Search the site
Industry Insights
Podcasts
Briefings
Stories
Events
Glossary
N2K Pro
CSO Perspectives
Podcasts
Briefings
Pro Academy
New
Hash Table
1
st
Principles Course
About
Our Story
Press
Team
Testimonials
Sponsor
Partners
Dev
API
Account
Profile
Logout
Home
Search the site
Industry Insights
Podcasts
Briefings
Stories
Events
Glossary
N2K Pro
CSO Perspectives
Podcasts
Briefings
Pro Academy
New
Hash Table
1
st
Principles Course
Dev
API
About
Our Story
Press
Team
Testimonials
Sponsor
Partners
January 23, 2025
Join Pro
LOGIN
16 hours ago
Back to the office, back to the threats.
On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week Maria has the story on how the return to office life brings unique security challenges, highlighting the need for Red Team assessments to uncover and address physical and digital vulnerabilities, empowering organizations to proactively enhance workplace security and protect against evolving threats. Joe's story comes from the FCC's warning about a scam dubbed "Green Mirage," where fraudsters impersonate mortgage lenders, spoof caller IDs, and use social engineering to trick financially vulnerable homeowners into sending payments via unconventional methods, often only discovered when foreclosure proceedings begin. Last but not least, Dave's story is on how a Reddit user shared their cautious experiment with a suspected Airbnb scam involving a new account requesting to move to WhatsApp, agreeing to unusually high rental rates, and engaging in rapport-building tactics, with red flags pointing to potential financial fraud or phishing attempts. Our catch of the day comes from listener William, who spotted a phishing scam disguised as a security alert about a compromised crypto wallet, featuring an unsolicited QR code and a generic warning that targets even non-crypto users.
Hacking Humans
16 hours ago
Back to the office, back to the threats.
On Hacking Humans, Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there. This week Maria has the story on how the return to office life brings unique security challenges, highlighting the need for Red Team assessments to uncover and address physical and digital vulnerabilities, empowering organizations to proactively enhance workplace security and protect against evolving threats. Joe's story comes from the FCC's warning about a scam dubbed "Green Mirage," where fraudsters impersonate mortgage lenders, spoof caller IDs, and use social engineering to trick financially vulnerable homeowners into sending payments via unconventional methods, often only discovered when foreclosure proceedings begin. Last but not least, Dave's story is on how a Reddit user shared their cautious experiment with a suspected Airbnb scam involving a new account requesting to move to WhatsApp, agreeing to unusually high rental rates, and engaging in rapport-building tactics, with red flags pointing to potential financial fraud or phishing attempts. Our catch of the day comes from listener William, who spotted a phishing scam disguised as a security alert about a compromised crypto wallet, featuring an unsolicited QR code and a generic warning that targets even non-crypto users.
Hacking Humans
Cybersecurity News
CyberWire Daily
Just Now
A warning from the cloud.
CISA and FBI detail exploit chains used by Chinese hackers to compromise Ivanti Cloud Service Appliances. Energy systems in Central Europe use unencrypted radio signals. A critical SonicWall vulnerability is under active exploitation. The Nnice ransomware strain isn’t. Cisco discloses a critical vulnerability in its Meeting Management tool. GhostGPT is a new malicious generative AI chatbot. ClamAV patches critical vulnerabilities in the open-source anti-virus engine. A new report questions the effectiveness of paying ransomware demands. DOGE piggybacks on the United States Digital Service. On our Industry Voices segment, we are joined by Joe Gillespie, Senior Vice President at Booz Allen, discussing Cyber AI. Jen Easterly leaves CISA a legacy of resilience and dedication.
Caveat
1 hour ago
Trump revokes Biden’s executive order centered on AI risks.
Prince Harry and Murdoch Newspapers settle lawsuit.
Daily Briefing
4 hours ago
CISA and FBI issue advisory on Ivanti CSA exploit chains.
Critical SonicWall vulnerability may be under exploitation. GhostGPT facilitates cyberattacks.
Threat Vector
15 hours ago
The ABCs of IOT Cybersecurity
IoT devices are everywhere, with billions deployed globally in industries like healthcare, manufacturing, and critical infrastructure. But this explosion of connectivity brings unprecedented security challenges. In this episode of Threat Vector, host David Moulton speaks with Dr. May Wang, CTO of IoT Security at Palo Alto Networks, about how AI is transforming IoT security. Dr. Wang shares insights from her pioneering work, including the industry's first AI-based IoT security solution and the evolving nature of threats in the IoT ecosystem. Discover how AI can tackle vulnerabilities, secure 5G-connected devices, and what every organization should know to stay ahead.
