))
Deception, influence, and social engineering in the world of cyber crime.
…
continue reading
1
Only Murders in the Building - The Unofficial FanCast
Rob and Porter @ podCast411 - lestbert22
22
4
This is an unofficial fancast for the TV show - Only Murders in the Building. We will cover each episode - SPOILERS abound - reviewing the plot, theories of what is going on - and of course picking out continuity errors. Fan feedback will be included. Lestbert33
…
continue reading
The Marvelous Mrs. Maisel is a sharp, colorful, hilariously funny and truly groundbreaking show. Written and directed by the incredible power couple Amy Sherman-Palladino and Daniel Palladino on Amazon Prime. We invite you to join in the discussion with Jade, Kara and Erica all about these vibrant, lovable characters and the history of New York and the comedy scene as it evolves from the 50's to present day. We cover all the behind the scenes magic that goes into making this show the masterp ...
…
continue reading
Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is jo…
…
continue reading
This week, our hosts Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up from a listener on class action settlements: they’re a class action attorney …
…
continue reading
1
OWASP server-side request forgery (noun) [Word Notes]
7:38
7:38
Play later
Play later
Lists
Like
Liked
7:38
Please enjoy this encore of Word Notes. An attack technique that leverages an unprotected web server as a proxy for attackers to send commands through to other computers.By N2K Networks
…
continue reading
This week, our three hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with a bit of follow up, one from listener Aaron, who shares some safety tips fo…
…
continue reading
1
OWASP security logging and monitoring failures (noun) [Word Notes]
6:04
6:04
Play later
Play later
Lists
Like
Liked
6:04
Please enjoy this encore of Word Notes. The absence of telemetry that could help network defenders detect and respond to hostile attempts to compromise a system.By N2K Networks
…
continue reading
This week, our three hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Listener Jim notes that money launderers and couriers mentioned in recent episodes are often scam…
…
continue reading
1
OWASP identification and authentication failures (noun) [Word Notes]
5:58
5:58
Play later
Play later
Lists
Like
Liked
5:58
Please enjoy this encore of Word Notes. Ineffectual confirmation of a user's identity or authentication in session management. CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-identification-and-authentication-failure Audio reference link: “Mr. Robot Hack - Password Cracking - Episode 1.” YouTube Video. YouTube, September 21, 20…
…
continue reading
And....we're back! This week, our three hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are all back to share the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. The team shares three bits of follow-up and then breaks into their stories. Joe star…
…
continue reading
Please enjoy this encore of Word Notes. An open source Java-based software tool available from the Apache Software Foundation designed to log security and performance information. CyberWire Glossary link: https://thecyberwire.com/glossary/log4j Audio reference link: “CISA Director: The LOG4J Security Flaw Is the ‘Most Serious’ She’s Seen in Her …
…
continue reading
1
What’s inside the mystery box? Spoiler: It’s a scam!
