Hacking Humans

adversary group naming (noun) [Word Notes]

A cyber threat intelligence best practice of assigning arbitrary labels to collections of hacker activity across the intrusion kill chain.

22 Mar 202210min

Data privacy: is it black and white when it comes to your kids?

UK Correspondent Carole Theriault returns talking with guest David Ruiz from Malwarebytes about parents spying on their kids, Joe and Dave share some listener follow up, Joe's shares a story about the...

17 Mar 202240min

BSIMM (noun) [Word Notes]

A descriptive model that provides a baseline of observed software security initiatives and activities from a collection of volunteer software development shops.

15 Mar 20226min

Technology's effects on students during the pandemic.

Guest Justin Reilly, the CEO of Impero, stops by to talk with Dave Bittner about the mental health of kids in the digital age, Dave's got a story about large-scale phishing campaigns targeting the Ind...

10 Mar 202240min

OWASP vulnerable and outdated components (noun) [Word Notes]

Software libraries, frameworks, packages, and other components, and their dependencies (third-party code that each component uses) that have inherent security weaknesses, either through newly discover...

8 Mar 20228min

Phishing seems to be cyclical and thematic.

Guest Jeff Nathan, the Director of Threat research at Norton Labs, joins Dave to discuss their most recent Consumer Cyber Safety Pulse Report, Joe and Dave share some follow up from listeners Daniel a...

3 Mar 202248min

OWASP software and data integrity failures (noun) [Word Notes]

Code and data repositories that don't protect against unauthorized changes.

1 Mar 20228min

A blurring of lines between nation states and criminals.

Guest Joshua Neil, the Chief Data Scientist for SecurOnix, joins Dave to talk about evasive techniques and identifying nation-state kill chains, Joe shares an update on his identity theft experience, ...

24 Feb 202245min