POPULARITY
Hosted by dave bittner
141 episodes with dave bittner
84 episodes with dave bittner
23 episodes with dave bittner
25 episodes with dave bittner
8 episodes with dave bittner
4 episodes with dave bittner
8 episodes with dave bittner
4 episodes with dave bittner
In this Special Edition episode, N2K CyberWire's Dave Bittner sits down with Caitlin Sarian, widely known as Cybersecurity Girl, to explore how storytelling, authenticity, and community are reshaping a more human-centered cybersecurity landscape. Recorded live at The Cyber Guild's Uniting Women in Cyber (UWIC) Event last fall, this candid conversation highlights Caitlin's unconventional path into cybersecurity and her mission to make the industry more accessible and relatable for all. Together, they explore how breaking down technical barriers can unlock new pathways into the field especially for those from nontraditional backgrounds. UWIC brings together industry leaders, practitioners, and emerging talent to advance the cybersecurity workforce through leadership, innovation, and inclusion. Join us on Oct 8 for UWIC 2026! Learn more about your ad choices. Visit megaphone.fm/adchoices
This week, hosts of N2K CyberWire Maria Varmazis and Dave Bittner alongside Joe Carrigan are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up on an editorial examining whether AI could signal the beginning of the end for traditional social engineering, as attackers increasingly target AI systems instead of people. Dave's got the story on an FBI warning that crypto scammers are using cash couriers to collect money from victims and bypass banking safeguards. Maria's got the story on AI-powered impersonators posing as members of the rock band Sons of Legion to scam fans through fake relationships and fraudulent requests for money. Joe's got two stories: one on HSBC Australia facing a proposed $246 million penalty over alleged scam protection failures, and another on two Michigan gold scam busts that prevented victims from losing hundreds of thousands of dollars. Our catch of the day is a reflection on a past interaction where the author initially held out hope someone might reappear, but ultimately accepts they're gone and shares the story in hindsight, including their own strongly emotional reaction at the time. Resources and links to stories: The Beginning of the End of Social Engineering FBI Warns Courier Cash Pickups Are Driving Crypto Scams A Rock Band Went Viral. Then AI Scammers Moved In HSBC's Australia unit to pay $24.6 million fine over scam protection failures, court rules A Couple Was Told To Turn $250,000 Into Gold. Police Stopped The Courier Scam Video: Deputies nab suspect in attempted $700,000 gold coin scam Eric - failed bait because I'm such a b**ch - part 1 Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
Five Eyes warns AI could supercharge cyberattacks within months. Tata Electronics confirms breach as stolen data allegedly includes Apple and Tesla documents. Researchers publish new analysis of FortiBleed. Gizmodo breach exposes readers to ClickFix malware campaign. BootROM exploit can bypass Apple's SecureROM. Scattered Spider members plead guilty in the UK. Attackers exploit Gravity SMTP flaw to harvest secrets From WordPress sites. Executive Order accelerates federal shift to post-quantum cryptography. Dave Bittner sits down with Ellen Boehm, the Senior Vice President of IoT Strategy & Operations at Keyfactor, to discuss NIST's progress in its PQC efforts. Keeping tabs on the tab-keepers. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today Dave Bittner sits down with Ellen Boehm, the Senior Vice President of IoT Strategy & Operations at Keyfactor, to discuss NIST's progress in its PQC efforts and where more effort needs to be made to get the U.S. and its critical infrastructure quantum-ready. Selected Reading 'Five Eyes' intelligence alliance warns that new AI models pose urgent cyber risk (Reuters) Intel agencies: Frontier AI models will reshape cybersecurity faster than expected (CyberScoop) Anthropic's Mythos AI broke into almost all NSA classified systems in hours (SecurityAffairs) Tata Electronics, a major tech supplier to Apple and Tesla, confirms data breach (TechCrunch) FortiBleed campaign used custom FortiGate sniffer to steal credentials (BleepingComputer) Gizmodo readers hit with ClickFix malware prompts after account compromise (The Register) New Exploit Bypasses Apple's Boot Defenses, Affects Millions of iPhones (SecurityWeek) TFL Hackers Admit Carrying Out Cyberattack That Cost £39M (Law360) Attackers Actively Exploiting Sensitive Information Exposure Vulnerability in Gravity SMTP Plugin (Wordfence) Trump Signs Executive Order Accelerating Post-Quantum Cryptography Migration (Security Week) Madison Square Garden Made Dossier on Activists Who Opposed Facial Recognition (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Klue supply-chain attack impacts cybersecurity firms. Brand-new Prinz Eugen ransomware is surprisingly polished. ShinyHunters leak exposes sensitive data of 10,000 Council of Europe employees. Security agencies sound alarm over FortiBleed credential harvesting operation. Texas data breach affects hunting and fishing licensees. Microsoft ties Mastra AI supply chain attack to North Korean hackers. Vidar infostealer unveils new technique to defeat Chrome's encryption protections. Brazil investigates suspected hack of emergency alert system. We got your Monday business brief. On today's Industry Voices, Dave Bittner sits down with Mike Britton, CIO of Abnormal AI, as they discuss "AI-Powered Attacks Are Now a Commodity.” And not the kind of beats you want to drop. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices, we are joined by Mike Britton, CIO of Abnormal AI, discussing "AI-Powered Attacks Are Now a Commodity — And Most Organizations Don't Know It Yet." If you enjoyed this conversation and want to hear the full interview, listen here. Selected Reading Klue OAuth breach victim list grows as Icarus hackers claim attack (BleepingComputer) Prinz Eugen ransomware: a deep dive into a new Go-based encryptor (ThreatDown by Malwarebytes) Council of Europe Data Breach: ShinyHunters Makes 10,000 Employees' Records Permanent (Tech Times) Global cybersecurity agencies warn of credential exposure in FortiBleed campaign targeting Fortinet firewalls, VPN gateways (Industrial Cyber) Everything's bigger and better in Texas – even data breaches (The Register) Microsoft links Mastra AI supply chain attack to North Korean hackers (BleepingComputer) Inside Vidar's ABE Bypass: From Memory Scanning to APC Injections (Gen Digital) Brazil probes emergency warning system after nationwide rogue alert (The Register) Ent emerges from stealth with $100 million in seed funding. (N2K Pro Business Briefing) Apple patches Beats Studio Buds flaw that could turn earbuds into a wiretap (Malwarebytes) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
For years, security teams had time between discovery and exploitation. Time to triage. Time to validate. Time to prioritize what to fix first. AI has compressed that window. Frontier models now discover and chain vulnerabilities faster than human analysts can confirm them, and the gap between finding and fixing is shrinking in both directions. In this episode of CyberWire-X, N2K's Dave Bittner and Federico Kirschbaum, Head of XBOW Security Lab, explore what it actually means to run autonomous offensive security, why validation workflows built for quarterly testing cycles struggle to keep up, and how practitioners are redefining what a tested application looks like when the pace of offense has fundamentally changed. Learn more about your ad choices. Visit megaphone.fm/adchoices
Traditionally, GPS jamming attacks have been confined to the ground; however, new data shows that these attacks could be moving to target signals before they even reach the ground. In this week's episode, host Maria Varmazis sits down with Dave Bittner and Brandon Karpf to discuss recent research that suggests the attack landscape for GPS attacks is expanding. If this research is accurate, these attacks represent a significant evolution for how defenders think about this critical technology. Key sources: Something is jamming GPS over Europe. Here's what we found. Chasing Lightning: Detecting, Characterizing, and Identifying a Powerful Space-Based GNSS Interference Source. EKS 5. Like what you heard? Be sure to subscribe to our free Signals and Space Briefing, our Sunday newsletter covering the intersection of cybersecurity and space. Subscribe at: https://thecyberwire.com/newsletters/signals-and-space Is there a topic or person you'd like to hear on our show? You can send your questions and feedback to space@n2k.com. You can also fill our our audience survey: https://www.surveymonkey.com/r/NJYCN2P T-Minus: Space-Cyber Briefing is a production of N2K CyberWire. N2K is your nexus for discovery and connection for people, technology, and ideas shaping the future of secure innovation. Learn how at n2k.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
Traditionally, GPS jamming attacks have been confined to the ground; however, new data shows that these attacks could be moving to target signals before they even reach the ground. In this week's episode, host Maria Varmazis sits down with Dave Bittner and Brandon Karpf to discuss recent research that suggests the attack landscape for GPS attacks is expanding. If this research is accurate, these attacks represent a significant evolution for how defenders think about this critical technology. Key sources: Something is jamming GPS over Europe. Here's what we found. Chasing Lightning: Detecting, Characterizing, and Identifying a Powerful Space-Based GNSS Interference Source. EKS 5. Like what you heard? Be sure to subscribe to our free Signals and Space Briefing, our Sunday newsletter covering the intersection of cybersecurity and space. Subscribe at: https://thecyberwire.com/newsletters/signals-and-space Is there a topic or person you'd like to hear on our show? You can send your questions and feedback to space@n2k.com. You can also fill our our audience survey: https://www.surveymonkey.com/r/NJYCN2P T-Minus: Space-Cyber Briefing is a production of N2K CyberWire. N2K is your nexus for discovery and connection for people, technology, and ideas shaping the future of secure innovation. Learn how at n2k.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
In this special edition of CyberWire Daily's 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss leaks, espionage and influence operations over the past 10 years. Together they reflect on a decade of cybersecurity developments, focusing on the pivotal year 2016 where a shift occurred. Join N2K as we cover the rise of nation-state cyber operations, major leaks like the Panama Papers and DNC email hacks, and the evolving landscape of cyber norms, trust, and threat perception. Learn more about your ad choices. Visit megaphone.fm/adchoices
This week, hosts of N2K CyberWire Maria Varmazis and Dave Bittner alongside Joe Carrigan are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. This week, we have follow up on a listener-submitted trick for diverting unwanted calls to a different number, including the famous Rickroll hotline, along with a discussion about whether Joe should launch a podcast dedicated entirely to the trials and tribulations of raising backyard chickens. Maria has the story of a journalist who infiltrated a sophisticated North Korean hiring scam that uses fake job interviews, real freelance recruiters, and malware-laced coding tests to steal passwords and cryptocurrency. Dave's got a viral gas station scam warning involving screws placed in fuel pumps, and why investigators found no evidence that the alleged scheme is actually happening. Joe's first story is on a new Maryland law that gives banks and credit unions the authority to temporarily pause suspicious transactions in an effort to better protect customers from fraud and financial exploitation. On this week's Catch of the Day, a scammer serves up a blood-curdling tale involving "Dr. Prince Andrew" and a very questionable beverage choice. Resources and links to stories: I Made The World's First Self-Cooling Clothes Cools Surfaces Up To 15°F Below The Air Temperature I got inside a North Korean hiring scam. What I found reveals a troubling shift in tactics Gas pump 'screw method' scam warning is a hoax Maryland law gives banks and credit unions power to pause suspicious transactions Longevity Ready Maryland, Fraud Protections, Support for Caregivers Among Wins for Older Marylanders Dr. Prince Andrew admits to drinking blood "occasionally" Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
What It Takes To Be Successful in Cyber Media All links and images can be found on CISO Series Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Dave Bittner, producer and host, The CyberWire. Joining is Graham Cluley, host of Smashing Security podcast and Leo Laporte, founder of TWiT (This Week in Tech) and host of Security Now podcast. In this episode: Format follows function The decision gap Practitioner fingerprints Beyond the news cycle A huge thanks to our sponsor, Palo Alto Networks Cortex Cloud unifies code, cloud, and SOC on a single data, risk, and control plane — giving teams the context, workflows, and agentic intelligence to turn risk into resolution. Native AI agents investigate and act within enterprise guardrails, delivering real-time protection from workload to network edge. Cloud security that outpaces machine-speed threats. Learn more at paloaltonetworks.com/cortex/cloud/demo.
