Hacking Humans

A vishing competition and a Black Badge holder.

This week, Carole Theriault is interviewing DEFCON Black Badge holder Chris Kirsch from RunZero on the recent DEFCON 30 vishing competition. Dave and Joe share some listener follow up from 3 differen…

00:55:19 | Thu 01 Dec 2022

Web Application Firewall (noun) [Word Notes]

A layer seven firewall designed to block threats at the application layer of the open system interconnection model, the OSI model. CyberWire Glossary link: https://thecyberwire.com/glossary/web-appl…

00:08:59 | Tue 29 Nov 2022

Counterfeit coupons and paybacks. [Hacking Humans Goes to the Movies]

Thanks for joining us again for another episode of fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Hacking Humans co-host Dave Bittner is joined …

00:23:29 | Thu 24 Nov 2022

COBIT (noun) [Word Notes]

An IT governance framework developed by ISACA. CyberWire Glossary link: https://thecyberwire.com/glossary/cobit Audio reference link: isacappc. “How Do You Explain Cobit to Your Dad – or Your CEO?” …

00:07:06 | Tue 22 Nov 2022

Ways to make fraud less lucrative.

Brett Johnson, Chief Criminal Officer at Arkose Labs, sits down with Dave to discuss his history & ways to make fraud efforts less lucrative for bad actors. Dave and Joe share some listener follow up…

00:51:42 | Thu 17 Nov 2022

Security Service Edge (SSE) (noun) [Word Notes]

A security architecture that incorporates the cloud shared responsibility model, a vendor provided security stack, and network peering with one or more of the big content providers and their associat…

00:08:17 | Tue 15 Nov 2022

New laws and the effect on small businesses.

Kurtis Minder, CEO of GroupSense joins Dave to discuss how ransomware new laws leave small business behind. Dave and Joe share some follow up on Elon Musk after his big purchase and the changes that …

00:50:15 | Thu 10 Nov 2022

Domain spoofing (noun) [Word Notes]

A social engineering tactic in which hackers build a malicious domain to mimic a legitimate one. CyberWire Glossary link: https://thecyberwire.com/glossary/domain-spoofing Audio reference link: “Miss…

00:07:55 | Tue 08 Nov 2022

What's Your Problem trailer.

We’re sharing a preview of a podcast we enjoy called “What’s Your Problem?” Every week on What’s Your Problem, entrepreneurs talk about the future they’re trying to build and the problems they have …

00:02:04 | Thu 03 Nov 2022

Protecting your identity.

Jameeka Green Aaron, CISO, Customer Identity at Okta, sits down with Dave to speak about their State of Secure Identity report. Dave and Joe share some listener follow up from Richard, who writes in …

00:51:34 | Thu 03 Nov 2022

Secure Web Gateway (noun) [Word Notes]

A layer seven firewall that sits in line at the boundary between the internet and an organization's network perimeter that allows security policy enforcement and can perform certain prevention and de…

00:09:22 | Tue 01 Nov 2022

The Malware Mash! [Bonus]

Enjoy this CyberWire classic. They did the Mash...the did the Malware Mash...

00:03:05 | Fri 28 Oct 2022

Setting tech limits with a new tool.

Kim Allman from NortonLifeLock, and Carrie Neill from the National PTA, sit down with Dave to discuss the Smart Talk 2.0 tool. Joe and Dave share some follow up on an exciting new position Joe has ac…

00:43:17 | Thu 27 Oct 2022

Indicators of Compromise (noun) [Word Notes]

Digital evidence that a system or network has been breached. CyberWire Glossary link: https://thecyberwire.com/glossary/indicator-of-compromise Audio reference link: ‌”Suicide or Murder? | The Blind …

00:06:59 | Tue 25 Oct 2022

The difference between shallow fakes vs. deep fakes.

Martin Rehak CEO & Founder from Resistant AI sits down with Dave to discuss how organizations should be worried about shallow fakes vs. deep fakes. Listener Joe writes in with some follow up on Joe's…

00:42:30 | Thu 20 Oct 2022

Intrusion Detection System (noun) [Word Notes]

A system that monitors for malicious or unwanted activity, and either raises alerts when such activity is detected or blocks the traffic from passing to the target. CyberWire Glossary link: https://t…

00:07:47 | Tue 18 Oct 2022

The long con and the flim flam. [Hacking Humans Goes to the Movies]

Thanks for joining us again for another episode of fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Hacking Humans co-host Dave Bittner is joined …

00:20:14 | Sun 16 Oct 2022

Falling for a phishing kit scam.

Larry Cashdollar from Akamai sits down with Dave to discuss their research, "The Kit That Wants It All: Scam Mimics PayPal’s Known Security Measures." Joe shares an incredible story regarding imperso…

00:42:55 | Thu 13 Oct 2022

MFA prompt bombing (noun) [Word Notes]

Hackers bypass, multifactor authentication schemes by sending a blizzard of spamming login attempts until the accounts owner accepts the MFA prompt out of desperation to make the spamming stop. Cybe…

00:06:47 | Tue 11 Oct 2022

What is cyber quantum computing?

Pete Ford from QuSecure sits down with Dave to discuss what exactly cyber quantum computing is, what it means for the country, and how other countries are using quantum. Dave and Joe share follow up …

00:44:16 | Thu 06 Oct 2022

EachPod