Hacking Humans

Thanks for joining us for the latest episode of our fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Co-hosts Dave Bittner and Joe Carrigan are joined by Rick Howard in this series where they view clips from their favorite movies with examples of the social engineering scams and schemes you hear about on Hacking Humans. In this episode, Dave, Joe and Rick are watching Joe's and Dave's scene picks. They watch each of the selected scenes, describe the on-screen action for you, and then the team deconstructs what they saw. Grab a bowl of popcorn and join us for some Hollywood scams and frauds.Links to this episode's clips if you'd like to watch along: Joe's scene from "The Hustle" Dave's clip from "True Lies"

Guest Deral Heiland from Rapid7 talks with our UK Correspondent Carole Theriault about the state of IOT, Joe shares a personal story about bank checks and a debit card received at his home that were in his name but not from his bank, Dave's got a story from an email he received from the PR department at TikTok about romance scams, and our Catch of the Day is from listener John about a friend who was harassed on Facebook to click a link and how John addressed it.Links to stories:#BeCyberSmart: Tips to protect your heart and walletHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

The absence of telemetry that could help network defenders detect and respond to hostile attempts to compromise a system. 

Guest Nick Shevelyov, Chief Security Officer for Silicon Valley Bank. joins Dave sharing some personal history around security, and discussing his book "Cyber War… and Peace," Dave and Joe have some follow up from an anonymous listener about mobile device management issue at their work, Dave has a story where a woman was scammed out of thousands while someone contacted her to "help" with a problem with their bank, Joe's got a few stories about Facebook and ad scams, and our Catch of the Day is from listener Jonathan with a Geek Squad subscription scam.Links to stories: They Were ‘Calling to Help.’ Then They Stole Thousands Facebook blames Apple after a historically bad quarter, saying iPhone privacy changes will cost it $10 billion Scam ads: why an Australian billionaire is launching legal action against Facebook Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Ineffectual confirmation of a user's identity or authentication in session management.

Thanks for joining us for the latest episode of our fun project brought to you by the team of Hacking Humans, the CyberWire's social engineering podcast. Co-hosts Dave Bittner and Joe Carrigan are joined by Rick Howard in this series where they view clips from their favorite movies with examples of the social engineering scams and schemes you hear about on Hacking Humans. In this episode, Dave, Joe and Rick are watching Dave's and Rick's scene picks. They watch each of the selected scenes, describe the on-screen action for you, and then the team deconstructs what they saw. Grab a bowl of popcorn and join us for some Hollywood scams and frauds.Links to this episode's clips if you'd like to watch along: Dave's clip from the television show "Key & Peele" Rick's pick from "Sneakers"

Guest Allan Liska from Recorded Future joins Dave to discuss the evolution of ransomware and his new book "Ransomware: Understand. Prevent. Recover," Joe shares a question from listener Joan about an email her father received from "MasterCard Fraud Department" asking photo/video and the last 4 of his Social Security Number, Joe has a story about scams to watch out for during tax time in the US, Dave's story is about ransomware operators trying to recruit company insiders, and our Catch of the Day is from listener Michael who had some acquaintances fall for a scam.Links to stories: Latest IRS Scams: How to Spot Them and Fight Back The Rising Insider Threat: Hackers Have Approached 65% of Executives or Their Employees To Assist in Ransomware Attacks Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Software users are allowed access to data or functionality contrary to the defined zero trust policy by bypassing or manipulating the installed security controls. 

Guest Roger Grimes, Data Driven Defense Evangelist at KnowBe4, joins Dave to discuss his new book "Ransomware Protection Playbook," Dave has a story about a Meta (Facebook) group with a cryptocurrency scam that promises "a new way to wealth," Joe's story has tales of account takeover attacks of high-profile gamers, and our Catch of the Day is from listener Jesse about a text they received from "Facebook" about a $600,000 windfall.Links to stories: We Infiltrated a Crypto Scam Network That’s Hosted by Meta EA Confirms Account Takeover Attacks Compromising High-Profile Gamers via Phishing and Social Engineering Attacks Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

The state of a web application when it's vulnerable to attack due to an insecure configuration.