WhatsAppening here?
A senior executive at a major global stock exchange was silently compromised for five months by a highly disciplined cyber espionage campaign that exfiltrated data from their Outlook account with surgical precision. Unlike typical attacks that trigger alarms, the attackers used legitimate-looking system tasks, hid their activity through services like Dropbox and OneDrive, and moved data in tiny, undetectable increments—demonstrating that patience and operational stealth can outperform brute-force tactics. This case underscores a growing threat: attackers aren't just after quick wins, but are willing to dwell for months to harvest high-value intelligence. Meanwhile, a separate story reveals a shocking scam where a LinkedIn consultant openly offered to sell fake cybersecurity certifications—including CISSP and Salesforce—directly, bypassing exams entirely. The scammer’s urgency to move the conversation to WhatsApp, a known evasion tactic, confirms the fraud. These stories reveal a new era of social engineering: not just impersonating people, but selling the illusion of legitimacy itself.
Attackers can dwell in a system for five months undetected by using tiny, incremental data exfiltration and mimicking legitimate system processes.
The most dangerous cyber threats now combine patience, operational discipline, and stealth—making them harder to detect than flashy ransomware.
Fake certifications are being sold openly on LinkedIn, with scammers offering to bypass exams and deliver fake credentials for money.
Moving conversations from public platforms like LinkedIn to private channels like WhatsApp is a red flag for fraud and evasion of automated detection.
Organizations must implement multi-layered verification for financial requests, especially in remote or hybrid work environments.
…and 3 more takeaways available in PodZeus
Welcome to Hacking Humans: The Cyber Wire Network
Introduction to the Hacking Humans podcast and the Cyber Wire Network, with a brief mention of the new T-minus Space Cyber Briefing podcast.
The Puppy Scam That Almost Worked
“I'm almost positive they were AI or at least AI enhanced. But, you know, it's another scary.”
Emu on the Bay Bridge: A Maryland Oddity
Dave recounts a bizarre encounter with an escaped emu on Route 50 in Maryland, which was later captured after a four-hour chase by state troopers.
Rats in the Chicken Coop: A Nightmarish Reality
Dave describes finding a rat living freely in a neighbor’s chicken coop, highlighting the real threat rats pose to poultry and the difficulty of controlling them without invasive measures.
The $16 Billion Fraud Landscape: Investment Scams Lead
“The number one is malicious investment and investment advice. Ah, okay. $6.4 billion.”
“And again, I want to repeat that the attackers were doing this. They were dwelling, if you will, for five months, which is... a long time if we're saying that the average is usually a week or two weeks before they're found out.”
“But the number one is malicious investment and investment advice. Ah, okay. Oh, yeah.”
“The time has long passed. We've seen these attacks over and over and over again.”
Hosts
Guest
Joe Kerrigan
person
Dave Bittner
person
Maria Varmazis
person
organization
organization
N2K Cyber Wire
organization
ThreatLocker
organization
Fred
person
Kevin
person
Harpswell
organization
Just another Friday on the mics
1h 11m • 5/30/2026
Calendly.com vs Cal.com: How to Make Calendar Scheduling Easier for Online Meetings
2h 10m • 5/31/2026
The Careers Skills AI can't replace (Day 1) | Open to Work
15m • 6/1/2026
Peptides: The Science, Uses & Safety | Dr. Abud Bakri
2h 48m • 6/1/2026
WHAT THE BEST SALESPEOPLE DO DIFFERENTLY
51m • 6/1/2026
Start discovering podcast insights today
Start with a 7-day trial and explore a growing catalog of popular podcasts. No credit card required.
No credit card required • 7-day trial • Cancel anytime