46:13
46:13
Play later
Play later
Lists
Like
Liked
46:13
As Dave Bittner is at the RSA Conference this week, our hosts Maria Varmazis and Joe Carrigan, are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up from José on episode 335, sharing how UK banking features like Faster Payments and the “Check Payee” …
…
continue reading
1
OWASP broken access control (noun) [Word Notes]
7:30
7:30
Play later
Play later
Lists
Like
Liked
7:30
Please enjoy this encore of Word Notes. Software users are allowed access to data or functionality contrary to the defined zero trust policy by bypassing or manipulating the installed security controls.By N2K Networks
…
continue reading
1
The RMM protocol: Remote, risky, and ready to strike. [OMITB]
41:40
41:40
Play later
Play later
Lists
Like
Liked
41:40
Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined b…
…
continue reading
As Maria is on vacation this week, our hosts Dave Bittner and Joe Carrigan, are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe and Dave are joined by guest Rob Allen from ThreatLocker who shares a story on how a spoofed call to the help desk unraveled into a full-blown cybe…
…
continue reading
1
OWASP security misconfiguration (noun) [Word Notes]
7:03
7:03
Play later
Play later
Lists
Like
Liked
7:03
Please enjoy this encore of Word Notes. The state of a web application when it's vulnerable to attack due to an insecure configuration. CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-security-misconfiguration Audio reference link: “What Is the Elvish Word for Friend?” Quora, 2021.…
…
continue reading
This week, our hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. This week Joe's got some follow up about his chickens. Joe's story is on LLM-powered coding tools, and how they are inc…
…
continue reading
Please enjoy this encore episode of Word Notes. A broad OWASP Top 10 software development category representing missing, ineffective, or unforeseen security measures. CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-insecure-design Audio reference link: “Oceans Eleven Problem Constraints Assumptions.” by Steve Jones, YouTube, 4 Nove…
…
continue reading
This week, our hosts Dave Bittner and Joe Carrigan, are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines, while our other host, Maria Varmazis is at a conference. We begin with some follow-up, as Joe reflects on the density of gold. Then, Dave shares some heartfelt and moving words ab…
…
continue reading
Please enjoy this encore of Word Notes. A broad class of attack vectors, where an attacker supplies input to an applications command interpreter that results in unanticipated functionality. CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-injection Audio reference link: “APPSEC Cali 2018 - Taking on the King: Killing Injection Vulne…
…
continue reading
1
You get a million dollars, and you get a million dollars!
37:12
37:12
Play later
Play later
Lists
Like
Liked
37:12
This week, while Dave Bittner is out, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start off with a lot of follow up on listener feedback this week! Justin shares a thought about how to tra…
…
continue reading
1
OWASP cryptographic failures (noun) [Word Notes]
6:35
6:35
Play later
Play later
Lists
Like
Liked
6:35
Please enjoy this encore of Word Notes. Code that fails to protect sensitive information. CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-cryptographic-failure Audio reference link: Vandana Verma. “OWASP Spotlight - Project 10 - Top10.” YouTube Video. YouTube, January 4, 2021.By N2K Networks
…
continue reading
This week our hosts, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. First, we start off with some more follow-up on EZ passes, along with the newest iteration, as Kailey Cornick sh…
…
continue reading
1
account takeover prevention (noun) [Word Notes]
6:23
6:23
Play later
Play later
Lists
Like
Liked
6:23
Enjoy this encore of Word Notes. The prevention of the first part of an intrusion kill chain model exploitation technique, where the hacker steals valid logging credentials from a targeted victim. CyberWire Glossary link: https://thecyberwire.com/glossary/account-takeover-preventionBy N2K Networks
…
continue reading
1
Hello? Is it malware you’re looking for? [OMITB]
37:37
37:37
Play later
Play later
Lists
Like
Liked
37:37
Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K …
…
continue reading
This week our hosts, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up on E-ZPass scams—a listener suggests that scammers may be exploiting exposed licens…
…
continue reading
Please enjoy this encore of Word Notes. The process of proactively searching through networks to detect and isolate security threats, rather than relying on security solutions or services to detect those threats. CyberWire Glossary link: https://thecyberwire.com/glossary/threat-hunting Audio reference link: “My ‘Aha!" Moment - Methods, Tips, & Less…
…
continue reading
On Hacking Humans, this week Dave Bittner is back with Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), and they are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe shares a bit of follow up on scam victims sharing their experiences of losing m…
…
continue reading
1
vulnerability management (noun) [Word Notes]
8:16
8:16
Play later
Play later
Lists
Like
Liked
8:16
Please enjoy this encore of Word Notes. The continuous practice of identifying classifying, prioritizing, remediating, and mitigating software vulnerabilities within this. CyberWire Glossary link: https://thecyberwire.com/glossary/vulnerability-management Audio reference link: “Vulnerability Scanning - Comptia Security+ sy0-501 - 1.5.” YouTube, You…
