This week, our hosts⁠⁠⁠ ⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠, and ⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠T-Minus⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up from a listener on class action settlements: they’re a class action attorney …

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠Selena Larson⁠⁠, ⁠⁠Proofpoint⁠⁠ intelligence analyst and host of their podcast ⁠⁠DISCARDED⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is jo…

Please enjoy this encore of Word Notes. An attack technique that leverages an unprotected web server as a proxy for attackers to send commands through to other computers.By N2K Networks

Mastering System Monitoring: Essential Techniques and Tools | Off The Wire Podcast Welcome back to Off The Wire Podcast! Join Tanner and Anthony, IT executives with 35 years of experience, as they delve into the crucial topic of system monitoring. Discover why this less-than-flashy software is indispensable for maintaining reliability and preemptin…

This week, our three hosts ⁠⁠⁠Dave Bittner⁠⁠⁠, ⁠⁠⁠Joe Carrigan⁠⁠⁠, and ⁠⁠⁠Maria Varmazis⁠⁠⁠ (also host of the ⁠⁠⁠T-Minus⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with a bit of follow up, one from listener Aaron, who shares some safety tips fo…

HOU.SEC.CON.'s first keynote speaker is returning for our 15-year anniversary! This week Michael and Sam are talking to cybersecurity legend Jeremiah Grossman about his start in cyber at just 19 years old, what we can learn from cybersecurity insurance companies, and what to expect at HOU.SEC.CON. 2025! Things Mentioned: · What Works in Cybersecuri…

Please enjoy this encore of Word Notes. The absence of telemetry that could help network defenders detect and respond to hostile attempts to compromise a system.By N2K Networks

This week, our three hosts ⁠⁠Dave Bittner⁠⁠, ⁠⁠Joe Carrigan⁠⁠, and ⁠⁠Maria Varmazis⁠⁠ (also host of the ⁠⁠T-Minus⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Listener Jim notes that money launderers and couriers mentioned in recent episodes are often scam…

Please enjoy this encore of Word Notes. Ineffectual confirmation of a user's identity or authentication in session management. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/owasp-identification-and-authentication-failure⁠ Audio reference link: “⁠Mr. Robot Hack - Password Cracking - Episode 1⁠.” YouTube Video. YouTube, September 21, 20…

Unpacking the 2025 Verizon DBIR Report: Key Cybersecurity Insights for SMBs Welcome back to Off The Wire! In this episode, hosts Tanner and Anthony dive deep into the 2025 Verizon Data Breach Investigations Report (DBIR). With 35 years of combined IT experience, they discuss the evolving threat landscape, notable trends in cybersecurity, and the im…

And....we're back! This week, our three hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are all back to share the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. The team shares three bits of follow-up and then breaks into their stories. Joe star…

Michael and Sam are catching up with Principal Consultant and Co-Founder at Cavalry Solutions, Sean Curry! Sean talks about his transition from the military to the private sector, the importance of standards like IEC 62443 for OT security, and the best way to align IT and OT teams. Things Mentioned: · New study reveals 92% of industrial sites at ri…

Please enjoy this encore of Word Notes. An open source Java-based software tool available from the Apache Software Foundation designed to log security and performance information. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/log4j⁠ Audio reference link: “⁠CISA Director: The LOG4J Security Flaw Is the ‘Most Serious’ She’s Seen in Her …

As Dave Bittner is at the RSA Conference this week, our hosts ⁠⁠Maria Varmazis and ⁠⁠Joe Carrigan⁠⁠, are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up from José on episode 335, sharing how UK banking features like Faster Payments and the “Check Payee” …

In this episode, Felix and Alex discuss the alarming rise of phone thefts in London, sharing personal anecdotes and insights into the implications of losing a device. They explore security measures, user behaviors, and the broader impact of identity theft in today's digital age. The conversation emphasizes the importance of enhancing phone security…