In large enterprise software companies, vulnerability management teams are facing unprecedented speed and scale as AI accelerates both discovery and exploitation of security issues. In this episode of CyberWire-X, N2K's Dave Bittner is joined by Adobe's Daniel Ventura, Senior Manager of the Vulnerability Operations Center, and Sangeeta Arora, Director of Vulnerability Management, to discuss how Adobe is evolving its vulnerability management strategy to keep pace with AI-driven threats. They share real world insights on prioritization, crossteam partnership, and how modern programs can balance speed with meaningful risk reduction. Learn more about your ad choices. Visit megaphone.fm/adchoices
This week, hosts of N2K CyberWire Maria Varmazis and Dave Bittner alongside Joe Carrigan are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. This week's follow-up stories involve a puppy scam, a memorable road trip, fresh eggs, chickens, and an unexpected rat encounter. Joe examines two cases highlighting the real-world financial impact of fraud, including a vendor payment scam that cost a Maine town nearly $190,000 and a report on growing state-level fraud losses. Maria discusses a highly targeted espionage campaign that maintained access to a stock exchange executive's Outlook account, while quietly exfiltrating sensitive information. Dave explores how criminals are using AI-generated deepfakes of executives to convince employees to authorize fraudulent payments. Our Catch of the Day comes from listener Piet-Auke Boekema, who uncovered a LinkedIn scammer offering to sell cybersecurity certifications without requiring the exams. Resources and links to stories: Residents of Arizona, Nevada and Hawaii lost the most to fraud schemes. How other states compare Harpswell loses $189,199 to vendor payment scam Espionage Campaign Targeted Stock Exchange Executive for Five Months The Deepfake Boss Scam: How to Verify Requests Before It's Too Late Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
This week on Grumpy Old Geeks, Brian and Jason once again survey the smoldering wreckage of the tech industry and discover that the people building the future are increasingly being sued by governments, publishers, customers, employees, and occasionally reality itself. California is coming after 23andMe over its catastrophic data breach, Florida is taking a swing at OpenAI, CNN has joined the ever-growing conga line of companies suing Perplexity, and Meta somehow decided the solution to improving AI is recording employees' every mouse click while generously allowing them a whole 30-minute privacy break. Meanwhile, Google's own engineers are sharing memes about how much Google's AI tools suck, Microsoft apparently wants users addicted to its new AI assistant - first taste's free! - and Anthropic is preparing to go public with a valuation that makes even the most irrational dot-com era investor look financially responsible.The AI arms race continues producing exactly the kinds of outcomes you'd expect when venture capitalists start huffing their own press releases. Instagram's AI support bot reportedly helped hackers steal accounts because apparently "Are you sure you're the owner?" was considered an optional step. Suno raised another $400 million while fighting copyright lawsuits, Paramount+ seems to have let AI create the ugliest Star Trek thumbnail in Federation history, and Stan Lee has now been digitally resurrected because modern capitalism looked at death and said, "Nice try." Over in transportation, BYD is so confident in its self-driving technology that it's willing to pay for your accidents, while Tesla owners are discovering their old Full Self-Driving contracts may have quietly received software updates of the legal variety. Somewhere in a conference room, a lawyer just whispered, "Let's not put that in writing," ten years too late.Elsewhere, governments worldwide continue their ongoing experiment of raising children by confiscating smartphones. Malaysia has implemented a social media ban for kids under 16, Poland wants phones and smartwatches locked away at school, and Kentucky schools just collected $27 million from social media companies accused of building products as addictive as cigarettes.Dave Bittner drops by for a visit and we discuss Spotify listeners apparently preferring old music because new music keeps getting algorithmically focus-grouped into oblivion and a healthy dose of Star Wars, Downton Abbey, Derry Girls, Lego, books, gadgets, and AI-generated jazz. Add it all up and you've got another week where the only thing moving faster than technology is the legal department trying to keep up.Sponsors:DeleteMe - Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com/GOG and use promo code GOG at checkout.Shopify - Sign up for your one-dollar-per-month trial today at Shopify.com/grumpyPrivate Internet Access - Go to GOG.Show/vpn and sign up today. For a limited time only, you can get OUR favorite VPN for as little as $2.03 a month.SetApp - With a single monthly subscription you get 240+ apps for your Mac. Go to SetApp and get started today!!!1Password - Get a great deal on the only password manager recommended by Grumpy Old Geeks! gog.show/1passwordShow notes at https://gog.show/749Watch on YouTube at https://youtu.be/A1sv2BEzWBkShow NotesVibe Coders are Script KiddiesDestroy the BroligarchyColorado Governor Vetoes Surveillance Pricing Ban as Public Backlash Against the Tech GrowsCalifornia sues 23andMe over 2023 data breach that affected 7 million usersFlorida sues OpenAI, Sam Altman, in first-of-its-kind lawsuit over violent incidentsMeta will reportedly let employees take 30-minute breaks from its tracking programInstagram is alerting users who were targeted by hackers during AI chatbot attacksGoogle Employees Internally Share Memes About How Its AI SucksGoogle ordered to put clearer links in AI search and let UK publishers opt outMicrosoft Wants to 'Make People Addicted' to its New AI Assistant, Internal Documents RevealMeta, other social networks will pay $27 million to settle Kentucky school district lawsuitMalaysia's under-16 social media ban carries fines up to $2.5 millionPoland wants to ban phones and smartwatches in schoolsCNN is the latest media company to sue PerplexityStill facing copyright lawsuits, AI music generator Suno raises another $400MBYD is assuming financial liability if you crash while using its self-driving techAnthropic is set to go public after filing paperwork with the SECData Center Operators Are Trying to Fix Their Water Use ProblemsTesla Owners Say Their Old FSD Contracts Were Quietly ChangedStan Lee's voice and likeness have been resurrected, thanks to AIParamount+ used AI to make the ugliest Star Trek thumbnail ever2026 World Cup Wall ChartI Am Not a Robot: My Year Using AI to Do (Almost) Everything by Joanna SternCarl's Doomsday Scenario: Dungeon Crawler Carl Book 2 by Matt DinnimanWisdom Takes Work: Learn. Apply. Repeat. by Ryan HolidayBelkin Connect 4-Port USB-C Hub - USB C Hub Multiport Adapter Dongle with 4 USB-C 3.2 Gen 2 Ports - High-Speed 10G Data Transfer for Laptop, MacBook, iPad, PC, and More - 100W PD - $32.24Dave BittnerThe CyberWireHacking HumansCaveatControl LoopOnly Malware in the BuildingThe Mandalorian Season 1Star Wars: RebelsWrapped up the Downton Abbey series rewatchBuffy and Ted Lasso star Anthony Head dies at 72Almost through the Derry Girls series.Lego Mando and Grogu set (mild spoiler)AI generated JazzThe Biggest Hits on Spotify Right Now Are a Blast From the PastSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
This week, hosts of N2K CyberWire Maria Varmazis and Dave Bittner alongside Joe Carrigan are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. They're also joined by special guest Kieran Human, Lead Cybersecurity Engineer at ThreatLocker . Dave's story is on an FBI warning that the Silent Ransom Group is escalating its extortion tactics by combining phishing and fake IT support calls with in-person visits, where attackers may physically enter offices to plug malicious devices into company computers. Joe's story is on a listener-submitted case from Australia where attackers used a phishing email to silently install legitimate remote-access software, hijack a dental practice's email system, and launch a large-scale phishing campaign that bypassed many traditional security controls. Maria's story is on a California mother who lost $5,000 after scammers used what appeared to be her daughter's voice in a fake kidnapping call, highlighting the growing threat of AI-powered voice cloning scams. Our Catch of the Day comes from a text scam that took an unexpected turn when the recipient fired back with a response the scammer definitely wasn't prepared for. Resources and links to stories: FBI warns of in-person data theft attacks from extortion gang California Mom Loses More Than $5,000 in Voice Scam After Receiving Fake Call from Her Daughter Alleging She Was Kidnapped Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
In this special edition of CyberWire Daily's 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner consider the tactics, trends, and turning points that shaped the threat landscape over the last decade of ransomware. Ransomware has evolved from small-scale extortion and opportunistic attacks to sprawling, sophisticated, organized crime and state-sponsored attacks. Cryptocurrency plays a pivotal role in enabling ransomware's growth by providing untraceable payment methods. Join us as we explore key incidents like WannaCry and NotPetya, the shift from street crime to organized and nation-state cyber threats, and AI's impact on the future of ransomware. Learn more about your ad choices. Visit megaphone.fm/adchoices
Iranian hackers hit LA transit. Chinese cyber operators target Middle East infrastructure. Dutch police take down a 17-million-device botnet. Researchers uncover a phishing risk in ChatGPT. Anthropic prepares its Mythos model for release. Chrome patches 22 critical bugs. Zapier fixes a dangerous vulnerability chain. ShinyHunters claims a Charter breach. A data broker who fueled scams against millions of seniors heads to prison. Maria Varmazis joins Dave Bittner for a look back at a decade of ransomware. A Google insider allegedly went from threat hunting to bet hunting. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today CyberWire hosts Maria Varmazis and Dave Bittner take a look at how ransomware has evolved over the past decade, from opportunistic attacks to today's sprawling criminal enterprises, and discuss the tactics, trends, and turning points that shaped the threat landscape. You can catch the full conversation on Sunday in the CyberWire Daily podcast feed. We hope you'll join us! Selected Reading Iranian hackers behind March's LA transport cyberattack, Gambit finds (The Jerusalem Post) Chinese Hackers Exploit Iran War to Target Maritime and Energy Firms (Infosecurity Magazine) Dutch cops wrest 17M devices from mystery botnet's clutches (The Register) ChatGPT blindly trusts browser content, turning the page into a payload (The Register) Anthropic confirms Claude Mythos-class models will roll out to the public (Bleeping Computer) Chrome 148 Update Patches 151 Vulnerabilities (SecurityWeek) Zapier fixes bug chain that researchers say risked widespread account takeover (CyberScoop) Charter Communications data breach affects 4.9 million accounts (Bleeping Computer) Man sent to prison for selling data of 7 millions elderly Americans (Bleeping Computer) US charges Google security engineer with Polymarket insider trading (Bleeping Computer) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