…
continue reading
On Hacking Humans, this week Dave Bittner is on vacation so our two hosts Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Our hosts start out with some follow up on chicken talk from last week. M…
…
continue reading
1
software bill of materials (SBOM) (noun) [Word Notes]
6:59
6:59
Play later
Play later
Lists
Like
Liked
6:59
Please enjoy this encore of Word Notes. A formal record containing the details and supply chain relationships of various components used in building software.By N2K Networks
…
continue reading
On Hacking Humans, this week Dave Bittner is on vacation so our two hosts Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start off the show with some follow-up from a long-time listener who s…
…
continue reading
1
The new malware on the block. [Only Malware in the Building]
35:03
35:03
Play later
Play later
Lists
Like
Liked
35:03
Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K …
…
continue reading
Please enjoy this encore of Word Notes. A security philosophy that assumes adversaries have already penetrated the digital environment and tries to reduce the potential impact by limiting access by people, devices, and software to only the resources essential to perform their function and nothing more.…
…
continue reading
In this special live episode of Hacking Humans, recorded at ThreatLocker’s Zero Trust World 2025 conference in Orlando, Florida, Dave Bittner is joined by T-Minus host Maria Varmazis. Together, they explore the latest in social engineering scams, phishing schemes, and cybercriminal exploits making headlines. Their guest, Seamus Lennon, ThreatLocker…
…
continue reading
Please enjoy this encore episode of Word Notes. Hardware and software designed to detect and prevent cyber adversary campaigns that target industrial operations.By N2K Networks
…
continue reading
On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. We start off with some follow up from listener D…
…
continue reading
1
cybersecurity skills gap (noun) [Word Notes]
7:43
7:43
Play later
Play later
Lists
Like
Liked
7:43
Please enjoy this encore episode of Word Notes. The difference between organizational employee job requirements and the available skillsets in the potential employee pool.By N2K Networks
…
continue reading
On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. Our hosts start off with some follow up from lis…
…
continue reading
Please enjoy this encore episode of Word Notes. The use of technology to radically improve the performance or reach of the business.By N2K Networks
…
continue reading
On this episode of Hacking Humans, we are going old school with Dave Bittner and Joe Carrigan sans T-Minus host Maria Varmazis (as she was hanging out with astronauts at the SpaceCom event). Not to worry, Dave and Joe have it covered sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to…
…
continue reading
Please enjoy this encore episode of Word Notes. Cloud services intended for cyber criminals and other bad actors designed to obstruct law enforcement and other kinds of government investigations, and to provide some protection against competitors.By N2K Networks
…
continue reading
1
Cyber Groundhog Day and romance scams. [Only Malware in the Building]
46:58
46:58
Play later
Play later
Lists
Like
Liked
46:58
Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K …
…
continue reading
On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, Dave has the story from Ampyx Cyber t…
…
continue reading
Please enjoy this encore of Word Notes. The practice of securing a device that connects to a network in order to facilitate communication with other devices on the same or different networks.By N2K Networks
…
continue reading
On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week Maria has the story on how the return …
…
continue reading
1
Executive Order on Improving the Nation's Cybersecurity (noun) [Word Notes]
8:14
8:14
Play later
Play later
Lists
Like
Liked
8:14
Please enjoy this encore episode. President Biden's May, 2021 formal compliance mandate for federal civilian executive branch agencies, or FCEBs, to include specific shortterm and longterm deadlines designed to enhance the federal government's digital defense posture.By N2K Networks
…
continue reading
On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week we jump right into stories, Maria shar…
…
continue reading
Phase of a typical cyber adversary group's attack sequence, after the initial compromise and usually after the group has established a command and control channel, where the group moves through the victims network by compromising as many systems as it can, by looking for the data, it has come to steal or to destroy.…
…
continue reading
On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. Our hosts discuss and ponder whether or not diam…
…
continue reading
1
Malware metamorphosis: 2024 reflections and 2025 predictions. [Only Malware in the building]
54:56
54:56
Play later
Play later
Lists
Like
Liked
54:56
Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K …
…
continue reading
1
common vulnerabilities and exposures (CVE) (noun) [Word Notes]
7:13
7:13
Play later
Play later
Lists
Like
Liked
7:13
A public list sponsored by the US government and designed to uniquely identify, without the need to manually cross- reference, all the known software vulnerabilities in the world.By N2K Networks
…
continue reading
