Hacking Humans

N2K Networks
undefined
Aug 12, 2025 • 9min

Pegasus (noun) [Word Notes]

Please enjoy this encore of Word Notes. The flagship product of the controversial Israeli spyware vendor, the NSO Group, use for remotely hacking mobile devices, most notably iPhones, via zero-click exploits. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/pegasus⁠ Audio reference link:⁠“Cybersecurity beyond the Headlines: A Conversation with Journalist Nicole Perlroth⁠,” Kristen Eichensehr, and Nicole Perlroth, University of Virginia School of Law, YouTube, 14 February 2022
undefined
Aug 7, 2025 • 47min

Yeti or not, it’s a scam.

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up on an Arizona woman sentenced to over eight years in prison for running a “laptop farm” that helped North Korean IT workers pose as U.S. employees at hundreds of American companies, funneling over $17 million to Pyongyang through stolen identities and remote access. We also share an update on Joe's Profile picture. We start with Dave’s story on a Facebook scam falsely claiming insider access to a secret Yeti cooler deal from Dick’s Sporting Goods, using a fake emotional backstory to lure users into clicking a malicious link under the guise of an employee-only loophole. Maria’s story is on escalating violence at the Thailand-Cambodia border, where a long-standing territorial dispute has reignited after a leaked phone call between leaders fractured a decades-old political friendship, sparking deadly clashes, diplomatic fallout, and rising tensions fueled by personal betrayal, political instability, and mutual economic pressures. Joe’s story follows the indictment of a former Tri-Cities pastor who allegedly used his position and a fake cryptocurrency scheme called “Solano Fi” to defraud his congregation and others out of millions, promising risk-free returns while siphoning the funds for himself and his co-conspirators. Our catch of the day comes from Joe who shares an interesting email from "Xfinity." Complete our annual ⁠⁠⁠⁠⁠audience survey⁠⁠⁠⁠⁠ before August 31. Resources and links to stories: ⁠⁠⁠⁠⁠Arizona woman sentenced over $17 million North Korea worker fraud scheme⁠ Facebook: Ava Davis  Facebook Facebook Facebook The fractured friendship behind the fight at the Thailand-Cambodia border Lethal Cambodia-Thailand border clash linked to cyber-scam slave camps Beneath the Border: Scam Centers and the Thailand–Cambodia Conflict Grand Jury Charges Pastor, Wife in Alleged Multi-Million Dollar Cryptocurrency Scam Former Tri-Cities Pastor Indicted for Multi-Million Dollar Cryptocurrency Scam ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.
undefined
Aug 5, 2025 • 8min

Domain-based Message Authentication Reporting Conformance (DMARC) (noun) [Word Notes]

Please enjoy this encore of Word Notes. An open source email authentication protocol designed to prevent emails, spoofing in phishing, business email compromise or BEC, and other email-based attacks.  CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/pegasus⁠ Audio reference link:"⁠Global Cyber Alliance's Phil Reitinger talks DMARC adoption⁠" “Global Cyber Alliance’s Phil Reitinger Talks DMARC Adoption.” YouTube Video. YouTube, April 27, 2018
undefined
Aug 5, 2025 • 29min

Work from home, malware included. [OMITB]

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠⁠Selena Larson⁠⁠⁠, ⁠⁠⁠Proofpoint⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠DISCARDED⁠⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠N2K Networks⁠⁠⁠ ⁠⁠⁠Dave Bittner⁠⁠⁠ and ⁠⁠Keith Mularski⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠Qintel⁠⁠. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our three hosts discuss several articles covering a new wave of social engineering attacks tied to the so-called Contagious Interview campaign. In this operation, threat actors linked to North Korea are reportedly posing as tech recruiters to trick job seekers into downloading malware. The discussion highlights updates to two malware strains—BeaverTail and InvisibleFerret—that have been retooled with cross-platform capabilities and new data theft features, raising fresh concerns about how targeted individuals could become a gateway into larger organizational networks. You can find the links to the stories here: Lazarus Group Infostealer Malwares Attacking Developers In New Campaign Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware North Korean State Sponsored Supply Chain Attack on Tech Innovation Lazarus Group Targets Organizations with Sophisticated LinkedIn Recruiting Scam
undefined
16 snips
Jul 31, 2025 • 30min

Click for a pay bump?

In this discussion, Rob Allen, Chief Product Officer at ThreatLocker, examines the notorious cybercriminal group, Scattered Spider. Known for their youthful and agile members, Scattered Spider relies on social engineering rather than traditional hacking. They manipulate support staff to access sensitive information, using tactics as sophisticated as AI-generated voices. Rob highlights the importance of recognizing red flags in communications, illustrated by a listener’s phishing attempt about a salary increase, urging organizations to enhance cybersecurity training.
undefined
Jul 29, 2025 • 8min

Shields Up (noun) [Word Notes]

Please enjoy this encore of Word Notes. A condition announced by the US Cybersecurity and Infrastructure Security Agency (CISA) to draw attention to a temporary period of high alert, associated with expectation of a connected wave of cyberattacks prompted by either a widespread vulnerability or an unusually active and capable threat actor. CyberWire Glossary link: ⁠⁠https://thecyberwire.com/glossary/shields-up⁠⁠ Audio reference link: “⁠⁠Star Trek II Wrath of Khan - Reliant vs Enterprise; First Clash⁠⁠” YouTube, YouTube, 11 Apr. 2015,  
undefined
Jul 24, 2025 • 52min

The delusional side of AI therapy.

