partnership with Elon Musk's xAI and GrokMEDIA CANDYMurderbotLong Way HomeLilo and StitchMartha‘The Wheel Of Time' Canceled By Prime Video After 3 SeasonsBilly Joel Cancels Concerts Due to Brain DisorderMy Dinner with AndreGrumpy Old Geeks Information on RocketReachSchmactors with James Marsters, Mark Devine, and Jason DeFillippoAPPS & DOODADSOpera NeonApple Reportedly Says ‘Screw It' and Jumps From iOS 19 to iOS 26Starling Home HubWhatsApp finally launches an official version for iPadsAT THE LIBRARYThe Essential Terry PratchettGood Omens TV Companion MisprintThe AI Con: How to Fight Big Tech's Hype and Create the Future We Want By: Emily M. Bender, Alex HannaLove, Sex and the Alien Apocalypse (First Contact) by Peter CawdronTHE DARK SIDE WITH DAVEDave BittnerThe CyberWireHacking HumansCaveatControl LoopOnly Malware in the BuildingThe CIA Secretly Ran a Star Wars Fan SiteLIVE: Kermit the Frog gives commencement speech at University of MarylandBilly Joel - I've Loved These Days (Audio)See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Hacking Humans
Lights, camera, scam!

Hacking Humans

Play Episode Listen Later May 29, 2025 41:49


This week, our three hosts ⁠⁠⁠Dave Bittner⁠⁠⁠, ⁠⁠⁠Joe Carrigan⁠⁠⁠, and ⁠⁠⁠Maria Varmazis⁠⁠⁠ (also host of the ⁠⁠⁠T-Minus⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with a bit of follow up, one from listener Aaron, who shares some safety tips for chickens, and from listener Shannon, who writes in with a new fashion statement. Maria's got the story on how Trump's sweeping new tariffs are creating the “perfect storm” for scams, as cybercriminals exploit consumer confusion with fake fee requests, shady links, and urgent messages—three red flags experts say to watch for. Joe shares the story of a new FBI warning about an AI-driven phone scam targeting iPhone and Android users, where scammers impersonate senior U.S. officials through fake texts and voice messages to steal personal information via malicious links. Dave shares the story of a classic Hollywood pitch deck scam, where fake agents from bogus production companies like "Hollywood Talent Agency" and "Writer's Edge Production" lure authors into paying for useless film services with promises of big-screen adaptations. We have our new Cluck of the Day, and this week, Jonathan Webster shares a classic scam attempt: a fake PayPal invoice PDF designed to trick recipients into calling a fraudulent support number or paying a bogus charge. Resources and links to stories: Trump tariffs create the ‘perfect storm' for scams, cybersecurity expert says — 3 red flags to watch out for FBI warns of new phone scam targeting iPhone, Android users, advises not to answer these messages Senior US Officials Impersonated in Malicious Messaging Campaign The Hollywood Talent Agency / Writers Edge Production Scam Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠.

The CyberWire
Purple teaming in the modern enterprise. [CyberWire-X]

The CyberWire

Play Episode Listen Later May 25, 2025 26:30


In large enterprise software companies, Red and Blue Teams collaborate through Purple Teaming to proactively detect, respond to, and mitigate advanced threats. In this episode of CyberWire-X, N2K's Dave Bittner is joined by Adobe's Justin Tiplitsky, Director of Red Team and Ivan Koshkin, Senior Detection Engineer to discuss how their teams work together daily to strengthen Adobe's security ecosystem. They share real-world insights on how this essential collaboration enhances threat detection, refines security controls, and improves overall cyber resilience.   Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacking Humans
Scam me once.

Hacking Humans

Play Episode Listen Later May 22, 2025 58:06


This week, our three hosts ⁠⁠Dave Bittner⁠⁠, ⁠⁠Joe Carrigan⁠⁠, and ⁠⁠Maria Varmazis⁠⁠ (also host of the ⁠⁠T-Minus⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Listener Jim notes that money launderers and couriers mentioned in recent episodes are often scam victims themselves, unknowingly processing fraudulent payments or delivering items, sometimes with tragic consequences like an innocent Uber driver being shot. Dave shares two close calls with scams this week: one where a bank employee saved a 75-year-old customer from losing $9,000 to a Facebook crypto scam, and another where a scammer impersonating “Officer Shane Kitchens” nearly tricked his mom into sending $3,500 for fake bail and ankle monitor fees after a family member was arrested. Joe's got three short stories this week—one is on how someone tried scamming his wife, another about a DoorDash driver who admitted to stealing $2.5 million in a delivery scam, and the last on a warning to billions of Gmail users to remain vigilant over a terrifying new phishing scheme. Maria sits down with Alex Hall, Trust and Safety Architect at Sift, to discuss the rise of job scams. Our catch of the day comes from Jonathan who writes in with a fake PayPal invoice. Resources and links to stories: You all saved my customer today Loved one got arrested, next day got a call from a “Sergeant” at the county jail. DoorDash driver admits to stealing $2.5M in delivery scam Billions of Gmail users warned to 'remain vigilant' over terrifying scam Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠.

The CyberWire
Dave Bittner: From puppet shows to podcasts. [Media] [Career Notes]

The CyberWire

Play Episode Listen Later May 18, 2025 10:47


Please enjoy this encore of Career Notes. Host of the CyberWire Podcast, Dave Bittner, wanted to work with the Muppets, so naturally he landed in cybersecurity. Dave and his Cookie Monster puppet spent much of his childhood putting on shows for his parents friends. During one of those performances, he was discovered and got his start at the local PBS station. A radio, television and film major in college, Dave owned his own company and as the most tech-savvy member of the group, handled that side of things. Dave notes his cybersecurity challenges back then consisted of maybe a corrupt floppy disk. It wasn't until he joined the CyberWIre that cybersecurity became Dave's focus. A former boss showed him how to lead a team and treat everyone with kindness regardless of their role. We thank Dave for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

Career Notes
Dave Bittner: From puppet shows to podcasts. [Media]

Career Notes

Play Episode Listen Later May 18, 2025 10:47


Please enjoy this encore of Career Notes. Host of the CyberWire Podcast, Dave Bittner, wanted to work with the Muppets, so naturally he landed in cybersecurity. Dave and his Cookie Monster puppet spent much of his childhood putting on shows for his parents friends. During one of those performances, he was discovered and got his start at the local PBS station. A radio, television and film major in college, Dave owned his own company and as the most tech-savvy member of the group, handled that side of things. Dave notes his cybersecurity challenges back then consisted of maybe a corrupt floppy disk. It wasn't until he joined the CyberWIre that cybersecurity became Dave's focus. A former boss showed him how to lead a team and treat everyone with kindness regardless of their role. We thank Dave for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacking Humans
The band is finally back together.

Hacking Humans

Play Episode Listen Later May 15, 2025 43:33


And....we're back! This week, our three hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are all back to share the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. The team shares three bits of follow-up and then breaks into their stories. Joe starts off sharing some stories about influencer fakery on fake private jet sets and a scam taking advantage of the RealID requirements coming into effect. Maria talks about "Scam Survivor Day" (it's a real thing). She also talks about a former Facebooker's tell-all "Careless People." Dave shares a story about fake Social Security statements. Our Catch of Day comes from Richard about a truck win. Resources and links to stories: Private Executive Jet Private Jet Set for exhibitions, events and photo opportunities REAL ID scams surge with arrival of deadline Wednesday Don't Blame the Victim: 'Fraud Shame' and Cybersecurity  Facebook Allegedly Detected When Teen Girls Deleted Selfies So It Could Serve Them Beauty Ads Beware of Fake Social Security Statement That Tricks Users to Install Malware Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠.

Hacking Humans
The prince, the pretender, and the PSA.

Hacking Humans

Play Episode Listen Later May 1, 2025 28:35


As Maria is on vacation this week, our hosts ⁠Dave Bittner⁠ and ⁠Joe Carrigan⁠, are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe and Dave are joined by guest Rob Allen from ThreatLocker who shares a story on how a spoofed call to the help desk unraveled into a full-blown cyber siege on MGM Resorts. Joe's story is on a new FBI warning: scammers are impersonating the Internet Crime Complaint Center (IC3), the very site where people go to report online fraud. Dave's got the story of a so-called “Nigerian prince” scammer who turned out to be a 67-year-old man from Louisiana, now facing 269 counts of wire fraud for helping funnel money to co-conspirators in Nigeria. Our catch of the day comes from a scams subreddit, and is on a message received from the Department of Homeland Security reaching out to a user to share that they are a victim of fraud. Resources and links to stories: Investigating the MGM Cyberattack – How social engineering and a help desk put the whole strip at risk. Brian Krebs LinkedIn FBI Warns of Scammers Impersonating the IC3 IC3 2024 Report 'Nigerian prince' scammer was 67-year-old from Louisiana, police say Have a Catch of the Day you'd like to share? Email it to us at ⁠hackinghumans@n2k.com⁠.

The CyberWire
Lights out, lines down.

The CyberWire

Play Episode Listen Later Apr 28, 2025 30:38


A massive power outage strikes the Iberian Peninsula. Iran says it repelled a “widespread and complex” cyberattack targeting national infrastructure. Researchers find hundreds of SAP NetWeaver systems vulnerable to a critical zero-day. A British retailer tells warehouse workers to stay home following a cyberattack. VeriSource Services discloses a breach exposing personal data of four million individuals. Global automated scanning surged 16.7% in 2024. CISA discloses several critical vulnerabilities affecting Planet Technology's industrial switches and network management products. A Greek court upholds a VPN provider's no-logs policies. Law enforcement dismantles the JokerOTP phishing tool. Our guest is Tim Starks from CyberScoop with developments in the NSO Group trial. How Bad Scans and AI Spread a Scientific Urban Legend. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Special Edition On our ⁠Microsoft for Startups⁠ Spotlight, brought to you by N2K CyberWire and Microsoft, we are shining a light on innovation, ambition, and the tech trailblazers building the future right from the startup trenches. This episode is part of our exclusive RSAC series where we dive into the real world impact of the Microsoft for Startups Founders Hub.  Along with Microsoft's ⁠Kevin Magee⁠, Dave Bittner talks with an entrepreneur and startup veteran, and founders from three incredible startups who are part of the Founders Hub, each tackling big problems with even bigger ideas.  Dave and Kevin set the stage speaking with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur. Dave and Kevin then speak with three founders: ⁠Matthew Chiodi⁠ of ⁠Cerby⁠, ⁠Travis Howerton⁠ of ⁠RegScale⁠, and ⁠Karl Mattson⁠ of ⁠Endor Labs⁠. So whether you are building your own startup or just love a good innovation story, listen in. For more information, visit the ⁠Microsoft for Startups website⁠. CyberWire Guest We are joined by Tim Starks from CyberScoop who is discussing Judge limits evidence about NSO Group customers, victims in damages trial Selected Reading Nationwide Power Outages in Portugal & Spain Possibly Due to Cyberattack (Cyber Security News) Iran claims it stopped large cyberattack on country's infrastructure (The Record) 400+ SAP NetWeaver Devices Vulnerable to 0-Day Attacks that Exploited in the Wild (Cyber Security News) M&S warehouse workers told not to come to work following cyberattack (The Record) 4 Million Affected by VeriSource Data Breach (SecurityWeek) Researchers Note 16.7% Increase in Automated Scanning Activity (Infosecurity Magazine) Critical Vulnerabilities Found in Planet Technology Industrial Networking Products (SecurityWeek) Court Dismisses Criminal Charges Against VPN Executive, Affirms No-Log Policy (Hackread) JokerOTP Dismantled After 28,000 Phishing Attacks, 2 Arrested (Hackread) A Strange Phrase Keeps Turning Up in Scientific Papers, But Why? (ScienceAlert) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
Microsoft for Startups: The benefits of the cyber startup ecosystem. [Special Edition]

The CyberWire

Play Episode Listen Later Apr 27, 2025 75:15


Welcome to the Microsoft for Startups Spotlight, brought to you by N2K CyberWire and Microsoft. In this episode, we are shining a light on innovation, ambition, and the tech trailblazers building the future right from the startup trenches. This episode is part of our exclusive RSAC series where we dive into the real world impact of the Microsoft for Startups Founders Hub.  Along with Microsoft's Kevin Magee, Dave Bittner talks with an entrepreneur and startup veteran, and founders from three incredible startups who are part of the Founders Hub, each tackling big problems with even bigger ideas.  Dave and Kevin set the stage speaking with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur. Dave and Kevin then speak with three founders: Matthew Chiodi of Cerby, Travis Howerton of RegScale, and Karl Mattson of Endor Labs. So whether you are building your own startup or just love a good innovation story, listen in. For more information, visit the Microsoft for Startups website. Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacking Humans
When AI lies, hackers rise.

Hacking Humans

Play Episode Listen Later Apr 24, 2025 42:37


This week, our hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. This week Joe's got some follow up about his chickens. Joe's story is on LLM-powered coding tools, and how they are increasingly hallucinating fake software package names, opening the door for attackers to upload malicious lookalike packages—a practice dubbed "slopsquatting"—that can compromise software supply chains when developers unwittingly install them. Dave's story is on Cisco Talos uncovering a widespread toll road smishing campaign across multiple U.S. states, where financially motivated threat actors—using a smishing kit developed by “Wang Duo Yu”—impersonate toll services to steal victims' personal and payment information through spoofed domains and phishing sites. Maria's got the story of how scammers are using fake banking apps to fool sellers with phony payment screens—and walking away with thousands in goods. Our catch of the day comes from listener John who writes in to share a suspicious text message he received. Resources and links to stories: LLMs can't stop making up software dependencies and sabotaging everything Unraveling the U.S. toll road smishing scams 'Scammers used fake app to steal from me in person' Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Hacking Humans
Phishing in the tariff storm.

Hacking Humans

Play Episode Listen Later Apr 17, 2025 34:57


This week, our hosts Dave Bittner and Joe Carrigan, are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines, while our other host, Maria Varmazis is at a conference. We begin with some follow-up, as Joe reflects on the density of gold. Then, Dave shares some heartfelt and moving words about the recent passing of his father. Dave's story follows how confusion sparked by Trump's erratic tariff policies is fueling a global surge in cyber scams, phishing sites, and crypto cons, as threat actors exploit the chaos to mislead, defraud, and manipulate online users. Joe has two stories this week, the first is about the "blessing scam," a con that targets older Chinese women with promises of spiritual cleansing that ends in financial ruin. The second covers a new FTC rule requiring companies to make subscription cancellations as easy as sign-ups, cracking down on deceptive practices. Our catch of the day this week comes from MontClair University, as they are warning of a phishing scam offering a “free 2014 Airstream Sport 16′ Travel Trailer.” Resources and links to stories: Trump Tariff Confusion Fuels Online Scams Oklahoma woman charged with laundering $1.5M from elderly women in online romance scam A new ‘jackpotting' scam has drained more than $236,000 from Texas ATMs — but who foots the loss? Opportunity To Own A Free 2014 Airstream Sport 16′ Travel Trailer Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

The CyberWire
The new malware on the block. [OMITB]

The CyberWire

Play Episode Listen Later Apr 12, 2025 35:03


This week, we are sharing an episode of our monthly show, Only Malware in the Building. We invite you to join Dave Bittner and cohost Selena Larson as they explore "The new malware on the block." Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we're keeping an eye on them just in case). Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the latest shake-ups in the fake update threat landscape, including two new cybercriminal actors, fresh Mac malware, and the growing challenge of tracking these evolving campaigns. Learn more about your ad choices. Visit megaphone.fm/adchoices

Research Saturday
The new malware on the block.

Research Saturday

Play Episode Listen Later Apr 12, 2025 35:03


This week, we are sharing an episode of our monthly show, Only Malware in the Building. We invite you to join Dave Bittner and cohost Selena Larson as they explore "The new malware on the block." Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we're keeping an eye on them just in case). Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the latest shake-ups in the fake update threat landscape, including two new cybercriminal actors, fresh Mac malware, and the growing challenge of tracking these evolving campaigns. Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacking Humans
You get a million dollars, and you get a million dollars!

Hacking Humans

Play Episode Listen Later Apr 10, 2025 37:12


This week, while Dave Bittner is out, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start off with a lot of follow up on listener feedback this week! Justin shares a thought about how to track gold deliveries with a simple sting operation involving an AirTag. Xray Specs offers a fun response to a theory about scanning plates and running Python scripts, stating they receive similar emails despite not owning a car. Jim Gilchrist recounts his experience with E-ZPass and unpaid tolls, explaining how a failed transponder led to a replacement and noting the prevalence of scam toll messages. Joe shares two gripping stories this week, one being on how the FBI is seizing $8.2 million from a massive romance scam involving cryptocurrency, and second is on a Maryland woman losing millions in a growing "pig butchering" scheme, with the FBI warning that many more victims are at risk. Maria's story is on an East Hartford woman caught up in a federal sweepstakes scam targeting the elderly. The suspects, including one local resident, allegedly stole millions. What did they do, and how did they get caught? Our catch of the day comes from a user on Reddit who shares a message they got from billionaire, and owner of Tesla, Elon Musk. Resources and links to stories: FBI Cracks 'Pig Butchering' Scam on Dating Sites Maryland woman loses millions in crypto "pig butchering" scam as FBI warns of more targets East Hartford Woman Bilked Elderly In Fake Sweepstakes Scam: Feds Elon Musk Vows To Hand Out $1 Million Checks This Weekend: What To Know Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Hacking Humans
Not-so-real deals.

Hacking Humans

Play Episode Listen Later Apr 3, 2025 46:12


This week our hosts, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. First, we start off with some more follow-up on EZ passes, along with the newest iteration, as Kailey Cornick shares that scammers target phone numbers rather than actual toll users, sending her SUN pass scam texts tied to her old Florida number. Dave shares the story of Palo Alto's Unit 42 researchers uncovering a massive campaign distributing thousands of fraudulent cryptocurrency investment platforms via websites and mobile apps, using brand impersonation, Ponzi-like schemes, and domain fronting to deceive victims, primarily in East Africa and Asia. Maria follows the story of a Queens man arraigned for allegedly scamming a 72-year-old Newton woman out of over $480,000 by posing as a DEA agent and coercing her into transferring her assets under the threat of arrest. Joe came across a Facebook video featuring an AI-generated ad falsely claiming Kelly Clarkson endorsed a weight loss product. These deceptive ads use AI to create convincing deepfakes, making it appear as if celebrities are promoting products they've never actually supported. Our catch of the day comes from listener Connor, who flagged a phishing email pretending to be from the Social Security Administration. The email urges the recipient to click a link to view an "important update," but the repetition of the message and a suspicious logo placeholder suggest it's a phishing attempt designed to steal personal info. Resources and links to stories: Investigating Scam Crypto Investment Platforms Using Pyramid Schemes to Defraud Victims Man Arraigned After Posing as Government Agent to Scam Senior out of Over $480,000 'I have terminal cancer and lost my life savings to whisky barrel scammers' Casks and Kegs Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Hacking Humans
Smells like scam season is upon us.

Hacking Humans

Play Episode Listen Later Mar 27, 2025 48:51


This week our hosts, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), and they are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up on E-ZPass scams—a listener suggests that scammers may be exploiting exposed license plate reader data, as demonstrated by YouTuber Mike Brown, to link plate numbers with breached phone records and send scam texts in real time. Dave's story is on how scammers may use conditioning techniques in romance scams—Ben Tasker observed that refusing to provide a phone number led to fewer photos being sent early on, suggesting scammers use rewards like photos to encourage compliance. Joe's got the story of Google's lawsuit against scammers who created and sold thousands of fake business listings on Google Maps, exploiting urgent services like locksmiths and towing to deceive customers and charge inflated fees. Maria's got the story of the FTC suing Click Profit for allegedly scamming consumers out of millions with a fake “passive income” scheme, falsely promising high returns through AI-driven e-commerce stores on Amazon, Walmart, and TikTok while most investors ended up losing money. Our catch of the day comes from Reddit after a user posted a conversation with a scammer after messing with them about a potential job opportunity. Resources and links to stories: Who is sending those scammy text messages about unpaid tolls? My Scammer Girlfriend: Baiting A Romance Fraudster Google finds 10,000 fake listings on Google Maps, sues alleged network of scammers AI scammers on Amazon duped investors out of millions with ‘passive income' scheme, FTC alleges Can I work from jail? Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Hacking Humans
E-ZPass or easy scam?

Hacking Humans

Play Episode Listen Later Mar 20, 2025 36:26


On Hacking Humans, this week Dave Bittner is on vacation so our two hosts Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe shares a bit of follow up on scam victims sharing their experiences of losing money to various frauds, including investment schemes, romance scams, business email compromises, online shopping fraud, unusual payment requests, tax impersonations, remote access scams, and identity theft. Maria shares a story on scammers using fake E-ZPass toll alerts to steal personal information, and another on victims losing thousands to investment, romance, and online shopping scams. Dave's got the story of how digital scammers prey on the financially vulnerable, using AI-generated content and deceptive ads on platforms like Instagram to sell worthless "get-rich-quick" schemes that ultimately leave victims deeper in debt. Joe's got two stories this week, the first being on Wenhui Sun, a California man, and how he was sentenced to six and a half years for stealing nearly $800,000 through a gold bar scam targeting victims nationwide. Meanwhile, the U.S. Federal Trade Commission reported a sharp rise in fraud, with 2.6 million people losing $12.5 billion in 2024, up from $2.5 billion in 2023, primarily due to impostor scams. Younger adults reported losing money more often than older ones. Our catch of the day follows how First Lady Melania Trump messaged an unsuspecting citizen claiming to give them a free gift. Resources and links to stories: Scam victims tell us their stories Digital Snake Oil Merchants Are Stealing From The Already Broken California man sentenced after Montgomery Co. woman loses over $700K in gold bar scam FTC says Americans lost $12.5B to scams last year — social media, AI, and crypto didn't help You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Hacking Humans
Catch me if you scam.

Hacking Humans

Play Episode Listen Later Mar 13, 2025 41:34


On Hacking Humans, this week Dave Bittner is on vacation so our two hosts Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Our hosts start out with some follow up on chicken talk from last week. Maria shares the story of scammers impersonating police officers in England to steal cryptocurrency by exploiting leaked personal data, creating fake fraud reports, and tricking victims into revealing their seed phrases, leading to losses totaling £1 million. Joe has two stories this week, his first one is on a $21 million "Grandparent Scam" in which 25 Canadians were charged for running a scheme from Montreal call centers, posing as grandchildren in distress to deceive elderly Americans into handing over money, with 23 suspects already arrested. Joe's second story is on two people charged in a ticket scam that exploited a loophole in StubHub's system to steal and resell over 900 tickets—mostly for Taylor Swift's Eras Tour—netting more than $600,000 in profit before being caught by the Queens D.A.'s Cybercrime Unit. We have a special catch of the day this week, where we are joined by N2K's own Ma'ayan Plaut, who joins to discuss going out of business scams. Resources and links to stories: ‘Fake police call cryptocurrency investors to steal their funds Dozens of Canadians Are Charged in $21 Million ‘Grandparent Scam' 2 People Charged with Taylor Swift Eras Tour Ticket Scam That Allegedly Netted More Than $600K BBB Scam Alert: How to spot a fake "going out of business" sale Joann Fabric's going out of business scam You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

The CyberWire
From China with love (and Malware).

The CyberWire

Play Episode Listen Later Mar 6, 2025 33:46


US Justice Department charges employees of Chinese IT contractor i-Soon. Silk Typhoon targets the IT supply chain for initial access. Chrome extensions that change shape. Attackers target airflow misconfigurations. LibreOffice vulnerability opens the door to script-based attacks. NSO group leaders face charges in spyware case. Today, our own Dave Bittner is our guest as he appeared on the Adopting Zero Trust podcast at ThreatLocker's Zero Trust World 2025 event with hosts Elliot Volkman and Neal Dennis and guest Dr. Chase Cunningham. And turning $1B into thin air. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, our own Dave Bittner is in our guest spot as he appeared on the Adopting Zero Trust podcast at ThreatLocker's Zero Trust World 2025 event with hosts Elliot Volkman and Neal Dennis and guest Dr. Chase Cunningham aka Dr. Zero Trust. Adopting Zero Trust is an ongoing conversation about the people and organizations adopting Zero Trust. You can catch the full episode here where Dave and Dr. Zero Trust weigh the difference between delivering refined news and raw perspective, hitting critical mass for AI, and the current political environment. Selected Reading US charges Chinese nationals in cyberattacks on Treasury, dissidents and more (The Record) Silk Typhoon targeting IT supply chain (Microsoft) Malicious Chrome extensions can spoof password managers in new attack (Bleeping Computer)  Apache Airflow Misconfigurations Leak Login Credentials to Hackers (GB Hackers) LibreOffice Flaw Allows Attackers to Run Arbitrary Scripts via Macro URL (GB Hackers) Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks (SecurityWeek) Catalan court says NSO Group executives can be charged in spyware investigation (TechCrunch) Former top NSA cyber official: Probationary firings ‘devastating' to cyber, national security (CyberScoop)  Financial Organizations Urge CISA to Revise Proposed CIRCIA Implementation (SecurityWeek) North Koreans finish initial laundering stage after more than $1 billion stolen from Bybit (The Record)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacking Humans
Scams in the henhouse.

Hacking Humans

Play Episode Listen Later Mar 6, 2025 34:38


On Hacking Humans, this week Dave Bittner is on vacation so our two hosts Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start off the show with some follow-up from a long-time listener who shared how switching to Publii and Cloudflare Pages saved his wife's psychiatric nurse practice over $120/year in hosting costs after discovering static site generators on Hacking Humans. Joe's story is on a warning from an Oregon woman who fell victim to an online scam while trying to buy hens for her backyard chicken coop amid egg shortages caused by the bird flu, urging others to be cautious and avoid transactions on social media. Maria has the story on the increasing threats targeting sellers on online marketplaces, including phishing campaigns, scams designed to bypass platform protections, and the risks associated with off-platform transactions, all of which emphasize the need for heightened vigilance and security measures. The catch of the day, from Scott, highlights an email invitation that appeared legitimate but redirected to a phishing site designed to steal email credentials, with Scott's wife recognizing the suspicious nature and forwarding it for further investigation. Resources and links to stories: ‘Be suspicious': Sweet Home woman warns of chicken scam amid egg shortage Your item has sold! Avoiding scams targeting online sellers You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

The CyberWire
Live from Orlando, it's Hacking Humans! [Hacking Humans]

The CyberWire

Play Episode Listen Later Feb 27, 2025 30:51


In this special live episode of Hacking Humans, recorded at ThreatLocker's Zero Trust World 2025 conference in Orlando, Florida, Dave Bittner is joined by T-Minus host Maria Varmazis. Together, they explore the latest in social engineering scams, phishing schemes, and cybercriminal exploits making headlines. Their guest, Seamus Lennon, ThreatLocker's VP of Operations for EMEA, shares insights on Zero Trust security and the evolving threat landscape. Maria's story this week follows the IRS warning about a fake “Self Employment Tax Credit” scam on social media, urging taxpayers to ignore misinformation and consult professionals. Dave's got the story of the Better Business Bureau's annual Scam Tracker report, revealing that online shopping scams continue to top the list for the fifth year, with phishing and employment scams remaining major threats, while fraudsters increasingly use AI and deepfake technology to deceive victims. Our catch of the day comes from Diesel in West Virginia, and features a scammer who tried to panic their target with a classic “We've frozen your account” scam—only to get hilariously mixed up with actual embryo freezing. Resources and links to stories: Better Business Bureau reveals top local scams of 2024 IRS warns taxpayers about misleading claims about non-existent “Self Employment Tax Credit;” promoters, social media peddling inaccurate eligibility suggestions BBB Scam Tracker Got a $1,400 rebate text from the IRS? It's a scam, Better Business Bureau warns. You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com. Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacking Humans
Live from Orlando, it's Hacking Humans!

