Hacking Humans

N2K Networks

  • 37 minutes 37 seconds
    Welcome to a new age in digital deception.

    This week, Maria Varmazis host of the N2K daily space show, T-Minus, joins Dave and Joe, as they celebrate Maria joining the Hacking Humans podcast every week! Maria's story is on supplement scams, as there has been a significant surge in health-related supplement scams on social media platforms, utilizing advanced technologies like AI-generated images and deepfake videos to promote fake products endorsed by celebrities and medical professionals. Joe's story follows Airplane WiFi, now essential for many travelers, and how it poses unexpected risks as recent incidents highlight dangers like "evil twin" attacks, urging caution with VPNs and verifying network legitimacy to safeguard personal data midair. Dave has the story on 2 women charged in a romance scheme, defrauding elderly men out of $7 million.

    Please take a moment to fill out an audience survey! Let us know how we are doing!

    Links to the stories:


    You can hear more from the T-Minus space daily show here.

    Have a Catch of the Day you'd like to share? Email it to us at [email protected].

    18 July 2024, 5:00 am
  • 5 minutes 54 seconds
    Encore: backdoor (noun) [Word Notes]

    An undocumented or publicly unknown method to access a computer system undetected or to break a cypher used to encode messages.

    16 July 2024, 7:00 am
  • 31 minutes 6 seconds
    The costly consequences of communication scams.

    This week Dave shares a story on Business email compromise (BEC) scams, and how they are a major threat, costing $26 billion annually. The story shares how it's crucial for employees to verify suspicious emails through a secondary channel and for companies to foster transparent communication to mitigate such risks. Joe shares two stories with us this week. The first is from a listener named Jay, who received a story from a relative. In this story, someone claiming to be a constable calls to warn about a person who has gift cards with the victim's name on them, then tries to get the caller to call the police to confirm. Joe's second story comes from Allison Gormly at Consumer reporter at WTHR in Indianapolis. Allison share's videos videos on Instagram that all start with “Hey Allison,” this one starts with Hey Allison, a stranger sent me money on Venmo, should I send it back? Our catch of the day comes from listener Cameron, who shares how he is a business owner with a public-facing email address, and how he gets his fair share of scam emails, but this one takes the cake.

    Please take a moment to fill out an audience survey! Let us know how we are doing!

    Links to the stories:

    Have a Catch of the Day you'd like to share? Email it to us at [email protected].

    11 July 2024, 5:00 am
  • 5 minutes 30 seconds
    Encore: watering hole attack (noun) [Word Notes]

    From the intrusion kill chain model, a technique where the hacker compromises sites commonly visited by members of a targeted community in order to deliver a malicious payload to the intended victim.

    9 July 2024, 7:00 am
  • 54 minutes 28 seconds
    Encore: AI versus AI.

    Blair Cohen from AuthenticID joins Dave to discuss how generative AI and authentication go hand in hand. Joe and Dave share some follow up from listener Robert who discusses an ad for a device that uses ChatGPT to record phone calls on your device. Dave helps his dad out with his computer and shares the tale. Dave also shares a story this week on the FBI warning against scammers who are posing as NFT devs to try and steal your crypto. Joe and Dave test their scammer catching skills while taking a test to see if they are smarter than the average scammer. Our catch of the day comes from listener Steve who writes in to share a receipt he received that looked quite suspicious.

    Links to stories:


    Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.

    4 July 2024, 5:00 am
  • 28 minutes 34 seconds
    Operation Endgame: The ultimate troll patrol. [Only Malware in the Building]

    Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. 

    Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about "Operation Endgame."

    Operation Endgame is a strategy by Western law enforcement to counter Russian cybercriminals through psychological tactics. This involves creating distrust among hackers, exposing their internal communications, and dismantling their anonymity to hinder their operations. You can find more information on Operation Endgame here.

    Today we look at the new tactics used to disrupt these criminals by eroding trust among them and undermining their anonymity.

    2 July 2024, 11:00 am
  • 5 minutes 18 seconds
    Encore: network telescope (noun) [Word Notes]

    Network observation systems designed to monitor globally unreachable but unused Internet address space or the Deep Web in order to study a wide range of interesting Internet phenomena.

    2 July 2024, 7:00 am
  • 39 minutes 9 seconds
    Public pianos and private scams.

    This week Joe and Dave share some interesting follow up from a few episodes ago where Dave shared his love for baby grand pianos and how scammers we're using that to lure people into traps. Listener George wrote in to share about a show on UK Channel 4, called "The Piano," it's a music competition where visitors play a public piano in a train station, judged by hidden famous pianists, with winners performing at the UK Royal Festival Hall. Joe's story is a warning to travel goers using booking.com, as they share scams are at a all time high. Dave's story follows some neighborhood Facebook groups, and how they are inundated with posts about air duct cleaning services, prompting an investigation that reveals a scam involving fake profiles, telemarketers in Pakistan, and local technicians. Our catch of the day comes from listener Christopher, who writes in to share an outlandish message he received from a hacker with too much time on their hands.

    Please take a moment to fill out an audience survey! Let us know how we are doing!

    Links to the stories:

    Have a Catch of the Day you'd like to share? Email it to us at [email protected].

    27 June 2024, 5:00 am
  • 5 minutes 21 seconds
    Encore: SOC Triad (noun) [Word Notes]

    A best practice for framing cyber intelligence critical information requirements that recommends collecting and consolidating data from three specific sources: endpoint, network and log.

    25 June 2024, 7:00 am
  • 56 minutes 38 seconds
    From dark shadows to main stage.

    Brandon Kovacs, a Senior Red Team Consultant at Bishop Fox, is talking about how Artificial Intelligence is shaping the future of social engineering. Listener Adina wrote in to share their thoughts on an earlier episode on Google. Dave share's listener Tony's write in for his story this week. Joe and Dave discuss some questions Tony shared about preparing for an overseas trip when his bank account was locked due to security measures triggered by setting up a backup phone and using a VPN. Joe has two stories for this week, one from Blair Young at WBAL, where Maryland Lottery is warning the public about a phone scam claiming Powerball winnings. The second comes from listener Don who shares a story on people who hold posters up saying they need money for children's funerals. Our catch of the day comes from a listener that found a "task scam" on Reddit.

    Please take a moment to fill out an audience survey! Let us know how we are doing!

    Links to the stories:


    Have a Catch of the Day you'd like to share? Email it to us at [email protected].

    20 June 2024, 5:00 am
  • 5 minutes 28 seconds
    Encore: supply chain attacks (noun) [Word Notes]

    Also known as a third-party attack or a value-chain attack, advisory groups gain access to a targeted victims network by first infiltrating a business partner's network that has access to the victim's systems or data.

    18 June 2024, 7:00 am
  • More Episodes? Get the App
© MoonFM 2024. All rights reserved.