Hacking Humans

UK Correspondent Carole Theriault returns with an interview with Paul, a spam analyst, Dave and Joe have some follow-up, Joe revisits NFTs with rug pull scams, Dave's story is about phishers using a symbol in place of the Verizon logo, and our Catch of the Day comes from listener Rafael in Spain about a Steam account takeover scam attempt his son experienced on Discord.Links to stories:Phishers Get Clever, Use Math Symbols for Verizon LogoHave a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Cloud services intended for cyber criminals and other bad actors designed to obstruct law enforcement and other kinds of government investigations, and to provide some protection against competitors.

Guest Marina Ciavatta CEO at Hekate talks with Dave about some of her social engineering and pen testing experiences, Dave's got a story is about getting your family to use a password manager, Joe's story is about NFTs (non-fungible tokens) and scams that have arisen around them, and our Catch of the Day is from listener William and it turns out Dave is in trouble with the IRS again on this one.Links to stories: How to Get Your Family to Actually Use a Password Manager THE NFT SCAMMERS ARE HERE Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

The practice of securing a device that connects to a network in order to facilitate communication with other devices on the same or different networks. 

Guest Zach Schuler of NINJIO joins Dave to discuss measuring the effectiveness of awareness training, Joe's got a story about a school nurse who was scammed with a "Bank of America" Zelle transaction, Dave's story is about a phone scam a therapist received from a local "Sheriff's office," and our Catch of the Day is from Hacking Humans Senior producer Jennifer Eiben about some pricey potatoes and chocolate chip cookies she "ordered."Links to stories: School nurse falls victim to scam targeting Bank of America and Zelle customers 'He held me hostage with no gun but with his words': The phone scam gaslighting therapists Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

President Biden's May, 2021 formal compliance mandate for federal civilian executive branch agencies, or FCEBs, to include specific shortterm and longterm deadlines designed to enhance the federal government's digital defense posture. 

Guest Chris Kirsch, DefCon 25 Social Engineering Capture The Flag winner and Co-Founder and Chief Executive Officer at Rumble, talks with our UK Correspondent Carole Theriault about his experience at the event, Dave's story is about scammers bypassing social engineering and going directly to pitch employees to install ransomware, Joe's got a story about travel scams he came across while planning a recent trip, our Catch of the Day comes from Reddit about some text messages which cause emotions to flare.Links to stories: Nigerian Threat Actors Skip Social Engineering, Make Direct Pitches to Employees To Install Ransomware on Company Networks 15 Common Travel Scams (And How To Avoid Them) Catch of the Day links: Guess I made the scammer angry? He blocked me before I could really mess with him, unfortunately Did I win? Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Phase of a typical cyber adversary group's attack sequence, after the initial compromise and usually after the group has established a command and control channel, where the group moves through the victims network by compromising as many systems as it can, by looking for the data, it has come to steal or to destroy.

Guest Alex Hinchliffe, Threat Intelligence Analyst from Unit 42 at Palo Alto Networks joins Dave to talk about some of his team's ransomware research, Joe's story is about a new jury duty scam that is out there (hint, they will not call you on the phone), Dave's got a story about Microsoft rolling out passwordless login options, our Catch of the Day comes from a listener named Lucio who shared several social engineering ploys with us.Links to stories: Brand New Jury Duty Scam You Can Now Ditch the Password on Your Microsoft Account Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

A public list sponsored by the US government and designed to uniquely identify, without the need to manually cross- reference, all the known software vulnerabilities in the world.