Risky Bulletin

Between Two Nerds: Phishing is easy, phishing is difficult

Aug 26, 2024

In this lively discussion, Tom Uren, a phishing expert, and The Grugq, a savvy commentator, delve into the nuances of phishing. They highlight why, although phishing can seem straightforward, it involves complex psychological and cultural factors. The conversation covers North Korea's evolving hacking strategies, the intricacies of targeted spearfishing, and the impact of business email compromise. With humor and insight, they unpack the art and challenges behind effective phishing techniques that extend beyond mere fraud.

26:20

Creator website

Episode guests

The Grugq

Tom Uren

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The evolution of phishing tactics among North Korean hacking groups demonstrates a strategic shift towards sophisticated techniques and in-house expertise development.

Successful phishing attacks necessitate a deep understanding of cultural nuances and human behavior, highlighting the complexity of social engineering in cybersecurity.

Deep dives

The Evolution of North Korean Hacking Techniques

North Korean hacking groups, particularly Lazarus, have transitioned from simple phishing methods to more sophisticated approaches involving zero-day exploits. This evolution was triggered by incidents where they employed advanced technical capabilities to target sensitive sectors like cryptocurrency and aerospace, indicating a significant investment in training and development. Unlike earlier operations that relied heavily on phishing tactics, these recent activities highlight a strategic shift towards technical proficiency and resourcefulness in hacking. This change underscores the importance of building in-house expertise rather than solely relying on third-party vulnerabilities that may come at a high cost.

Intro

2min

Evolution of Hacking Capabilities in North Korea

2min

The Sophistication of Phishing Techniques

12min

The Art of Spearfishing: Beyond Basic Phishing Tactics

4min

Navigating Cyber Threats: Business Email Compromise and Beyond

6min

In this edition of Between Two Nerds Tom Uren and The Grugq discuss the opportunities in phishing and why it is both easy and difficult.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Risky Bulletin

Between Two Nerds: Phishing is easy, phishing is difficult

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Evolution of North Korean Hacking Techniques

The Complexity of Phishing in Targeted Attacks

Integrating Human Manipulation with Cyber Operations

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

Risky Bulletin

Between Two Nerds: Phishing is easy, phishing is difficult

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Evolution of North Korean Hacking Techniques

The Complexity of Phishing in Targeted Attacks

Integrating Human Manipulation with Cyber Operations

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights