The Social-Engineer Podcast is about humans. Understanding how we interact, communicate and relay information can help us protect, mitigate and understand social engineering attacks
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
Join the Pop Collectors Alliance today. This community aims to empower Pop Culture Collectors. Our goal is to build a solid collecting community through podcasting, live broadcasts, social media and blogs designed to assist you in all your hunting trips, all while combating flippers. You are entering the No Flip Zone.
Mike Stubbs pushes beyond the headlines, providing a mix of informed opinion and entertainment you won’t find anywhere else. Mike explores stories and topics important to Londoners from any and all angles.
T
The CyberWire Daily


1
Charming Kitten’s smishing and phishing. Solorigate updates. Supply chain attacks and the convergence of espionage and crime. Greed-bait. Ring patches bug. Best practices from NSA, CISA.
26:01
26:01
Play later
Play later
Lists
Like
Liked
26:01
Well-constructed phishing and smishing are reported out of Tehran. Estimates of SolarWinds compromise insurance payouts. Notes from industry on the convergence of criminal and espionage TTPs. Social engineering hooks baited with greed. Ring patches a bug that could have exposed users’ geolocation (and their reports of crime). Advice on cyber best p…
L
London Live with Mike Stubbs


1
What exactly is "Smishing" and how you can improve your cyber security, how businesses are looking forward to the future and hiring, and how independent businesses are faring under new restrictions - London ...
37:35
37:35
Play later
Play later
Lists
Like
Liked
37:35
On this January 14th edition of the London Live Podcast: Mike is joined first by Jake Moore, an ESET Security Specialist on cybersecurity threats. Afterwards Michael Elliott, the co-owner of Express Employment Professionals staffing firms, tells us why businesses are excited for hiring again. Finally, Julie Kwiecinski, director of provincial affair…
T
The CyberWire Daily


1
Encore: You will pay for that one way or another. [Caveat]
36:09
36:09
Play later
Play later
Lists
Like
Liked
36:09
Dave's got the story of a landlord who may run afoul of the Computer Fraud and Abuse Act, Ben wonders if the big tech CEOs could be held liable for contact tracking apps, and later in the show my conversation with Joseph Cox. He is a Senior Staff Writer at Motherboard and will be discussing his recent article How Big Companies Spy on Your Emails. W…
T
The Social-Engineer Podcast


1
Ep. 138 – Security With Marcus Sailer of Capital Group
44:24
44:24
Play later
Play later
Lists
Like
Liked
44:24
In this episode, Chris Hadnagy and Ryan MacDougall are joined by industry professional, Marcus Sailler to discuss his experience as the red team information security manager at Capital Group. Marcus shares some great tips on creating a successful security team and how you can prevent it from becoming the "No Police". They also go over the recent ch…
T
The CyberWire Daily


1
Ann Johnson: Trying to make the world safer. [Business Development] [Career Notes]
6:47
6:47
Play later
Play later
Lists
Like
Liked
6:47
Microsoft's Corporate Vice President of Cybersecurity Business Development Ann Johnson brings us on her career journey from aspiring lawyer to cybersecurity executive. After pivoting from studying law, Ann started working with computers and found she had a deep technical aptitude for technology and started earning certifications landing in cybersec…
T
The CyberWire Daily


1
Manufacturing sector is increasingly a target for adversaries. [Research Saturday]
25:47
25:47
Play later
Play later
Lists
Like
Liked
25:47
Guest Selena Larson, senior cyber threat analyst at Dragos, Inc., joins us to discuss their research into recent observations of ICS-targeting threats to manufacturing organizations. Cyber risk to the manufacturing sector is increasing, led by disruptive cyberattacks impacting industrial processes, intrusions enabling information gathering and proc…
T
The CyberWire Daily


1
SideWinder and South Asian cyberespionage. Project Zero and motivation to patch. CISA’s advice for cloud security. Classiscam in the criminal-to-criminal market. SolarLeaks misdirection?
25:19
25:19
Play later
Play later
Lists
Like
Liked
25:19
There are other things going on besides Solorigate and deplatforming. There’s news about the SideWinder threat actor and its interest in South Asian cyberespionage targets. Google’s Project Zero describes a complex and expensive criminal effort. CISA discusses threats to cloud users, and offers some security recommendations. A scam-as-a-service aff…
Rick and Piper are back in 2021 ready to talk Funko Fair. Funko has decided to host their own version of Toy Fair 2021. Funko Fair starts next week and Rick and Piper make predictions on the upcoming announcements. They also talk about Texas weather, Bimtoy, Abominable Toys, LEGO, and other announcements for 2021. Join the team on this wild ride th…
L
London Live with Mike Stubbs


1
Getting a legal perspective on the LHSC lawsuit, looking into the 2021 provincial and federal economic situation, and how are things faring in D.C. right now? - London Live Podcast, January 13th
21:01
21:01
Play later
Play later
Lists
Like
Liked
21:01
On this January 13th edition of the London Live Podcast: Mike is first joined by Howard Levitt, Canada's leading employment and labour relations lawyer, to get a legal perspective into the Paul Woods LHSC lawsuit, and to see if it actually has any merit. Afterwards he is joined by Moshe Lander of Concordia University to check in on the 2021 financi…
T
The CyberWire Daily


1
Looking for that threat actor “likely based in Russia.” SolarLeaks and a probably bogus offer of stolen files. Notes on Patch Tuesday.
22:21
22:21
Play later
Play later
Lists
Like
Liked
22:21
Speculation grows that the Solarigate threat actors were also behind the Mimecast compromise. SolarLeaks says it has the goods taken from FireEye and SolarWinds, but caveat emptor. Notes on Patch Tuesday. Joe Carrigan has thoughts on a WhatsApp ultimatum. Our guest is Andrew Cheung of 01 Communique with an update on quantum computing. And farewell …
L
London Live with Mike Stubbs


1
Understanding rolling out vaccines to the indigenous community, what does the latest COVID-19 modelling show, and how do you run a virtual Mardi Gras - London Live Podcast, January 12th
21:28
21:28
Play later
Play later
Lists
Like
Liked
21:28
On this January 12th edition of the London Live Podcast: Grand Chief Joel Abram of the Association of Iroquois and Allied Indians joins us to talk about how important the COVID-19 vaccine rollout is for their communities. Afterwards Dr. Daniel Coombs, professor of Mathematics at UBC goes over the latest COVID-19 modelling data with us. Finally, Pau…
T
The CyberWire Daily


1
Cyberespionage campaign hits Colombia. New malware found in the SolarWinds incident. Mimecast certificates compromised. Ubiquiti tells users to reset passwords. Two wins for the good guys.
24:26
24:26
Play later
Play later
Lists
Like
Liked
24:26
A cyberespionage campaign, so far not attributed to any threat actor, continues to prospect government and industry targets in Colombia. A new bit of malware is found in the SolarWinds backdoor compromise. Mimecast certificates are compromised in another apparent software supply chain incident. Ubiquiti tells users to reset their passwords. A brief…
L
London Live with Mike Stubbs


1
An argument against social media, understanding the effectiveness of pandemic curfew restrictions, and getting a UK update from Mike's family - London Live Podcast, January 11th
39:15
39:15
Play later
Play later
Lists
Like
Liked
39:15
On this January 11th edition of the London Live Podcast: Dr. Tom Cooke, Privacy, Ethics and Internal Threat Assessment Manager at the Centre for Advanced Computing, tells us why he's given up on Social Media, and why others might want to as well. Afterwards Dr. Amesh Adalja of the Johns Hopkins Center for Health Security explains to us why pandemic…
T
The CyberWire Daily


1
More (ambiguous) evidence for attribution of Solorigate. CISA expands incident response advice. Inspiration, investigation, and deplatforming: notes from the Capitol Hill riot.
27:32
27:32
Play later
Play later
Lists
Like
Liked
27:32
Similarities are found between Sunburst backdoor code and malware used by Turla. CISA expands advice on dealing with Solorigate. Courts revert to paper...and USB drives. More members of the US Congress report devices stolen during last week’s riot. Online inspiration for violence seems distributed, not centralized. Caleb Barlow examines protocols f…
T
The Social-Engineer Podcast


1
Ep. 137 – Human Hacking With Chris Hadnagy
58:10
58:10
Play later
Play later
Lists
Like
Liked
58:10
In this special episode, Chris Hadnagy joins Maxie Reynolds to talk about the amazing stories and useful lessons contained in Chris’s new book: “Human Hacking: Win Friends, Influence People, and Leave Them Better Off for Having Met You”. Listen as Chris delves into the process of making “Human Hacking” and shares the awesome story behind its incept…
T
The CyberWire Daily


1
Tom Gorup: Fail fast and fail forward. [Operations] [Career Notes]
6:29
6:29
Play later
Play later
Lists
Like
Liked
6:29
Vice President of Security and Support Operations of Alert Logic Tom Gorup shares how his career path led him from tactics learned in Army infantry using machine guns and claymores to cybersecurity replacing the artillery with antivirus and firewalls. Tom built a security automation solution called the Grunt (in recollection of his role in the Army…
T
The CyberWire Daily


1
Emotet reemerges and becomes one of most prolific threat groups out there. [Research Saturday]
25:50
25:50
Play later
Play later
Lists
Like
Liked
25:50
Deep Instinct's Shimon Oren joins us to talk about his team's research on "Why Emotet's latest wave is harder to catch than ever before - Part 2." Emotet appears to have reemerged more evasive than before, this time with a payload delivered from a loader that security tools aren’t equipped to handle. Emotet, the largest malware botnet today, starte…
T
The CyberWire Daily


1
The Solorigate cyberespionage campaign and sensitive corporate data. The cybersecurity implications of physical access during the Capitol Hill riot. Ransomware’s successful business model.
25:36
25:36
Play later
Play later
Lists
Like
Liked
25:36
Solorigate and its effect on sensitive corporate information. The DC riots show the cybersecurity consequences of brute physical access to systems. A North Korean APT resurfaces with the RokRat Trojan. Ransomware remains very lucrative, and why? Because people continue to pay up. Thomas Etheridge from CrowdStrike on The Role of Outside Counsel in t…
L
London Live with Mike Stubbs


