Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we’re keeping an eye on them just in case).

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the latest shake-ups in the fake update threat landscape, including two new cybercriminal actors, fresh Mac malware, and the growing challenge of tracking these evolving campaigns.

Please enjoy this encore of Word Notes.

A security philosophy that assumes adversaries have already penetrated the digital environment and tries to reduce the potential impact by limiting access by people, devices, and software to only the resources essential to perform their function and nothing more. 

In this special live episode of Hacking Humans, recorded at ThreatLocker’s Zero Trust World 2025 conference in Orlando, Florida, Dave Bittner is joined by T-Minus host Maria Varmazis. Together, they explore the latest in social engineering scams, phishing schemes, and cybercriminal exploits making headlines. Their guest, Seamus Lennon, ThreatLocker’s VP of Operations for EMEA, shares insights on Zero Trust security and the evolving threat landscape. Maria's story this week follows the IRS warning about a fake “Self Employment Tax Credit” scam on social media, urging taxpayers to ignore misinformation and consult professionals. Dave's got the story of the Better Business Bureau’s annual Scam Tracker report, revealing that online shopping scams continue to top the list for the fifth year, with phishing and employment scams remaining major threats, while fraudsters increasingly use AI and deepfake technology to deceive victims. Our catch of the day comes from Diesel in West Virginia, and features a scammer who tried to panic their target with a classic “We’ve frozen your account” scam—only to get hilariously mixed up with actual embryo freezing.

Resources and links to stories:

• Better Business Bureau reveals top local scams of 2024
• IRS warns taxpayers about misleading claims about non-existent “Self Employment Tax Credit;” promoters, social media peddling inaccurate eligibility suggestions
• BBB Scam Tracker
• Got a $1,400 rebate text from the IRS? It's a scam, Better Business Bureau warns.

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at [email protected].

Please enjoy this encore episode of Word Notes.

Hardware and software designed to detect and prevent cyber adversary campaigns that target industrial operations. 

On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. We start off with some follow up from listener Dave who writes in with a call for help after a good friend of his, who fell victim to a dream job scam. They also have a discussion after the Washington Post shared an article on scammers are remorseful and how they have a support group. Maria has a quick follow up from last week, talking about deepfakes, this week, she talks about Kim Jong Un. Dave has a romance scam story this week, talking about how the loneliness epidemic is causing issues. Joe has two stories this week, the first is on a thief using a homemade barcode ring to scam Walmart self-checkouts. Joe's second story is on new protection methods that are out, giving us game changing anti-scam laws. Our catch of the day comes from Reddit after a user posted a conversation they had with a scammer that got a bit out of hand.

Resources and links to stories:

• Arizona laptop farmer pleads guilty for funneling $17M to Kim Jong Un
• The Loneliness Epidemic Is a Security Crisis
• Thief using homemade barcode ring to scam Walmart self-checkout busted after trying to ring up $300 grill for price of tomato soup: cops
• 'Game-changing' anti-scam laws to protect consumers
• Hello, Jane.

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at [email protected].

Please enjoy this encore episode of Word Notes.

The difference between organizational employee job requirements and the available skillsets in the potential employee pool.

On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. Our hosts start off with some follow up from listener Robert who writes in from the Great White North, who shares how he thinks the U.S. might be stuck in the past with payment tech. Joe's got two stories this week, both on financial crime—Thailand cutting power to Myanmar's billion-dollar scam hubs and the struggle to shut them down for good. Maria has the story of a job candidate who not only used AI-generated answers during a technical interview but also altered his appearance with software—marking the second time this has happened to the interviewer in just two months. Dave sits down with our guest Nati Tal, Head of Guardio Labs, as he is discussing the growing danger of homograph attacks. Our catch of the day comes from listener Kenneth, who got an alarming email from the PayPal Security Team—apparently, he just bought nearly $700 in Bitcoin.

Resources and links to stories:

• China's Xi hails Thailand's 'strong' action against scam centres
• Power cut to site of global, billion-dollar scam industry. But will it halt the swindling?
• AI altering

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at [email protected].

Please enjoy this encore episode of Word Notes.

The use of technology to radically improve the performance or reach of the business. 

On this episode of Hacking Humans, we are going old school with Dave Bittner and Joe Carrigan sans T-Minus host Maria Varmazis (as she was hanging out with astronauts at the SpaceCom event). Not to worry, Dave and Joe have it covered sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week, we have some follow up including a conversation Joe had with ChatGPT, some discussion on AI generated images of people, and scam letters that are sent out in the mail. Joe shares a text his office mate received from the "IRS." He also has a story about food workers taking photos of credit and debit cards at restaurant drive throughs. Dave's story is about a near-perfect scam attempt that almost fooled a very smart guy—Zach Latta, the founder of Hack Club. Our Catch of the Day comes from Reddit about a Facebook Marketplace scam using Zelle.

Resources and links to stories:

• Scam Warning: Food workers taking photos of debit cards in North Carolina, police say
• Google takes action after coder reports 'most sophisticated attack I've ever seen'
• FB Marketplace scam using Zelle

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at [email protected].

Please enjoy this encore episode of Word Notes.

Cloud services intended for cyber criminals and other bad actors designed to obstruct law enforcement and other kinds of government investigations, and to provide some protection against competitors.

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks.

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode and since it is February (the month of love as Selena calls it), we talk about romance scams known throughout the security world as pig butchering. And, Rick's experiencing a bit of a Cyber Groundhog Day in his newly-realized retirement.