Hacking Humans

Play Episode Listen Later Feb 27, 2025 30:51


In this special live episode of Hacking Humans, recorded at ThreatLocker's Zero Trust World 2025 conference in Orlando, Florida, Dave Bittner is joined by T-Minus host Maria Varmazis. Together, they explore the latest in social engineering scams, phishing schemes, and cybercriminal exploits making headlines. Their guest, Seamus Lennon, ThreatLocker's VP of Operations for EMEA, shares insights on Zero Trust security and the evolving threat landscape. Maria's story this week follows the IRS warning about a fake “Self Employment Tax Credit” scam on social media, urging taxpayers to ignore misinformation and consult professionals. Dave's got the story of the Better Business Bureau's annual Scam Tracker report, revealing that online shopping scams continue to top the list for the fifth year, with phishing and employment scams remaining major threats, while fraudsters increasingly use AI and deepfake technology to deceive victims. Our catch of the day comes from Diesel in West Virginia, and features a scammer who tried to panic their target with a classic “We've frozen your account” scam—only to get hilariously mixed up with actual embryo freezing. Resources and links to stories: Better Business Bureau reveals top local scams of 2024 IRS warns taxpayers about misleading claims about non-existent “Self Employment Tax Credit;” promoters, social media peddling inaccurate eligibility suggestions BBB Scam Tracker Got a $1,400 rebate text from the IRS? It's a scam, Better Business Bureau warns. You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Hacking Humans
I'm a scammer and need support.

Hacking Humans

Play Episode Listen Later Feb 20, 2025 44:32


On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. We start off with some follow up from listener Dave who writes in with a call for help after a good friend of his, who fell victim to a dream job scam. They also have a discussion after the Washington Post shared an article on scammers are remorseful and how they have a support group. Maria has a quick follow up from last week, talking about deepfakes, this week, she talks about Kim Jong Un. Dave has a romance scam story this week, talking about how the loneliness epidemic is causing issues. Joe has two stories this week, the first is on a thief using a homemade barcode ring to scam Walmart self-checkouts. Joe's second story is on new protection methods that are out, giving us game changing anti-scam laws. Our catch of the day comes from Reddit after a user posted a conversation they had with a scammer that got a bit out of hand. Resources and links to stories: Arizona laptop farmer pleads guilty for funneling $17M to Kim Jong Un The Loneliness Epidemic Is a Security Crisis Thief using homemade barcode ring to scam Walmart self-checkout busted after trying to ring up $300 grill for price of tomato soup: cops 'Game-changing' anti-scam laws to protect consumers Hello, Jane. You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Hacking Humans
The “t” that tricked.

Hacking Humans

Play Episode Listen Later Feb 13, 2025 45:28


On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. Our hosts start off with some follow up from listener Robert who writes in from the Great White North, who shares how he thinks the U.S. might be stuck in the past with payment tech. Joe's got two stories this week, both on financial crime—Thailand cutting power to Myanmar's billion-dollar scam hubs and the struggle to shut them down for good. Maria has the story of a job candidate who not only used AI-generated answers during a technical interview but also altered his appearance with software—marking the second time this has happened to the interviewer in just two months. Dave sits down with our guest Nati Tal, Head of Guardio Labs, as he is discussing the growing danger of homograph attacks. Our catch of the day comes from listener Kenneth, who got an alarming email from the PayPal Security Team—apparently, he just bought nearly $700 in Bitcoin. Resources and links to stories: China's Xi hails Thailand's 'strong' action against scam centres Power cut to site of global, billion-dollar scam industry. But will it halt the swindling? AI altering You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Grumpy Old Geeks
683: There IS a Spoon!

Grumpy Old Geeks

Play Episode Listen Later Feb 8, 2025 80:38


This week, Jason and Brian dive into the chaos surrounding Elon Musk's growing influence in government tech, with young engineers playing key roles in his takeover. DOGE employees are being ordered off Slack, USAID is crumbling, and Musk's war with U.S. officials rages on. Meanwhile, AI takes center stage with the EU banning high-risk systems, DeepSeek's security concerns, and Amazon throwing down $100 billion on AI advancements. Big Tech moves are equally absurd—Google is now open to AI-powered weapons, Meta might scrap risky AI models, and Tesla is struggling in Europe thanks to Elon's latest blunders. Meanwhile, states are rushing to pour taxpayer money into so-called “strategic cryptocurrency reserves.”In entertainment, The Devil May Cry anime's ridiculous theme song is a standout, Mythic Quest returns, and Beast Games looks promising. AI controversially helped The Beatles score a Grammy, and Denis Villeneuve is making Dune 3 because, well, fans demanded it. Over in reboot land, Sarah Michelle Gellar may return for a Buffy revival on Hulu with Chloé Zhao at the helm, while Neil Gaiman finds himself in serious legal trouble. Gadget fans get a look at the Anker Zolo charger, a Google search trick to dodge AI summaries, and Apple's latest social feature. Also, say goodbye to Apple's AR glasses before they even had a chance to shine.Dave Bittner joins The Dark Side segment with updates on cybersecurity, including a wave of ransomware payment refusals and the Andersons' infamous eviction from Disneyland's most exclusive club. Pirates in China, Disney park music, and tracking yourself via in-app ads round out the discussion. Closing out the show, a shout-out to Snap's CEO for supporting LA wildfire recovery and a nod to SoberOutfitters for keeping things clean. Buckle up—it's another wild ride with the Grumpy Old Geeks!Sponsors:DeleteMe - Head over to JoinDeleteMe.com/GOG and use the code "GOG" for 20% off.Private Internet Access - Go to GOG.Show/vpn and sign up today. For a limited time only, you can get OUR favorite VPN for as little as $2.03 a month.SetApp - With a single monthly subscription you get 240+ apps for your Mac. Go to SetApp and get started today!!!1Password - Get a great deal on the only password manager recommended by Grumpy Old Geeks! gog.show/1passwordShow notes at https://gog.show/683IN THE NEWSThe Young, Inexperienced Engineers Aiding Elon Musk's Government TakeoverMusk, Trump Prosecutor Targeting People Who Divulge Identities of DOGE StaffOne of Elon Musk's DOGE Kids Just Had an Explosive Screaming TantrumDOGE Engineer Resigns After Being Linked to Extremely Racist TweetsGovernment Tech Workers Forced to Defend Projects to Random Elon Musk BrosU.S. government officials privately warn Musk's blitz appears illegalDOGE Employees Ordered to Stop Using Slack While Agency Transitions to Records System That Is Not Subject to FOIAElon Musk's Enemy, USAID, Was Investigating Starlink's Contracts in UkraineUSAID Workforce Slashed From 10,000 to Under 300 as Elon Musk's DOGE Decimates AgencyGovernment agency removes spoon emoji from work platform amid protestsDeadline for Trump's federal worker buyout proposal temporarily blocked by judgeUS judge blocks Trump buyout program as 60,000 sign up to quitStates Are Racing to Throw Taxpayers' Money Into "Strategic Cryptocurrency Reserves"Police Use of Facial Recognition Backfires Spectacularly When It Renders Them Unable to Convict Alleged MurdererAI systems with 'unacceptable risk' are now banned in the EUDeepSeek iOS app sends data unencrypted to ByteDance-controlled serversOmniHuman-1Researchers created an open rival to OpenAI's o1 ‘reasoning' model for under $50Amazon doubles down on AI with a massive $100B spending plan for 2025Workday lays off 1,750 employees, citing demand for AILyft uses Anthropic's Claude chatbot to handle user complaintsTesla Sales in Europe Plummet Amidst Elon's Stupid MeddlingTesla sees German car sales plunge in JanuaryVolkswagen is unveiling a $21,000 entry-level EV in MarchVolkswagon - The 2025 ID. Buzz electric busOne of Big Tech's Angriest Critics Explains the ProblemGoogle Lifts Self-Imposed Ban on Using AI for Weapons and SurveillanceMeta says it may stop development of AI systems it deems too riskySonos lays off 200 ahead of rumored set-top box releaseAndreessen Horowitz Defends Hiring Subway Vigilante Who Became Right-Wing HeroMEDIA CANDYThe Devil May Cry Show's Intro Song Is So Stupidly GloriousMythic QuestBeast GamesAI won The Beatles a Grammy 55 years after they broke upDenis Villeneuve Is Making Dune 3 Next Because You Want It‘Buffy The Vampire Slayer' Reboot Starring Sarah Michelle Gellar Nears Hulu Pilot Order With Chloé Zhao DirectingNeil Gaiman Hit With Rape & Human Trafficking Suits After Months Of Allegations; Estranged Spouse Amanda Palmer Also Named In Multi-State FilingsAPPS & DOODADSAnker Zolo Portable Charger, 10,000mAh 30W Power Bank with Built-in Lanyard USB-C Cable for Travel, Fast Charging Battery Pack for iPhone 16/15 Series, MacBook, Galaxy, iPad, and MoreAdd F*cking to Your Google Searches to Neutralize AI SummariesApple reportedly gives up on its AR video glasses projectApple Invites Is a New Way to Remind Friends to Celebrate You750 WordsTHE DARK SIDE WITH DAVEDave BittnerThe CyberWireHacking HumansCaveatControl LoopOnly Malware in the Building50 Mission CrushA Lot of People Just Refused to Make Ransomware Payments in 2024: ReportThe Andersons were kicked out of Disneyland's most exclusive club. They would not go willingly.Pirates in ChinaDisney Plus: Behind the AttractionDIsneyland: Music Around the ParksDisneyland MusicDIsneyland Park MusicI Don't Have SpotifyEveryone knows your location: tracking myself down through in-app adsCLOSING SHOUT-OUTSSnap CEO helps launch LA wildfire recovery programSoberOutfittersSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Hacking Humans
Old school scams updated.