This week, hosts of N2K CyberWire Maria Varmazis and Dave Bittner alongside Joe Carrigan are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up on Joe's rental scam story, as listener Ben suggests the scammers may go the extra mile because they could keep collecting rent for months before anyone realizes the property was never theirs to rent out. Also, another listener writes in with some “Chook Psychology 101." Maria's story is on scammers targeting recent college graduates with fake student loan relief offers, job scams, and rental listings designed to steal personal information, deposits, and money through high-pressure tactics. Joe's story is on Congress pressuring major telecom companies to do more to stop the flood of scam calls and texts still reaching Americans despite billions already being blocked every year. Dave's story is on Android 17 adding new protections aimed at stopping banking scams, including stronger privacy controls and defenses against malicious calls during sensitive actions. Our Catch of the Day is on a text scam where scammers use scare tactics by sending fake messages about court dates and legal trouble. Resources and links to stories: BBB warns of scams targeting new graduates Congressional committee asks telecoms to do more to prevent scams as losses surge Android 17 to expand banking scam call and privacy protections Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
FOLLOW UP: This week, it seems America believes every complicated social problem can be fixed by asking, “Have you tried turning the internet off for the children?” Meanwhile, the Electronic Frontier Foundation quietly notes that the science behind social media bans might not be as clear-cut as cable-news dads screaming about dopamine loops claim. Turns out, teen anxiety may also be linked to pandemics, school shootings, climate dread, and an economy that feels like a Fallout side quest. Meanwhile, Snap Inc. and YouTube settled another lawsuit accusing their apps of turning kids into doomscrolling goblins, Meta continues to insist social media addiction isn't real while losing money in court, and former Google CEO Eric Schmidt was booed at a graduation speech after telling graduates to hop on the AI rocket ship without asking questions — exactly what a billionaire says when he already owns the rocket.In the news, Elon Musk lost another OpenAI lawsuit because apparently even juries have limits. SpaceX's IPO revealed Musk plans to power AI with enough gas turbines to recreate 1890s London smog, and Grok officially became a disclosure liability after the whole “MechaHitler” incident. Tesla robotaxis still clip fences and occasionally require humans to remotely drive the “self-driving” cars. Trump Mobile somehow shipped a gold phone that actually works — a stunning upset — before immediately leaking customer data. LinkedIn finally admitted the platform has become an AI-generated motivational swamp filled with “it's not about X, it's about Y” sludge from people named Brayden. Spotify is handing out podcast verification badges so listeners can tell real creators from algorithmic nightmare fuel. Meta laid off thousands more workers while reportedly using employee surveillance to train AI replacements. And OpenAI is giving everyone in Malta a free year of ChatGPT Plus if they complete an AI literacy course, which honestly makes Malta sound more technologically responsible than Silicon Valley.APPS & DOODADS reflect classic Gen-X paranoia, as Backblaze highlights California's constant threat of wildfires and the idea that local backups are optimistic. YouTube introduced AI deepfake detection tools, allowing creators to finally see which scam ads are using their faces to promote crypto vitamins, while X limited free users to 50 posts a day unless they pay for a blue check — proving once again that the true free speech was the subscriptions we sold along the way. Retrocodex arrived with a strong “everything your teachers confidently told you in 1987 was wrong” vibe.MEDIA CANDY opens with the eternal cry of “FUCK THE FIRETV!!!!” before Jason taps out of Good Omens after ten minutes while Brian takes the bullet for the audience. There's also chatter about Mortal Kombat 2, The Devil Wears Prada 2, Billy Corgan talking goth history with David J, and more existential dread courtesy of Dan Carlin's Common Sense.THE DARK SIDE WITH DAVE welcomes back Dave Bittner for a Mando & Grogu review, Darth Maul, and a stunning but absurdly expensive LEGO Disneyland set. There's also a guy who built a full-size Millennium Falcon “with his wife's permission,” a fan-made Star Tours film, and the Federal Trade Commission discovering that those creepy “your phone is listening to you” ad-tech companies mainly just had PowerPoint decks and confidence. Also: mechanical keyboard simulators now exist, because apparently even fake typing has become a lifestyle brand.Sponsors:DeleteMe - Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com/GOG and use promo code GOG at checkout.Shopify - Sign up for your one-dollar-per-month trial today at Shopify.com/grumpyPrivate Internet Access - Go to GOG.Show/vpn and sign up today. For a limited time only, you can get OUR favorite VPN for as little as $2.03 a month.SetApp - With a single monthly subscription you get 240+ apps for your Mac. Go to SetApp and get started today!!!1Password - Get a great deal on the only password manager recommended by Grumpy Old Geeks! gog.show/1passwordShow notes at https://gog.show/747Watch on YouTube at https://youtu.be/eX5jVfewaswFOLLOW UPThe Science is Not Settled: How Weak Evidence is Fueling a National Push to Ban Social Media for YouthSnap and YouTube have reportedly settled another major social media addiction lawsuitEx-Google CEO Eric Schmidt Fails to Read Room on AI, Gets Booed into OblivionIN THE NEWSElon Musk took too long to sue OpenAI, jury unanimously agreesSpaceX IPO Filing Reveals Nearly $3 Billion Investment in Gas Turbines for AI Data Centers‘MechaHitler' Is SpaceX's Problem NowTrump Mobile Phone Beats Expectations by Actually ExistingNew crash data highlights the slow progress of Tesla's robotaxisIf You Used Insider Knowledge to Score Big on Polymarket, You May Now Be in Huge TroubleMinnesota passes prediction markets banLinkedIn doesn't want your AI slop anymoreSpotify is launching verification badges for podcasts to help listeners avoid AI slopZuckerberg Tells the Tattered Remainder of His Workers That He Won't Conduct Another a Mass Firing for at Least Seven MonthsOpenAI is offering ChatGPT Plus to citizens of Malta for a yearMassive Crypto ATM Company Bitcoin Depot Is Shutting Down as the Whole Industry Collapses‘Smoke Weed and Earn Bitcoin' With This Vape Pen in Our Increasingly Dystopian Nightmare‘Unstoppable' Crypto Exchange Halts Trading After $10 Million TheftIran Doubles Down on Bitcoin for Ships Passing Through the Straight of HormuzTrump-Linked Crypto Company Notes 'Substantial Doubt' It Can Survive Another 12 MonthsAPPS & DOODADSBackblazeYouTube's AI deepfake detection tool is now available to all creators 18 and olderX accounts are limited to 50 posts and 200 replies a day unless they pay for a blue checkmarkRetrocodexMEDIA CANDYGood Omens Season 3 - The FinaleThe Magnificent Others with Billy Corgan - David J of Bauhaus & Love & RocketsCommon Sense 326 – The Water in Which We SwimTHE DARK SIDE WITH DAVEDave BittnerThe CyberWireHacking HumansCaveatControl LoopOnly Malware in the BuildingMaul: Shadow LordRogue One: A Star Wars StoryNot Even Baby Yoda Can Save ‘Star Wars'Colorado man creates replica Millenium FalconSomeone made a Star Tours fan film.Bring Disneyland Home With This Gorgeous New Lego Set‘Creepy' Listening Tool for Targeted Ads Didn't Actually Work, FTC SaysMechanical keyboard simSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
In anticipation of our launch this weekend of T-Minus: Space-Cyber Briefing podcast, please enjoy this interview that CyberWire Daily's Dave Bittner had with Brandon Karpf. They discuss: "Japan's space systems face growing cybersecurity threats." Stay tuned for the first episode of T-Minus: Space-Cyber Briefing on Sunday with host Maria Varmazis and tune in each Sunday for new episodes! Learn more about your ad choices. Visit megaphone.fm/adchoices
In this special edition of CyberWire Daily's 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss cybersecurity geopolitics and warfare that have been in the news over the past 10 years. We begin our conversation around the supply chain malware from the destructive NotPetya campaign out of Russia, then Maria and Dave highlight: Olympic Destroyer disrupting the Pyeongchang Games, CozyBear's SolarWinds espionage campaign, the Colonial Pipeline ransomware disruption, Russia's full invasion of Ukraine paired with Viasat hack, Iranian hackers attacking ICS devices at water treatment plants in Israel, and China's VoltTyphoon and SaltTyphoon intrusions in critical sectors. Join us as we reflect on the escalation from election interference and disruption, to espionage and ransomware as national security crises, to integration in kinetic war,and now expansion into space, with AI-driven defenses and NATO codifying cyber as a collective defense domain. Learn more about your ad choices. Visit megaphone.fm/adchoices
CISA orders rapid patching of actively exploited Ivanti zero-day. Canvas gets hacked during finals week. Dirty Frag is a new Linux zero-day. Researchers document a serious Claude Chrome extension bug. Meta ends Instagram encryption. PCPJack malware clean house before moving in. A new report highlights quantum-era cryptographic threats. Cloudflare announces layoffs amidst AI deployment. Sri Lankan police shut down a scam center. Maria Varmazis joins me to look back at ten years of geopolitics in cyber. Vibe coding reveals valuable data. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we're previewing a special edition of CyberWire Daily's 10th anniversary series, where N2K CyberWire's Maria Varmazis and Dave Bittner revisit a decade of cyber geopolitics and warfare. Selected Reading CISA gives feds four days to patch Ivanti flaw exploited as zero-day (Bleeping Computer) Hackers ate my homework: Educational SaaS Canvas down after cyberattack (The Register) New Linux 'Dirty Frag' zero-day gives root on all major distros (Bleeping Computer) Flaw in Claude's Chrome extension allowed ‘any' other plugin to hijack victims' AI (CyberScoop) Meta U-turns on encryption push for Instagram as DMs go plaintext (The Register) ‘PCPJack' Worm Removes TeamPCP Infections, Steals Credentials (Security Week) Quantum Risk Explained (Recorded Future) Building for the future (Cloudflare) Sri Lanka makes 37 arrests as it raids another scam centre (Bitdefender) Thousands of Vibe-Coded Apps Expose Corporate and Personal Data on the Open Web (WIRED) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