Caveat
16 hours ago
Breaking the SaaS paradigm.
This week, we are joined by Shiva Nathan, Founder & CEO of Onymos, talking about why data privacy is a critical priority for companies, yet a major challenge for them. Ben and Dave look at some of the early actions of the Trump administration and what they portend for the future.
CyberWire Daily
Jan 22, 2025
The uncertain future of cyber safety oversight.
The latest cyber moves from the Trump White House. Pompompurin faces resentencing. An attack on a government IT contractor impacts Medicaid, child support, and food assistance programs. Helldown ransomware targets unpatched Zyxel firewalls. Murdoc is a new Mirai botnet variant. Cloudflare maps the DDoS landscape. North Korea’s Lazarus group uses fake job interviews to deploy malware. Hackers are abusing Google ads to spread AmosStealer malware. Pwn2Own Automotive awards over $382,000 on its first day. In our CertByte segment, Chris Hare and Steven Burnley take on a question from N2K’s Agile Certified Practitioner (PMI-ACP)® Practice Test. NYC Restaurant week tries to keep bots off the menu.
Business
Jan 22, 2025
Mitiga secures $30 million in Series B funding. Doti AI and Spikerz each raise $7 million.
HUB Cyber Security to acquire fraud data intelligence platform BlackSwan Technologies
Daily Briefing
Jan 22, 2025
President Trump fires DHS advisory committee members and pardons Silk Road founder.
BreachForums founder to be resentenced. Conduent confirms outage was caused by a cyberattack.
Story
Jan 22, 2025
CertByte: ISC2® Certified in Cybersecurity
On this edition of CertByte, we discuss a question from N2K’s ISC2® Certified in Cybersecurity (CC) practice test. As your news-to-knowledge partner, N2K will advance your career while bringing you the industry news and trends that help you stay a step ahead. Through our bi-weekly episodes of CertByte on the CyberWire Daily podcast, and these companion articles, we aim to support your certification journey and fast-track your career growth in IT, cybersecurity, and project management. As your host, I or my guest will share a practice question from N2K’s suite of industry-leading content and a study tip (or study “bit” as I like to call it) to increase your confidence and readiness on exam day.
Microsoft
Jan 22, 2025
Refactoring the Windows Kernel with Joe Bialek
In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by BlueHat 2024 presenter Joe Bialek, a security engineer at Microsoft with over 13 years of experience. Joe shares his fascinating journey from intern to red team pioneer, recounting how he helped establish the Office 365 Red Team and pushed the boundaries of ethical hacking within Microsoft. He discusses his formative years building sneaky hacking tools, navigating the controversial beginnings of red teaming, and transitioning to the Windows Security Team to focus on low-level security and mitigations. Joe reflects on the challenges of internal hacking, the human reactions to being "hacked," and the value of strengthening defenses before external threats arise.
Microsoft Threat Intelligence
Jan 22, 2025
Seashell Blizzard Ramping Up Operations and OSINT Trends of DPRK Threat Actors
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by security researchers Elise Eldridge and Anna Seitz to discuss the most recent notable developments across the threat landscape. The conversation centers around Seashell Blizzard, a threat actor also known as Sandworm or APT-44, which has been active since at least 2013. Recently, Seashell Blizzard has resumed using spear-phishing campaigns targeting the European energy sector and Ukrainian entities, deploying destructive malware like Walnut Wipe and Prickly Pear. The team highlights the geopolitical implications of these attacks, particularly in the context of Russia's influence on energy and global events. Sherrod also touches on the history of wipers in cyber operations and transitions to a discussion with Elise about trends in North Korean cyber activity, emphasizing Microsoft's ongoing efforts to analyze and mitigate these threats.
Marketing
Jan 22, 2025
Can a $30 Mic Change Your Life? David Spark Thinks So
What does it take to launch a successful cybersecurity podcast? This week, we’re excited to chat with David Spark, the creative mind behind the CISO Series Podcast and Spark Media. David, who began his career as a stand-up comedian, has significantly impacted the cybersecurity world! He will share his journey, the valuable lessons he has learned along the way, and some excellent tips for marketing teams looking to maximize their podcasts. Podcast production goes beyond simply talking into a microphone; it's also about engaging your audience with high-quality audio and achieving the right balance between content and production value. In this episode, David shares insider tips for working with sponsors and creating quality episodes and reveals his insights on Cyber Marketing Con. Tune in for an inspiring conversation!
Load More
Gain instant access to our exclusive podcast and briefing content, the Pro Academy, live events and more by subscribing to N2K Pro.
Subscribe Now