Hacking Humans

Explore the fascinating origins of red teaming, tracing its roots from historical military tactics to modern cybersecurity practices. Discover how this collaborative approach enhances training and boosts incident response within security organizations. The discussion reveals how emulating adversary behavior has become crucial for organizations aiming to strengthen their defenses against evolving threats.

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about how threat actors are shifting tactics across the landscape, focusing more on advanced social engineering and refined initial access strategies than on sophisticated malware. We’ll dive into Proofpoint's latest blog detailing a transport sector breach that, while involving relatively standard malware, showcases this growing trend of nuanced techniques and toolsets.

Celebrate Halloween with a comical twist on cyber threats! Journey through a parody of a classic song that cleverly explains malware, from Stuxnet to botnets. Discover the ongoing battle between cybersecurity experts and cybercriminals in a fun and accessible way. Enjoy humorous insights into viruses, phishing, and the infamous Dark Web. This entertaining take makes complex topics like adware and ransomware engaging for everyone!

Maria Varmazis, host of N2K's T-Minus, reveals the chilling tactics behind political donation scams targeting vulnerable seniors. With alarming statistics, she sheds light on how manipulative texts can lead these individuals to make costly donations without their knowledge. The discussion also touches on the dangers of AI in scams, where real-time voice technology can mimic callers to deceive victims. Varmazis emphasizes the urgent need for awareness and family protection against these emotional and financial exploitations.

Marcus Ranum, a pioneer in firewall technology and lead developer of the Gauntlet Firewall, shares insights into the evolution of next-generation firewalls. He discusses how these firewalls have transformed into layer 7 security orchestration platforms. Ranum highlights key advancements since the 1980s, the rise of subscription services, and the shifting market landscape. He even shares a personal anecdote from his journey in firewall development, leading to a discussion on AI-driven security solutions from companies like Vectra.

Maria Varmazis, host of N2K's T-Minus, dives into the dark world of cybercrime. She reveals how the Telekopye scam toolkit is now targeting popular booking sites like Airbnb and Booking.com. The conversation shifts to the chilling 'blessing scam,' where fraudsters masquerade as spiritual healers to exploit vulnerable individuals, particularly older Chinese women. Additionally, Varmazis discusses new FTC rules aimed at simplifying subscription cancellations, emphasizing the need for consumer protection against such pervasive scams.

Dive into the intriguing world of cyber adversaries and their fast flux techniques. Discover how attackers manipulate DNS to obscure their command and control servers. A historical case from 2007 showcases the method's effectiveness in a malicious campaign. The discussion reveals the challenges posed to law enforcement and network defenders as they confront these dynamic IP address changes. Real-life incidents and cinematic examples underline the high stakes in this digital chess match.

Maria Varmazis, host of T-Minus, sheds light on how cybercriminals exploit chaos after natural disasters like Hurricane Helene. She discusses common scams targeting vulnerable victims, including phishing attacks disguised as FEMA communications. The conversation also highlights alarming trends in cryptocurrency fraud, with U.S. authorities charging individuals for manipulating markets. It's a timely reminder of the need for vigilance in both natural disasters and the digital realm!

Nina Jankowicz, Co-Founder and CEO of the American Sunlight Project, and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber, dive deep into the complexities of election propaganda. They discuss the growing awareness of social media's role in spreading misinformation and the challenges lawmakers face. The conversation reveals the dangers of deepfakes and emphasizes the need for critical thinking to navigate this landscape. Civic engagement and informed voting emerge as essential tools for safeguarding democratic integrity in future elections.

Explore the fascinating history of encryption, from ancient techniques to modern applications, showcasing its key role in securing transactions like online shopping. Delve into the complexities of security systems, revealing the illusion of complete safety. The discussion touches on philosophical insights and a 1983 film predicting communication tech advancements, weaving together intriguing narratives. Don't miss the introduction of a sponsor specializing in identity management, rounding out this insightful exploration.