This week, hosts of N2K CyberWire Maria Varmazis and Dave Bittner alongside Joe Carrigan are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow, a sweeping DOJ-led crackdown and rare U.S.-China cooperation that led to hundreds of arrests and the dismantling of global scam centers targeting Americans. Maria has the story on a study finding over a third of FIFA World Cup 2026 partner domains lack strong DMARC “reject” protections, leaving fans and customers vulnerable to spoofed emails and event-themed fraud. Dave's got the story on Americans losing $2.1 billion to social media scams in 2025, with shopping, investment, and romance fraud surging as criminals increasingly use platforms like Facebook, WhatsApp, and Instagram to target victims. Joe's got the story on AI deepfakes fueling scams, from fake Taylor Swift videos on TikTok luring users into phishing schemes to a completely fabricated influencer persona run by a scammer, underscoring how convincingly synthetic identities are being used to deceive online. Our catch of the day is on a text message where a scammer is promising a big reward. Resources and links to stories: 276 arrested in connection with 'scam centers' targeting Americans US, China join for rare cooperation in scam center raid FIFA World Cup 2026: More than One-Third of Official Partners Expose the Public to the Risk of Email Fraud Watchdog warns high FIFA World Cup ticket prices increase risk of scams How to make your World Cup experience scam free Consumers lost $2.1B to social media scams in 2025, FTC reports Taylor Swift Deepfakes Are Fooling TikTok Users Into Phishing Scams MAGA Influencer Emily Hart Exposed as Indian Man Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
This week, while Maria is on vacation, Dave Bittner and Joe Carrigan are joined by Michele Kellerman as they discuss the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up: a quick shoutout to Blood Cancer United and then we get into a listener “Chicken Chat” from Sue about handling an aggressive rooster. Joe's got the story of how former Luther Davis allegedly teamed up with a partner to impersonate NFL players using fake companies, documents, and disguises to secure nearly $20 million in fraudulent loans—charges they are now expected to plead guilty to. Michele's story is on how scammers are targeting families of recently arrested individuals by posing as officials who promise quick releases in exchange for hard-to-trace payments, prompting warnings from law enforcement—including changes like taking jail rosters offline—to cut off these schemes. Joe's got the story on how Amazon is leaning heavily on AI, continuous monitoring, and global enforcement partnerships to proactively block fraud, counterfeit goods, and scams—often before customers or brands ever spot them. For our Catch of the Day, we have a string of texts from Reddit where a user could have possibly been talking to Sir Paul McCartney, possibly. Resources and links to stories: Michele's Visionaries of the Year Fundraiser It's Time to Take on Your Debt Franklin County Sheriff's Office warns of scam targeting family of recently arrested, incarcerated people Cass County sheriff takes jail roster offline to cut off scammers targeting inmate families Trustworthy Shopping Experience Report Paul McCartney pt 1 Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
This week, hosts of N2K CyberWire Maria Varmazis and Dave Bittner alongside Joe Carrigan are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. If you thought you could escape chicken talk, you we're wrong, this week Joe shares some more updates on his chickens. Joe's got two stories this week, one on a New Jersey man arrested while attempting to collect $800,000 in gold as part of a widespread scam targeting elderly victims, and the second is on a new Google-tracked threat group using social engineering and phishing tactics to infiltrate BPOs and steal corporate data for extortion. Maria's story is on a conversation she had with Sean Colicchio, highlighting how trusting human instincts, slowing down, and balancing security training can help individuals and organizations better defend against social engineering attacks. Dave's got the story on a surge in traffic violation scams now using QR codes in phishing texts to trick victims, alongside ten hard-stop rules emphasizing verification, avoiding links or inbound requests, and slowing down to prevent falling for increasingly sophisticated scams. Our Catch of the Day comes from Reddit, where a user questioned a supposed “Google Play Console partnership” email, and the community quickly flagged it as a likely scam—citing red flags. Resources and links to stories: Indian in New Jersey on work visa arrested in gold scam, nabbed when he was going to collect $800,000 in gold Google Warns of New Threat Group Targeting BPOs and Helpdesks Traffic violation scams switch to QR codes in new phishing texts [Nepal] Is this “Google Play Console partnership” email a scam? Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
What does a modern cyberattack really look like from the inside? In this CyberWire-X episode, Dave Bittner speaks with John Anthony Smith, Founder and Chief Security Officer of Fenix24. This conversation takes us step by step as an attacker breaks into a target environment – probing for weaknesses, exploiting entry points, escalating privileges, and moving laterally until they reach their objective. While the attack unfolds, listeners are privy to a behind-the-scenes commentary that reveals the tradecraft: the scripts, misconfigurations, overlooked alerts, and the moments defenders could have stopped the intrusion and, most importantly, prepared for the day through a defense that locks down data and enables a quick and full recovery. This is not a theoretical review or a highlight reel. It's a candid, technical, and eye-opening journey through the full kill chain that will reshape listeners think about detection, incident readiness, and resilience. Learn more about your ad choices. Visit megaphone.fm/adchoices
This week, hosts of N2K CyberWire Maria Varmazis and Dave Bittner alongside Joe Carrigan are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Your favorite follow up story is back, this time Sue from Australia discusses why Joe's hen is losing feathers. Dave's story is on a sophisticated LinkedIn phishing scam that tricks professionals with fake notifications and counterfeit login pages to steal credentials. Joe discusses a bizarre Everest scam where climbers and Sherpas were targeted with fake rescue schemes, highlighting the surprisingly high number of visitors versus summiters. Maria has the story of IRS and tax-related scams warning taxpayers about ghost preparers, urgent payment demands, and fraudulent contact attempts, with Proofpoint noting the use of remote monitoring tools in 40% of 2026 cases. Our catch of the day comes from Reddit, where a likely “stranded in the woods” scam involving a man named Michael begins to unfold but quickly unravels after he overwhelms the interaction with constant ChatGPT-style questioning. Resources and links to stories: LinkedIn Phishing Scam Uses Fake Notifications to Hijack Accounts Everest guides accused of poisoning foreign climbers to force fake rescues in $20m scam Surge in sophisticated tax scams reported by BBB ahead of deadline Security brief: tax scams aim to steal funds from taxpayers The Guy in the Woods - Seduction on Scrabble - Part 1 Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
This week, Maria Varmazis and Joe Carrigan, joined by friend of the show Michele Kellerman, dig into the latest social engineering scams, phishing schemes, and criminal exploits making headlines. Dave Bittner is tied up covering RSA, but will be back next week. First up, a follow-up from listener Bruce, who was hit with hundreds of spam emails in what looks like a subscription bombing attack, overwhelming Google's filters before tapering off; his local hospital saw an even bigger wave, showing how alarming these attacks can be for seniors and other vulnerable users.Joe's got the story of the UK sanctioning Xinbi, a Chinese-language cryptocurrency marketplace accused of profiting from scam centers in Southeast Asia, marking Britain's first action against the platform. Michele shares the FBI's takedown of 11 people in Los Angeles who ran a $17 million “house stealing” mortgage fraud scheme targeting elderly homeowners, highlighting the rising risk of title and refinance fraud for seniors. Maria dives into a new fake CAPTCHA scam that tricks Windows PC users into downloading malware, showing how even simple web prompts can be weaponized by cybercriminals. Our catch of the day is an email on Medicare, but what makes it fake? Tune in to find out! Resources and links to stories: Email Bombing UK sanctions crypto-linked marketplace Xinbi amid crackdown on Southeast Asia scam centres UK sanctions Chinese crypto marketplace tied to scam compounds FBI arrests 11 in LA over alleged $17m real estate, loan fraud Don't Press Those Keys! How to Spot the New “Captcha Scam” Windows PCs targeted by hackers in a fake CAPTCHA scam to spread malware — Outlook account credentials are at risk Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
Iran-linked hackers claim a breach of the FBI director's personal email. ShinyHunters hit the European Commission. F5 and Citrix warn of actively exploited flaws. A WordPress plugin exposes hundreds of thousands of sites. Infinity Stealer targets macOS users. A Russian APT adopts a new iOS exploit kit. Treasury weighs a cyber insurance backstop. DHS clears suspended CISA staff. Our guest is Brian Long, CEO and Co-Founder of Adaptive Security, discussing deepfake job hires and the new identity attack surface. Bureaucrats bless a black-box behemoth. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We will be sharing a series of interviews we held at RSAC 2026 over the next few weeks. Today, Dave Bittner is joined by Brian Long, CEO and Co-Founder of Adaptive Security, discussing deepfake job hires and the new identity attack surface. AI-generated identities are turning the hiring process into a new entry point for attackers. The solution isn't spotting perfect fakes — it's building stronger identity verification into hiring. Tune into the full conversation here. Selected Reading Iran-linked hackers breach FBI director's personal email, publish photos and documents European Commission confirms data breach after Europa.eu hack Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now Critical Citrix NetScaler Vulnerability Exploited in the Wild - Infosecurity Magazine File read flaw in Smart Slider plugin impacts 500K WordPress sites New Infinity Stealer malware grabs macOS data via ClickFix lures Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit - SecurityWeek US Treasury Weighs Cyber Insurance Backstop - GovInfoSecurity DHS drops investigation into former acting CISA chief's failed polygraph exam - Nextgov/FCW Federal Cyber Experts Thought Microsoft's Cloud Was “a Pile of Shit.” They Approved It Anyway Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
In this special edition of CyberWire Daily's 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss the biggest breaches over the past 10 years. The foundational 2014 Sony hack kicks off our conversation, then Maria and Dave highlight: the 2015 OPM breach, which exposed sensitive security-clearance data and was attributed to long-term access by China amid outdated government systems and security 2017's WannaCry and NotPetya's global disruption and Equifax's ongoing fallout the 2020 SolarWinds breach underscored supply-chain risks and raised concerns about potential personal criminal liability for CISOs. The conversation illustrates two main threat-actor categories—nation-state espionage and financially motivated criminals—and the increasingly blurred lines between them. Join us as we reflect on how the industry and cybercrime have evolved over the past decade. Learn more about your ad choices. Visit megaphone.fm/adchoices