Please enjoy this encore of Word Notes. Software users are allowed access to data or functionality contrary to the defined zero trust policy by bypassing or manipulating the installed security controls.By N2K Networks

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠Selena Larson⁠, ⁠Proofpoint⁠ intelligence analyst and host of their podcast ⁠DISCARDED⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined b…

Is the Phone Call Dead? Office Communications in Modern Workspaces In this episode of 'Off the Wire,' IT executives Tanner and Anthony dive into the evolution of office communications, discussing whether phone calls are becoming obsolete. They explore the use of chat applications like Microsoft Teams, the rise of email, and the role of face-to-face…

As Maria is on vacation this week, our hosts ⁠Dave Bittner⁠ and ⁠Joe Carrigan⁠, are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe and Dave are joined by guest Rob Allen from ThreatLocker who shares a story on how a spoofed call to the help desk unraveled into a full-blown cybe…

In this episode Michael and Sam are talking to malware researcher Dr. Marcus Botacin. Dr. Botacin discusses his journey from early work in sandboxing to advanced malware detection through machine learning, his recent efforts combining LLMs with GANs to create an iterative malware generation system that enhances evasion capabilities, and the importa…

Please enjoy this encore of Word Notes. The state of a web application when it's vulnerable to attack due to an insecure configuration. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/owasp-security-misconfiguration⁠ Audio reference link: ⁠“What Is the Elvish Word for Friend?”⁠ Quora, 2021.…

This week, our hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. This week Joe's got some follow up about his chickens. Joe's story is on LLM-powered coding tools, and how they are inc…

Please enjoy this encore episode of Word Notes. A broad OWASP Top 10 software development category representing missing, ineffective, or unforeseen security measures. CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-insecure-design Audio reference link: “Oceans Eleven Problem Constraints Assumptions.” by Steve Jones, YouTube, 4 Nove…

Shadow IT: Identifying and Managing Unauthorized Technology Use In this episode of 'Off the Wire,' Tanner and Anthony discuss 'Shadow IT' and its implications on organizational security and efficiency. They delve into concrete examples, such as unauthorized software subscriptions and unapproved hardware purchases. Tanner and Anthony provide insight…

This week, our hosts Dave Bittner and Joe Carrigan, are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines, while our other host, Maria Varmazis is at a conference. We begin with some follow-up, as Joe reflects on the density of gold. Then, Dave shares some heartfelt and moving words ab…

In this conversation, Felix and Oli discuss the development of a hydrogen-powered uncrewed surface vessel (USV) and the associated cybersecurity challenges. They explore the importance of integrating cybersecurity measures from the outset, navigating regulatory frameworks like Workboat Code 3, and the ongoing challenges of ensuring compliance and s…

Today’s episode looks a little different as Michael and Sam are talking to the entire YOUTH.SEC.CON. team! Arthi Vasudevan, Reynaldo Gonzalez, and Mary DiFiore-Smith joined the podcast to discuss all aspects of our first event focused on 9th – 12th grade students. Listen now to learn about the talks and activities, eligibility, registration, safety…

Please enjoy this encore of Word Notes. A broad class of attack vectors, where an attacker supplies input to an applications command interpreter that results in unanticipated functionality. CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-injection Audio reference link: “APPSEC Cali 2018 - Taking on the King: Killing Injection Vulne…

This week, while Dave Bittner is out, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start off with a lot of follow up on listener feedback this week! Justin shares a thought about how to tra…

Please enjoy this encore of Word Notes. Code that fails to protect sensitive information. CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-cryptographic-failure Audio reference link: Vandana Verma. “OWASP Spotlight - Project 10 - Top10.” YouTube Video. YouTube, January 4, 2021.By N2K Networks

Mastering Technology Evaluations: Insights for IT Executives In this episode of 'Off The Wire,' IT executives Tanner and Anthony delve into the intricacies of technology evaluations, covering both hardware and software. With 35 years of combined experience, they discuss the importance of starting with the 'why,' involving the right people, and the …