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We've got some follow-up from listener Kajetan, who recalled a run-in with a scammer in Paris posing as a mute fundraiser—and says he performed a "miracle" by crossing out his name, prompting the supposedly mute woman to suddenly start yelling at him. Maria has the story on how small businesses in Toronto, like the family-run Souvlaki Hut and Pippins Tea Company, were shocked to discover that thieves exploited vulnerabilities in their point of sale terminals to issue themselves thousands in fraudulent refunds—exposing serious flaws in how these machines are secured. Dave's story is on a Stanford-led study that found popular AI therapy bots, including ChatGPT and commercial mental health platforms, often respond inappropriately to serious mental health issues—fueling delusions, validating harmful thoughts, and failing to follow basic therapeutic guidelines—raising urgent concerns about their use as replacements for human therapists. Joe follows the story on a sweeping federal investigation into Minnesota's Housing Stabilization Services program, where agents raided homes and businesses tied to an alleged multi-million-dollar Medicaid fraud scheme that exploited vulnerable residents and billed taxpayers for housing support services that were never provided. Our catch of the day is on a patient scammer who spent five months building trust before claiming to send a $700K inheritance payout locked in a lawsuit—complete with a fake video of a safe and a shady tracking number—only to demand €15,000 in "customs fees," a scam the Redditor thankfully saw through before handing over any money. Complete our annual ⁠⁠⁠audience survey⁠⁠⁠ before August 31. Resources and links to stories: ⁠AI therapy bots fuel delusions and give dangerous advice, Stanford study finds ‘It was a shock’: Toronto business owner says customer used point of sale terminal to issue himself $2,000 refund KARE 11 Investigates: Federal agents raid homes & businesses seizing evidence in housing fraud investigation ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.
undefined
Jul 22, 2025 • 6min

Software Assurance Maturity Model (SAMM) (noun) [Word Notes]

Please enjoy this encore of Word Notes. A prescriptive open source software security maturity model designed to guide strategies tailored to an organization’s specific risks. Audio reference link: "⁠⁠OWASPMSP - Pravir Chandra: Software Assurance Maturity Model (OpenSAMM)⁠⁠." by Pravir Chandra, OWASP MSP, 2009.
undefined
Jul 17, 2025 • 47min

It’s all glitter, no gold.

This week, our hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Our hosts share some follow-up, including a Rick Roll after the last episode. They also highlight a listener note from Evaldas in Lithuania, who explains that companies often use alternate domains for marketing emails to protect their main domain’s reputation—so marking them as spam is actually expected. Joe’s got a story of a billion-dollar AI-fueled scam where criminals impersonate celebrities like Keanu Reeves and Kevin Costner to exploit lonely fans—convincing them to send money, fall in love, and keep the relationship secret, all while Hollywood scrambles to fight back. Maria has the story of how a federal court blocked the FTC’s new “click-to-cancel” rule—meant to make canceling subscriptions easier—due to a procedural misstep, just days before it was set to take effect. Dave shares a story from Reddit about a disturbing extortion scam where a victim received a fake photo of their car outside a strip club—with their real license plate—demanding $1,000 to keep it quiet, raising questions about data scraping and AI manipulation. Our catch of the day comes from the scams subreddit, where a user shares a tale of a scammer promising big returns for investing in gold and diamonds—spoiler alert: it’s all glitter, no gold. Complete our annual ⁠⁠audience survey⁠⁠ before August 31. Resources and links to stories: This Is Not Keanu: Inside the Billion-Dollar Celebrity Impersonation Bitcoin Scam A ‘click-to-cancel’ rule, intended to make canceling subscriptions easier, is blocked [US] Extortion text message with fake strip club photo but real license plate – how did they get my info? ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.
undefined
Jul 15, 2025 • 7min

Universal 2nd Factor (U2F) (noun) [Word Notes]

Please enjoy this encore of Word Notes. An open standard for hardware authentication tokens that use the universal serial bus, or USB, near-field communications, or NFCs, or Bluetooth to communicate one factor in a two-factor authentication exchange. Cyberwire Glossary link: ⁠⁠https://thecyberwire.com/glossary/u2f⁠⁠ Audio reference link: “⁠⁠Rise of the Machines: A Cybernetic History⁠⁠,” by Thomas Rid, Published by W. W. Norton Company, 21 November 2017.

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
Get the app