Hacking Humans

Play Episode Listen Later Feb 6, 2025 35:11


On this episode of Hacking Humans, we are going old school with Dave Bittner and Joe Carrigan sans T-Minus host Maria Varmazis (as she was hanging out with astronauts at the SpaceCom event). Not to worry, Dave and Joe have it covered sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, we have some follow up including a conversation Joe had with ChatGPT, some discussion on AI generated images of people, and scam letters that are sent out in the mail. Joe shares a text his office mate received from the "IRS." He also has a story about food workers taking photos of credit and debit cards at restaurant drive throughs. Dave's story is about a near-perfect scam attempt that almost fooled a very smart guy—Zach Latta, the founder of Hack Club. Our Catch of the Day comes from Reddit about a Facebook Marketplace scam using Zelle. Resources and links to stories: Scam Warning: Food workers taking photos of debit cards in North Carolina, police say Google takes action after coder reports 'most sophisticated attack I've ever seen' FB Marketplace scam using Zelle You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

The CyberWire
A Digital Eye on supply-chain-based espionage attacks. [Research Saturday]

The CyberWire

Play Episode Listen Later Feb 1, 2025 27:07


This week, Dave Bittner is joined by Juan Andres Guerrero-Saade (JAGS) from SentinelOne's SentinelLabs to discuss the work his team and Tinexta Cyber did on "Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels." Tinexta Cyber and SentinelLabs have been tracking threat activities targeting business-to-business IT service providers in Southern Europe. Based on the malware, infrastructure, techniques used, victimology, and the timing of the activities, we assess that it is highly likely these attacks were conducted by a China-nexus threat actor with cyberespionage motivations. The relationships between European countries and China are complex, characterized by cooperation, competition, and underlying tensions in areas such as trade, investment, and technology. Suspected China-linked cyberespionage groups frequently target public and private organizations across Europe to gather strategic intelligence, gain competitive advantages, and advance geopolitical, economic, and technological interests. The research can be found here: Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels Learn more about your ad choices. Visit megaphone.fm/adchoices

Research Saturday
A Digital Eye on supply-chain-based espionage attacks.

Research Saturday

Play Episode Listen Later Feb 1, 2025 27:07


This week, Dave Bittner is joined by Juan Andres Guerrero-Saade (JAGS) from SentinelOne's SentinelLabs to discuss the work his team and Tinexta Cyber did on "Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels." Tinexta Cyber and SentinelLabs have been tracking threat activities targeting business-to-business IT service providers in Southern Europe. Based on the malware, infrastructure, techniques used, victimology, and the timing of the activities, we assess that it is highly likely these attacks were conducted by a China-nexus threat actor with cyberespionage motivations. The relationships between European countries and China are complex, characterized by cooperation, competition, and underlying tensions in areas such as trade, investment, and technology. Suspected China-linked cyberespionage groups frequently target public and private organizations across Europe to gather strategic intelligence, gain competitive advantages, and advance geopolitical, economic, and technological interests. The research can be found here: Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacking Humans
Despicable donation request scamming.

Hacking Humans

Play Episode Listen Later Jan 30, 2025 44:47


On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, Dave has the story from Ampyx Cyber that has a scam reporter on staff to do awareness videos and this latest one is about an amazing sale on fake leather bags. Joe has two stories this week. The first one sent Joe down a rabbit hole and is about romance scams where 3 people were recently sentenced. The second one is about one of the victims of that previous romance scam. And finally, Maria's story is about Restaurant Week in NYC and third-party brokers who do restaurant reservation auctions. Our Catch of the Day involves a GoGetFunding gift card scam related to a campaign looking for donations to help pay for a child's medical costs. Resources and links to stories: Fake leather, fake people: AI sellers generate numerous complaints Romance scam "money mules" sentenced in case that ended with Illinois woman's death When her mother went missing, an Illinois woman ventured into the dark corners of America's romance scam epidemic Security Alert: Bots Target NYC Restaurant Week GoGetFunding Scamming Donations Alert You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Hacking Humans
Back to the office, back to the threats.

Hacking Humans

Play Episode Listen Later Jan 23, 2025 43:11


On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week Maria has the story on how the return to office life brings unique security challenges, highlighting the need for Red Team assessments to uncover and address physical and digital vulnerabilities, empowering organizations to proactively enhance workplace security and protect against evolving threats. Joe's story comes from the FCC's warning about a scam dubbed "Green Mirage," where fraudsters impersonate mortgage lenders, spoof caller IDs, and use social engineering to trick financially vulnerable homeowners into sending payments via unconventional methods, often only discovered when foreclosure proceedings begin. Last but not least, Dave's story is on how a Reddit user shared their cautious experiment with a suspected Airbnb scam involving a new account requesting to move to WhatsApp, agreeing to unusually high rental rates, and engaging in rapport-building tactics, with red flags pointing to potential financial fraud or phishing attempts. Our catch of the day comes from listener William, who spotted a phishing scam disguised as a security alert about a compromised crypto wallet, featuring an unsolicited QR code and a generic warning that targets even non-crypto users. Resources and links to stories: Navigating Workplace Security: Red Team Insights for the Return to Office FCC warns of 50-state scam by fraudsters posing as mortgage lenders FCC ENFORCEMENT ADVISORY I'm saying "Yes" to the Chinese long-term rental WhatsApp chat asking for video You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Hacking Humans
Crypto chameleons and star fraud.

Hacking Humans

Play Episode Listen Later Jan 16, 2025 41:52


On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week we jump right into stories, Maria shares Apple's new AI feature and how it is unintentionally rewording scam messages to make them appear more legitimate and flagging them as priority notifications, raising concerns about increased susceptibility to scams. Joe has two stories this week, the first focuses on two individuals, including an inmate using a smuggled cellphone, being charged with defrauding a Sarasota woman of $12,000 in a jury duty scam involving spoofed law enforcement identities and Bitcoin transfers, with authorities urging vigilance against such schemes. Joe's second story is on a LinkedIn job interview turned hacking attempt when a technical challenge contained obfuscated code designed to gather crypto wallet information from the user's computer; the scam highlights the importance of carefully reviewing code and using secure environments like virtual machines during such evaluations. Finally Dave has the story on a prolific voice phishing crew manipulating legitimate Apple and Google services to deceive victims, leveraging advanced phishing kits, social engineering tactics, and automated tools like "autodoxers" to target cryptocurrency holders and high-value individuals for significant financial theft. Our catch of the day comes from listener Keefe, who shares a voicemail from one suspicious sounding Walmart voice. Resources and links to stories: Apple's new AI feature rewords scam messages to make them look more legit Apple urged to withdraw 'out of control' AI news alerts Suspected jury duty scammers arrested for bilking Sarasota woman out of $12K: DOJ The code challenge scam A Day in the Life of a Prolific Voice Phishing Crew You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Smashing Security
Hacker games, AI travel surveillance, and 25 years of IoT

Smashing Security

Play Episode Listen Later Jan 16, 2025 49:15


The video game Path of Exile 2 suffers a security breach, we explore the issues of using predictive algorithms in travel surveillance systems, and the very worst IoT devices are put on show in Las Vegas. Oh, and has Elon Musk accidentally revealed he cheats at video games?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Player of Games - Grimes.‘Path of Exile 2' Players Call Bulls**t on Elon Musk's Video Game Stream - Gizmodo.Elon Musk "Playing" Path of Exile 2 - YouTube.Elon Musk is Lying About Being Good at Video Games - YouTube.Elon Musk Streams His ”Totally Not Boosted” ‘Path of Exile 2' Character, Proves He Has No Idea What He's Doing - Vice.Hacker Broke into ‘Path of Exile 2' Admin Account, Hijacked Wave of Characters - 404 Media.Inside the Black Box of Predictive Travel Surveillance - WIRED.Average Number of Smart Devices in a Home 2025 - Consumer Affairs.Global IoT and non-IoT connections 2010-2025 - Statista.U.S. Cyber Trust Mark: New Label for IoT Devices - National Law Review. How the Internet of Things will be good for the planet - Thales Group.The ‘Worst in Show' CES products put your data at risk and cause waste, privacy advocates say - AP News.The CES worst in show awards lampoon AI everthing - The Register.The Worst Devices of CES 2025!! - YouTube. This Could Be Your AI Robot Girlfriend - For $175,000 - Forbes.

