Please enjoy this encore of Word Notes.

The process of proactively searching through networks to detect and isolate security threats, rather than relying on security solutions or services to detect those threats. 

CyberWire Glossary link: https://thecyberwire.com/glossary/threat-hunting

Audio reference link: “My ‘Aha!" Moment - Methods, Tips, & Lessons Learned in Threat Hunting - sans Thir Summit 2019.” YouTube, YouTube, 25 Feb. 2020.

On Hacking Humans, this week Dave Bittner is back with Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), and they are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe shares a bit of follow up on scam victims sharing their experiences of losing money to various frauds, including investment schemes, romance scams, business email compromises, online shopping fraud, unusual payment requests, tax impersonations, remote access scams, and identity theft. Maria shares a story on scammers using fake E-ZPass toll alerts to steal personal information, and another on victims losing thousands to investment, romance, and online shopping scams. Dave's got the story of how digital scammers prey on the financially vulnerable, using AI-generated content and deceptive ads on platforms like Instagram to sell worthless "get-rich-quick" schemes that ultimately leave victims deeper in debt. Joe's got two stories this week, the first being on Wenhui Sun, a California man, and how he was sentenced to six and a half years for stealing nearly $800,000 through a gold bar scam targeting victims nationwide. Meanwhile, the U.S. Federal Trade Commission reported a sharp rise in fraud, with 2.6 million people losing $12.5 billion in 2024, up from $2.5 billion in 2023, primarily due to impostor scams. Younger adults reported losing money more often than older ones. Our catch of the day follows how First Lady Melania Trump messaged an unsuspecting citizen claiming to give them a free gift.

Resources and links to stories:

• Scam victims tell us their stories
• Digital Snake Oil Merchants Are Stealing From The Already Broken
• California man sentenced after Montgomery Co. woman loses over $700K in gold bar scam
• FTC says Americans lost $12.5B to scams last year — social media, AI, and crypto didn’t help

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at [email protected].

Please enjoy this encore of Word Notes.

The continuous practice of identifying classifying, prioritizing, remediating, and mitigating software vulnerabilities within this.

CyberWire Glossary link: https://thecyberwire.com/glossary/vulnerability-management

Audio reference link: “Vulnerability Scanning - Comptia Security+ sy0-501 - 1.5.” YouTube, YouTube, 11 Nov. 2017,

On Hacking Humans, this week Dave Bittner is on vacation so our two hosts Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Our hosts start out with some follow up on chicken talk from last week. Maria shares the story of scammers impersonating police officers in England to steal cryptocurrency by exploiting leaked personal data, creating fake fraud reports, and tricking victims into revealing their seed phrases, leading to losses totaling £1 million. Joe has two stories this week, his first one is on a $21 million "Grandparent Scam" in which 25 Canadians were charged for running a scheme from Montreal call centers, posing as grandchildren in distress to deceive elderly Americans into handing over money, with 23 suspects already arrested. Joe's second story is on two people charged in a ticket scam that exploited a loophole in StubHub’s system to steal and resell over 900 tickets—mostly for Taylor Swift’s Eras Tour—netting more than $600,000 in profit before being caught by the Queens D.A.'s Cybercrime Unit. We have a special catch of the day this week, where we are joined by N2K's own Ma'ayan Plaut, who joins to discuss going out of business scams.

Resources and links to stories:

• ‘Fake police call cryptocurrency investors to steal their funds
• Dozens of Canadians Are Charged in $21 Million ‘Grandparent Scam’
• 2 People Charged with Taylor Swift Eras Tour Ticket Scam That Allegedly Netted More Than $600K
• BBB Scam Alert: How to spot a fake "going out of business" sale
• Joann Fabric’s going out of business scam

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at [email protected].

Please enjoy this encore of Word Notes.

A formal record containing the details and supply chain relationships of various components used in building software. 

