Hacking Humans N2K Networks

This week, we are joined by Dr. Chris Pierson CEO at Black Cloak, and he is talking about some of the social engineering attacks his team is tracking. Joe's story follows how Microsoft Threat Intelligence has observed the financially motivated cybercriminal group Storm-1811 misusing the client management tool Quick Assist in social engineering attacks. Dave share's the story of the lure of a free baby grand piano to deceive over 125,000 email recipients, mainly targeting North American university students and faculty, earning at least $900,000. Our catch of the day comes from listener Chuck who writes in to share some of his junk mail he has been receiving recently, and shares concerns for other listeners.
Please take a moment to fill out an audience survey! Let us know how we are doing!
Links to the stories:

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware

Free Piano phish targets American university students, staff


Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. 
Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about "The curious case of the missing IcedID."
IcedID is a malware originally classified as a banking trojan and was first observed in 2017. It also acts as a loader for other malware, including ransomware, and was a favored payload used by multiple cybercriminal threat actors until fall 2023.
Then, it all but disappeared. In its place, a new threat crawled: Latrodectus. Named after a spider, this new malware, created by the same people as IcedID, is now poised to take over where IcedID melted off.
Today we look back at what happened to the once prominent payload, and what its successor’s spinning web of activity means for the overall landscape.

The process of stealing ATM customer credentials by means of physically and covertly installing one or more devices onto a public ATM machine.

This week we are joined by Maria Varmazis, host of the N2K daily space show, T-Minus. Maria shares an interesting story from a listener, who writes in on an AirBnB debacle he was dealing with. Joe shares the newly released 2024 Data Breach Investigations Report from Verizon. Dave shares a story From the New York Magazine, written by Ezra Marcus, on a college sophomore from University of Miami who was found to be tangled up in a refund fraud scam that granted him a lavish lifestyle. Our catch of the day comes from Joe's mother this week. She happened to receive an email with the subject line being "your order is confirmed," coming from what looks to be "McAfee."
Please take a moment to fill out an audience survey! Let us know how we are doing!
Links to the stories:

The Package King of Miami

2024 Data Breach Investigations Report


You can hear more from the T-Minus space daily show here.
Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

A nation-state hacking group’s practice of funding its town activities through cybercrime or cyber mercenary work.

This week, we are joined by host of 8th Layer Insights, Perry Carpenter from KnowBe4 and Dr. Jessica Barker from Cygenta to discuss human risk: awareness, behavior and beyond. Joe and Dave share some listener follow up, the first being from Richard, who writes in to share some tips and tricks regarding relationship scams mentioned in a previous show. The second is from Michael, who writes in with some thoughts on social engineering to compromise open source projects from episode 288. Dave shares a story on researchers observing millions of daily emails from "Jenny Green," facilitated by the Phorpiex botnet, distributing LockBit 3.0 ransomware that has affected millions of people. Joe share's Paul Raffile's story, a gentleman who got fired from Facebook before he even started. Our catch of the day comes from listener Gordy who shared an email with us regarding his "McAfee security."
Please take a moment to fill out an audience survey! Let us know how we are doing!
Links to the stories:

Security Experts Issue Jenny Green Email Warning For Millions


LinkedIn Paul Raffile (Part 1)


LinkedIn Paul Raffile (Part 2)


Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.