Hacking Humans
Nice to meet you, I'm a scammer.

Hacking Humans

Play Episode Listen Later Jan 9, 2025 52:58


On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. Our hosts discuss and ponder whether or not diamonds are the original cryptocurrency, as well as diving further into Yubikeys for organizations. Maria shares the story of a 66-year-old woman who lost her $2 million retirement savings to a romance scam on Match.com, highlighting the rise in such scams and efforts to pass the Online Dating Safety Act to protect users. Joe's story is on the Madoff Victim Fund's final $131.4 million payout, bringing total recoveries to $4.3 billion for victims of Bernard Madoff's infamous Ponzi scheme, which collapsed during the 2008 financial crisis. Dave's got the story on allegations that the PayPal Honey browser extension not only fails to deliver the best deals but also hijacks affiliate revenue from influencers by replacing their links with its own, sparking backlash and controversy. Our catch of the day comes from Reddit and Dave and Maria do their best impressions yet, as a scammer chats up an unsuspecting victim. Resources and links to stories: Online dating scammers bilk more money each year. A bipartisan bill seeks to stop them at the source. Madoff fraud victims get $4.3bn as fund completes payouts Honey's deal-hunting browser extension is accused of ripping off customers and YouTubers You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Hacking Humans
The intersection of hackers, scammers, and false collaborations.

Hacking Humans

Play Episode Listen Later Jan 2, 2025 42:10


On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. First off, our hosts share some follow up, Asher wrote in to discuss follow up on the AI granny. Maria's story covers a "new QR code scam" involving unsolicited packages and brushing tactics, where scammers lure victims into scanning malicious QR codes to steal personal and financial information. Joe's story highlights how the FBI and CISA urge Americans to secure their text messages using end-to-end encryption to combat sophisticated hacking campaigns linked to China's government, which target telecom networks and user data. Dave's story highlights how pallet liquidation scams target buyers with offers of discounted merchandise, warning against red flags like unrealistic prices and unverified sellers. Our Catch of the Day comes from Jim, who shares a suspicious email he received offering a collaboration under the guise of a business partnership, which included overly generic language and an unusual sign-off from "Robert De Niro." Resources and links to stories: New warning about ‘brushing' scam as victims are reported in Colorado FBI warns Americans to keep their text messages secure: What to know Pallet liquidation scams and how to recognize them Mobile Communications Best Practice Guidance You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

The CyberWire
A social engineering carol.

The CyberWire

Play Episode Listen Later Dec 25, 2024 8:08


Gather 'round for a holiday treat like no other! In this festive edition of Only Malware in the Building, we present A Social Engineering Carol—a cunning twist on the classic Dickens tale, penned and created by our very own Dave Bittner. Follow a modern-day Scrooge as they navigate the ghostly consequences of phishing, vishing, and smishing in this holiday cybersecurity fable. Don't miss the accompanying video, packed with holiday cheer and cyber lessons to keep you safe this season! Check it out now! Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
The CyberWire: The 12 Days of Malware. [Special edition]

The CyberWire

Play Episode Listen Later Dec 25, 2024 7:28


Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect! The 12 Days of Malware lyrics On the first day of Christmas, my malware gave to me: A keylogger logging my keys. On the second day of Christmas, my malware gave to me: 2 Trojan Apps... And a keylogger logging my keys. On the third day of Christmas, my malware gave to me: 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fourth day of Christmas, my malware gave to me: 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fifth day of Christmas, my malware gave to me: 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the sixth day of Christmas, my malware gave to me: 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the seventh day of Christmas, my malware gave to me: 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eighth day of Christmas, my malware gave to me: 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the ninth day of Christmas, my malware gave to me: 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the tenth day of Christmas, my malware gave to me: 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eleventh day of Christmas, my malware gave to me: 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the twelfth day of Christmas, my malware gave to me: 12 Hackers hacking... 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacking Humans
Gold bars and bold lies.

Hacking Humans

Play Episode Listen Later Dec 19, 2024 45:57


On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. First we start off with some follow up, our hosts share some more information on VIN swapping, and a clarification on bank participation in FinCEN. Maria shares a telling tale about a Bethesda couple loosing $367,000 in gold bars to a sophisticated scam involving fake officials and elaborate deceptions, but a police sting led to the arrest of a suspect, highlighting a growing nationwide trend of elderly victims targeted by gold bar fraud. Joe's story comes from KnowBe4 and is on DavidB, their VP of Asia Pacific, thwarting a sophisticated social engineering attack via WhatsApp by recognizing inconsistencies in the impersonator's behavior and verifying directly with the colleague they claimed to be. Dave's story comes from the FBI on how criminals are exploiting generative AI to enhance fraud schemes, including using AI-generated text, images, audio, and video to create convincing social engineering attacks, phishing scams, and identity fraud, while offering tips to protect against these threats. Our catch of the day comes from a listener who received an urgent email from someone claiming to be an FBI agent with a rather dramatic tale about intercepted consignment boxes, missing documents, and a ticking clock—but let's just say this "agent" might need some better training in both law enforcement and grammar. Resources and links to stories: “VIN swap scam costs Las Vegas man $50K, new truck" FinCEN Gold bar scammers claimed hackers could fund Russian missiles, police say Real Social Engineering Attack on KnowBe4 Employee Foiled Criminals Use Generative Artificial Intelligence to Facilitate Financial Fraud You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

T-Minus Space Daily
SpaceRISE for IRIS².

T-Minus Space Daily

Play Episode Listen Later Dec 16, 2024 27:56


The SpaceRISE consortium has signed an agreement with the European Commission and the European Space Agency to design, deliver and operate the Infrastructure for the Resilience, Interconnectivity and Security by Satellite (IRIS²) project. An unidentified company plans to spend $1.8 billion in capital improvements at Cape Canaveral. SpaceX has sent a letter to officials in Texas to request that Starbase be incorporated as a city, and more. Remember to leave us a 5-star rating and review in your favorite podcast app. Be sure to follow T-Minus on LinkedIn and Instagram. T-Minus Guest Our guest today is the Cyberwire Daily's host Dave Bittner.  Selected Reading IRIS2 lifts off as European Commission and SpaceRISE sign contract in Brussels- Business Wire Unidentified space company planning $1.8 billion in launch infrastructure, 600 jobs at Cape Elon Musk wants to turn SpaceX's Starbase site into a Texas city - AP News Proliferated Warfighter Space Architecture Tranche 3 Program Integration (T3PI) Solicitation FAA takes step to streamline launch licensing process - SpaceNews Millennium Space Systems Names Tony Gingiss as CEO Esper and Loft team up to pioneer resource monitoring with next-generation hyperspectral imagery China to launch Long March-8 rocket from its 1st commercial spaceport - CGTN NASA Awards Multi-Center Administrative Support Services Contract 'We are preparing to make history': NASA's Parker Solar Probe gears up for epic sun flyby on Christmas Eve- Space T-Minus Crew Survey We want to hear from you! Please complete our 4 question survey. It'll help us get better and deliver you the most mission-critical space intel every day. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacking Humans
Silent push, loud consequences.

Hacking Humans

Play Episode Listen Later Dec 12, 2024 44:48


On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, Maria shares two stories this week, the first is from "PayPal" saying they are owed over $200. The second comes from LinkedIn where a gentleman shares the terrifying story of losing everything all because of a scam. Joe's story is on text message scams where strangers pretend to know you, building trust over time to lure victims into schemes like cryptocurrency fraud; he advises ignoring unknown messages, blocking suspicious numbers, avoiding links, and protecting personal information. Dave's story follows Silent Push Threat Analysts tracking "Payroll Pirates," a group leveraging phishing campaigns targeting HR systems like Workday to redirect payroll funds by using search ads, spoofed websites, and credential harvesting, as they alert organizations and share threat intelligence to counter these sophisticated attacks. Our catch of the day comes from a phishing scam email claiming to offer a $1.75 million compensation fund via the "United Bank for Africa," requiring victims to share personal and banking details under the guise of an IMF directive. Resources and links to stories: “Wrong Number” Text Scams on the Rise Hunting Payroll Pirates: Silent Push Tracks HR Redirect Phishing Scam You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Hacking Humans
Fraud's festive frenzy.

Hacking Humans

Play Episode Listen Later Dec 5, 2024 47:45


On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, our hosts dive into some follow up from listener Will. who writes in about the Financial Crimes Enforcement Network. They also share after an anonymous listener writes in with a suggestion on filtering scam emails using the DocuSign API. Maria follows the story of how Black Friday is increasingly being dubbed "Black Fraud Day," as criminals exploit the festive shopping frenzy to scam eager bargain hunters, often using AI to create convincing fraud schemes. Joe has two stories this week. The first one is on scammers exploiting financially distressed individuals by posing as the "Bankruptcy Fraud Watchdog Group," threatening bankruptcy filers with false accusations and fines payable in Bitcoin, while warning them against contacting their attorneys. The second story explores the rise of deepfake scams in the U.S., with criminals using AI-generated videos of celebrities like Elon Musk to deceive victims into fraudulent cryptocurrency investments, contributing to over $12 billion in annual fraud losses. Finally, Dave share's a story on a new wave of deepfake scams, where AI-generated videos of Elon Musk trick unsuspecting victims into investing large sums, contributing to billions in fraud losses. Our catch of the day comes from Raul, who shares a scammy text message sent to his mother, sharing his efforts to educate her on spotting fraudulent messages. Resources and links to stories: Black Friday turning into Black Fraud Day, says UK cybersecurity chief U.S. Trustee Program Warns Consumers of Bankruptcy Fraud Alert Scam Deepfakes of Elon Musk are contributing to billions of dollars in fraud losses in the U.S. Inside the Mind of Thru-Hiking's Most Devious Con Man You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

The CyberWire
Novel attacks and creative phishing angles.