On Hacking Humans, this week Dave Bittner is on vacation so our two hosts Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start off the show with some follow-up from a long-time listener who shared how switching to Publii and Cloudflare Pages saved his wife's psychiatric nurse practice over $120/year in hosting costs after discovering static site generators on Hacking Humans. Joe's story is on a warning from an Oregon woman who fell victim to an online scam while trying to buy hens for her backyard chicken coop amid egg shortages caused by the bird flu, urging others to be cautious and avoid transactions on social media. Maria has the story on the increasing threats targeting sellers on online marketplaces, including phishing campaigns, scams designed to bypass platform protections, and the risks associated with off-platform transactions, all of which emphasize the need for heightened vigilance and security measures. The catch of the day, from Scott, highlights an email invitation that appeared legitimate but redirected to a phishing site designed to steal email credentials, with Scott’s wife recognizing the suspicious nature and forwarding it for further investigation.

Resources and links to stories:

• ‘Be suspicious’: Sweet Home woman warns of chicken scam amid egg shortage
• Your item has sold! Avoiding scams targeting online sellers

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at [email protected].

Please enjoy this encore of Word Notes.

A security philosophy that assumes adversaries have already penetrated the digital environment and tries to reduce the potential impact by limiting access by people, devices, and software to only the resources essential to perform their function and nothing more. 

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we’re keeping an eye on them just in case).

Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the latest shake-ups in the fake update threat landscape, including two new cybercriminal actors, fresh Mac malware, and the growing challenge of tracking these evolving campaigns.

In this special live episode of Hacking Humans, recorded at ThreatLocker’s Zero Trust World 2025 conference in Orlando, Florida, Dave Bittner is joined by T-Minus host Maria Varmazis. Together, they explore the latest in social engineering scams, phishing schemes, and cybercriminal exploits making headlines. Their guest, Seamus Lennon, ThreatLocker’s VP of Operations for EMEA, shares insights on Zero Trust security and the evolving threat landscape. Maria's story this week follows the IRS warning about a fake “Self Employment Tax Credit” scam on social media, urging taxpayers to ignore misinformation and consult professionals. Dave's got the story of the Better Business Bureau’s annual Scam Tracker report, revealing that online shopping scams continue to top the list for the fifth year, with phishing and employment scams remaining major threats, while fraudsters increasingly use AI and deepfake technology to deceive victims. Our catch of the day comes from Diesel in West Virginia, and features a scammer who tried to panic their target with a classic “We’ve frozen your account” scam—only to get hilariously mixed up with actual embryo freezing.

Resources and links to stories:

• Better Business Bureau reveals top local scams of 2024
• IRS warns taxpayers about misleading claims about non-existent “Self Employment Tax Credit;” promoters, social media peddling inaccurate eligibility suggestions
• BBB Scam Tracker
• Got a $1,400 rebate text from the IRS? It's a scam, Better Business Bureau warns.

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at [email protected].

Please enjoy this encore episode of Word Notes.

Hardware and software designed to detect and prevent cyber adversary campaigns that target industrial operations. 

On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. We start off with some follow up from listener Dave who writes in with a call for help after a good friend of his, who fell victim to a dream job scam. They also have a discussion after the Washington Post shared an article on scammers are remorseful and how they have a support group. Maria has a quick follow up from last week, talking about deepfakes, this week, she talks about Kim Jong Un. Dave has a romance scam story this week, talking about how the loneliness epidemic is causing issues. Joe has two stories this week, the first is on a thief using a homemade barcode ring to scam Walmart self-checkouts. Joe's second story is on new protection methods that are out, giving us game changing anti-scam laws. Our catch of the day comes from Reddit after a user posted a conversation they had with a scammer that got a bit out of hand.

Resources and links to stories:

• Arizona laptop farmer pleads guilty for funneling $17M to Kim Jong Un
• The Loneliness Epidemic Is a Security Crisis
• Thief using homemade barcode ring to scam Walmart self-checkout busted after trying to ring up $300 grill for price of tomato soup: cops
• 'Game-changing' anti-scam laws to protect consumers
• Hello, Jane.

You can hear more from the T-Minus space daily show here.

Have a Catch of the Day you'd like to share? Email it to us at [email protected].