CISA warns of actively exploited Langflow vulnerability. CISA flags critical PTC Windchill vulnerability. Phishing activity surges amid war in Iran. Google moves up their post-quantum timeline. Alleged RedLine infostealer developer faces thirty years in a US prison. Bearlyfy hacktivists launch disruptive ransomware campaign in Russia. FCC moves to crack down on robocallers and foreign call centers. Anti-piracy group takes down AnimePlay streaming platform. N2K's Maria Varmazis and Dave Bittner are previewing the biggest breaches in the past 10 years. And what happens when hackers call the game? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Daily at 10: The breaches we still talk about. This installment celebrating 10 years of the CyberWire Daily podcast finds N2K's Maria Varmazis and Dave Bittner previewing the biggest breaches in the past 10 years. You can tune in Sunday to your CyberWire Daily podcast feed to hear their full conversation. Selected Reading CISA: New Langflow flaw actively exploited to hijack AI workflows (Bleeping Computer) CISA Flags Critical PTC Vulnerability That Had German Police Mobilized (SecurityWeek) War in the Middle East Triggers Surge in Phishing and Malware Campaigns Targeting Gulf Countries (Bitdefender) Google moves post-quantum encryption timeline up to 2029 (CyberScoop) Alleged RedLine malware developer extradited to US, faces up to 30 years (The Record) Pro-Ukraine hacker group Bearlyfy targets Russian companies with custom ransomware (The Record) FCC pushes new rules to crack down on robocallers, foreign call centers (CyberScoop) Anti-piracy coalition takes down AnimePlay app with 5 million users (Bleeping Computer) AFC Ajax drops ball as hackers transfer tickets, lift bans (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
This week, hosts of N2K CyberWire Maria Varmazis and Dave Bittner alongside Joe Carrigan are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up on what else? Joe's chickens! Oh Dottie! And he also shares a fun LinkedIn translator from Kagi. Dave shares a site that writes phishing emails to your chosen targets including famous and fictional people to helps users learn what to look for in phishing attempts. Maria discusses a new spin on pig butchering scams to recruit people to be AI face models and use them at scale. Joe shares INTERPOL's Global Financial Fraud Assessment and the current trends that AI is enabling at a rapid pace. Dave's story is about the evolving and increasingly more lucrative practices of refund fraud. Our Catch of the Day comes from Reddit about a overly insistent scammer to be. Resources and links to stories: Kagi translating service The Future of Phishing ‘100 Video Calls Per Day': Models Are Applying to Be the Face of AI Scams INTERPOL report warns of increasingly sophisticated global financial fraud threat The Refund Fraud Economy: Exploiting Major Retailers and Payment Platforms Reddit: Jessica – Sometimes I just can't be bothered with these idiots. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
The White House rolls out its AI legislative framework. The FBI warns Iranian actors are using Telegram for command and control, while Russian operators phish Signal users. Authorities dismantle a massive fake CSAM network, Tycoon 2FA rebounds after disruption, VoidStealer debuts a stealthy Chrome key-theft trick, QNAP patches Pwn2Own flaws, and CISA orders urgent fixes for a critical Cisco firewall bug. Plus, our Monday business breakdown. Brandon Karpf and Maria Varmazis ponder the practicality of orbital data centers. One radio to rule the range. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, N2K CyberWire's Dave BIttner and Maria Varmazis are joined by Brandon Karpf to discuss the practicality of orbital data centers. Selected Reading President Donald J. Trump Unveils National AI Legislative Framework (The White House) FBI warns of Handala hackers using Telegram in malware attacks (Bleeping Computer) Russian hackers target Signal users in phishing campaign, FBI and CISA warn (Cybernews) Police Shut Down 373,000 Dark Web Sites in Single-Operator CSAM Network (Hackread) Tycoon 2FA Fully Operational Despite Law Enforcement Takedown (SecurityWeek) VoidStealer Steals Chrome Secrets Without Injection or Privilege Escalation (GB Hackers) QNAP Patches Four Vulnerabilities Exploited at Pwn2Own (SecurityWeek) CISA Orders US Government to Patch Maximum Severity Cisco Flaw (Infosecurity Magazine) Surf AI has emerged from stealth with $57 million in funding led by Accel. (N2K Pro Business Briefing) Military ‘Smartphone': Comms, Jammer, Drone Control And More In One (Forbes) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
In this special edition of CyberWire Daily's 10th anniversary series, Maria Varmazis hosts a thoughtful and engaging conversation with N2K CyberWire CEO Peter Kilpe and CyberWire Daily host Dave Bittner, exploring the origin story of the podcast that started it all. From early ambitions to behind-the-scenes turning points, they trace how the show found its voice and evolved from a startup experiment into a trusted cornerstone of the cybersecurity community. Along the way, they share candid anecdotes, hard-earned lessons, and reflections on how both the industry and CyberWire Daily have transformed over the past decade. Learn more about your ad choices. Visit megaphone.fm/adchoices
13 years of podcasting has taught us nothing; companies are lying about AI layoffs while Meta destroys itself from the inside; Andreessen has zero introspection and it shows; Dune 3 looks incredible; Firefly lives again; one idiot executive staked Buffy; Adobe paid $75M for being evil; your AI passwords are garbage; Dave Bittner is here to make you feel worse about all of it.Sponsors:DeleteMe - Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com/GOG and use promo code GOG at checkout.SquareSpace - go to squarespace.com/GRUMPY for a free trial. And when you're ready to launch, use code GRUMPY to save 10% off your first purchase of a website or domain.Private Internet Access - Go to GOG.Show/vpn and sign up today. For a limited time only, you can get OUR favorite VPN for as little as $2.03 a month.SetApp - With a single monthly subscription you get 240+ apps for your Mac. Go to SetApp and get started today!!!1Password - Get a great deal on the only password manager recommended by Grumpy Old Geeks! gog.show/1passwordShow notes at https://gog.show/738Watch on YouTube: https://youtu.be/pykGjOmMs5cFOLLOW UPGOG Ep 1: How to Make Money on the Internet - March 25th, 2013The ‘AI-Washing' of Job Cuts Is Corrosive and ConfusingRace on to establish globally recognised 'AI-free' logoBillionaire Marc Andreessen says he has "zero" introspection, and that the idea itself is a modern invention.Gamblers trying to win a bet on Polymarket are vowing to kill me if I don't rewrite an Iran missile storyIN THE NEWSAtlassian to cut roughly 10% jobs in pivot to AIMeta is reportedly planning to cut up to 20 percent of its staff in upcoming layoffsMeta Is Building an Encrypted Chatbot After AI Agents Went Rogue and Exposed Sensitive DataMeta Says It Is Removing End-to-End Encryption From Instagram Direct MessagesMeta is testing clickable links in Instagram captions for verified subscribersEncyclopedia Britannica sues OpenAI for copyright and trademark infringementSenators tell ByteDance to shut down Seedance 2.0 AI video app 'immediately'Things Are Suddenly Looking Incredibly Bad for Trump's Social Media CompanyTrump administration will reportedly get $10 billion for brokering the TikTok dealThe Billionaire Backlash Against a Philanthropic DreamJeff Bezos' Washington Post Now Setting Readers' Subscription Prices With Uber-Style AIAPPS & DOODADSAdobe agrees to pay settlement for making its subscriptions hard to cancelEverything you need to know to design with StitchWhat is DESIGN.md?Warning: Your AI-Generated Password Is a Major Security Risk. Here's What to Use InsteadMEDIA CANDYDune: Part Three | Official Teaser TrailerHow ‘Dune: Part Three' Is Changing the Entire ‘Dune' Franchise"Paradise" has been renewed for Season 3 at Hulu, Variety has learned.Paradise on HuluMars ExpressNathan Fillion Says ‘Firefly' Animated Series In Development With Co-Stars Set To Reprise Roles; Concept Art RevealedSarah Michelle Gellar Says a Single Executive Was Responsible for Killing the ‘Buffy' Reboot‘V For Vendetta' at 20: We Spoke to Its Director About the Increasingly Relevant Comic AdaptationTHE DARK SIDE WITH DAVEDave BittnerThe CyberWireHacking HumansCaveatControl LoopOnly Malware in the BuildingDisney's 100% Rotten Tomatoes Masterpiece Returns This Fall With Brand-New ReleaseShhh… It's zombie proof. Kia's all-electric rangeThe Last Quiet Thing by Terry GodierEvel Knievel Kings Island 1975 - Farthest Successful Jump at 133 feet70's Evel Knievel Toy Commercial IDEALEvel Knievel's 14 Greyhound Bus Jump Oct 25th 1975 HD enhanced. Epic WORLD RECORD.Craig Ferguson's Evel Knievel Story is Wild!!Being EvelWembley 50th Anniversary Evel Knievel Stunt Cycle Set – Limited Gold EditionEvel Knievel Stunt Cycle - Trail Bike EditionSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
Feds take down major IoT botnets. The FBI seizes hacktivist infrastructure. A data breach hits Kaplan, while a hacker claims access to millions of law enforcement tips. Fake Zoom calls deliver malware. A crypto “security” tool turns out to be spyware. A critical AI framework flaw gets exploited in hours. An insider extortion case ends in conviction. And a streaming scam pulls in over $10 million. A look back at ten years of Cyberwire podcasts. Intern Kevin gets ready for RSAC. A cyberattack leaves breathalyzers offline. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Celebrating CyberWire Daily Maria Varmazis leads a conversation with Peter Kilpe and Dave Bittner reflecting on the origins of the CyberWire Daily podcast as part of the 10th anniversary series, sharing behind-the-scenes insights and how it all got started. CyberWire Guest Today we are joined by Intern Kevin—also known as Kevin Magee—as he gets ready for RSA Conference 2026 next week. Selected Reading Feds disrupt IoT botnets behind record-breaking DDoS attacks (The Register) FBI seizes Handala data leak site after Stryker cyberattack (Bleeping Computer) Kaplan North America Reports Data Breach Impacting Nearly 195,000 Individuals (Beyond Machines) Hacker says they compromised millions of confidential police tips held by US company (Reuters) Fake interactive Zoom call leads to malicious ScreenConnect download | news (SC Media) Crypto Scam "ShieldGuard" Dismantled After Malware Discovery (Infosecurity Magazine) Hackers Exploit Critical Langflow Bug in Just 20 Hours (Infosecurity Magazine) Ex-data analyst stole company data in $2.5M extortion scheme (Bleeping Computer) Musician admits to $10M streaming royalty fraud using AI bots (Bleeping Computer) Cyberattack leaves Maine drivers with breathalyzer test systems unable to start vehicles (WGME) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