The CyberWire

Play Episode Listen Later Nov 25, 2024 32:49


APT28 uses a novel technique to breach organizations via nearby WiFi networks. Your Apple ID is (not) suspended. UK highlighting Russian threats at NATO Cyber Defence Conference. US senators request an audit of TSA's facial recognition technology. Supply chain software company sustains ransomware attack. Critical QNAP vulnerability could allow remote code execution. Outdated Avast Anti-Rootkit driver exploited. No more internet rabbit holes for China. Guest Lesley Carhart from Dragos on "The Shifting Landscape of OT Incident Response." Stop & Shop turns cyber oops into coffee and cookies. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is ​​Lesley Carhart, Technical Director at Dragos, speaking with Dave Bittner about "The Shifting Landscape of OT Incident Response." You can find the blog here. Selected Reading Russian Cyberspies Hacked Building Across Street From Target for Wi-Fi Attack (SecurityWeek) The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access (Volexity) New Warning For 2 Billion iPhone, iPad, Mac Users—Your Apple ID Is Suspended (Forbes) Russia plotting to use AI to enhance cyber-attacks against UK, minister will warn (The Guardian)  Britain, NATO must stay ahead in 'new AI arms race', says UK minister (Reuters)  Senators call for audit of TSA's facial recognition tech as use expands in airports (The Record)  Blue Yonder ransomware attack disrupts supply chains across UK and US (Tech Monitor) Critical QNAP Vulnerability Let Attackers Execute Remote Code (Cyber Security News) Malware campaign abused flawed Avast Anti-Rootkit driver (Security Affairs) When Guardians Become Predators: How Malware Corrupts the Protectors (Trellix report)  Imagine a land where algorithms don't ruin the Internet (The Register) Stop & Shop recovers from 'cybersecurity issue,' will give out free food, coffee (WTNH) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Grumpy Old Geeks
675: Your Own Personal Jesus

Grumpy Old Geeks

Play Episode Listen Later Nov 23, 2024 79:34


In this episode of Grumpy Old Geeks, we dive into the wild, wacky, and often worrying world of tech, media, and everything in between. From a Swiss church using AI to preach the gospel to OpenAI facing a copyright conundrum, and a DNA testing company ghosting its customers, the news is packed with surprises. We also explore Neuralink's Canadian trials, bizarre domain drama between Alex Jones and The Onion, and why Google might be forced to part ways with Chrome. Plus, a study reveals Tesla's troubling accident stats, and Germany investigates an undersea sabotage.On the media front, we break down The Old Man, The Day of the Jackal, and Ken Burns' deep dive into Leonardo da Vinci. Catch teasers for How to Train Your Dragon and The Studio, while Apple TV+ and streaming giants reshuffle strategies. In the gaming and cinema crossover universe, the Minecraft Movie and Silo Season 2 are making waves.We also geek out over Perplexity's new shopping tool, Bluesky's rise to 21 million users, and the evolving quirks of Threads and X. Meanwhile, Ghosts by Peter Cawdron lands on our reading list, and Dave Bittner brings the dark side of cybersecurity into focus, including reverse-engineered iPhone hacks and Graykey's tech secrets.In closing, we pay tribute to Thomas E. Kurtz, co-creator of BASIC, and share some lighthearted shout-outs to the schmactors of the world. Tune in for all the grump and geek you love!Sponsors:HelloFresh - Get 10 FREE meals at HelloFresh.com/freegog1Password Extended Access Management - Check it out at 1Password.com/grumpyoldgeeks. Secure every sign-in for every app on every device.DeleteMe - Head over to JoinDeleteMe.com/GOG and use the code "GOG" for 20% off.Private Internet Access - Go to GOG.Show/vpn and sign up today. For a limited time only, you can get OUR favorite VPN for as little as $2.03 a month.SetApp - With a single monthly subscription you get 240+ apps for your Mac. Go to SetApp and get started today!!!1Password - Get a great deal on the only password manager recommended by Grumpy Old Geeks! gog.show/1passwordShow notes at https://gog.show/675IN THE NEWSDeus in machina: Swiss church installs AI-powered JesusThere's No Longer Any Doubt That Hollywood Writing Is Powering AIOpenAI accidentally deleted potential evidence in NY Times copyright lawsuitDNA testing company vanishes along with its customers' genetic dataNeuralink gets approval to start human trials in CanadaThe Weirdest Domains Alex Jones Has to Give to The OnionDOJ: Google must sell Chrome to end monopolyTrump Admin Reportedly Wants to Unleash Driverless Cars on AmericaStudy Finds Tesla Has Higher Rate of Fatal Accidents Than Any Other CarGermany says cut undersea data cables were sabotagedAnyone Can Buy Data Tracking US Soldiers and Spies to Nuclear Vaults and Brothels in GermanyMicrosoft is building wooden data centers to slash carbon emissionsMEDIA CANDYJake Paul vs. Mike Tyson Did Super Bowl Viewership NumbersThe Old ManThe Day of the JackalLeonardo da Vinci by Ken BurnsThe Studio — Official Teaser | Apple TV+Apple TV+ will license its movies to other services to reduce lossesHow To Train Your Dragon | Official Teaser TrailerHow to Train Your Dragon Director Justifies the Live-Action Film's ExistenceA Minecraft Movie | Official TrailerSilo S2Kingdom Uncovered: Inside Saudi ArabiaDune: ProphecyWilliam Shatner's Captain Kirk Faces a Long Goodbye in This Stunning Star Trek Anniversary Short765874 - Unification (4K)Daniel Ek just cashed out $35.8 million in Spotify shares. But that's nothing compared to his co-founder… who just cashed out $383.8 million.Dashaun Wesley: LabelsElon Musk and Vivek Ramaswamy Promise New Podcast to Discuss Destruction of U.S. GovernmentAPPS & DOODADSIntroducing Shop with PerplexityApple Lost the Plot on TextingBluesky hits 20 million usersBluesky CEO Jay Graber says X rival is 'billionaire proof'Bluesky Post Count and Author StatsThreads will prioritize accounts you follow instead of randosAT THE LIBRARYGhosts (First Contact) by Peter CawdronTHE DARK SIDE WITH DAVEDave BittnerThe CyberWireHacking HumansCaveatControl LoopOnly Malware in the Building‘Star Wars: Visions' Renewed for Season 3 at Disney+Researcher reverse engineers iPhone's Inactivity Reboot featureLeaked Documents Show What Phones Secretive Tech ‘Graykey' Can UnlockThomas E. Kurtz, a Creator of BASIC Computer Language, Dies at 96CLOSING SHOUT-OUTSSchmactorsSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Hacking Humans
Granny's got a new trick.

Hacking Humans

Play Episode Listen Later Nov 21, 2024 35:49


On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, Joe shares a note from listener Michael before getting into stories, and Michael writes in to share that there are VIN cloning scams. Joe brings back the Iota discussion from last week. Joe's up first for stories and focuses on fraud. Dave informs us of the new human-like AI granny who is wasting scammers time. Finally Maria brings us the story of how BforeAI researchers analyzed over 6000 newly registered retail domains, revealing a surge in scam activity targeting shoppers with phishing websites, fake apps, and fraudulent offers, particularly during the holiday season, exploiting brand names, seasonal trends, and emerging technologies like AI and cryptocurrency. Our catch of the day comes from listener Kenneth who writes in about a fraudulent email claiming to be from Emirates Group, inviting a company to register as a vendor or contractor for upcoming projects in 2024/2025. The email emphasizes the company's experience in various sectors and urges a prompt response to initiate the registration process. It is signed by a supposed "Contractors Coordinator," Mr. Steve Ibrahim Ghandi, and includes fake contact details for the Emirates Group. Resources and links to stories: VIN cloning How Cybercriminals Use Vehicle Identification Numbers (VINs) to Hack Cars Yes, your car's Vehicle Identification Number can be used to steal from you Geolocation Resources for OSINT Investigations Person dressed in a bear costume to fake attacks on cars for insurance payout, California officials say U.S. Trustee Program Warns Consumers of Bankruptcy Fraud Alert Scam O2 unveils Daisy, the AI granny wasting scammers' time 2024 Online Holiday Retail Threat Report You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

The CyberWire
One tap, total access: Pegasus exploits unveiled.

