Recent Posts
Podcast•Feb 19, 2026•45 min
The Voice on the Other End.
In this episode, hosts Maria Varmazis, Dave Bittner, and Joe Carrigan examine a wave of social engineering attacks, including a sophisticated phishing campaign that dupes Apple Pay users via fake emails and voice calls, Australia’s ClickFit initiative exposing romance scams, and a high‑profile case where a former Ohio bank employee stole $2 million from elderly customers. They also share personal anecdotes: Joe recounts a scam call, Maria tells the story of an 84‑year‑old mother victimized by trusted acquaintances, and Dave highlights the broader rise in elder financial abuse. The discussion underscores how scammers increasingly exploit trust, technology, and insider access to target vulnerable populations.
By Hacking Humans
Podcast•Feb 17, 2026•8 min
Security Service Edge (SSE) (Noun) [Word Notes]
In this brief episode, host Rick Howard defines Security Service Edge (SSE) as a cloud‑centric security architecture that blends the shared responsibility model, vendor‑provided security stacks, and direct network peering with major content providers and their fiber networks. He highlights...
By Hacking Humans
Podcast•Feb 12, 2026•1h 6m
Love Was the Hook.
In this episode, hosts Maria Varmazis, Dave Bittner, and Joe Carrigan explore the surge in romance and social‑engineering scams, highlighting high‑profile cases like a €3 million "Dubai Crown Prince" fraud and a handyman‑turned‑boyfriend con that inspired an Amazon Prime documentary. They...
By Hacking Humans
Podcast•Feb 10, 2026•7 min
Domain Spoofing (Noun) [Word Notes]
In this concise episode, host Rick Howard explains domain spoofing, a social engineering technique where attackers create malicious domains that closely resemble legitimate ones to deceive users. He outlines how the tactic works, its common vectors, and the potential damage...
By Hacking Humans
Podcast•Feb 3, 2026•9 min
Secure Web Gateway (Noun) [Word Notes]
In this brief episode, host Rick Howard defines a Secure Web Gateway (SWG) as a layer‑seven firewall positioned at the network perimeter to enforce security policies and conduct detection and prevention tasks. He highlights the SWG’s role in inspecting web...
By Hacking Humans
Podcast•Feb 3, 2026•39 min
When Legit Is the Trick: Phishing’s Sneaky New Moves. [OMITB]
In this episode of Only Malware in the Building, hosts Selena Larson, Dave Bittner, and former FBI cybercrime investigator Keith Mularski explore how attackers are weaponizing legitimate Microsoft services to make phishing campaigns harder to detect. They break down two...
By Hacking Humans
Podcast•Jan 29, 2026•46 min
Cold Weather, Hot Scams.
In this episode, the hosts dissect recent social‑engineering attacks, covering a Verizon outage‑related credit scam, a rare case where a victim recovered nearly $1 million after a cyber fraud, and a surge of Ozembic/GLP‑1 weight‑loss drug scams targeting Wisconsin consumers with...
By Hacking Humans
Podcast•Jan 22, 2026•47 min
Scammers Gonna Scam.
In this episode, hosts Dave Bittner, Joe Carrigan, and Maria Varmazis dissect recent social‑engineering threats, from politically‑charged SendGrid phishing campaigns to a crackdown on Southeast Asian scam networks after the arrest of alleged kingpin Chen Zhi. They share real‑world anecdotes,...
By Hacking Humans
Podcast•Jan 20, 2026•7 min
Intrusion Detection System (Noun) [Word Notes]
In this episode, host Rick Howard explains what an Intrusion Detection System (IDS) is—a technology that monitors network traffic for malicious activity and either alerts administrators or blocks threats. He highlights the dual roles of detection and prevention, emphasizing how...
By Hacking Humans
Podcast•Jan 15, 2026•51 min
When a Scammer Meets the Force.
The episode reviews the latest social engineering threats, highlighting CrowdStrike's 2025 Global Threat Report which notes faster breach times, a rise in vishing and account abuse, and a shift toward malware‑free intrusions. It then examines the industrialization of "pig‑butchering" romance...
By Hacking Humans
Podcast•Jan 13, 2026•6 min
MFA Prompt Bombing (Noun) [Word Notes]
In this brief episode, host Rick Howard defines "MFA prompt bombing" as a technique where attackers flood a user with authentication prompts until they approve one out of frustration, effectively bypassing multifactor authentication. He highlights the growing relevance of this...
By Hacking Humans
Podcast•Jan 8, 2026•53 min
It's Just Too Good to Be True.
The episode covers a wave of social‑engineering threats targeting holiday travelers, charitable donors, and taxpayers, highlighting fake booking sites, fraudulent cancer‑research crowdfunding, and IRS‑impersonation scams that promise "too‑good‑to‑be‑true" refunds. Hosts share real‑world examples—a suspicious nonprofit chair email, a BBC investigation...
By Hacking Humans
Podcast•Jan 6, 2026•44 min
Poisoned at the Source. [OMITB]
In this episode, Selena Larson, Keith Mularski, and Dave Bittner examine supply‑chain attacks, focusing on a large‑scale Android malware campaign that embeds malicious code in firmware and reseller‑installed system images before devices reach consumers. They compare this threat to other...
By Hacking Humans
Podcast•Jan 1, 2026•36 min
Hot Sauce and Hot Takes: An Only Malware in the Building Special.
In this special in‑studio episode, hosts Selena Larson, Dave Bittner, and former FBI cybercrime investigator Keith Mularski tackle a hot‑wings challenge while fielding personal and career‑focused questions, offering listeners a candid look at their backgrounds and the moments that shaped...
By Hacking Humans