Hacking Humans

Guest Etay Maor of Cato Networks joins Dave Bittner to discuss the impact that deepfakes will have on our society, we share some fun feedback on the Lightning Rod story edit, Dave's story talks about how some of the most successful and lucrative online scams employ a “low-and-slow” approach, Joe's story is about 2 Arkansas farmer that scammed investors out of money for wind turbines, but used it for houses, cars and Disney World, and our Catch of the Day is from an unnamed listener with a supposed iPhone invoice.Links to stories: Gift Card Gang Extracts Cash From 100k Inboxes Daily Arkansas wind farmers claimed their technology was more efficient than turbines — then spent investors’ money on houses, cars and at Disney World Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

A forensic technique where practitioners capture an entire image of a system and analyze the contents offline.

Guest Gil Friedrich from Avanan joins Dave to discuss how collaboration platforms, like Microsoft Teams, Slack and others, opened up a new gateway to ransomware attacks, Joe's story comes from listener Matt shared as a COTD candidate that's a phishing scam, Dave's got a story about China and Russia trying to turn your employees into spies, and our Catch of the Day comes from a listener named Iain with a timely story "from" Afghanistan.Links to stories: Guarding Against the Chinese Domain Name Email Scam The FBI’s warning to Silicon Valley: China and Russia are trying to turn your employees into spies Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.Note: Microsoft is a sponsor of the CyberWire, however, we cover them as we would any other company.

A supply chain cybersecurity accreditation standard designed for the protection of controlled unclassified information that the U.S. Department of Defense, or DoD, will require for all contract bids by October, 2025. 

Guest Javvad Malik from KnowBe4 shares his thoughts on bad security training with the CyberWire's UK correspondent Carole Theriault, Dave's story is about deepfake technology being used for business cases, Joe's gives a synopsis of Proofpoint's most recent State of the Phish report, our very first Catch of the Day about Discord comes from a listener named Henning.Links to stories: Deepfakes Are Now Making Business Pitches Proofpoint's 2021 State of the Phish Report Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

A collection of people, process, and technology that provides an organization the ability to detect and respond to cyber attacks.

Guest Brandon Hoffman from Intel 471 joins Dave to talk about how cybercriminals are going after large retail and hospitality companies, Joe shares some advice for college students to avoid scams and ID theft, Dave got an edit to the tale of the lightning rod, our Catch of the Day comes from listener Shannon who received a beneficiary scam email.Links to stories: BBB Scam Alert: 6 Scams for College Students to Avoid BBB Tip: 9 Tips for college students to avoid ID theft Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Cybercriminals who lack the expertise to write their own programs use existing scripts, code, or tools authored by other more skilled hackers. 

Guest Jann Yogman, entertainment industry veteran and writer of Mimecast Awareness Training, joins Dave to share his thoughts on the ransomware epidemic and the cybersecurity awareness training problem, Joe's got a story about scams targeting families eligible for the IRS' child tax credit, Dave's story is about scams and fraud experienced by US military veterans, personnel, and their families, our Catch of the Day comes from listener Sawyer Dicky on Reddit who insists he's not the right guy.Links to stories: IRS warns of child tax credit scams US military personnel lost over $822 million to scams since 2017 Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

An isolated and controlled set of resources that mimics real world environments and used to safely execute suspicious code without infecting or causing damage to the host machine, operating system, or network.