This week our hosts, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. First, we start off with some more follow-up on EZ passes, along with the newest iteration, as Kailey Cornick sh…

Sam and Michael are joined by Offensive Security Advisor, Darin Fredde! They discuss the need to move beyond compliance checkboxes, the importance of continuous pen testing, and the disconnect between marketing claims and real-world security implementations. Things Mentioned: Having trouble with your OT.SEC.CON. or EXEC.SEC.CON. ticket? Reach out t…

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K …

Enjoy this encore of Word Notes. The prevention of the first part of an intrusion kill chain model exploitation technique, where the hacker steals valid logging credentials from a targeted victim. CyberWire Glossary link: https://thecyberwire.com/glossary/account-takeover-preventionBy N2K Networks

This week our hosts, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up on E-ZPass scams—a listener suggests that scammers may be exploiting exposed licens…

Please enjoy this encore of Word Notes. The process of proactively searching through networks to detect and isolate security threats, rather than relying on security solutions or services to detect those threats. CyberWire Glossary link: https://thecyberwire.com/glossary/threat-hunting Audio reference link: “My ‘Aha!" Moment - Methods, Tips, & Less…

Mastering Strategic Tech Planning: Communicating with Leadership Effectively In this episode of 'Off the Wire,' we dive deep into the essential topic of strategic technology planning and the importance of effectively communicating these plans to CEOs, executive leaders, and board members. Hosts Anthony and Tanner discuss their personal experiences …

On Hacking Humans, this week Dave Bittner is back with Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), and they are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe shares a bit of follow up on scam victims sharing their experiences of losing m…

Michael and Sam are joined by Field CTO, Steven Schmidt! They discuss the early days of application security, the evolution of AppSec tools and processes, and challenges in balancing developer speed with security requirements. Thank you to Snyk for sponsoring this episode! Learn more about building secure applications at https://snyk.io and chat wi…

Please enjoy this encore of Word Notes. The continuous practice of identifying classifying, prioritizing, remediating, and mitigating software vulnerabilities within this. CyberWire Glossary link: https://thecyberwire.com/glossary/vulnerability-management Audio reference link: “Vulnerability Scanning - Comptia Security+ sy0-501 - 1.5.” YouTube, You…

On Hacking Humans, this week Dave Bittner is on vacation so our two hosts Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Our hosts start out with some follow up on chicken talk from last week. M…

Please enjoy this encore of Word Notes. A formal record containing the details and supply chain relationships of various components used in building software.By N2K Networks

Mastering IT Project Management: Tips and Tools for Success Welcome to Off the Wire, the podcast dedicated to helping you manage cybersecurity risks and tackle technology challenges. In this episode, hosts Tanner and Anthony dive deep into the world of project management, specifically IT project management. They begin by recounting their experience…

On Hacking Humans, this week Dave Bittner is on vacation so our two hosts Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start off the show with some follow-up from a long-time listener who s…

In today’s episode Michael and Sam are catching up with Security Consulting Manager, ICS/OT at Accenture, Stuart Bailey! Stuart shares his journey from a career in social work to cybersecurity, the challenges of working on OT environments, and the importance of network monitoring for critical infrastructure. Things Mentioned: · Romanian energy supp…

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K …

Please enjoy this encore of Word Notes. A security philosophy that assumes adversaries have already penetrated the digital environment and tries to reduce the potential impact by limiting access by people, devices, and software to only the resources essential to perform their function and nothing more.…

In this special live episode of Hacking Humans, recorded at ThreatLocker’s Zero Trust World 2025 conference in Orlando, Florida, Dave Bittner is joined by T-Minus host Maria Varmazis. Together, they explore the latest in social engineering scams, phishing schemes, and cybercriminal exploits making headlines. Their guest, Seamus Lennon, ThreatLocker…

Please enjoy this encore episode of Word Notes. Hardware and software designed to detect and prevent cyber adversary campaigns that target industrial operations.By N2K Networks