This week, hosts of N2K CyberWire Maria Varmazis and Dave Bittner alongside Joe Carrigan are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow up on aggravated identity theft and how it ties to crimes like wire fraud, along with a quick look at shared mailboxes and why sharing login credentials can create security risks. Joe's got the story of a vishing attack on an Ericsson vendor that exposed sensitive data of over 15,000 people, highlighting the risks of third-party security gaps. Dave's story is on Meta removing millions of scam ads and accounts while facing scrutiny over whether it profits from fraudulent advertising, highlighting the growing scale of social media-driven scams and pressure from lawmakers to crack down. Maria has the story on how scammers are using AI to impersonate government officials through deepfakes, fake websites, and voice cloning, making fraud more convincing and harder to detect while stealing money and personal information. Our Catch of the Day comes from Reddit where a user has an intriguing conversation with Elon Musk, where he professes his love in a very record amount of time. Resources and links to stories: Ericsson US Discloses Data Breach as Hackers Steal Employee and Customer Data That random call saying “you've won a prize” is a scam Meta says it culled millions of scam ads amid accusations that it profits from them Watch out for AI-generated government impersonators Grammarly Is Facing a Class Action Lawsuit Over Its AI ‘Expert Review' Feature Warren Buffett didn't make this video about Canada-U.S. tensions. It's fake and there will be more How to Fix a Sticking Door Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
Please enjoy this encore of Career Notes. Larry Cashdollar, Principal Security Intelligence Response Engineer at Akamai Technologies, sits down with Dave Bittner to discuss his life leading up to working at Akamai. He shares his story from his beginnings to now, describing what college life was like as a young computer enthusiast. He says "If you look at my 1986 yearbook, I think it was my sixth grade class, it says computer scientist for my career path. So I had a love of computers when I was really young. I guess I knew what field I wanted to get into right off the bat." He describes different career paths that all led him to his current position. He also shares his love for computers and technology through the decades of his youth, and how he is learning, even now. We thank Larry for sharing his story. Learn more about your ad choices. Visit megaphone.fm/adchoices
Please enjoy this encore of Career Notes. Larry Cashdollar, Principal Security Intelligence Response Engineer at Akamai Technologies, sits down with Dave Bittner to discuss his life leading up to working at Akamai. He shares his story from his beginnings to now, describing what college life was like as a young computer enthusiast. He says "If you look at my 1986 yearbook, I think it was my sixth grade class, it says computer scientist for my career path. So I had a love of computers when I was really young. I guess I knew what field I wanted to get into right off the bat." He describes different career paths that all led him to his current position. He also shares his love for computers and technology through the decades of his youth, and how he is learning, even now. We thank Larry for sharing his story. Learn more about your ad choices. Visit megaphone.fm/adchoices
This week, hosts of N2K CyberWire Maria Varmazis and Dave Bittner alongside Joe Carrigan are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Maria's story covers a BBC experiment by Thomas Germain showing how easily major AI tools like ChatGPT and Google's Gemini repeated a completely fabricated claim he posted online, highlighting what experts call a “renaissance for spam” as SEO-style manipulation resurfaces in the age of AI. Dave's story examines Elizabeth Chamblee Burch's book The Pain Brokers, which details how women with pelvic mesh implants were allegedly cold-called and steered into surgeries as part of a $40 million mass-tort recruitment scheme fueled by litigation finance and regulatory gaps. Joe's story reports on an alleged decade-long ticket fraud ring at the Louvre in Paris, where tour guides and museum employees are accused of reusing tickets and bribery, costing more than €10 million before French authorities made multiple arrests. Our catch of the day comes from Reddit, where a user tested the limits of a land developer. Resources and links to stories: I hacked ChatGPT and Google's AI - and it only took 20 minutes A Terrifying Scam and the System That Made It Possible The Pain Brokers: How Con Men, Call Centers, and Rogue Doctors Fuel America's Lawsuit Factory Louvre tour guides accused of orchestrating $16m ticket fraud ring over a decade T&T&T Land&Sea Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
This week, hosts Maria Varmazis (also host of the T-Minus Space Daily show), Dave Bittner and Joe Carrigan are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We have some follow up where Joe shares a scam call he received. Dave's got the story on a sophisticated phishing campaign targeting Apple Pay users through fake emails and voice calls impersonating customer support, as well as Australia's ClickFit initiative warning that romance scammers are exploiting trust online for emotional and financial gain. Joe's story is about a former Ohio bank employee who used his insider access to steal identities and siphon roughly $2 million from elderly customers, ultimately leading to his arrest in Chicago and federal conviction. Maria's story is about a daughter who discovers her 84-year-old mother has been financially exploited by trusted professionals and even family members, underscoring how elder fraud often comes from familiar faces. It highlights the rapid rise in elder financial abuse and the urgent need for families to step in early—before cognitive decline makes the losses irreversible. Our catch of the day come's from the "Australian Government" on a tax document being floated around. Resources and links to stories: Apple Pay Users Targeted by Sophisticated Phishing Scam Leveraging Voice and Email ClickFit: Romance scams Former Bank Employee Found Guilty of Targeting Elderly Victims in Identity Theft and Fraud Scheme Ohio bank's anti-fraud agent stole $2M from elderly customers: DOJ Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
This week, hosts Maria Varmazis (also host of the T-Minus Space Daily show), Dave Bittner and Joe Carrigan are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Dave sits down with Simon Horswell, a Senior Fraud Specialist at Entrust discussing evolving romance scams for Valentine's Day. We have some follow up on chickens and a listener write-in, with a quick note on the backyard chicken trend and a closer look at a Bank of America fraud text that looked like a phish. Maria's story follows an alleged “Dubai Crown Prince” scam that drained nearly €3 million from a Romanian businesswoman using fake banks and humanitarian appeals. Joe's story tells of a handyman-turned-boyfriend who ran multiple dating scams and stole from his partner and her family, now featured on Amazon Prime. Dave's story features Simon Horswell from Entrust explaining why romance scams hit $4.5 billion in 2024 and how scammers use psychological tricks, AI tools, and celebrity impersonation to manipulate victims. We have two catches of the day this week, one a physical letter from the DOJ and the other is an email from Microsoft. Resources and links to stories: Let's stop shipping baby chickens in the mail Inside the alleged $2.5 million Dubai Crown Prince romance scam CASHED OUT I fell in love with a handyman who came to fix my kitchen – little did I know my fairytale would cost me £150k Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
Cyber weapons knock out Iranian air defenses during strikes on nuclear sites. ShinyHunters dump more than a million stolen records from Harvard and Penn. Betterment confirms a breach exposing data from roughly 1.4 million accounts. Researchers uncover a sprawling scam network impersonating law firms. Italy blocks cyberattacks aimed at Olympics infrastructure. Critical bugs put n8n and Google Looker servers at risk of full takeover. A state-backed Shadow Campaign hits governments worldwide. OpenClaw shows how AI-powered attacks are becoming faster, cheaper, and harder to stop. Our guest is Tony Scott, CEO of Intrusion and former federal CIO, sharing his perspective on evolving regulation and the realities behind critical policy shifts. Your smartphone may testify against you. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today comes as a segment from our Caveat podcast. Tony Scott, CEO of Intrusion and former federal CIO, joins Dave Bittner to share his perspective on evolving regulation and the realities behind critical policy shifts. You can listen to Tony and Dave's full conversation on this week's episode of Caveat, and catch new episodes of Caveat every Thursday on your favorite podcast app. Selected Reading Exclusive: US used cyber weapons to disrupt Iranian air defenses during 2025 strikes (The Record) Personal data stolen during Harvard and UPenn data breaches leaked online - over a million details, including emails, home addresses and more, all published (TechRadar) Data breach at fintech firm Betterment exposes 1.4 million accounts (Bleeping Computer) Researchers Expose Network of 150 Cloned Law Firm Websites in AI-Powered Scam Campaign (SecurityWeek) Italy Averted Russian-Linked Cyberattacks Targeting Winter Olympics Websites, Foreign Minister Says (SecurityWeek) n8n security woes roll on as new critical flaws bypass December fix (The Register) LookOut: Discovering RCE and Internal Access on Looker (Google Cloud & On-Prem) (Tenable) Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries (SecurityWeek) The Rise of OpenClaw (SECURITY.COM) Smartphones Now Involved in Nearly Every Police Investigation (Infosecurity Magazine) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
This week, hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe has two stories this week, starting with scammers cashing in on a Verizon outage by luring customers with fake credits, and ending with a rare cybercrime comeback as a woman who lost nearly $1 million gets her money back and then some. Dave's story looks at scammers cashing in on the Ozempic and GLP-1 craze, as Wisconsin consumers lose hundreds of dollars to fake weight loss drugs, deepfake ads, and shady online pharmacies exploiting high demand and high prices. Maria's story warns that scammers are impersonating electric, gas, and water companies this winter, using urgent threats, fake refunds, and unusual payment demands to steal money and personal information, while officials remind customers to hang up and verify any contacts through official channels. Our catch of the day comes from Reddit where the chief of police is reaching out via text. Resources and links to stories: Verizon credit scam targets customers after outage, Georgia sheriff says Cyber scam victim who lost nearly $1M gets her money back — and then some Surging Cyber Scams Leave Older Vermonters Destitute, Frustrated and Saddled With Tax Debt Wisconsin consumers are losing money on Ozempic, weight loss drug scams Winter Utilities warning Utility company warns customers about scam calls Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
