logo
episode-header-image
Dec 2024
51m 22s

A cyber carol. [Only Malware in the Buil...

N2K Networks
About this episode
Welcome in! You’ve entered, Only Malware in the Building. Grab your eggnog and don your coziest holiday sweater as we sleuth our way through cyber mysteries with a festive twist! Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Sel ... Show More
Up next
Yesterday
The text trap tightens.
This week, our hosts ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠ , ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest ... Show More
47m 24s
Oct 7
Identity Fabric (noun) [Word Notes]
Please enjoy this encore of Word Notes. A set of services for managing identity and access management, or IAM across all of an organization's data islands. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/identity-fabric⁠ Audio reference link: “⁠Leadership Compass Iden ... Show More
7m 46s
Oct 7
When malware goes bump in the night.
Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠, ⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠DISCARDED⁠⁠⁠⁠. Inspired by ... Show More
49m 38s
Recommended Episodes
Dec 2024
A social engineering carol.
Gather 'round for a holiday treat like no other! In this festive edition of Only Malware in the Building, we present A Social Engineering Carol—a cunning twist on the classic Dickens tale, penned and created by our very own Dave Bittner. Follow a modern-day Scrooge as they naviga ... Show More
8m 8s
Nov 2021
Stealing from the best? An enigma in the criminal-to-criminal market. CISA’s holiday caution. Someone’s impersonating the SEC. Three weekend cyberattacks.
The Lazarus Group seems interested in learning from, by which they mean stealing from, some of the world’s leading state-sponsored cyber operators. Void Balaur remains an enigma, but it’s not the only player in the C2C market. CISA and the FBI warn all, but especially critical in ... Show More
21m 48s
Sep 2
Blizzard warning: Amazon freezes midnight hack.
Researchers disrupt a cyber campaign by Russia’s Midnight Blizzard. The Salesloft Drift breach continues to ripple outward. WhatsApp patches a critical flaw in its iOS and Mac apps. A fake PDF editing tool delivers the TamperChef infostealer. A hacker finds crash data Tesla claim ... Show More
32m 11s
May 2025
Hardcoded credentials and hard lessons.
Researchers uncover serious vulnerabilities in the Signal fork reportedly used by top government officials. CISA adds a second Commvault flaw to its Known Exploited Vulnerabilities catalog. xAI exposed a private API key on GitHub for nearly two months. FortiGuard uncovers a cyber ... Show More
29m 46s
Jun 2025
Ghost students “haunting” online colleges.
Patch Tuesday. Mozilla patches two critical FireFox security flaws. A critical flaw in Salesforce OmniStudio exposes sensitive customer data stored in plain text. The Badbox botnet continues to evolve. AI-powered “ghost students” enrolling in online college courses to steal gover ... Show More
37m 6s
Jun 2025
Zero-day déjà vu.
Google issues an emergency patch for a Chrome zero-day. A new malware campaign uses fake DocuSign CAPTCHA pages to trick users into installing a RAT. A high-severity Splunk vulnerability allows non-admin users to access and modify critical directories. Experts warn congress that ... Show More
42m 44s
Dec 2024
When AI goes offline.
ChatGPT and Meta face widespread outages. Trump advisors explore splitting NSA and CyberCom leadership roles. A critical vulnerability in Apache Struts 2 has been disclosed. “AuthQuake” allowed attackers to bypass Microsoft MFA protections. Researchers identify Nova, a sophistica ... Show More
33m 10s
Dec 2021
Belgium’s MoD suffers Log4shell attack. A man-in-the-middle concept. APT activity. Five Russians face US charges (one’s in custody). Fortunes of coin-mining. Holiday greetings from CISA and the FBI.
Belgium’s Ministry of Defense comes under attack via Log4j vulnerabilities. A cellular handover, man-in-the-middle exploit is described by researchers. The FBI says an APT group is exploiting unpatched Zoho ManageEngine Desktop Central servers. The US charges five Russian nationa ... Show More
27m 7s
Jun 2024
U.S. tightens the cybersecurity belt.
Biden bans Kaspersky over security concerns. Accenture says reports of them being breached are greatly exaggerated. SneakyChef targets diplomats in Africa, the Middle East, Europe and Asia. A serious firmware flaw affects Intel CPUs. More headaches for car dealerships relying on ... Show More
34m 59s
Sep 2024
U.S. rains on Russia’s fake news parade.
The DOJ disrupts Russia’s Doppelganger. NSA boasts over 1,000 public and private partners. The FBI warns of North Korean operatives launching “complex and elaborate” social engineering attacks. Iran pays the ransom to sure up their banking system. Cisco has disclosed two critical ... Show More
30m 22s
Listen to millions of songs and podcasts on Anghami