The Security box, podcast 178: Let’s Unravel the Threats of Social Engineering

Hello folks,

Welcome to the security box, podcast 178. I hope that you’ll enjoy the 4 hour program as much as we have bringing it together for you.

Before we give you the show notes and information about the podcast, I want to make sure that folk are aware that we have an update that we just published in regards to the toothbrush story which seeemed to us to have plenty of holes in it and I seemed right.

Here’s the update on this crazy story. Glad its a hypothesis and not a real thing. As I wrote on the original, I’ve never heard of toothbrushes that were connected yet, so please pass this along.

Now, on with the show. This is the 218.3mb file that you can download if you don’t have RSS already.

We appreciate your patronage as we learn together!

Now, without any further ado, here are the rest of the show notes. Have fun with this one!

---

Show notes

Hello everyone! Welcome to the security box, podcast 178. On this podcast, we’re going to talk about the landscape, the news, and the crazy. We are also going to talk about the threats of Social Engineering as well. We give you the best blog posts of the week as well. We hope you enjoy the program, and make it a great day!

---

The landscape of news, notes and the crazy

Here are some of the items of news, notes, the crazy things and other items that might be talked about during this section. Some may be blogged, some may not.

• Sans News Bites February 2, 2024                                                     Vol. 26, Num. 09
• Another Children’s hospital gets attacked
• Arrests in $400M SIM-Swap Tied to Heist at FTX?
• CISA orders Ivanti devices targeted by Chinese hackers be disconnected
• Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider
• Three million malware-infected smart toothbrushes used in Swiss DDoS attacks — botnet causes millions of euros in damages
• Sans News Bites February 6, 2024                                                                                               Vol. 26, Num. 10
• HPE investigates new breach after data for sale on hacking forum

There may be more, but these could be some of what’s going on that people want to talk about. There could be others that aren’t listed here as well!

---

The best blog posts for January

The following are the best blog posts we’ve written for the month of January. We’ve talked about these, but look back in case you missed them. There may be others we didn’t put here, feel free to ut in your voice!

• Breach forums maintainer gets time served, never spent time in jail, lots of restrictions placed on him
• 16.6 million people affected, no info on what was taken
• TA866 is back to sending out email
• New sets of data, including have I been pwned data out in the wild
• Three are three domains that I wouldn’t buy
• two emails claiming the same thing, identical in wording
• Lastpass to make account updates
• The worst of the worst, the worst breaches of 2023 from Tech Crunch
• Here’s more news on 23 and me that may not have been known before
• This seems contradictory, don’t use long passwords, use unique complex passwords
• What’s going on with the perils of password misuse?
• A sim-swapping ring targeted $400m in stolen funds

---

Our topic and accompanying true story

Today, Lastpass will lead the discussion with Unraveling the Threats of Social Engineering which was a great find. I don’t know about you guys, but we need to be on guard and ready as much as we can. We can all be phished, scammed and Cory Doctorow’s article is linked to Even the Best can be Scammed, check this article out which I wrote in my response to the article. So since we can all be targets, it starts with knowing what to look for by reading Lastpass’s article and learning what we could do differently and learning by the other true story.

---

Supporting the podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

---

Internet Radio affiliates airing our program

Our Internet Radio stations that carry us include Blue Streak Radio and International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!