The CyberWire

Play Episode Listen Later Nov 15, 2024 42:15


Unredacted court filings from WhatsApp's 2019 lawsuit against NSO Group reveal the scope of spyware infections. Glove Stealer can bypass App-Bound Encryption in Chromium-based browsers. Researchers uncover a new zero-day vulnerability in Fortinet's FortiManager. Rapid7 detects an updated version of LodaRAT. CISA warns of active exploitation of Palo Alto Networks' Expedition tool. Misconfigured Microsoft Power Pages accounts expose sensitive data. Iranian state hackers mimic North Koreans in fake job scams. Australia warns its critical infrastructure providers about state sponsored embedded malware. An especially cruel cybercriminal gets ten years in the slammer. Guest Ambuj Kumar, Co-founder and CEO of Simbian, joins us to discuss how AI Agents may change the cyber landscape. We're countin' down the top ten least secure passwords.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Ambuj Kumar, Co-founder and CEO of Simbian, joins us to discuss how AI Agents are going to change the cyber landscape. Selected Reading 1,400 Pegasus spyware infections detailed in WhatsApp's lawsuit filings (The Record) Glove Stealer Malware Bypasses Chrome's App-Bound Encryption (SecurityWeek) watchTowr Finds New Zero-Day Vulnerability in Fortinet Products ( Infosecurity Magazine) LodaRAT: Established malware, new victim patterns (Rapid7 Blog) CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks (SecurityWeek) Microsoft Power Pages misconfigs exposing sensitive data (The Register) Iranian Threat Actors Mimic North Korean Job Scam Techniques (BankInfo Security) Hackers Lurking in Critical Infrastructure to Wage Attacks (BankInfo Security) Cybercriminal devoid of boundaries gets 10-year prison sentence (The Register) Top 200 Most Common Passwords (NordPass) Special voting request.  Just when you thought voting was over for this year…It's time to vote…again! The N2K CyberWire hosting team of Dave Bittner, Maria Varmazis, and Joseph Carrigan have been nominated for the Creator of the Year category in the Baltimore region's 2024 Technical.ly Awards for their incredible work on the Hacking Humans podcast! If you're a fan of Hacking Humans, we'd be thrilled to have your support! Please cast your vote here. (Make sure you select the “Baltimore” region). Thanks for your vote! Voting ends Monday, November 18th, so don't delay! Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts wit h us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacking Humans
Final approach to scammer advent.

Hacking Humans

Play Episode Listen Later Nov 14, 2024 42:44


On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, the team shares follow up about FEMA and Hurricane Helene relief. Dave's story is about romance scams involving an impersonator of a WWE star scamming a grandfather out of their retirement savings, Maria shares a story about a valid-looking document impersonating DocuSign's API (application programming interface). Joe's got a few stories including one about a CVE (Common Vulnerabilities Enumeration) relating to an Okta bug and one from the Better Business Bureau with a new twist on online shopping scams where your get a "card declined" message. Our Catch of the Day comes from listener William about an email from the "United Nations." Resources and links to stories: DisasterAssistance.gov They're Giving Scammers All Their Money. The Kids Can't Stop Them. Attackers Abuse DocuSign API to Send Authentic-Looking Invoices At Scale DMARC: Domain-based Message Authentication, Reporting & Conformance CVE-2024-10327 BBB Scam Alert: 'Card declined' error may lead to multiple fraudulent charges You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

Hacking Humans
The devil IS in the details.

Hacking Humans

Play Episode Listen Later Sep 26, 2024 47:05


It's all in the details, folks. Pay attention to those and you can avoid unnecessary stress. Dave Bittner, Maria Varmazis, and Joe Carrigan swap stories on email password-stealing attacks, Google ads scams, and fake banks this week. The team shares follow up from listener Steven from the UK about the hazards of shoulder surfing when they received their new debit card with all PII on the same side of the card. A friend of the show JJ shared a story and a warning about fake checks. Never accept a check from a stranger. Dave's story covers Action Fraud, the UK's national fraud and cyber reporting center, warning iPhone users of a new Apple ID phishing campaign. Maria talks about new research that uncovers a new scam that takes advantage of public wishlists on ecommerce websites, which in this case is Walmart, but is similar to those found on Amazon and other sites. Joe's story is about a firm in Singapore with an email from a supplier requesting that a pending payment be sent to a new bank account based in East Timor.  Our Catch of the Day is from Reddit on the /scambait subreddit "THE Dolly Parton is going to let ME in her VIP club." Links to the stories: iPhone Users Warned As New Email Password-Stealing Attacks Reported Walmart customers scammed via fake shopping lists, threatened with arrest Police recover over USD 40 million from international email scam THE Dolly Parton is going to let ME in her VIP club. You can hear more from the T-Minus space daily show here. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.

The CyberWire
The current state of the zero trust.

The CyberWire

Play Episode Listen Later Jul 29, 2024 18:29


Rick Howard, N2K CyberWire's Chief Analyst and Senior Fellow, discusses the current state of zero trust with CyberWire Hash Table guest John Kindervag, the originator of the zero trust idea. References: Jonathan Jones, 2011. “Six Honest Serving Men” by Rudyard Kipling [Video]. YouTube. Dave Bittner, Rick Howard, John Kindervag, Kapil Raina, 2021. Zeroing in on zero trust. [Podcast]. CyberWire-X Podcast - N2K Cyberwire. Dawn Cappelli, Andrew Moore, Randall Trzeciak, 2012. The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud)  [Book]. SEI Series in Software Engineering). Goodreads.  Rick Howard, 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Goodreads. John Kindervag, 2010. No More Chewy Centers: Introducing The Zero Trust Model Of Information Security [White Paper]. Palo Alto Networks. Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
Uniting against APT40.

The CyberWire

Play Episode Listen Later Jul 9, 2024 35:53


The UK's NCSC highlights evolving cyberattack techniques used by Chinese state-sponsored actors.A severe cyberattack targets Frankfurt University of Applied Sciences. Russian government agencies fall under the spell of CloudSorcerer. CISA looks to Hipcheck Open Source security vulnerabilities. Avast decrypts DoNex ransomware. Neiman Marcus data breach exposes over 31 million customers. Lookout spots GuardZoo spyware. Cybersecurity funding surges. Our guest is Caroline Wong, Chief Strategy Officer at Cobalt, to discuss the state of pentesting and adapting to the impact of AI in cybersecurity. Scalpers Outsmart Ticketmaster's Rotating Barcodes. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, Dave Bittner is joined by Caroline Wong, Chief Strategy Officer at Cobalt, to discuss the state of pentesting and adapting to the impact of AI in cybersecurity. You can learn more about the state of pentesting from Cobalt's State of Pentesting 2024 report here.  Selected Reading The NCSC and partners issue alert about evolving techniques used by China state-sponsored cyber attacks (NCSC) ‘Serious hacker attack' forces Frankfurt university to shut down IT systems (The Record) New group exploits public cloud services to spy on Russian agencies, Kaspersky says (The Record) Continued Progress Towards a Secure Open Source Ecosystem (CISA) Decrypted: DoNex Ransomware and its Predecessors (Avast Threat Labs) Neiman Marcus data breach: 31 million email addresses found exposed (Bleeping Computer) GuardZoo spyware used by Houthis to target military personnel (Help Net Security) Cybersecurity Funding Surges in Q2 2024: Pinpoint Search Group Report Highlights Year-Over-Year Growth (Pinpoint Search Group) Scalpers Work With Hackers to Liberate Ticketmaster's ‘Non-Transferable' Tickets (404 Media) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
U.S. tightens the cybersecurity belt.

The CyberWire

Play Episode Listen Later Jun 21, 2024 34:59


Biden bans Kaspersky over security concerns. Accenture says reports of them being breached are greatly exaggerated. SneakyChef targets diplomats in Africa, the Middle East, Europe and Asia. A serious firmware flaw affects Intel CPUs. More headaches for car dealerships relying on CDK Global. CISA Alerts Over 100,000 Individuals of Potential Data Breach in Chemical Security Tool Hack. SquidLoader targets Chinese organizations through phishing. A new nonprofit aims to establish certification standards in maritime cybersecurity. A sneak peek of our latest podcast, Only Malware in the Building. Using the court system for customer support. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Selena Larson, joined by Dave Bittner and Rick Howard, hosts the new podcast "Only Malware in the Building." This monthly collaboration between N2K CyberWire and Proofpoint delves into the most impactful and intriguing malware stories. Selena makes complex cybersecurity info fun and digestible, offering tech professionals clear, actionable insights.  Selected Reading Biden bans US sales of Kaspersky software over Russia ties (Reuters) Exclusive: Accenture says data leak claims false, only 3 affected (Cyber Daily) Chinese-aligned hacking group targeted more than a dozen government agencies, researchers find (CyberScoop) Intel-powered computers affected by serious firmware flaw (CVE-2024-0762) (Help Net Security) CDK warns: threat actors are calling customers, posing as support (bleepingcomputer) Personal and Chemical Facility Information Potentially Accessed in CISA Hack (SecurityWeek) New Highly Evasive SquidLoader Attacking Employees Mimic As Word Document (gbhackers) New body IMCSO to elevate standards and streamline provisioning of cybersecurity services in Maritime (itsecurityguru) US DHS partners with Indonesia to strengthen maritime cybersecurity in Indo-Pacific region (Industrial Cyber) How small claims court became Meta's customer service hotline (engadget). The curious case of the missing IcedID (Only Malware in the Building) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices