Hacking Humans
Deception, influence, and social engineering in the world of cyber crime.
- Update frequency
- every 3 days
- Average duration
- 26 minutes
- Episodes
- 696
- Years Active
- 2018 - 2025
BSIMM (noun) [Word Notes]
A descriptive model that provides a baseline of observed software security initiatives and activities from a collection of volunteer software development shops.
00:06:09 |
Tue 15 Mar 2022
Technology's effects on students during the pandemic.
Guest Justin Reilly, the CEO of Impero, stops by to talk with Dave Bittner about the mental health of kids in the digital age, Dave's got a story about large-scale phishing campaigns targeting the In…
00:40:17 |
Thu 10 Mar 2022
OWASP vulnerable and outdated components (noun) [Word Notes]
Software libraries, frameworks, packages, and other components, and their dependencies (third-party code that each component uses) that have inherent security weaknesses, either through newly discove…
00:08:04 |
Tue 08 Mar 2022
Phishing seems to be cyclical and thematic.
Guest Jeff Nathan, the Director of Threat research at Norton Labs, joins Dave to discuss their most recent Consumer Cyber Safety Pulse Report, Joe and Dave share some follow up from listeners Daniel …
00:48:09 |
Thu 03 Mar 2022
OWASP software and data integrity failures (noun) [Word Notes]
Code and data repositories that don't protect against unauthorized changes.
00:08:27 |
Tue 01 Mar 2022
A blurring of lines between nation states and criminals.
Guest Joshua Neil, the Chief Data Scientist for SecurOnix, joins Dave to talk about evasive techniques and identifying nation-state kill chains, Joe shares an update on his identity theft experience,…
00:45:15 |
Thu 24 Feb 2022
OWASP server-side request forgery (noun) [Word Notes]
An attack technique that leverages an unprotected web server as a proxy for attackers to send commands through to other computers.
00:07:38 |
Tue 22 Feb 2022
Hustling the hustlers. [Hacking Humans Goes to the Movies]
Thanks for joining us for the latest episode of our fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Co-hosts Dave Bittner and Joe Carrigan are jo…
00:21:15 |
Sun 20 Feb 2022
Vulnerabilities will be found.
Guest Deral Heiland from Rapid7 talks with our UK Correspondent Carole Theriault about the state of IOT, Joe shares a personal story about bank checks and a debit card received at his home that were …
00:47:53 |
Thu 17 Feb 2022
OWASP security logging and monitoring failures (noun) [Word Notes]
The absence of telemetry that could help network defenders detect and respond to hostile attempts to compromise a system.
00:06:04 |
Tue 15 Feb 2022
If you wish for peace, prepare for cyberwar.
Guest Nick Shevelyov, Chief Security Officer for Silicon Valley Bank. joins Dave sharing some personal history around security, and discussing his book "Cyber War… and Peace," Dave and Joe have some …
00:49:55 |
Thu 10 Feb 2022
OWASP identification and authentication failures (noun) [Word Notes]
Ineffectual confirmation of a user's identity or authentication in session management.
00:05:58 |
Tue 08 Feb 2022
How to talk your way in anywhere. [Hacking Humans Goes to the Movies]
Thanks for joining us for the latest episode of our fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Co-hosts Dave Bittner and Joe Carrigan are jo…
00:22:09 |
Sun 06 Feb 2022
The ransomware game has evolved.
Guest Allan Liska from Recorded Future joins Dave to discuss the evolution of ransomware and his new book "Ransomware: Understand. Prevent. Recover," Joe shares a question from listener Joan about an…
00:52:14 |
Thu 03 Feb 2022
OWASP broken access control (noun) [Word Notes]
Software users are allowed access to data or functionality contrary to the defined zero trust policy by bypassing or manipulating the installed security controls.
00:07:30 |
Tue 01 Feb 2022
Useful ransomware protection for you.
Guest Roger Grimes, Data Driven Defense Evangelist at KnowBe4, joins Dave to discuss his new book "Ransomware Protection Playbook," Dave has a story about a Meta (Facebook) group with a cryptocurrenc…
00:44:55 |
Thu 27 Jan 2022
OWASP security misconfiguration (noun) [Word Notes]
The state of a web application when it's vulnerable to attack due to an insecure configuration.
00:07:03 |
Tue 25 Jan 2022
The perfect environment for ATOs (account takeovers) to breed.
Guest Jane Lee, Trust and Safety Architect at Sift, joins Dave to talk about the Digital Trust and Safety Index, Joe and Dave share some follow up from a listener, Ben, with a suggestion as an altern…
00:46:21 |
Thu 20 Jan 2022
OWASP insecure design (noun)
A broad OWASP Top 10 software development category representing missing, ineffective, or unforeseen security measures.
00:08:19 |
Tue 18 Jan 2022
The only locks you should pick are your own.
Guest Tom Tovar, CEO and Co-Creator of AppDome, joins Dave and Joe to discuss the results of a recent consumer survey, Dave's story is based on a tweet where the user's child's middle school had some…
00:44:52 |
Thu 13 Jan 2022
Disclaimer: The podcast and artwork embedded on this page are the property of N2K Networks, Inc.. This content is not affiliated with or endorsed by eachpod.com.