1
Getting a recap of the Capitol and Trump situation, examining the latest announcements for vaccine rollouts, and getting an understanding of how airports have been impacted by the lockdowns - London Live ...
31:47
31:47
Play later
Play later
Lists
Like
Liked
31:47
On this January 7th edition of the London Live Podcast: Yesterday was an unprecedented day in American political history. To help us break down what happened and what the fallout might look like is Dr. Matthew Lebo, professor of Political Science at Western University. Afterwards we are joined by Dr. Colin Furness, Assistant Professor at the Dalla …
T
The CyberWire Daily


1
CISA updates its alerts and directives concerning Solorigate as the investigation expands. Rioting, social media, and cybersecurity.
23:41
23:41
Play later
Play later
Lists
Like
Liked
23:41
CISA updates its guidance on Solorigate, and issues an alert that the threat actor may have used attack vectors other than the much-discussed SolarWinds backdoor. Some reports suggest that a widely used development tool produced by a Czech firm may have been compromised. The cyberespionage campaign is now known to have extended to the Department of…
T
The CyberWire Daily


1
Who worked through SolarWinds? An APT “likely Russian in origin,” says the US. Rattling backdoors, rifling cryptowallets, and asking victims if they’re ensured. No bail for Mr. Assange.
24:42
24:42
Play later
Play later
Lists
Like
Liked
24:42
The US Cyber Unified Coordination Group says the Solorigate APT is “likely Russian in origin.” Threat actors are scanning for systems potentially vulnerable to exploitation through a Zyxel backdoor. ElectroRAT targets crypto wallets. Babuk Locker is called the first new ransomware strain of 2021. The New York Stock Exchange re-reconsiders delisting…
T
The CyberWire Daily


1
It’s not Kates and Vals over Ford Island, but it’s not just a tourist under diplomatic cover taking pictures of Battleship Row, either. Another APT side hustle? To delist or not to delist.
24:08
24:08
Play later
Play later
Lists
Like
Liked
24:08
More assessments of the Solorigate affair, with an excursus on Pearl Harbor. Shareholders open a class action suit against SolarWinds, but no signs of an enforcement action for speculated insider trading. Emissary Panda seems to be working an APT side hustle. Kevin Magee has insights from the Microsoft Digital Defense Report. Our guest is Jason Pas…
T
The CyberWire Daily


1
Threat actors were able to see Microsoft source code repositories. Zyxel closes a backdoor. Kawasaki discloses data exposure. Slack’s troubles. Julian Assange escapes extradition to the US.
24:42
24:42
Play later
Play later
Lists
Like
Liked
24:42
Updates on the spreading consequences of Solorigate, including Microsoft’s disclosure that threat actors gained access to source code repositories. A hard-coded backdoor is found in Zyxel firewalls and VPNs. Kawasaki Heavy Industries says parties unknown accessed sensitive corporate information. Slack has been having troubles today. Andrea Little L…
T
The CyberWire Daily


1
Ellen Sundra: Actions speak louder than words. [Engineering] [Career Notes]
7:04
7:04
Play later
Play later
Lists
Like
Liked
7:04
Vice President of Global Systems Engineering Ellen Sundra shares her career path from life as a college grad who found her niche by creating a training program to a leader in cybersecurity. She realized that training and educating people was her passion. Ellen sees her value in providing soft skills as a natural balance to her technical team at For…
T
The CyberWire Daily


1
Encore: Unpacking the Malvertising Ecosystem. [Research Saturday]
29:57
29:57
Play later
Play later
Lists
Like
Liked
29:57
Researchers at Cisco's Talos Unit recently published research exploring the tactics, technics and procedures of the global malvertising ecosystem. Craig Williams is head of Talos Outreach at Cisco, and he guides us through the life cycle of malicious online ads, along with tips for protecting yourself and your organization. The research can be foun…
T
The CyberWire Daily


1
Andy Greenberg on the Sandworm Indictments.
17:10
17:10
Play later
Play later
Lists
Like
Liked
17:10
This interview from November 6th, 2020 originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Rick Howard speaks with Andy Greenberg on the Sandworm Indictments.By CyberWire, Inc.
L
London Live with Mike Stubbs


1
How are COVID-19 cases and vaccines looking for the city of London, talking Ford, Philips, and the NFL, and how do Canadians feel about this year looking back? - London Live Podcast, December
32:37
32:37
Play later
Play later
Lists
Like
Liked
32:37
On this December 31st edition of the London Live podcast: Mike is joined by Dr. Alex Summers of the MLHU to talk about COVID-19 in London. Afterwards he talks Doug Ford, former Finance Minister Philips, and the NFL with Greg Brady. Finally, Darell Bricker, CEO of IPSOS, discuses their most recent poll. See omnystudio.com/listener for privacy inform…
Rick explains the network defender evolution from defense-in-depth in the 1990s, to intrusion kill chains in 2010, to too many security tools and SOAR in 2015, and finally to devsecops somewhere in our future.By CyberWire, Inc.