CISA's interim director uploaded sensitive government material into the public version of ChatGPT. The cyberattack on Poland's power grid compromised roughly 30 energy facilities. The EU and India sign a new partnership that includes expanded cyber cooperation. Meta rolls out enhanced WhatsApp security features. Researchers uncover a campaign targeting LLM service endpoints. Fortinet and OpenSSL patch multiple vulnerabilities. A high-severity WinRAR vulnerability continues to see widespread exploitation six months after it was patched. The SoundCloud data breach affected nearly 30 million users. Ben Yelin explains the California lawsuit accusing social media platforms of harming kids. A Spanish resort town gets hit with low-rent ransomware. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, Dave is joined by his Caveat co-host Ben Yelin, Program Director for Public Policy & External Affairs at the University of Maryland Center for Cyber Health and Hazard Strategies, to discuss the upcoming trial where Meta and YouTube will make their case against accusations of social media being harmful to children. You can learn more here. T-Minus Guest Host Our T-Minus Space Daily podcast team is in Orlando, FL this week covering Commercial Space Week. Yesterday while the crew was on travel making their way to the event, Dave Bittner took his first spin behind the mic on T-Minus. Tune in and let us know how Dave did! You can follow along with host Maria Varmazis and producers Alice Carruth and Liz Stokes for event coverage via our LinkedIn profile. Selected Reading Trump's acting cyber chief uploaded sensitive files into a public version of ChatGPT (POLITICO) Cyberattack on Poland's power grid hit around 30 energy facilities, new report says (The Record) Europe/India • Indian 'hackers for hire' to continue to thrive under Brussels-New Dehli trade deal (Intelligence Online) New WhatsApp lockdown feature protects high-risk users from hackers (Bleeping Computer) Hackers hijack exposed LLM endpoints in Bizarre Bazaar operation (Bleeping Computer) Fortinet Patches Exploited FortiCloud SSO Authentication Bypass (SecurityWeek) High-Severity Remote Code Execution Vulnerability Patched in OpenSSL (SecurityWeek) Cybercriminals and nation-state groups are exploiting a six-month old WinRAR defect (CyberScoop) SoundCloud breach added to HIBP, 29.8 million accounts exposed (CyberInsider) Spanish municipality Sanxenxo City Council calls hackers bluff as malware takes over network (Cryptopolitan) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Microsoft granted the FBI access to laptops encrypted with BitLocker. The EU opens an investigation into Grok's creation of sexually explicit images. Glimmers of access pierce Iran's internet blackout. Koi Security warns npm fixes fall short against PackageGate exploits. Some Windows 11 devices fail to boot after installing the January Patch Tuesday updates. CISA warns of active exploitation of multiple vulnerabilities across widely used enterprise and developer software. ESET researchers have attributed the cyberattack on Poland's energy sector to Russia's Sandworm. This week's business breakdown. Brandon Karpf joins us to talk space and cyber. CISA sits out RSAC. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is cybersecurity executive and friend of the show Brandon Karpf with Dave Bittner and T-Minus Space Daily host Maria Varmazis, for our monthly space and cyber segment. Brandon, Maria and Dave discuss “No more free rides: it's time to pay for space safety.” Selected Reading FBI Accessed Windows Laptops After Microsoft Shared BitLocker Recovery Keys (Hackread) European Commission opens new investigation into X's Grok (The Register) Amid Two-Week Internet Blackout, Some Iranians Are Getting Back Online (New York Times) Hackers can bypass npm's Shai-Hulud defenses via Git dependencies (Bleeping Computer) Microsoft investigates Windows 11 boot failures after January updates (Bleeping Computer) CISA says critical VMware RCE flaw now actively exploited (Bleeping Computer) CISA confirms active exploitation of four enterprise software bugs (Bleeping Computer) ESET Research: Sandworm behind cyberattack on Poland's power grid in late 2025 (ESET) Aikido secures $60 million in Series B funding. (N2K Pro Business Briefing) CISA won't attend infosec industry's biggest conference (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
This week, hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe share's another chicken update for us, this time from Werner Herzog. Dave's got a story from a listener named Tim, an IRS Criminal Investigation agent, who explains that real CI agents may contact people unannounced and can verify themselves in person, but if anyone asks for gift cards or crypto, it's definitely a scam. Maria has the story on how attackers are abusing real SendGrid accounts to send politically charged phishing emails that look legitimate and trick users into handing over their credentials. Joe has two stories this week, the first on Cambodia's renewed crackdown on massive Southeast Asian scam networks following the arrest and extradition of alleged kingpin Chen Zhi, signaling deeper international cooperation against fraud operations that have stolen billions worldwide, and the second on a Nashville Uber driver who lost $300 after falling for a convincing phone scam that impersonated Uber Support and falsely accused him of drunk driving. Our catch of the day comes from Reddit scams where one scammer gets put through the ringer, twice. Resources and links to stories: Cambodia to keep up crackdown on scam centres after arrest of alleged mastermind Uber driver describes drunk driving scam that cost him $300 SendGrid isn't emailing you about ICE or BLM. It's a phishing attack. Dave Part 1 Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com.
While our team is observing the Martin Luther King, Jr. holiday in the United States, please enjoy this CyberWire-X episode featuring the team from Horizon3.ai. In this CyberWire-X episode, Dave Bittner speaks with Horizon3.ai co-founder and CEO Snehal Antani about how continuous autonomous penetration testing is reshaping security resilience. Antani reflects on his journey from CIO to DoD operator, where he learned that the hardest part of security isn't patching — it's prioritizing what matters and proving defenses work before attackers do. He explains why vulnerability scans fall short, how “AI hackers” simulate adversary behavior at machine speed, and why organizations must shift from compliance thinking to attacker-centric validation. Antani shares real-world findings, warns of 77-second domain compromise, and predicts a future of AI fighting AI, with humans by exception. Resources: Whitepaper: NodeZero® for Pentesters and Red Teams Whitepaper: Traditional vs. Autonomous: Why NodeZero® is the Future of Cyber Risk Assessments Learn more about your ad choices. Visit megaphone.fm/adchoices
We kick things off with the existential dread of FOLLOW UP and the absolute joy of jury duty. While xAI's Grok is busy getting banned in Malaysia and Indonesia for its CSAM-generating "features," the Senate is unanimously passing the DEFIANCE Act to give us some legal teeth against the deepfake machine. Meta is busy nuking 550,000 Australian accounts to appease regulators, while Roblox's age verification is so broken that a drawing of stubble or a photo of Kurt Cobain can get you into the adult lounge. Moving IN THE NEWS, Meta is trading its $70 billion Metaverse graveyard for a Reality Labs layoff and a pivot to AI hardware, fueled by an "AI infrastructure" buildout that's hiring former Trump advisors. Bandcamp is heroically banning AI "slop," Matthew McConaughey is trademarking his own face to fend off the bots, and ICE's AI hiring tool is such a disaster it's accidentally fast-tracking mall security as "officers." Between self-help gurus charging $99 for chatbot "advice," GM finally settling its driver-spying suit with the FTC, and NASA prepping for a February moon shot while China plans to launch 200,000 satellites into our already crowded orbit, the future looks exactly as messy as we expected.For MEDIA CANDY, we've got Lord of the Rings marathons, the diner-bridge of Starfleet Academy, and the usual joy of streaming price hikes hitting our "Premium" plans. We're tracking the 2025 "In Memoriam" and Gabriel Pagan's exhaustive movie list before sliding into APPS & DOODADS. Jony Ive and Sam Altman are reportedly building an hearing aide called "Sweetpea" to kill your AirPods, Siri is officially Google Gemini's new puppet, and Apple is finally bundling its creative apps into a "Creator Studio" subscription trap. Tesla is making Full Self-Driving a subscription-only Valentine's gift (good luck with that), Ring is rebranding surveillance as a "fire-watching" assistant, and a Chinese app called "Are You Dead?" is the new must-have for the lonely. To cap it off, the internet proved its maturity by using "Words.zip"—an infinite word-search grid—to draw a giant phallus, because of course they did.AT THE LIBRARY features the Anthony Bourdain Reader, the return of Bob in the new Laundry Files book, and Jimmy Carr's guide to happiness, which is apparently cheaper than therapy. Then we descend into THE DARK SIDE WITH DAVE, where the dishwasher-installing, ham-radio-lunching Dave Bittner reveals Disney World has job openings for those of us who spent high school in the AV club. Lucasfilm is finally entering a new era as Kathleen Kennedy steps down, just as Galaxy's Edge admits the original trilogy exists, and we wrap it all up with lock-picking kits and the terrifying realization that Seymour from H.R. Pufnstuf is the ultimate Gen-X fursona.Sponsors:DeleteMe - Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com/GOG and use promo code GOG at checkout.Gusto - Try Gusto today at gusto.com/grumpy, and get three months free when you run your first payroll.Private Internet Access - Go to GOG.Show/vpn and sign up today. For a limited time only, you can get OUR favorite VPN for as little as $2.03 a month.SetApp - With a single monthly subscription you get 240+ apps for your Mac. Go to SetApp and get started today!!!1Password - Get a great deal on the only password manager recommended by Grumpy Old Geeks! gog.show/1passwordShow notes at https://gog.show/729Watch on YouTube! https://youtu.be/1Y1jnRDw7g0FOLLOW UPMalaysia and Indonesia are the first to block Grok following CSAM scandalSenate passes Defiance Act for a second time to address Grok deepfakesMeta closes 550,000 accounts to comply with Australia's kids social media banRoblox's age verification system is reportedly a trainwreckIN THE NEWSMeta refocuses on AI hardware as metaverse layoffs beginMeta's Layoffs Leave Supernatural Fitness Users in MourningMeta Creates High-Powered Team to Oversee AI Infrastructure BuildoutBandcamp prohibits music made ‘wholly or in substantial part' by AIMatthew McConaughey fights unauthorized AI likenesses by trademarking himselfICE's AI Tool Has Been a Complete DisasterSelf-Help Ghouls Are Charging People Absurd Prices to Talk to Impersonator ChatbotsThe FTC's data-sharing order against GM is finally settledNASA is ending Crew-11 astronauts' mission a month earlyNASA makes final preparations for its first crewed moon mission in over 50 yearsAs SpaceX Works Toward 50K Starlink Satellites, China Eyes Deploying 200KMEDIA CANDYBeast Games Season 2Star Trek: Starfleet AcademyGrumpy Old ListThe Ongoing History of New Music, episode 1069: 2025 in MemoriamDepeche Mode: MAPPS & DOODADSJony Ive and Sam Altman's First AI Gadget May Try to Kill AirPodsApple's Siri AI will be powered by GeminiApple's Mac and iPad creative apps get bundled into “Creator Studio” subscriptionTesla's Full Self-Driving is switching to a subscription-only serviceRing founder details the camera company's 'intelligent assistant' eraAre You Dead?: The viral Chinese app for young people living aloneGive the Internet an Infinite Word Search and the Internet Will Draw a Dick on ItAT THE LIBRARYThe Anthony Bourdain Reader: New, Classic, and Rediscovered Writing by Anthony BourdainObvious Adams: The Story of a Successful Businessman by Robert UpdegraffBefore & Laughter by Jimmy CarrThe Regicide Report (Laundry Files, 14) by Charles StrossTHE DARK SIDE WITH DAVEDave BittnerThe CyberWireHacking HumansCaveatControl LoopOnly Malware in the BuildingHow to Read a Book: A Novel by Monica WoodWalt Disney World Resort is looking for Entertainment Stage TechniciansGalaxy's Edge Will Soon Cover All Eras of ‘Star Wars'Kathleen Kennedy steps down as Lucasfilm president, marking a new era for the Star Wars franchiseSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
Welcome back to the digital wasteland, fellow survivors. We kick things off in the FOLLOW UP by marking a year since the LA Fires—hello, PTSD—alongside a 4th Strokiversary and three years of sobriety, all while wondering why America is currently obsessed with shooting its own civilians in the face.In the IN THE NEWS segment, Wired is finally teaching us how to protest safely in the age of surveillance, and the EFF is cheering on the hackers fighting ICE's Nazi-adjacent tracking tactics. Meanwhile, Meta is harvesting your AI chats for targeted ads, Disney is paying $10 million for spying on kids, and Grok has spent the holidays generating nonconsensual child abuse material—a problem Elon Musk won't have to legally reckon with until the Take It Down Act hits in May. Instagram's Adam Mosseri has basically surrendered to the AI "slop", suggesting we fingerprint "real" media because the fake stuff has already won the war.As we continue the descent, OpenAI is launching a ChatGPT Health portal despite their "loser energy" and compute limits, while Character.AI and Google are quietly settling lawsuits for bots that encouraged teen suicide. Polymarket gamblers are learning that "decentralized" juries will fist you over the definition of an "invasion" just as fast as a bank. Uber showed off a new Lucid-based robotaxi, but we're pumping the brakes on the safety hype given that autonomous vehicles are five times more likely to crash at dusk. To wrap up the news, Tim Cook took home $74 million last year, which is a lot of "systematic philanthropy" he could be doing right now instead of just writing checks to his own ego.In MEDIA CANDY, we're suffering through the Stranger Things wrap-up and a John McTiernan holiday marathon, though the real highlight is MTV Rewind's tribute to music videos. We've got Traitors, The Pitt, and even a John Candy doc on the list, while APPS & DOODADS brings us the DJI Osmo 8, Victrola's turntable-vibrating speakers. At least California's DROP tool lets you purge your data from 500 brokers at once.Finally, we go to THE DARK SIDE WITH DAVE to hear Dave Bittner rant about holiday tech support, health insurance gouging, and Dave Filoni taking the Star Wars reins. We close out with a look at ILM's 50th, the deepfake porn cesspool formerly known as Twitter, and a birthday toast to the Starman himself, David Bowie.Sponsors:CleanMyMac - Get Tidy Today! Try 7 days free and use code OLDGEEKS for 20% off at clnmy.com/OLDGEEKSPrivate Internet Access - Go to GOG.Show/vpn and sign up today. For a limited time only, you can get OUR favorite VPN for as little as $2.03 a month.SetApp - With a single monthly subscription you get 240+ apps for your Mac. Go to SetApp and get started today!!!1Password - Get a great deal on the only password manager recommended by Grumpy Old Geeks! gog.show/1passwordShow notes at https://gog.show/728Watch on YouTube: https://youtu.be/x-2GTUC6rcUIN THE NEWSHow to Protest Safely in the Age of SurveillanceHow Hackers Are Fighting Back Against ICEMeta's New Privacy Policy Opens Up AI Chats for Targeted AdsDisney to Pay $10 Million After Feds Say It Broke Kids' Privacy Rules on YouTubePeople Spent the Holidays Asking Grok to Generate Sexual Images of ChildrenHere's When Elon Musk Will Finally Have to Reckon With His Nonconsensual Porn GeneratorInstagram chief: AI is so ubiquitous 'it will be more practical to fingerprint real media than fake media'ChatGPT is launching a new dedicated Health portalCharacter.AI and Google settle with families in teen suicide and self-harm lawsuitsGambling platform Polymarket not paying bets on US invasion of VenezuelaUber reveals the design of its robotaxi at CES 2026Maybe We Should Pump the Brakes on the Idea That Robotaxis Are SaferHere's how much Tim Cook and other Apple execs made last yearMEDIA CANDYThe PittDownton Abbey: The Grand FinaleJurassic World RebirthThe Darjeeling LimitedOh Brother, Where Art Thou?Honey Don'tJohn Candy: I Like MeMTV Rewind is a developer's tribute to 24/7 music video channelsAPPS & DOODADSDJI Osmo Mobile 8Netflix GamesThis speaker by Victrola sits underneath turntables and streams audio via BluetoothDelete Request and Opt-out Platform (DROP)THE DARK SIDE WITH DAVEDave BittnerThe CyberWireHacking HumansCaveatControl LoopOnly Malware in the BuildingIndustrial Light & Magic: 50 Years of InnovationDave Filoni to run Star WarsWho's who at X, the deepfake porn site formerly known as TwitterSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
Welcome back to another hour of digital cynicism. We kick things off with a FOLLOW UP on Amazon's Fallout recaps, which were apparently so hallucination-heavy they made the actual wasteland look organized; naturally, they've been nuked along with the "Video Recaps" feature. In a massive dose of IN THE NEWS, Tesla is finally getting a legal side-eye in California for its deceptive "Autopilot" branding, while TikTok is performing a corporate shell game by selling a 45% stake to Oracle and friends to keep the feds happy. Reddit is fighting Australia's under-16 ban like it's a constitutional crisis, Louisiana's age-verification law just got benched by a judge, and Merriam-Webster officially crowned "slop" as the Word of the Year—which is fitting, given that OpenAI is selectively hiding chat logs from murder-suicides while their Chief Scientist warns that recursive AI self-improvement might end the human experiment by 2030. If the "intelligence explosion" doesn't get us, the CRASH Clock says we've got roughly 2.8 days before Elon's satellite swarm turns low-earth orbit into a permanent scrapyard.In our MEDIA CANDY segment, we mourn the transition year of Star Trek, which was mostly a series of unmitigated disasters and corporate retreats, though the Oscars moving to YouTube in 2029 means we can finally ignore them in 4K. Meta is testing a "pay-to-share-links" feature because they clearly haven't alienated creators enough, and a new study suggests Amazon's "dynamic pricing" is basically just a high-tech way to gouge public school districts for pencils. Moving to APPS & DOODADS, iOS 26.2 is here with a "Liquid Glass" slider—groundbreaking stuff, really—while Microsoft's Copilot+ push is effectively killing the laptop market by making 16GB of RAM a luxury item only a data center could love. Meanwhile, iRobot has officially sucked its last bit of dust into a Chapter 11 filing, proving that even a twenty-year head start can't save you from a 46 percent tariff and better Chinese competition.AT THE LIBRARY, we find out that librarians are ready to quit because people keep demanding books that only exist in a ChatGPT hallucination, proving once again that the "Information Age" was a lie. We descend into THE DARK SIDE WITH DAVE with the tireless Dave Bittner to discuss why modern movies feel like plastic, the bizarre paradox of James Cameron's Avatar dominance, and a bittersweet farewell to Rob Reiner. We wrap it up with the return of The Muppets, a look at plug-in solar panels for the budget-conscious prepper, and the Sedaris siblings proving that even grief can be a podcast topic. It's all the tech "progress" you never asked for, delivered with the appropriate amount of Gen-X side-eye.Show notes at https://gog.show/727Watch on YouTube: https://youtu.be/hHnGD4lIFzASponsors:MasterClass - Get up to 50% off at MASTERCLASS.com/GRUMPYOLDGEEKSPrivate Internet Access - Go to GOG.Show/vpn and sign up today. For a limited time only, you can get OUR favorite VPN for as little as $2.03 a month.SetApp - With a single monthly subscription you get 240+ apps for your Mac. Go to SetApp and get started today!!!1Password - Get a great deal on the only password manager recommended by Grumpy Old Geeks! gog.show/1passwordFOLLOW UPAmazon pulls its bad AI video recaps after Fallout falloutIN THE NEWSTesla used deceptive language to market Autopilot, California judge rulesTikTok agrees to deal to cede control of US business to American investor groupReddit sues Australia over underage social media banJudge blocks Louisiana's social media age verification lawMurder-suicide case shows OpenAI selectively hides data after users dieTrump orders creation of litigation task force to challenge state AI laws'Slop' is Merriam-Webster's word of the yearAnthropic's Chief Scientist Says We're Rapidly Approaching the Moment That Could Doom Us AllModel collapseOpenAI Is Going Into the New Year With Some Real Loser EnergyNew ‘CRASH Clock' Warns of 2.8-Day Window Before Likely Orbital CollisionA Facebook test makes link-sharing a paid feature for creatorsStudy links Amazon's algorithmic pricing with erratic, inflated costs for school districtsMEDIA CANDYA Man on the Inside S2Oh. What. Fun.The End of an EraThe West WingF1® The Movie - Apple TVThe Running ManWelcome to DerryWake Up Dead Man: A Knives Out MysteryIs it Cake?Apple TV releasing Pluribus season finale early next weekWarner Bros. Discovery rejects Paramount's hostile bid2025 Was a Turning Point for ‘Star Trek', Whether It Knew It or NotTHE ACADEMY PARTNERS WITH YOUTUBE FOR EXCLUSIVE GLOBAL RIGHTS TO THE OSCARS® AND OTHER ACADEMY CONTENT STARTING IN 2029APPS & DOODADSiOS 26.2 is here with another Liquid Glass tweak, new Podcasts features and moreOh, the Irony: Microsoft's Push for Copilot+ PCs Could Stall Laptop SalesiRobot has filed for bankruptcy and may be taken over by its primary supplierAT THE LIBRARYFlybot by Dennis E. TaylorMaking Space (The Time Traveler's Passport) by R. F. KuangFor a Limited Time Only (The Time Traveler's Passport) by Peng ShepherdLibrarians Are Tired of Being Accused of Hiding Secret Books That Were Made Up by AITHE DARK SIDE WITH DAVEDave BittnerThe CyberWireHacking HumansCaveatControl LoopOnly Malware in the BuildingWhy Movies Just Don't Feel "Real" AnymoreThe Avatar Paradox - Why Nobody Talks About These MoviesDon't F**k with James CameronEvery James Cameron Movie, Explained by James Cameron | Vanity Fair‘The Muppet Show' Returns for One Night Only Next FebruaryThe Muppet Show | Official Teaser | Disney+Small plug-in solar panels gain traction as an affordable way to cut electricity bills'You don't know what it's like till you lose a parent': Sedaris siblings share their grief storyCLOSING SHOUT-OUTS“Enshittification” YouTube“Enshittification” Spotify“Enshittification” SoundCloud (with a direct download)Len (a.k.a. Funny Name)See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
© 2020-2026 Ivy Podcast Discovery LLC
