Explorez tous les épisodes du podcast The Awareness Angle: Cyber Security Awareness and Human Risk
| Titre | Date | Durée | |
|---|---|---|---|
| Fake Printer Drivers Bring More Printer Hate! | 09 Dec 2024 | 00:44:07 | |
In this episode of The Awareness Angle, we dive into some of the latest cybersecurity threats and discuss how to stay ahead of them. We kick things off with a behind-the-scenes look at Risky Creative and how the podcast came to be. From there, we talk about the growing dangers of fake printer drivers and malicious betting apps using AI voiceovers to trick users. We also discuss the rise of cyberattacks targeting public transport and healthcare, highlighting the real-world impact of these incidents. We then shift gears to a social engineering story on Facebook, where attackers exploit human trust, and share tips on improving password hygiene to keep your accounts secure. Finally, we preview Anthony’s upcoming webinar with CybSafe, focusing on practical strategies for security awareness. Throughout the episode, we touch on the evolving role of AI in cybersecurity and what that means for the future. Tune in for a mix of insightful stories, expert advice, and a look at what's coming next in the world of cybersecurity. 💬 Check Out This Episode's Discussion Points 📙 About The Awareness AngleA podcast where we unpack the challenges and opportunities in Human Risk and Information Security Awareness. With expert insights, real-world stories, and actionable advice, we make Information Security accessible and relatable. Whether you're a Security Awareness professional or simply curious about human risk, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) | |||
| Why We Chose To Be Risky Creative | 02 Dec 2024 | 00:39:47 | |
In this episode of The Awareness Angle, we take you behind the scenes of the podcast, sharing how it all began and the story behind the creation of Risky Creative. We also dive into security awareness strategies, offering practical tips for improving your organization's cybersecurity culture. The conversation then turns to ransomware, where we reflect on key lessons from past attacks and share a real-life success story of ransomware recovery that saved a business. We explore the critical importance of backups in cybersecurity and how they can make all the difference during a crisis. Shifting focus, we discuss the unpredictable nature of AI and its potential impact on the future of cybersecurity. Finally, we touch on the human element in AI and technology, and how community engagement will play a central role in shaping the future of the podcast. 💬 Check Out This Episode's Discussion Points 📙 About The Awareness AngleA podcast where we unpack the challenges and opportunities in Human Risk and Information Security Awareness. With expert insights, real-world stories, and actionable advice, we make Information Security accessible and relatable. Whether you're a Security Awareness professional or simply curious about human risk, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) | |||
| Welcome To The Awareness Angle | 25 Nov 2024 | 00:30:51 | |
In this debut episode of The Awareness Angle, we introduce the show and share some real-world security stories that highlight the ever-evolving nature of cyber threats. We discuss mobile safety features, diving into the latest innovations designed to protect your devices and keep your information safe. The episode also explores the rise of scams and how con artists have adapted over time to exploit new opportunities. We round things out with a look at the history of ransomware, examining how it has developed and the lessons we've learned from past attacks. Tune in for a blend of insightful stories, practical tips, and a deeper understanding of how to stay safe in an increasingly connected world. 💬 Check Out This Episode's Discussion Points
| |||
| Microsoft Are Deleting A Billion Passwords! | 23 Dec 2024 | 01:01:17 | |
In this episode of The Awareness Angle podcast, we discuss a range of cybersecurity topics, including Microsoft's new password security measures, the rise of phishing attacks during the holiday season, and the implications of a major data breach at Meta. We also explore vulnerabilities in Volkswagen's infotainment systems, the rapid adoption of AI in the workplace, and the exploitation of Google Calendar by cybercriminals. The episode wraps up with listener comments and insights on the importance of balancing security controls with user convenience. We dive into the multifaceted risks associated with generative AI, including oversharing and data classification challenges. The conversation covers the evolving role of AI in business, the vulnerabilities of C-suite executives to phishing attacks, and the rise of QR code scams. We also touch on the rebranding of "pig butchering" to "romance baiting" in fraud terminology, the implications of voice cloning technology, and concerns surrounding AI in gaming, particularly with a suspicious new game. Finally, we address the importance of user awareness in the context of data breaches and the actions individuals should take when notified of such incidents. 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 📙 About The Awareness Angle A podcast where we unpack the challenges and opportunities in Human Risk and Information Security Awareness. With expert insights, real-world stories, and actionable advice, we make Information Security accessible and relatable. Whether you're a Security Awareness professional or simply curious about human risk, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) | |||
| Krispy Kreme Get A Hole Load Of Ransomware | 16 Dec 2024 | 00:48:39 | |
In this episode of The Awareness Angle, we explore a range of critical cybersecurity topics. We discuss key takeaways from a recent CybSafe webinar, focusing on AI risks, the growing influence of chatbots, and the implications of chatbot interactions on cybersecurity. The conversation also covers a ransomware attack on Krispy Kreme, shedding light on the challenges faced by businesses in preventing such incidents. Additionally, we highlight FBI warnings about messaging security and share alarming statistics on workforce cybersecurity behaviors, emphasizing the need for stronger awareness and proactive measures. We also dive into the vulnerability of C-level executives to phishing scams and the importance of fostering a strong cybersecurity culture within organizations. We touch on high-profile incidents like the GCHQ Christmas Challenge, the recent Spotify Wrapped controversy, and the potential TikTok ban in the US, exploring how these developments impact cybersecurity practices. The episode wraps up by discussing software vulnerabilities, particularly around tools like 7-Zip, and the role phishing attacks play in compromising sensitive information, including threats linked to groups like the Yakuza. Finally, we reflect on the evolving landscape of AI and its potential effects on user experience and cybersecurity defenses. 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 📙 About The Awareness AngleA podcast where we unpack the challenges and opportunities in Human Risk and Information Security Awareness. With expert insights, real-world stories, and actionable advice, we make Information Security accessible and relatable. Whether you're a Security Awareness professional or simply curious about human risk, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) | |||
| RIP UBlock and Adblockers - Ads Galore! | 30 Dec 2024 | 00:38:39 | |
In this episode of The Awareness Angle, we dive into recent cybersecurity news, including the rise of mobile spearfishing and the emergence of AI-generated malware. We explore the importance of security awareness training and discuss the implications of AI in media, as well as the risks associated with sharing public information. We also examine the increasing intrusiveness of online ads, particularly on platforms like YouTube, and the decline of ad blockers such as uBlock Origin. The conversation delves into social engineering tactics, especially in the context of unsolicited messages and emails, and highlights the critical importance of email security, including recovery accounts and the nuances of Gmail addresses. We wrap up with our plans for 2025, emphasizing the growing need for digital security awareness in an ever-changing landscape. 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 📙 About The Awareness Angle A podcast where we unpack the challenges and opportunities in Human Risk and Information Security Awareness. With expert insights, real-world stories, and actionable advice, we make Information Security accessible and relatable. Whether you're a Security Awareness professional or simply curious about human risk, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) | |||
| Chrome Extensions Hacked - What A Privilege! | 06 Jan 2025 | 01:02:18 | |
In this episode of The Awareness Angle, we explore the latest cybersecurity news, including recent Chrome extension hacks affecting over 600,000 users, AI-driven deepfakes, and proposed healthcare cybersecurity regulations aimed at combating ransomware. We also discuss strategies for enhancing security awareness programs in 2025, offering practical tips for protecting personal devices and countering risks from AI-driven misinformation. The episode examines broader themes like storytelling in education, innovative approaches to CAPTCHA designs, and the dangers of unchecked social media hoaxes. We highlight the significance of verification in online transactions and address the ethical considerations surrounding influencer marketing, emphasizing the need for trust and transparency in digital platforms. 🕒 Timestamps 00:00 Introduction and Overview of Topics01:00 Chrome Extensions Hacked: A Security Concern 05:06 AI and Deepfakes in Cybersecurity 06:58 Proposed Cybersecurity Rulings for Healthcare 10:55 Planning Awareness Programs for 2025 18:01 Back to Basics: Cybersecurity Essentials 19:01 Google's AI Overview: Misinformation Risks 22:48 Protecting Your Phone from Theft 33:23 The Power of Storytelling in Learning 36:35 Innovative Approaches to Captchas 39:00 The Impact of Social Media Hoaxes 43:34 The Dangers of Misinformation and AI 46:12 The Importance of Verification in Online Transactions 49:10 Scams in the Digital Age 52:11 The Ethics of Influencer Marketing 56:44 Trust and Transparency in Online Tools 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A podcast where we unpack the challenges and opportunities in Human Risk and Information Security Awareness. With expert insights, real-world stories, and actionable advice, we make Information Security accessible and relatable. Whether you're a Security Awareness professional or simply curious about human risk, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) | |||
| How Can We Build Strong Security Cultures? | 20 Jan 2025 | 00:59:04 | |
In this episode of The Awareness Angle, we dive into pressing cybersecurity topics, starting with the looming TikTok ban in the US and the FBI's proactive efforts to counter malware threats. We also explore emerging Mac OS vulnerabilities, evolving phishing tactics, and the rise of sophisticated AI-driven scams targeting vulnerable individuals. These discussions highlight the growing need for continuous vigilance and education to stay ahead of cybercriminals. The conversation then shifts to building a strong security culture, from fostering supportive environments for reporting scams to equipping leaders with effective training. We address the challenges small businesses face in securing cybersecurity insurance and offer practical strategies for launching impactful awareness programs, gaining stakeholder buy-in, and meaningfully engaging users. With a focus on Patch Tuesday updates, risky behaviors, and job opportunities in security awareness, this episode provides actionable insights and emphasizes the vital role of consistency and communication in creating a safer digital world. 🕒 Timestamps 00:00 Introduction and Overview 02:20 TikTok Ban and Its Implications 04:37 FBI's Malware Uninstallation Success 08:19 Emerging Mac OS Malware Threats 13:05 Phishing Trends and User Awareness 17:30 Patch Tuesday Biggest Ever 18:29 AI Scams and Vulnerable Individuals 23:32 Awareness Topics and SANS Institute Updates 27:57 Revisiting Security Culture and Training 30:39 Job Seeker in Security Awareness 31:45 Starting from Scratch in Security Awareness 36:34 Gaining Buy-In for Security Investments 42:05 Engaging Users in Security Awareness 48:12 Understanding Risky Behaviors 50:09 YouTube Copyright Fai 52:51 The Quality of Video & Audi 54:32 Google OAuth Vul 58:00 Episode Conclusion 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A podcast where we unpack the challenges and opportunities in Human Risk and Information Security Awareness. With expert insights, real-world stories, and actionable advice, we make Information Security accessible and relatable. Whether you're a Security Awareness professional or simply curious about human risk, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Google Ads Phishing - It’s Googleception | 13 Jan 2025 | 01:01:09 | |
In this episode of The Awareness Angle, we uncover the latest in cybersecurity news, tackling everything from AI advancements to the rising threats of phishing and ransomware. We dive into the risks posed by malicious browser extensions, the alarming increase in phishing attacks targeting popular platforms like Discord, and the importance of consumer awareness in identifying deceptive sponsored ads. With data breaches continuing to impact individuals and organizations alike, we emphasize the need for regular audits and practical safety measures, including looking for cybersecurity labels on smart devices. We also explore how AI is reshaping the digital world—enhancing accessibility, transforming security training, and even sparking challenges in content verification. From Adobe’s Content Credentials helping creators establish authenticity to Google’s Gemini 2.0 revolutionising AI capabilities, we examine the balance between innovation and security. This episode is packed with actionable tips, thought-provoking insights, and a call for greater vigilance in navigating today’s ever-evolving digital landscape. 🕒 Timestamps 00:00 Introduction to Security Awareness 01:16 Latest AI Developments and Their Implications 04:00 The Rise of AI-Generated Profiles 07:18 Risks of Browser Extensions 10:14 Phishing Attacks on Discord Users 14:28 Ransomware Threats in Gaming 17:40 Data Breaches and Their Consequences 20:19 Brian Krebs "A Day In The Life of a Prolific Voice Phishing Crew" 22:20 Cybersecurity Safety Labels for Smart Devices 25:02 Phishing Click Rates and AI Usage 27:00 Community Comments and Insights 31:22 The Challenge of AI-Generated Content 33:45 The Rise of Content Credentials 35:41 AI in Entertainment and Security 36:28 Netflix's Second Screen for SAT 40:44 The Dangers of Sponsored Ads 51:00 Advancements in AI: Google Gemini 2.0 56:05 AI's Role in Accessibility and Development 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A podcast where we unpack the challenges and opportunities in Human Risk and Information Security Awareness. With expert insights, real-world stories, and actionable advice, we make Information Security accessible and relatable. Whether you're a Security Awareness professional or simply curious about human risk, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) | |||
| Are Apple Spying On Us All? | 27 Jan 2025 | 00:50:50 | |
In this episode of The Awareness Angle, you’ll dive into a range of cybersecurity topics, including the recent malicious activity surrounding Google Ads, Apple's data collection practices, and the evolving nature of scam attacks. You’ll also gain insights into the importance of effective organizational communication in building a strong security culture and how AI tools can be leveraged to enhance security awareness programs. We explore various AI tools for content creation, such as Synthesia and ChatGPT, and how they can be applied in professional settings. You’ll discover the value of engaging security champions within your organization and learn how to avoid the pitfalls of overused cybersecurity terms. We also share effective communication strategies for security awareness and discuss the importance of building a strong professional community in the cybersecurity space. 🕒 Timestamps 00:00 Introduction to the Awareness Angle Podcast 02:00 Google Ads Malicious Activity Update 07:50 Apple's Data Collection Practices 12:00 Understanding Scam Yourself Attacks 16:00 Organizational Communication and Security Culture 21:00 Utilizing AI Tools in Security Awareness 26:00 Exploring AI Tools for Content Creation 29:10 The Power of ChatGPT in Professional Settings 35:45 Engaging with Security Champions 37:10 Overused Cybersecurity Terms and Their Impact 40:25 Effective Communication in Security Awareness 48:10 Building Communities in Security Awareness 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A podcast where we unpack the challenges and opportunities in Human Risk and Information Security Awareness. With expert insights, real-world stories, and actionable advice, we make Information Security accessible and relatable. Whether you're a Security Awareness professional or simply curious about human risk, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Why Are Governments Banning and Employees Smuggling AI? | 10 Feb 2025 | 00:39:24 | |
In this episode of The Awareness Angle, we break down the latest cybersecurity news, including the global bans on DeepSeek, a Chinese AI tool, and the growing impact of AI in the workplace. We also explore the recent WhatsApp spyware attack on journalists, the challenges of getting employees to engage with security policies, and key insights from the CybSafe 2025 predictions report. The conversation highlights the ever-evolving cybersecurity landscape and the need to adapt security measures to counter insider threats and emerging technologies. We discuss how organisations can avoid these risks and foster a stronger security culture in an increasingly digital world. 🕒 Timestamps 00:00 Episode Introduction 01:27 DeepSeek and Global Bans 04:39 AI Impersonation and Malware Threats 05:56 WhatsApp Spyware Attack on Journalists 09:54 Employees Smuggling AI into Work 14:40 Valve Abandoned Games Warning 19:35 Security Policy Engagement 26:09 CybSafe 2025 Predictions Report 36:18 Layer 8 Webinar Security Champions 38:08 Episode Outro 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A CYBERSECURITY PODCAST where we talk about SECURITY AWARENESS and security education. We are professionals in HUMAN RISK and Information Security Awareness. We know PHISHING CAMPAIGNS, we know PHISH. We have done annual SECURITY TRAINING. We have sent NEWSLETTERS and made videos. We have created security awareness CULTURE STUDIES and are passionate about HUMAN BEHAVIOURS. Whether you're a CYBER Security Awareness professional or simply curious about HUMAN RISK, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| DeepSeek Risks And Your Worst Cyber Terms | 03 Feb 2025 | 00:50:48 | |
In this episode of The Awareness Angle, we discuss recent cybersecurity incidents, including an IT attack at the British Museum and MGM’s settlement over a data breach. We also explore the emergence of DeepSeek, a new AI player, and highlight the importance of effective communication in cybersecurity awareness. The conversation emphasizes the need for collaboration across departments to strengthen security practices and the potential risks that come with new technologies. We dive into the nuances of user awareness in technology changes, stressing the role of effective communication and the human element in cybersecurity. The discussion covers the impact of terminology in the field—particularly the term "human firewall"—and how it can unintentionally dehumanize individuals. We also examine the shortcomings of traditional cybersecurity training and advocate for a more engaging, educational approach to security awareness. 🕒 Timestamps 00:00 Episode Introduction 02:10 The British Museum IT Attack 06:07 MGM's Data Breach and Ransomware Settlement 11:10 DeepSeek: The Rise of a New AI Player 20:11 Communication Challenges in Cybersecurity Awareness 23:57 Understanding User Awareness in Tech Changes 26:31 The Importance of Communication in Tech Updates 28:08 Debating Cybersecurity Terminology 34:39 The Human Element in Cybersecurity 41:04 Rethinking Cybersecurity Training 49:03 Closing Thoughts and Future Directions 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A podcast where we unpack the challenges and opportunities in Human Risk and Information Security Awareness. With expert insights, real-world stories, and actionable advice, we make Information Security accessible and relatable. Whether you're a Security Awareness professional or simply curious about human risk, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| How Did A GCHQ Intern Steal Top-Secret Data? | 07 Apr 2025 | 01:01:16 | |
This week on The Awareness Angle, we dive into the latest cybersecurity threats, data leaks, and privacy missteps making headlines: 🐦 Twitter Mega Leak – 2.8 billion profiles exposed in one of the largest breaches to date. We unpack what this means for users and why so much personal info was floating around the dark web. 📄 Military Docs Left in Public – Classified documents found out in the open—an all-too-common example of how physical and digital security go hand in hand. 💬 Microsoft Teams Phishing Attacks – Attackers are now sneaking into your Teams chats with malicious links. We talk tactics, red flags, and how to stay safe. 📱 Crocodilus Android Malware – A new threat targeting users in Turkey and Spain using fake app overlays. Here’s how it works and why it’s a growing mobile concern. 🧑💻 Human Error at the Core – From GCHQ interns to IT mishaps, simple mistakes still lead to serious breaches. We explore why awareness—not just tools—is key. 🇬🇧 New UK Cyber Regulations – The government is cracking down with tighter reporting timelines. We break down what organisations need to know. 🖼️ SVG Files in Phishing Campaigns – A crafty way scammers are bypassing detection. We explain what SVG phishing is and how to recognise it. 🎙️ Ouch! Newsletter Gets a Podcast – The beloved awareness resource gets a new audio twist. Can bite-sized podcasts boost engagement in security training? 🔐 Password Reuse & Oversharing – These two habits continue to fuel breaches. We talk about how to explain the risks to non-tech teams. 📦 Risks of Sideloading & Disposal Gaps – From sketchy apps to forgotten hard drives, we cover the overlooked security risks that still trip people up. Whether you're into cybersecurity awareness, human risk, privacy, or just trying to stay safe online, this episode is packed with real-world stories and practical takeaways. 🕒 Timestamps 00:00 Episode Introduction 02:35 Twitter Data Leak: A Major Breach 07:11 Sensitive Military Papers Found Publicly 12:15 Microsoft Teams: New Phishing Tactics 17:54 Identifying URL Phishing Techniques 22:35 GCHQ Intern’s Data Breach Incident 30:33 Emerging Android Malware: Crocodilus 32:44 Emerging Threats in Mobile Security 37:08 Cybersecurity Regulations & Compliance 42:00 Phishing Attacks: Evolving Tactics 45:22 Human Error in Cybersecurity 49:54 Cybersecurity Awareness Initiatives 52:32 Innovations in Security Training 54:54 Common Online Security Pitfalls 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A CYBERSECURITY PODCAST where we talk about SECURITY AWARENESS and security education. We are professionals in HUMAN RISK and Information Security Awareness. We know PHISHING CAMPAIGNS, we know PHISH. We have done annual SECURITY TRAINING. We have sent NEWSLETTERS and made videos. We have created security awareness CULTURE STUDIES and are passionate about HUMAN BEHAVIOURS. Whether you're a CYBER Security Awareness professional or simply curious about HUMAN RISK, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Can You Really Delete Your DNA Data From 23andMe? | 31 Mar 2025 | 01:01:28 | |
This week on The Awareness Angle, we dive into some of the biggest cybersecurity and privacy stories making headlines: 🧬 23andMe Bankruptcy – Can you really delete your DNA? We talk about the panic, the privacy risks, and why genetic data is the most personal data you’ll ever giveaway. 🧟♂️ Steam Game Malware – A new demo on Steam turns out to be info-stealing malware. We discuss why even trusted platforms aren’t always safe. 🖼️ Fake File Converters – The FBI confirms it: online file conversion tools are being used to deliver malware. Here’s what to watch for and safer alternatives. 📱 Treadmill App Privacy Concerns – One user discovers her new treadmill demands access to her phone calls. Why are fitness devices crossing the privacy line? 📹 Vivida Reels – We take a first look at a new TikTok-style cyber awareness training platform. Can this new format help make training engaging again? 🎣 Phishing-as-a-Service – The rise of tools like Tycoon makes it easy for criminals to launch convincing phishing attacks—no coding required. 🎙️ Alexa Privacy Setting Removed – Amazon quietly removes an important privacy option from Echo devices. 💸 Meta’s Ad-Free Plan – Facebook and Instagram might soon charge UK users for privacy. Would you pay not to be tracked? 📶 DrayTek Routers Rebooting – A bad firmware update sends internet routers into chaos. 🏥 NHS Software Fine – A UK software provider is fined £3M after a ransomware attack exposed sensitive health data, including home entry info. Whether you're into cybersecurity awareness, human risk, privacy, or just trying to stay safe online, this episode is packed with real-world stories and practical takeaways. Don’t forget to like, comment, and subscribe to stay informed. 🕒 Timestamps 00:00 Episode Introduction 01:45 Oracle Cloud Security Breach Denial 04:40 FBI Warnings on Fake File Converters 09:24 Malware in Steam Games 14:47 Sydney Tools Data Breach 19:14 23andMe Bankruptcy & Data Concerns 25:47 Rapid-Fire Cybersecurity News 31:05 Upcoming Cybersecurity Events 32:38 Treadmill Needs Phone Records? Invasive Permissions in Everyday Devices 37:08 Shaping Workplace Security Culture 39:34 DOGE Interview - Elon Wants Your Personal Input - Smishing 40:41 UK Government 2-Step Verification Ad 43:19 Secure Device Disposal Best Practices 48:55 Vivida Reels - Innovative Approaches to Security Training 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A CYBERSECURITY PODCAST where we talk about SECURITY AWARENESS and security education. We are professionals in HUMAN RISK and Information Security Awareness. We know PHISHING CAMPAIGNS, we know PHISH. We have done annual SECURITY TRAINING. We have sent NEWSLETTERS and made videos. We have created security awareness CULTURE STUDIES and are passionate about HUMAN BEHAVIOURS. Whether you're a CYBER Security Awareness professional or simply curious about HUMAN RISK, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Is Your Browser Extension Secretly Spying on You? | 24 Mar 2025 | 00:58:50 | |
Windows 10 support is ending, and that’s just the start of this week’s cybersecurity shake-ups. In this episode of The Awareness Angle, we break down what this means for businesses and everyday users, plus the growing threat of malicious OAuth apps targeting Microsoft 365 accounts. We also dive into the re-emergence of the high-profile Disney Slack breach and what it reveals about security gaps in major organisations.Beyond the headlines, we explore hidden risks, like how vulnerabilities in ChatGPT are being exploited, why downloading cracked software is a ticking time bomb (hello, Arcane Infostealer), and the dangers lurking in seemingly harmless browser extensions, TikTok is rolling out security awareness on MFA, a story on Google’s dark web monitoring, and we discuss the importance of clear, effective communication in security and why normalising security discussions can make all the difference. 🕒 Timestamps 00:00 Episode Introduction 02:27 Windows 10 End of Life: Concerns & Impact 05:38 Malicious OAuth Apps Targeting Microsoft 365 07:20 ClickFix Fake Captcha Risk: Don't Paste in the Run box 10:14 Disney Data Breach: Misunderstandings & Impact 15:27 Exploited ChatGPT Vulnerabilities: Risks & Responses 21:29 Arcane Infostealer & Cracked Software Risks 26:30 Comments - The Words We Choose Matter 29:40 National Cyber Security Show 30:53 Transparency in Cyber - Eliot from Hoxhunt's Freaky Friday 36:50 Browser Extension Security Risks 45:28 TikTok’s Security Awareness Campaign49:52 Google's Domain Checks 51:57 Google’s Dark Web Monitoring 56:10 Vivida Reels - Exciting New Awareness Coming Soon 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A CYBERSECURITY PODCAST where we talk about SECURITY AWARENESS and security education. We are professionals in HUMAN RISK and Information Security Awareness. We know PHISHING CAMPAIGNS, we know PHISH. We have done annual SECURITY TRAINING. We have sent NEWSLETTERS and made videos. We have created security awareness CULTURE STUDIES and are passionate about HUMAN BEHAVIOURS. Whether you're a CYBER Security Awareness professional or simply curious about HUMAN RISK, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| What Happens When 730,000 Company Files Get Leaked? | 17 Mar 2025 | 01:00:05 | |
AI threats, API key leaks, and social engineering scams—this episode of The Awareness Angle unpacks the latest cybersecurity challenges and what they mean for businesses and individuals alike. We explain how attackers use generative AI to refine phishing scams, the rising danger of DDoS attacks, and why API security is becoming a critical concern. With enterprises rapidly adopting AI, are security strategies keeping up? We also dive into the personal side of cybersecurity, exploring how good security habits at home translate to stronger protection at work. A real-world Facebook scam case study highlights key red flags to watch for while discussing border security and digital privacy and offers practical advice for travellers. To wrap up, we react to a wild story of someone travelling 6,000 miles using "Find My Device" to track down their lost AirPods! 🕒 Timestamps 00:00 Episode Introduction 01:10 AI and Data Security Risks 05:04 DDoS Attacks and Their Impact 13:17 Generative AI in Enterprises 19:33 Data Breaches & Ransomware Threats 22:22 Apple’s Encryption & Privacy Debate 25:04 Cybersecurity Events & Awareness Strategies 29:06 Social Engineering & AI Threats 32:27 Cyber Awareness at Home 34:52 Identifying Scams: Facebook Case Study 47:34 Border Security & Digital Privacy 54:41 Technology’s Impact on Daily Life 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A CYBERSECURITY PODCAST where we talk about SECURITY AWARENESS and security education. We are professionals in HUMAN RISK and Information Security Awareness. We know PHISHING CAMPAIGNS, we know PHISH. We have done annual SECURITY TRAINING. We have sent NEWSLETTERS and made videos. We have created security awareness CULTURE STUDIES and are passionate about HUMAN BEHAVIOURS. Whether you're a CYBER Security Awareness professional or simply curious about HUMAN RISK, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Is Your Favourite AI Tool a Risk to Your Data? | 10 Mar 2025 | 01:04:14 | |
This episode of The Awareness Angle unpacks the biggest cybersecurity threats that are making headlines. We break down the cyberattack on Leeds United and what it reveals about security gaps in sports organisations, along with Zapier’s data breach and the risks of poor data handling. Apple is facing legal pressure in the UK over encryption policies, raising serious questions about privacy, while Google rolls out AI spam protection—will it make a difference? We also dig into the rise of deepfake scams, where fraudsters use AI-generated content and fake celebrity endorsements to manipulate victims. With nearly 10% of employee GenAI prompts exposing sensitive data, companies need to rethink security policies and user education. Plus, we look at the fallout from Ublock Origin’s removal, the limits of Gmail’s phishing protection, and how security awareness training can be improved. Stay tuned for insights, practical tips, and a closer look at how the digital threat landscape is evolving! 🕒 Timestamps 00:00 Introduction to Cybersecurity Awareness 02:59 Leeds United Cyber Attack 05:33 Zapier Security Incident 11:19 Apple’s Legal Battle in the UK 14:55 Google’s AI Spam Protection 18:46 Deepfakes and Celebrity Scams 28:57 GenAI and Sensitive Data Risks 29:30 Dangers of GenAI Data Leaks 32:34 User Education & Corporate Responsibility 35:35 AI’s Impact on Job Transition 38:21 Data Sensitivity in AI Usage 41:27 Importance of Security Awareness 44:27 Innovations in Security Training 48:29 Future of Security Policies 52:31 Reflections on uBlock Origin’s Removal 56:31 Gmail’s Phishing Protection Limits 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A CYBERSECURITY PODCAST where we talk about SECURITY AWARENESS and security education. We are professionals in HUMAN RISK and Information Security Awareness. We know PHISHING CAMPAIGNS, we know PHISH. We have done annual SECURITY TRAINING. We have sent NEWSLETTERS and made videos. We have created security awareness CULTURE STUDIES and are passionate about HUMAN BEHAVIOURS. Whether you're a CYBER Security Awareness professional or simply curious about HUMAN RISK, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Could You Be Fooled by a Fake Bank Call? | 03 Mar 2025 | 01:02:38 | |
Phishing scams, ransomware, and browser threats—this episode of The Awareness Angle breaks down the biggest cybersecurity risks. We explore how attackers still rely on basic phishing tricks that people keep falling for, the FBI’s Ghost ransomware warning, and a wave of malicious Chrome extensions affecting millions of users. Plus, a new PayPal scam is making the rounds, using clever tactics to trick people into handing over their credentials. We also dive into the growing fatigue around Have I Been Pwned after yet another massive data breach exposed 284 million credentials. With so many leaks happening, is it still a useful tool, or just another reminder that your data is already out there? Stay tuned for all the latest security insights and practical tips to keep yourself (and your organisation) safe! 🕒 Timestamps 00:00 Introduction to Cybersecurity Awareness 01:23 Ghost Ransomware Exploiting Vulnerabilities 05:48 TikTok Social Engineering Scam Story 10:57 Cofense Amazon Phishing Scam 15:20 PayPal New Address Phishing Scam 21:05 GitLab and the Risks of Malicious Browser Extensions 28:32 Apple’s Encryption Controversy in the UK 35:58 Apple Encryption Flaw Reveal 39:28 User Comments on Security Issues 41:51 Phishing Awareness for Employees 47:05 "I'm calling from Indeed Human Resources. Please add me on WhatsApp" 52:01 AI Hotel Booking Speaking Their Own Language: Myths vs. Reality 54:46 Data Breaches and 'Have I Been Pwned' 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A CYBERSECURITY PODCAST where we talk about SECURITY AWARENESS and security education. We are professionals in HUMAN RISK and Information Security Awareness. We know PHISHING CAMPAIGNS, we know PHISH. We have done annual SECURITY TRAINING. We have sent NEWSLETTERS and made videos. We have created security awareness CULTURE STUDIES and are passionate about HUMAN BEHAVIOURS. Whether you're a CYBER Security Awareness professional or simply curious about HUMAN RISK, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Phishing Scams Are Now Impossible to Spot? | 24 Feb 2025 | 01:01:10 | |
In this episode of The Awareness Angle, we dive into recent cybersecurity threats, vulnerabilities in software like WinZip and 7-Zip, the exploitation of public interest in historical documents by cybercriminals, and the data privacy risks associated with DeepSeek. We also examine the rising costs of phishing attacks, the tactics that make phishing so effective, and the growing intersection of gaming and cybersecurity with emerging malware threats. The episode wraps up with a look at job interview scams linked to North Korean malware campaigns.We also take a deeper look at phishing, emotional intelligence, and the role of security awareness in organizations. The conversation covers the impact of simulated phishing tests, the responsibilities of security teams, and how email security has evolved. We discuss the importance of user awareness when it comes to software updates and the increasing threat of AI scams and deepfakes, emphasizing the need for clear communication and education to stay ahead of cyber risks. 🕒 Timestamps 00:00 Episode Introduction 02:56 Vulnerabilities in Software: WinZip and 7-Zip 03:53 Exploiting Public Fascination: Cyber Criminals and JFK Files 07:13 DeepSeek and Data Privacy Concerns 09:20 The True Cost of Phishing: Statistics and Insights 15:59 Phishing Techniques: Sneaky Methods and Awareness 21:00 Gaming and Cybersecurity: Malware in Popular Games 25:50 Job Interview Scams: North Korean Malware Campaigns 31:07 Understanding Phishing and Emotional Intelligence 34:46 The Role of Awareness in Cybersecurity 36:58 Simulated Phishing: Fairness and Consequences 41:02 The Responsibility of Security Teams 45:44 The Evolution of Email Security 48:37 User Awareness and Update Notifications 54:30 AI Scams and Deepfake Awareness 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A CYBERSECURITY PODCAST where we talk about SECURITY AWARENESS and security education. We are professionals in HUMAN RISK and Information Security Awareness. We know PHISHING CAMPAIGNS, we know PHISH. We have done annual SECURITY TRAINING. We have sent NEWSLETTERS and made videos. We have created security awareness CULTURE STUDIES and are passionate about HUMAN BEHAVIOURS. Whether you're a CYBER Security Awareness professional or simply curious about HUMAN RISK, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Are Apple Turning Off iCloud Encryption? | 17 Feb 2025 | 00:46:46 | |
In this episode of The Awareness Angle, we dive into key cybersecurity topics, including the UK's controversial request for Apple to create an iCloud backdoor, the importance of timely software updates, and the recent removal of a malware-infected game from Valve’s platform. We also discuss Nick Robinson’s phishing incident and the rise in unofficial TikTok installations in the US, emphasizing the need for heightened security awareness and caution in digital interactions. The conversation explores the implications of app bans, particularly focusing on TikTok and the risks of sideloading apps. We highlight the importance of fostering a strong security culture within organizations and discuss effective strategies for assessment and improvement. The discussion then shifts to the evolution of security awareness, moving beyond traditional metrics like phishing click rates to a more holistic approach incorporating marketing principles. Finally, we examine the growing prevalence of scams and share insights on how to identify and mitigate these risks in today’s digital landscape. 🕒 Timestamps 00:00 Episode Introduction 03:53 UK's Apple iCloud Backdoor Controversy 06:48 Apple's Security Updates and Zero-Day Vulnerabilities 09:46 Valve's Removal of Malware-Infected Game 16:17 Nick Robinson's Phishing Incident 21:54 TikTok's Sideloading Surge in the US 23:59 Navigating App Bans and Sideloading Risks 27:51 Understanding Security Culture and Awareness 36:44 The Evolution of Security Awareness Strategies 46:55 Identifying Scams and Enhancing Security Practices 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A CYBERSECURITY PODCAST where we talk about SECURITY AWARENESS and security education. We are professionals in HUMAN RISK and Information Security Awareness. We know PHISHING CAMPAIGNS, we know PHISH. We have done annual SECURITY TRAINING. We have sent NEWSLETTERS and made videos. We have created security awareness CULTURE STUDIES and are passionate about HUMAN BEHAVIOURS. Whether you're a CYBER Security Awareness professional or simply curious about HUMAN RISK, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Are Connected Cars the Next Big Cybersecurity Target? | 14 Apr 2025 | 01:05:30 | |
This week on The Awareness Angle, we dive into the latest cybersecurity themes, evolving risks, and fresh insights shaping the industry: 💡 Cyber Awareness Matters – As threats evolve, so must our approach. We explore why traditional training isn’t enough and how a 70% drop in phishing click rates shows what’s possible. 🧠 Mental Health in Cybersecurity – Burnout is real. We highlight some innovative solutions emerging to support well-being in high-pressure security roles. 🚗 Electric Vehicles & Car Hacking – The rise of connected cars opens the door to new attack vectors. Here’s what’s keeping automotive cybersecurity experts up at night. 🕵️♂️ Surveillance vs. Privacy – Government access to private data sparks debate again. We break down what’s changing and what it means for your digital rights. 🏥 Secure Healthcare Communication – Data sensitivity in healthcare isn't just about records—it’s also in the messages. We discuss why secure channels matter more than ever. 🧑🎓 The Human Side of Security – People are often the weakest link—or the strongest defence. We explore how understanding behaviour shapes better awareness programmes. 🎙️ Networking That Matters – From casual chats to panel debates, we share the value of connecting with peers at industry events (and how not to waste the opportunity). 🧒 Parental Controls in Focus – Online safety starts at home. We talk about what tools are working, and why education is just as important as tech. 🛠️ Rethinking Tools & Practices – Not every “best practice” still holds up. We dig into why it’s time to re-evaluate old habits in the face of new threats. 🤖 AI Expectations in Business – From chatbots to decision-making tools, AI is becoming the norm—but is security keeping up? Whether you're into cybersecurity awareness, human risk, privacy, or just trying to stay safe online, this episode is packed with real-world stories and practical takeaways. 🕒 Timestamps 00:00 Episode Introduction 01:44 WinRAR Vulnerability 05:11 Kellogg & Clop Ransomware 09:04 Europcar GitLab Breach 14:54 Nissan Leaf Hack 23:41 TikTok Ban Delayed 24:55 GCHQ Spyware Warning 27:01 Apple vs UK Government 27:51 Oracle Data Breach Confirmed 30:15 Royal Mail Breach: No Update 30:53 Cyber Security Show Recap 33:19 Zensory & NeuroCyber 40:29 Lance Spitzner’s LinkedIn Post 46:06 AI Avatar in Court 50:07 Shopify’s AI Memo 53:58 Maddy Moate & Parental Controls 57:24 NHS Text Message Confusion 01:04:22 Outro 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A CYBERSECURITY PODCAST where we talk about SECURITY AWARENESS and security education. We are professionals in HUMAN RISK and Information Security Awareness. We know PHISHING CAMPAIGNS, we know PHISH. We have done annual SECURITY TRAINING. We have sent NEWSLETTERS and made videos. We have created security awareness CULTURE STUDIES and are passionate about HUMAN BEHAVIOURS. Whether you're a CYBER Security Awareness professional or simply curious about HUMAN RISK, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Is Microsoft’s Copilot About to Leak Everything? | 20 Apr 2025 | 01:10:31 | |
This week on The Awareness Angle, we break down the biggest stories in cybersecurity and digital risk, from funding gaps to privacy concerns and scam tactics you need to know about: 🛠️ CVE Scores & Funding Gaps – We look at how Common Vulnerabilities and Exposures (CVEs) help teams prioritise security fixes—and why the system’s financial future is under serious strain. 📉 4chan’s Fall – The site’s massive data leak sparks wider concerns about unpatched software and outdated infrastructure. 🧠 Copilot’s Privacy Problem – Microsoft’s new “recall” feature for Copilot is raising eyebrows over just how much it might remember—and share. 🔄 Android Auto Reboot – A new feature that restarts your device to install critical updates could be a quiet game-changer for mobile security. 📱 QR Code Scams – These attacks are on the rise, fooling people into scanning their way into danger. We explain what to look out for. 🤖 DeepFakes & Scam Tactics – From fake calls to fake faces, attackers are levelling up. Here’s how to stay a step ahead. 💸 Payment Verification Scams – A reminder: always confirm payment before handing over goods. Social engineering is getting smarter. 🎯 Real Pressure Simulations – Why cyber awareness training needs to go beyond the basics and prepare users for high-stakes scenarios. 🎙️ Industry Voices – Why speaking with frontline professionals can offer insights that no training module can replicate. 👥 Human Error & Third-Party Risk – From vendor software flaws to simple mistakes, people remain at the centre of most security incidents. Whether you’re in charge of training or just trying to stay informed, this episode is packed with real-world insight and practical takeaways to help you stay ahead. 🕒 Timestamps 00:00 Episode Introduction 05:11 The CVE Funding Crisis 10:09 The Downfall of 4chan 12:01 Microsoft's Copilot Recall Feature 24:09 Android's Auto Reboot Feature 29:04 The Rise of QR Code Scams 34:26 Data Breaches and Cybersecurity Risks 39:30 Scams and Fraud in the Digital Age 44:02 Cyber Awareness and Education 47:58 Interviews and Insights in Cybersecurity 54:45 Real-World Security Breaches and Lessons Learned 01:00:00 The Importance of Cyber Awareness in Decision Making 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A CYBERSECURITY PODCAST where we talk about SECURITY AWARENESS and security education. We are professionals in HUMAN RISK and Information Security Awareness. We know PHISHING CAMPAIGNS, we know PHISH. We have done annual SECURITY TRAINING. We have sent NEWSLETTERS and made videos. We have created security awareness CULTURE STUDIES and are passionate about HUMAN BEHAVIOURS. Whether you're a CYBER Security Awareness professional or simply curious about HUMAN RISK, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| We Don’t Phish: Erin Gallagher on Doing Awareness Differently | 24 Apr 2025 | 00:45:26 | |
This week marks the launch of a new recurring format within The Awareness Angle podcast—Interviews—where we sit down with voices shaping the future of human risk and security awareness. In this episode, Anthony kicks off the series with the brilliant Erin Gallagher from Fastly for a candid conversation about reshaping security awareness from the ground up. Forget the old playbook—Erin shares how she's putting relationships, relevance, and real-world context at the centre of her approach. 🎙️ Breaking the Phishing Cycle – Fastly doesn’t run phishing simulations. Why? Erin explains why they’re often more harmful than helpful—and how focusing on education, not trickery changes the game. 💬 Slack Over Email – At Fastly, security awareness happens where the people are: in Slack. We explore why ditching email improves reach, tone, and trust. 📚 From Compliance to Curiosity – Training should feel like levelling up, not ticking a box. Erin shares how she designed an OWASP Top 10 module that’s short, punchy, and useful. 🎨 Creative Engagement – From using ChatGPT to writing training content to drawing inspiration from surprising places—Erin shows how creativity fuels better learning experiences. 🧠 Learning Fatigue is Real – Too much training? Too long? Erin talks about chunking, pacing, and making learning something people actually look forward to. 🤝 Building Real Relationships – Whether it’s the interview process or day-to-day comms, Fastly’s philosophy is simple: trust your people, and they’ll trust you back. 🔍 Tailored, Role-Based Training – One-size-fits-all doesn’t cut it anymore. We talk about the importance of adapting awareness programmes to different roles, risks, and realities. 🔄 Self-Correction Over Gotchas – Success isn’t about catching people out—it’s about seeing them make the right move next time. Erin shares how Fastly tracks self-correcting behaviour as a true sign of progress. 📦 Everyone Needs a Continuity Plan – Personal resilience isn’t just for systems. Erin closes with a powerful reminder: what’s your personal continuity plan? Whether deep in the field or curious about how people and security intersect, The Awareness Angle: Interviews brings you honest conversations, fresh ideas, and insights that stick. Episodes from the Interviews series will be released alongside our regular podcast on Thursdays! 🕒 Timestamps 00:00 Episode Introduction 01:01 Erin Gallagher's Unique Role at Fastly 02:07 The Interview Process and Company Culture 03:13 The Decision Against Phishing Programs 05:16 Communication Methods: Slack vs. Email 07:20 Transitioning from Phishing to Security Awareness 09:41 Building Relationships Over Testing 11:48 The Focus on Engagement and Training 12:51 Rethinking Phishing and Risk Management 14:58 Creating Tailored Training Programs 17:22 Engagement Strategies for Security Awareness 19:02 The Challenges of Phishing Simulations 21:21 Utilizing Tools for Awareness Training 23:58 Innovative Training Approaches for Compliance 28:01 The Journey to Cybersecurity Awareness 33:54 The Role of Phishing in Security Training 38:30 Creative Security Awareness Initiatives 40:56 Influential Resources in Cybersecurity Awareness 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Can Hackers Hijack Your Device With A Zoom Call? | 28 Apr 2025 | 01:07:22 | |
This week on The Awareness Angle, we dive into the biggest cybersecurity and privacy stories making waves: 🏬 Marks & Spencer Cyber Incident – A payment system disruption shows how fragile customer trust can be during cyber events. 🖥️ Zoom Remote Control Exploit – Hackers are exploiting a feature to take control of systems, proof that even productivity tools carry hidden risks. 📧 Gmail OAuth Loophole – A new vulnerability exposes Gmail users to account takeovers through third-party app abuse. 🧑💻 Sextortion Scams on the Rise – Criminals are using increasingly convincing tactics to extort victims online, especially targeting younger users. 🧠 Copilot Recall Privacy Backlash – Microsoft's AI-driven memory tool raises more concerns about how much data companies should collect and store. 🎣 Next-Gen Phishing Attacks – Phishing tactics are getting smarter and harder to spot, demanding sharper user awareness than ever. 🔒 Third-Party App Permissions – Granting access without scrutiny can open major doors for attackers, especially in workplace environments. 🎭 DeepFake Threats Expand – AI-generated videos and images are now used for scams, fraud, and brand damage. 🔌 USB Killers – A reminder that cybersecurity isn’t just digital; physical device security can be just as critical. 🛡️ Why Community Awareness Matters – Cybersecurity isn’t a solo effort; community engagement and shared knowledge make everyone safer. Whether deep in cybersecurity or just trying to stay safer online, this episode brings real-world stories, human-focused risks, and practical advice. 🕒 Timestamps 00:00 Episode Introduction 02:56 Major Retail Cyber Incident: Marks and Spencer 10:03 Exploiting Zoom's Remote Control Feature 13:43 Google OAuth Loophole and Phishing Attacks 17:28 Rising Threat of Sexploitation and Online Safety 24:00 Microsoft Copilot Recall: Privacy Concerns and Data Security 34:47 Google's Antitrust Trial and OpenAI's Interest in Chrome 38:39 Ransomware Attacks: Davita and Cookie Bite 40:28 Deep Fake Ads and AI Warnings 41:53 Innovative Ransomware Tactics: Fog Gang 44:37 Cybersecurity Comments and Community Insights 51:44 Upcoming Events and Cybersecurity Awareness 53:01 Reddit Stories: USB Killers and Security Risks 01:02:22 LinkedIn Scams and Protecting Personal Data 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A CYBERSECURITY PODCAST where we talk about SECURITY AWARENESS and security education. We are professionals in HUMAN RISK and Information Security Awareness. We know PHISHING CAMPAIGNS, we know PHISH. We have done annual SECURITY TRAINING. We have sent NEWSLETTERS and made videos. We have created security awareness CULTURE STUDIES and are passionate about HUMAN BEHAVIOURS. Whether you're a CYBER Security Awareness professional or simply curious about HUMAN RISK, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Is UK Retail Under A Targeted Cyber Attack? | 05 May 2025 | 01:07:38 | |
This week on The Awareness Angle, we break down the top cybersecurity stories and trends shaping user behaviour and business risks: 🏪 Retailers Under Fire – Major UK retailers are being hit with cyber incidents, reminding us how exposed even high street giants can be. 📞 The 159 Scam Hotline – A simple, underused number offers a secure route to contact your bank and stop fraud in its tracks. 📱 WhatsApp Rolls Out New Privacy Features – From locked chats to disappearing messages, we unpack what’s useful and what still needs work. 🍏 Apple Spyware Alerts – Apple is now warning users targeted by sophisticated spyware—so what does that mean for regular device users? 🧠 Password Spraying on the Rise – Microsoft sounds the alarm on attacks targeting weak or reused passwords across accounts. 💻 End of Windows 10 Support – With support ending, millions face heightened security risks—especially in corporate environments. 🕵️♀️ Dark Web Password Markets – Billions of stolen credentials are for sale—proof that one weak password can lead to massive fallout. 🔐 Gen Z’s Security Blind Spot – New data shows younger users knowingly reuse passwords—why education still isn’t cutting through. 🎭 Anti-Piracy Irony – The industry’s hypocrisy is on full display, as pirated content is used to fight piracy itself. 📣 Shaming Doesn’t Work – Publicly blaming users for security slip-ups may do more harm than good—we explore better awareness strategies. This episode is packed with insight, irony, and action points. It is a must for anyone navigating the intersection of tech, behaviour, and security. 🕒 Timestamps 00:00 Episode Introduction02:30 UK Retail Sector Hit by Growing Cybersecurity Incidents08:19 The 159 Hotline: A Critical Tool Against Bank Scams12:50 WhatsApp Enhances Privacy with New Protection Features15:00 Apple Warns Users of Targeted Spyware Attacks19:38 Microsoft Highlights Password Spraying Threats22:21 Windows 10 Support Ending Sparks Security Concerns26:15 Surge in Malware and Dark Web Password Sales32:35 Gen Z’s Lax Approach to Basic Cyber Hygiene37:18 Why Strong Password Policies Matter More Than Ever42:19 Industry Panels Explore the Future of Cybersecurity48:03 Real-World Security Incidents and Ongoing Risks48:35 Does MS Recall Cause Issues With BYOD?50:28 Joe Head's Awareness Advice51:59 Awareness Tales From The Train54:00 QR Code - Wins and Fails58:10 NHS Fails Again?1:01:40 Karaoke Update Fails 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A CYBERSECURITY PODCAST where we talk about SECURITY AWARENESS and security education. We are professionals in HUMAN RISK and Information Security Awareness. We know PHISHING CAMPAIGNS, we know PHISH. We have done annual SECURITY TRAINING. We have sent NEWSLETTERS and made videos. We have created security awareness CULTURE STUDIES and are passionate about HUMAN BEHAVIOURS. Whether you're a CYBER Security Awareness professional or simply curious about HUMAN RISK, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Three Deep Breaths: Jasmine Eskenzi on Cyber Mindfulness | 08 May 2025 | 00:56:51 | |
This week on The Awareness Angle: Interviews, Anthony sits down with Jasmine Eskenzi, founder of The Zensory, for a fascinating conversation about how mindfulness, neuroscience, and emotional intelligence are transforming cybersecurity from the inside out. This episode dives into the often overlooked human side of security—how stress, distraction, and burnout make us more vulnerable and how tools that support focus and well-being can help us build safer, more resilient workplaces. 🧠 Mindfulness Meets Security – Jasmine shares how small moments of awareness can have a big impact on decision-making, especially in high-stakes environments. ⚠️ Stress & Social Engineering – When our brains are under pressure, our judgment suffers. We explore how attackers exploit this and what teams can do to defend against it. 🎵 The Sound of Focus – Not all music is created equal. Jasmine explains how Zensory’s curated soundscapes help improve concentration, clarity, and calm at work. 🧍♀️ Humanising Cyber Awareness – Fear-based training doesn’t work. Jasmine talks about building empathy and trust into your programmes to encourage real behavioural change. 🧬 Neurodiversity & Inclusivity – One size never fits all. We discuss the importance of adapting tools and strategies to support different brains, learning styles, and needs. 📊 Wellbeing as a Risk Signal – What if focus and engagement data could help spot burnout before it leads to risky behaviour? Jasmine offers a fresh perspective. 💡 Beyond Compliance – From stress education to culture change, Jasmine shows how mindfulness-based approaches can turn training into transformation. 📲 The Zensory Way – With science at its core, Jasmine’s platform is helping companies blend neuroscience and practical tools to drive better habits and reduce human risk. Whether you work in cyber, L&D, HR, or just want to understand what really drives behaviour, this episode will change how you think about awareness. The Awareness Angle: Interviews is a recurring format released alongside our regular episodes, featuring honest, practical conversations with the people shaping the future of human risk and security culture. 🕒 Timestamps 00:00 Introduction to Mindful Security 02:52 The Zensory: Merging Mindfulness and Cybersecurity 05:56 Stress: The Hidden Catalyst in Cyber Attacks 08:58 Spotting Stress Before It Impacts Decisions 12:05 Humanizing Security: The Engagement Advantage 15:01 Emotional Intelligence in Cyber Roles 18:04 Managing Stress with Mindfulness Practices 20:48 How Stress Rewires the Brain in High-Stakes Moments 24:00 Embracing Neurodiversity in Security Workspaces 26:57 Rethinking Cybersecurity Culture with Mindfulness 32:02 Music for Focus: Why Simplicity Works 34:13 The Amygdala Hijack: Stress and Reaction in Security 36:48 Modeling Mindful Leadership in Cyber Teams 40:03 Driving Culture Change for Stronger Security 41:52 Measuring Engagement and Wellbeing in Security Programs 46:03 From Awareness to Action: Behavioral Security Training 51:02 Integrating Mindfulness Tools for Sharper Focus 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Is That Voice Note from Your Child, or an AI Voice Clone? | 12 May 2025 | 01:14:12 | |
This week on The Awareness Angle, we dive into some of the latest developments shaping cybersecurity, human risk, and digital trust: 🏆 Podcast Nominated! – The Awareness Angle is up for two industry awards—thank you for the support! 🛍️ Retail Cyber Incidents – Both M&S and Co-op are dealing with serious cyber issues, but the silence is raising more questions than answers. 🎙️ AI Voice Scams on WhatsApp – Scammers are now using AI-generated voice notes to impersonate loved ones. We unpack how this works and what to look out for. ☁️ OneDrive Exfiltration Risk – A new feature in OneDrive could be exploited to leak sensitive files. Here’s what IT teams need to know. 🦠 LockBit Gets Hacked – The infamous ransomware group has been breached themselves, revealing infighting and surprising insights into how these criminal gangs operate. 🔑 Passkeys Gain Momentum – Microsoft and other major players are pushing passwordless logins. We explore why passkeys might finally stick—and what it means for user adoption. 📲 Clipboard Security Warning – Samsung devices may be leaking sensitive data through clipboard functions. We talk about how this works and why it matters. 📦 Brushing Scams & Fake Reviews – Random parcels might seem harmless, but these scams are about manipulating trust and inflating seller reputations. ⚠️ Massive Phishing Campaigns – The volume and sophistication of phishing attacks are spiking again. We break down why it's happening and how to stay ahead. Whether deep in the security world or just trying to stay safer online, this episode is packed with practical takeaways and fresh insights. 🕒 Timestamps 00:00 Intro 01:18 The Awareness Angle Podcast Gets Award Nominations 05:28 M&S and Co-op Hit by Major Cyber Incidents 09:33 AI Voice Notes Fuel Evolving WhatsApp ‘Hi Mum’ Scams 18:13 OneDrive’s New Feature Could Enable Data Leaks 22:53 Lockbit Ransomware Gang Breached by Rivals 29:08 Passkeys: Microsoft’s Push Toward Passwordless Security 36:58 Why Passwordless Authentication Is the Future 39:18 Ransomware Risks and the Need for Recovery Planning 43:43 NHS Transparency Issues Undermine Staff Confidence 45:22 CoGUI - Phishing Campaigns Surge — User Awareness Is Vital 47:40 AI in the Courtroom: Ethical and Legal Questions 51:42 The Comments Section 55:58 Cybersecurity Awareness Relies on Better Communication 57:45 Clipboard Vulnerabilities Expose Samsung Users 59:47 Brushing Scams Undermine Trust in Product Reviews 01:03:14 SMS Scams Exploit User Trust Through Malicious Links 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A CYBERSECURITY PODCAST where we talk about SECURITY AWARENESS and security education. We are professionals in HUMAN RISK and Information Security Awareness. We know PHISHING CAMPAIGNS, we know PHISH. We have done annual SECURITY TRAINING. We have sent NEWSLETTERS and made videos. We have created security awareness CULTURE STUDIES and are passionate about HUMAN BEHAVIOURS. Whether you're a CYBER Security Awareness professional or simply curious about HUMAN RISK, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Did That Freelancer Just Steal $88 Million for North Korea? | 19 May 2025 | 01:04:00 | |
This week on The Awareness Angle, we break down the biggest stories in cybersecurity, awareness, and human risk: 🖥️ Windows 10 Lives On – Microsoft has extended support until 2028, giving users and IT teams more breathing room before the jump to Windows 11. 🎮 Steam Account Scare – Reports of leaked accounts raised alarms, but no sensitive info was exposed. Still, it’s a reminder of the real-world value behind in-game assets. 👜 Dior Data Breach – A cyber attack exposed customer details, but not payment info. We explore the implications for brand trust and customer confidence. 🛒 Co-op vs M&S Cyber Response – Co-op contained their breach swiftly. M&S is still in recovery mode. We discuss why crisis response makes or breaks reputations. 🧑💻 North Korea’s Remote Job Scam – Hackers stole $88M by posing as U.S. tech workers. We dive into this elaborate social engineering scheme and its growing threat. 📹 Malware Masquerading as AI Tools – A fake AI video generator is spreading malware. Don’t trust the ads, especially on social media. 🏥 Outdated Public Sector Systems – Shockingly, some UK government systems still run on Windows 3.1. We talk about why legacy tech is a silent cybersecurity risk. 🔐 Passkeys & Android 16 – Passwordless logins and Android’s new security features signal a shift in how we protect our devices and data. 🎓 AI + Awareness Training – Used well, AI can level up security training, helping personalise content and increase retention. 🧠 Education Over Trickery – Whether it’s phishing simulations or awareness content, the goal should be genuine understanding, not catching people out. Stay informed, stay aware—and as always, thanks for tuning in. 🕒 Timestamps00:00 Introduction to Cybersecurity News04:50 Microsoft Extends Windows 10 Support to Ease Transition07:40 Steam Data Leak Raises Account Security Concerns10:46 Dior Cyber Attack Exposes Customer Information12:09 Co-op and M&S Respond to Targeted Cyber Attacks18:20 North Korean Hackers Exploit Remote Work Job Fraud21:32 Fake AI Video Generators Deliver Malware Payloads25:36 UK Government Faces Scrutiny Over Outdated Systems28:48 Moving Toward Passwordless Authentication30:58 Android 16 Introduces New Security Enhancements32:37 Security Gaps Remain Despite Passkey Advancements34:15 Rethinking the Effectiveness of Security Awareness Training38:08 Preview of Upcoming Cybersecurity Conference38:50 The Social Comments Section43:03 Security and Scam Challenges in the Healthcare Sector44:19 AI Impersonation Scams Complicate Identity Trust48:18 Angry Birds IMEI Tracking Led To Global Surveillance49:11 Social Engineering Continues to Drive Modern Scams51:30 Booking.com Scams Highlight Travel Security Gaps58:10 Social Engineering Simulation Warning From The Experts 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 📙 About The Awareness Angle A CYBERSECURITY PODCAST where we talk about SECURITY AWARENESS and security education. We are professionals in HUMAN RISK and Information Security Awareness. We know PHISHING CAMPAIGNS, we know PHISH. We have done annual SECURITY TRAINING. We have sent NEWSLETTERS and made videos. We have created security awareness CULTURE STUDIES and are passionate about HUMAN BEHAVIOURS. Whether you're a CYBER Security Awareness professional or simply curious about HUMAN RISK, this podcast is your go-to resource for fresh perspectives and creative solutions. 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Escape the Boring Stuff: Amy Stokes-Waters on Engaging Awareness | 22 May 2025 | 00:44:31 | |
This week on The Awareness Angle Interviews… Anthony has a brilliant chat with Amy Stokes-Waters from The Cyber Escape Room Co. They talk about ditching dull training, making awareness genuinely fun, and how escape rooms, storytelling, and a bit of chaos can actually change behaviour. Loads of laughs, loads of good ideas, and a few dodgy password stories thrown in—plus the occasional strong word or two (in the best possible way). Amy brings fresh energy to the security awareness world—cutting through the buzzwords and showing how relatable, interactive, and human training can make a real difference. 🔓 Escape the Boring Stuff – Amy breaks down how escape rooms turn passive training into memorable, meaningful experiences. 📚 From Storytelling to Swearing – Awareness doesn’t have to be corporate. It just has to connect. 🛠️ Lessons from the Hard Way – The founder journey isn’t always smooth, but the bumps come with big takeaways. ♻️ Beyond the Annual Box-Tick – Awareness should be continuous, creative, and part of everyday culture. 🎯 Phishing Isn’t the Whole Game – Simulations matter, but they’re just one tool. Amy shares what else should be in your kit. 📢 Awareness is Marketing – Brand, tone, and message consistency matter. Sell it like you mean it. 🧍♂️ Security Champions & Culture Change – Find your internal allies and give them the tools to drive change. 🤖 Looking Ahead – AI, behavioural science, and why the future of training still needs a human touch. Whether you’re in security, L&D, comms—or just fed up with boring training—this one’s full of practical inspiration and plenty of personality. The Awareness Angle: Interviews is our ongoing series of honest, practical conversations with the people reshaping security culture from the inside out. 🕒 Timestamps 00:00 Introduction to Amy 03:06 Engaging Training Methods: Escape Rooms 05:56 The Importance of Relatability in Training 09:03 The Journey to Cyber Escape Rooms 12:04 Learning Through Engagement 14:59 Challenges and Mistakes in the Business 17:49 Impactful Moments in Training 21:08 The Evolving Security Awareness Landscape 24:31 Engaging Security Training through Creative Scenarios 25:21 Building a Continuous Learning Framework 26:56 Rethinking Phishing Simulations 28:41 The Marketing of Security Awareness 30:40 Consistency in Messaging and Engagement 32:11 The Importance of Brand Voice in Security 35:42 Authenticity in Communication 38:22 Expanding Horizons: New Ventures in Security Training 40:17 The Future of Security Awareness Training 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Is Voice Phishing the Next Big Cyber Threat? | 26 May 2025 | 01:09:19 | |
This week, The Awareness Angle hits its 30th episode milestone—and we’re marking it with a deep dive into the latest in cybersecurity, awareness, and digital risk: 🎉 30 Episodes In – A huge thank you to our growing community! We reflect on how far we’ve come and why your feedback keeps this show thriving. 💥 £300M Cyber Hit for M&S – We unpack the staggering cost of the retailer’s recent breach—and what it signals for cyber resilience in retail. 🧠 The Rise of Social Engineering – Forget firewalls—humans are the target. We explore how attackers are using trust, urgency, and voice phishing to break in. 📍 O2’s Location Leak – A major privacy flaw exposed users' whereabouts. The fix is in, but the questions around data handling remain. 🧩 One Parking App to Rule Them All? – The UK government plans a single solution for public parking. We discuss the potential risks (and benefits) of centralised services. 🧯 Fake Chrome Extensions – These silent threats steal data and spread malware. We look at what users can do to protect themselves. 📚 Billions of Discord Messages Scraped – Researchers hoovered up massive amounts of user content. We examine the ethics and implications of academic surveillance. 🖥️ Legacy Tech Still Lurking – From NHS infrastructure to XP-powered systems, outdated tech continues to expose critical services to modern threats. 🗣️ Deepfakes & Voice Scams – AI is enabling more convincing fraud. We break down how realism is raising the stakes for impersonation attacks. 💡 Why Awareness Still Matters – From the classroom to the boardroom, education remains the best defence. We highlight how organisations can move from reactive to resilient. Thanks for joining us—whether you’re here for episode one or thirty. Let’s keep learning, sharing, and staying one step ahead together. Timestamps 00:00 – Intro and episode milestone 03:20 – Interview plug: Amy Stokes-Waters on Cyber Escape Rooms 04:08 – European Cybersecurity Blogger Awards (vote now!) 05:32 – Monday newsletter reminder Main Stories 06:13 – M&S cyber attack update: £300m cost and third-party access 10:02 – Tesco & Sainsbury’s supplier ransomware incident 12:59 – 3AM ransomware: fake IT calls and email bombing 15:37 – HSBC CEO: “Cyber threats keep me up at night” 18:19 – O2 bug leaking mobile user location (now patched) 22:18 – UK govt to unify parking apps, reduce QR code risk 24:37 – 100+ fake Chrome extensions stealing data 29:30 – Researchers publish 2 billion Discord messages Awareness & Community 32:30 – Future of Cybersecurity event (June 12) 34:27 – SANS 2025 Security Awareness Survey Comments & Community Reactions 36:36 – TikTok/Instagram virality, OneDrive sync backlash, NHS tech 39:43 – Spam call surge after M&S breach – or Baader-Meinhof effect? Bonus Deep Dives 41:54 – Ancient Windows still running in 2025 (BBC Future article) 47:10 – Live demo of Vishr.ai – AI-powered vishing simulator 52:15 – Deepfake investment scam featuring fake Anthony Bolton 57:04 – Google Veo AI video generation with audio 01:04:18 – Notebook LM: Generate podcast-style conversations from transcripts 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| "Security awareness IS marketing" – Sara Carty on Being Unboring | 05 Jun 2025 | 01:13:24 | |
This week on The Awareness Angle Interviews… Anthony sits down with Sara Carty, the founder of UNBORING, to explore why so much cybersecurity marketing feels stale—and what we can do to change it. From drama school to startup life, Sara’s journey is anything but conventional, and her marketing approach is bold, honest, and refreshingly human. 🎭 From Drama to Data Breaches – Sara shares how her background in performance gave her the confidence to challenge industry norms and connect with audiences in a real way. 📉 Ditching Fear-Based Marketing – Scare tactics are out. Sara explains why trust, clarity, and relevance are far more powerful than doom and gloom. 🧠 Tech Doesn’t Have to Be Boring – We talk about the balance between getting the technical details right and actually engaging the people who matter. 📣 Marketing is Storytelling – Great cybersecurity campaigns aren’t about features—they’re about people. Sara explains how to make messages stick. 🚫 No More Blaming the Audience – If people aren’t listening, maybe the message is the problem. We unpack how to create content that meets users where they are. 🎨 The Human Behind the Hack – Good marketing understands human risk. Sara shares how empathy and creativity build stronger campaigns (and cultures). 🧩 Insights from the Marketing Team – From product design to user adoption, marketing can be a strategic partner—not just the team that “makes it pretty.” 🗣️ Why UNBORING Matters – Whether it’s refusing to use AI-generated content or calling out jargon-filled nonsense, Sara’s mission is clear: make cybersecurity feel human again. If you’ve ever zoned out during a “cyber comms campaign” or wondered how to make people actually care about security—this conversation is for you. 🕒 *Timestamps* *Introduction & Mission* 00:00 Introduction to Unboring and Its Mission 06:10 The Impact of Drama School on Professional Skills *Marketing & Messaging* 11:49 The Importance of Marketing in Cybersecurity 18:09 Standing Out in a Sea of Sameness 23:53 The Future of Cybersecurity Marketing 28:02 The Role of Women in Cybersecurity Awareness 31:46 Touch Points in Marketing and Engagement 34:58 The Role of Storytelling in Marketing and Cybersecurity 35:56 Communicating with Human Touch 37:06 The Disconnect Between Marketing and Cybersecurity *Human Element & Awareness* 38:03 The Impact of Social Engineering on Cybersecurity 39:00 The Role of AI in Marketing and Cybersecurity 40:07 The Importance of Relatable Communication 40:57 The Human Element in Cybersecurity Awareness 41:58 The Disconnect in Cybersecurity Messaging 42:57 The Importance of Engagement in Cybersecurity 43:54 The Need for Top-Down Support in Cybersecurity Awareness *Espionage & Storytelling* 45:03 Exploring Cyber Espionage and Marketing 46:00 Lessons from Espionage for Marketers 47:12 The Connection Between Storytelling and Marketing 47:51 The Role of Human Stories in Marketing 49:03 The Importance of Understanding Audience Needs 50:08 The Need for Authentic Marketing 50:57 Storytelling Lessons from Popular Culture 52:45 The Power of Relatable Storytelling *Trends & Takeaways* 55:21 Tech vs. Human Connection in Cybersecurity 01:00:42 Marketing Buzzwords to Ban 01:02:28 Admiring Innovative Marketing Campaigns 01:05:44 The Importance of Storytelling in Communication 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| These Old Cyber Tricks STILL Work? | 02 Jun 2025 | 01:07:20 | |
In this episode of The Awareness Angle, Anthony and Luke unpack a fresh wave of cybersecurity stories affecting both individuals and organisations: 🛍️ Retailers in the Firing Line – Major high-street brands are once again the target of serious cyber incidents, raising questions about resilience in the sector. 🎭 Social Engineering Stays on Top – From fake IT support to urgent command prompts, attackers continue to exploit human trust as their primary attack vector. 🪛 Microsoft & Apple Tweak the Basics – Microsoft announces updates to streamline patching, while Apple shifts its versioning system to reflect the calendar year. 🧠 Phishing Evolves Again – These attacks are becoming harder to spot and more convincing. We talk tactics for staying ahead. 🔐 Training, But Make It Useful – We highlight why modern awareness programs must go beyond compliance to truly change behaviour. 📲 SIM Swaps & Password Fails – From account takeovers to careless password habits, we explore some of the weakest links in digital security. 🧬 Gen Z & Data Trade-Offs – Would you sell your personal data for perks? A surprising number already do. We unpack the implications. 🗣️ AI Voice Cloning Raises Red Flags – As synthetic audio gets more realistic, concerns around consent and misuse are growing louder. 📢 Cybersecurity Awareness Month – A perfect moment to reflect on what’s working (and what’s not) in promoting safe online habits. Whether you're an IT leader or just trying to dodge the next phishing scam, this episode is packed with insights to help you stay sharp in an evolving threat landscape. 🕒 Timestamps 00:00 – Intro and European Cybersecurity Blogger Awards update 02:29 – Victoria’s Secret breach: US website taken down 03:10 – Adidas cyber attack: Third-party helpdesk access 06:24 – AI-generated TikTok videos pushing PowerShell malware 08:43 – Microsoft’s new unified Windows update platform 12:03 – Apple renaming iOS/macOS to iOS 26/macOS 26 13:41 – Five fast phishing stories (starts mini round-up) 14:07 – Tajikistan targeted via macro Word templates 16:36 – Fake Cloudflare page tricks users into running malware 18:00 – Fake Google Meet page runs PowerShell command 20:14 – Coursera phishing scam uses fake Meta certificate 26:09 – InfoSec Europe event details 27:41 – Upcoming virtual event: The Future of Cyber Security 29:00 – Listener comments: Old tech and Skarda 29:45 – Upcoming interview: Sara Carty from Unboring 31:45 – Digital Safety Checklist from digital.lead.org.uk 35:43 – Homebrew devs targeted via fake Google Ads redirect 38:42 – OceanGate implosion video leaks sticky note password 41:30 – EE SIM swap incident and SMS 2FA vulnerability 48:11 – Gen Z selling their data for $50/month with verb.ai 52:13 – ScotRail AI voice controversy: real-world “likeness” misuse 58:25 – Use AI to analyse terms & conditions (TOSDR.org) 01:01:00 – WhatsApp now supports passkeys 01:02:53 – Phishing email spoofing Luke hits Ant’s inbox 01:06:34 – Final takeaway: Never run commands from a website prompt 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Why Gen Z Is Going Passwordless | 09 Jun 2025 | 01:09:14 | |
This week, The Awareness Angle celebrates a big win—taking home two awards at InfoSecurity Europe! Anthony and Luke dive into a packed episode covering everything from retail breaches to the shifting world of passwordless authentication. 🏬 Retail Under Attack – From North Face to Cartier and M&S, cyber incidents continue to rock the retail sector. M&S now faces a class action lawsuit over a major breach. 🔑 Passwordless Progress – Microsoft is pushing the future of secure logins, and Gen Z seems ready to ditch passwords entirely. But is the wider public ready? 🔐 Signal vs Recall – Signal is blocking Microsoft’s new Recall feature from capturing chats, raising important questions about privacy in AI-powered tools. 🚗 Cars and Weak Credentials – The automotive industry is falling behind on password hygiene, exposing a surprising new attack vector. 🌏 Ransomware Rules in Australia – The country is rolling out mandatory disclosure laws, aiming to increase transparency around ransom payments. 🎭 Narratives That Stick – Clear, engaging communication is critical, not just for users, but for threat intelligence too. We unpack Microsoft and CrowdStrike’s effort to standardize naming conventions. 🎣 New Malware Tactics – Cybercriminals are embedding malware into creative tools, showing how attacks are evolving beyond the usual methods. 🗣️ Why Awareness Still Matters – Whether it’s media miscommunication or confusing tech rollouts, clear storytelling and community engagement remain essential for building trust and resilience. From cutting through the jargon to making security feel more human, this episode is full of sharp insights, strong opinions, and a few laughs along the way. 🕒Timestamps 01:02 Awards Night & Behind the Scenes at Infosec 14:11 The North Face & 💍 Cartier Breaches 16:23 M&S Class Action Lawsuit 18:51 Microsoft Authenticator Password Deletion 20:47 Signal Blocks Windows Recall 23:31 Smart Cars, Dumb Passwords 28:08 Australia Ransomware Disclosure Law 30:39 Gen Z and Passkey Adoption 35:00 Threat Actor Naming – Periwinkle Tempest 42:17 The Future Of Cybersecurity Virtual Event 43:25 The Comments Section 51:47 WhatsApp £8k Job Scam (spotted by Hayden Taylor) 57:36 Meta AI on WhatsApp 59:25 🪑 Blender File Malware Warning 1:02:53 Triage Tools and Creative Risks 1:05:22 Comments & Wrap-Up 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| The Hidden Danger of LNK Files on Your Computer | 16 Jun 2025 | 01:01:45 | |
This week, The Awareness Angle dives into NHS breaches, dodgy shortcut files, and why fake CAPTCHAs are the new phishing frontier. 🧑⚕️ NHS Professionals Breached – Attackers spent 13 months undetected inside the UK’s largest NHS staffing agency. We break down how they got in, why Active Directory matters, and what took so long to tell anyone. 🖥️ Shortcut Files Can Bite – Microsoft warns that LNK files can trigger attacks just by being viewed. No patch yet, and antivirus alone might not be enough. 🛑 ClickFix Strikes Again – A new macOS malware campaign tricks users into running terminal commands. It’s sloppy but effective, and it’s targeting creatives. 🔒 End of Windows 10 – As support ends in October, the EndOf10 movement wants you to install Linux instead of upgrading. We look at the pros, the problems, and whether it's realistic. 📱 WhatsApp vs UK Gov – WhatsApp backs Apple in the fight against encryption backdoors. What’s at stake for private communication? 🌫️ From Surface to Atmosphere – Forget attack surfaces—modern threats are everywhere. We explore why security needs to focus more on behaviour and environment. Plus: a pigeon gets into Ant’s house and becomes a case study in incident response. Obviously. 🕒 Timestamps 📩 For links, videos, and the newsletter – head to riskycreative.com 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| “Real-time beats simulation” - Terry McCorkle on Rethinking Phishing | 19 Jun 2025 | 00:54:02 | |
This week on The Awareness Angle Interviews… Anthony sits down with Terry McCorkle, co-founder of PhishCloud, to rethink everything you think you know about phishing training. From military discipline to startup innovation, Terry brings decades of experience—and strong opinions—on what’s broken in phishing awareness, and how real-time data and human-first thinking can fix it. 🐟 Why Phishing Simulations Miss the Mark – Terry explains how traditional simulations often create resentment, not resilience, and what a more thoughtful approach looks like. 📡 The Power of Real-Time Data – Static reports don’t cut it. Terry breaks down how live metrics and immediate feedback can make awareness training actually stick. 🧠 Users Are Not the Problem – It's time to stop blaming the human. We talk about how involving users in the solution builds stronger defenses and better culture. 💡 PhishCloud’s Fresh Take – From just-in-time training to behavioural insights, Terry walks us through how his platform flips phishing awareness on its head. 🎮 Gamified, Personalised, Seamless – Why training that’s fun, tailored, and delivered in the moment beats compliance tick-boxes every time. 🔄 Test the Process, Not Just the People – Phishing attacks test systems too. Terry shares why focusing only on individual clicks misses the bigger risk. 🤖 AI Meets Awareness – How automation, workflow integration, and smarter tooling can enhance—not replace—the human role in security. 🏗️ Culture Change Over Compliance – We unpack how to build a learning culture that sees awareness as part of everyday work, not an annual chore. Whether you’re rethinking your phishing program or just tired of gotcha-style training, this conversation offers practical insights with real impact. The Awareness Angle: Interviews brings you candid, real-world conversations with the people transforming how we approach security, behavior, and risk. New interviews drop alongside our Thursday episodes. 🕒 Timestamps 00:00 Episode Introduction 03:03 How Phishing Simulations Impact Behaviour 06:13 Terry’s Path into Cybersecurity 09:06 Why the Human Element Still Matters 12:12 Inside FishCloud’s Approach 15:05 Real-Time Protection Against Phishing 17:58 What User Behaviour Reveals 20:50 Balancing Privacy in Phishing Tools 27:51 Smarter Security Awareness Training 30:01 Making Compliance Training Engaging 33:03 From Reactive to Proactive Phishing Defence 36:29 How AI is Enhancing Security 39:14 Tackling Human Risk in Cyber 43:29 Building a Security-First Culture 46:20 Military Experience in Cyber Careers 48:10 Learning Resources & Recommendations 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Is Your Security Awareness Program Just Ticking Boxes? | 23 Jun 2025 | 00:49:50 | |
This week on The Awareness Angle, Anthony Davis and Luke Pettigrew explore a special episode on what it really takes to build meaningful cybersecurity awareness, as part of preparing for Cybersecurity Awareness Month. 📢 Beyond the Poster Campaign – Open communication channels and positive reinforcement are key to building trust and encouraging people to speak up. 🏆 Recognize What’s Working – Highlighting good security behavior can do more than just raise morale—it can shift culture. 🎮 Learning That Actually Lands – Interactive, gamified, and story-driven training creates better retention than outdated tick-box modules. 💥 When Breaches Get Real – Relatable consequences make cybersecurity more than just a theoretical concern. 🧾 Policies That People Can Understand – Security guidelines should be accessible, not buried in jargon. 🔐 MFA: Still Not Universal – Despite being one of the most effective defences, many organisations still don’t enforce multi-factor authentication. We unpack why that’s a problem 🔑 The Password Problem – Forget confusing complexity rules—focus on uniqueness and usability to reduce risky habits. 🎣 Simulated Phishing Isn’t a Silver Bullet – We break down the mixed results and why real engagement beats gotcha tactics. 🧠 Good Training Changes Behavior – If your awareness program isn’t shifting how people act, it’s time to rethink the strategy. If you're re-evaluating how to engage employees, boost awareness, and change behaviour, this episode is packed with honest insights and practical takeaways. 🕒Timestamps 00:00 Episode Introduction 01:28 Key Strategies for Boosting Awareness 03:14 Keeping Communication Open 08:02 Rewarding Positive Security Habits 11:48 Making Learning Interactive 16:06 Showing Real-World Cyber Impacts 19:00 Setting Clear Security Guidelines 23:01 Creating a Culture of Awareness 26:42 Using MFA to Strengthen Security 29:51 Building Better Password Habits 35:59 Simulated Phishing: Pros and Cons 41:09 Reinventing Cybersecurity Training 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Military Secrets Leaked On A Gaming Forum? | 30 Jun 2025 | 01:11:26 | |
This week on The Awareness Angle, Anthony Davis and Luke Pettigrew break down the biggest cyber stories, from smishing attacks in car parks to leaked US military secrets on gaming forums. It’s all about what slipped through the cracks, and what to watch for next. 🛡️ Mass Claims & M&S Breach – Legal firms swarm the M&S data breach. Who really benefits: victims or opportunists? 🎮 Nexus Mods Ownership Shift – A quiet change sparks questions about transparency on one of gaming’s most trusted mod sites. 🌐 Record-Breaking DDoS Attack – 37 million requests per second. The new HTTP/2 “rapid reset” exploit shows how attacks keep evolving. 🍕 OSINT & Pizza Orders – Can pizza deliveries reveal classified military ops? A deep dive into how open-source intel can be weaponized. ✈️ Military Secrets Leaked on Forums – War Thunder players keep spilling classified info. Why does this keep happening? 🏥 AI in GP Clinics – UK doctors use unapproved AI transcription tools. What are the privacy risks of this shadow IT? 📂 New ClickFix Variant: FileFix – A stealthy Windows Explorer exploit you need to know about. Don’t blindly paste code. 📱 SMS Blasters Deployed – Low-cost devices send spoofed texts by the thousands. Just because it looks real, doesn’t mean it is. 💉 Ransomware Linked to NHS Death – The human cost of cybercrime grows as a Synnovis attack ties to a patient fatality. 🧰 Windows 10 Extended Support – Staying on Windows 10 past October 2025 comes with hidden costs. Is it worth it? 🧪 Fake Interviews, Real Malware – Developers targeted via NPM packages during bogus test tasks. Beware offers that seem too good to be true. 🎁 Scam of the Week – Anthony’s mum nearly falls for a fake M&S hamper giveaway. Funny but also a sharp warning. 🔍 Tool of the Week: Metomic – A clever, nudge-based DLP platform that helps teams catch oversharing before it turns into a breach. If you care about real-world threats, human behavior, and how security can slip through everyday cracks, this episode has plenty to chew on. 🕒 Timestamps 00:00 Introduction to Cybersecurity News 04:01 M&S Claims and Ethical Concerns 06:14 Record-Breaking DDoS Attack 10:02 OSINT and Pizza Intelligence 14:27 Military Secrets Leaked on Gaming Forums 18:02 Doctors Using Unapproved AI Tools 22:08 New FileFix Attack in Cybersecurity 26:08 SMS Blasters and Smishing Attacks 30:12 Ransomware Impact on Healthcare 33:04 Cybersecurity Compliance Risks 36:02 Fake Interviews and Malware Distribution 39:04 Public Reactions to Data Breaches 44:09 Innovative Cybersecurity Tools 49:07 Evaluating Discount Software Purchases 55:02 Identifying Scams and Phishing Attempts 01:01:00 Password Security and Data Breaches 📩 For links, videos, and the newsletter – head to riskycreative.com 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| "Is Your Brain Wired for Insecurity?" - AJ King on Behavioural Science | 03 Jul 2025 | 01:24:05 | |
This week on The Awareness Angle Interviews… Anthony sits down with AJ King, a UX researcher and behavioural science expert, to explore what it really takes to change security behaviour. Forget check-the-box training and flashy nudges—this episode gets into the messy, human side of behaviour change, why habits are hard to break, and how your gym routine might just explain why people keep clicking phishing links. 🧠 Why People Don’t Remember Training – AJ breaks down the cognitive reasons annual awareness programs often fall flat. 🎯 Nudges Aren’t Enough – We explore why simple prompts can help—but won’t fix—behavioural gaps without deeper engagement. 💪 The Gym Metaphor – Building secure habits is like fitness: it takes consistency, relevance, and personal motivation. 📈 Beyond Compliance – Compliance might drive reporting, but it rarely changes how people actually act. 🔁 Repetition & Real Life – Training sticks when it reflects daily behaviour—not once-a-year reminders. 📣 Speaking Their Language – Why tailoring awareness efforts to people’s lived experience matters more than security buzzwords. 🤝 Behavioural Science Meets UX – AJ shares how user research and human-centred design can elevate your awareness program from frustrating to effective. 💬 Feedback as a Force Multiplier – What users tell you (and what they don’t) can reshape how you teach security. ⚖️ Fear vs. Motivation – We talk about the psychology of risk, and why scaring people isn’t a sustainable strategy. 🔄 Security is a Human System – Tools help, but behaviour drives outcomes. Awareness needs to meet people where they are. If you're trying to move the needle on secure behaviour—not just track who opened the training email—this one's packed with fresh thinking, honest insights, and practical ways to rethink your approach. The Awareness Angle: Interviews is our ongoing series of real, no-fluff conversations with the people reimagining how we approach security, risk, and human behaviour. 🕒 Timestamps 00:00 – Why AJ’s Here: Behaviour and Security01:29 – Why AJ is Ant’s go-to behaviour guy03:06 – What actually *is* human behaviour?05:15 – Why behaviour change isn’t a 5-minute training course09:02 – The problem with “mandatory training”12:09 – Should we focus on personal security instead?14:25 – Does compliance culture harm behaviour change?18:35 – Why annual training is a compliance box, not a solution20:11 – The myth of the nudge silver bullet24:31 – Present bias and procrastinating secure behaviour30:45 – You can’t predict when behaviour will matter32:44 – Engagement is everything: the gym metaphor34:05 – Why nudging alone won’t work for everyone38:06 – What should the function be called – and does it matter?42:46 – Reframing security for leadership48:06 – Using behavioural change to get more support from the top56:05 – Fear vs Reward: What really works?59:01 – Phishing screen colours and peer influence01:03:13 – Simulated phishing: don’t destroy your brand01:08:04 – Be the purple cow – standing out in awareness01:14:11 – Nudges, newsletters, and long-term behaviour change01:18:41 – Book recs: Freakonomics & Very Good Copy01:21:09 – AJ will be back for The Art of Change01:22:45 – Where to find AJ King 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| How Many Lost Laptops Is Too Many? | 07 Jul 2025 | 01:13:49 | |
This week on The Awareness Angle, Anthony Davis and Luke Pettigrew unpack everything from text scams and AI scrapers to school shutdowns and insider threats. It’s a mix of the strange, the serious, and the preventable, plus a few thoughts on whether changing the Blue Screen of Death was really necessary. Episode note - In this episode, we mention that 26,000 public sector devices were lost or stolen. That number isn’t accurate. The real figure is still shocking, with just over 2,000 devices in the past year, according to FOI-based reports. We caught the error before the episode went live, but since we recorded it, we’re calling it out here to keep things straight. Always better to be accurate. 📱 SMS Blasters & Android Security – Low-cost tools are sending out spoofed texts by the thousands. Meanwhile, Android 16 adds cellular warnings—so why doesn’t iPhone 🎥 The Hikvision Ban – Canada pulls the plug on Hikvision over national security concerns. We talk cheap CCTV, surveillance tech, and where other countries stand. 💻 26,000 Lost Devices – UK government departments lost thousands of laptops and phones. We dig into unencrypted risks and the shadow IT no one talks about. 🧠 Cloudflare vs AI Bots – New protections aim to stop AI from scraping websites—but are some tools are already mimicking humans to sneak past? 🎓 University Parking Hack – A former student manipulates grades, parking, and more. It started small… and escalated fast. 🏫 Cyberattacks on Schools – Another UK school forced to close after a ransomware attack. 60% of secondary schools were hit last year—why are they such a soft target? 📲 QR Code Phishing (Quishing) – A new warning on fake parking signs and QR scams. We ask: is it time to fix the mess that is parking apps? 👨💻 Insider Threats – A suspended IT worker wipes systems, costing £200k. A reminder: always revoke access before the fallout. 🖥️ The Death of the Blue Screen – Microsoft ditches the iconic BSOD for a black version. It’s a small change—but raises big questions about user trust and clarity. If you care about human risk, digital culture, and the strange places security slips through, this episode’s got something for you. 🕒 Timestamps 00:00 – Intro: A new intro and newsletter plug 01:30 – AJ King interview highlights 03:26 – SMS Blasters and Google’s Pixel 10 protection 09:27 – Canada bans Hikvision over national security risks 15:04 – 26,000 public sector devices lost or stolen 20:39 – Cloudflare launches AI bot blocker 24:28 – Ex-student hacks university over parking, triggers breach 27:41 – Cornwall school cyberattack and UK education stats 31:13 – £3.5m lost to quishing (QR phishing) 35:20 – IT worker jailed for revenge attack after suspension 38:23 – Microsoft kills the Blue Screen of Death 42:00 – Awareness events: SANS Summit, IASAP, and Huficon 46:01 – Can we teach our mums to spot fake AI videos? 48:06 – IKEA gift card checkout scam warning 50:27 – WHSmith rebrands as TG Jones – phishing vibes 54:07 – Instagram inheritance scam analysed by ChatGPT 57:51 – TikTok strikes vs Meta’s scam filtering 59:15 – AI chatbots recommending phishing links 01:04:09 – CSGO player doxxed via Steam OSINT 01:08:47 – Digital footprints and parenting in a connected world 01:11:16 – Local business cyber day preview 01:12:11 – Weekly wrap-up and final thoughts 📩 For links, videos, and the newsletter – head to riskycreative.com 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Would You Sell Your Password for $920? | 14 Jul 2025 | 01:14:39 | |
This week on The Awareness Angle, Anthony Davis and Luke Pettigrew dive into a week full of sharp turns—from a teen hacker forcing Microsoft to rethink its bounty program, to hackers hijacking a decades-old video game to take control of PCs. Also in the mix: 64 million job seekers exposed by a single password, suspicious Google Ads requests, Instagram flannel cons, and a football kit nod to Bletchley Park. 👾 Youth & Cybercrime – A UK teenager linked to major Microsoft and Nvidia breaches shows why digital ethics education can’t be optional for young, technically skilled individuals. 🎮 Old Games, New RCEs – Hackers exploited multiplayer game engines to gain remote access to PCs. Legacy software can create modern attack surfaces, on and off the clock. 📬 Phishing & Domain Abuse – The .es top-level domain is increasingly used in phishing scams. Help users decode domains and trust signals beyond just the brand name. 🔐 MFA Saves the Day – A spoofed Google Ads request almost succeeded—until MFA stepped in. A real-life reminder that layering defences works. 📄 AI Prompt Injection – Academic PDFs are being weaponised with hidden prompts to influence AI-generated outputs. It’s time to add LLM manipulation to your awareness radar. 📢 Emergency Alerts & Privacy – With government alert tests rolling out, employees with hidden phones (e.g., in domestic abuse cases) face real safety risks. Consider the human layer in crisis comms. 👚 Instagram Scams & Flannel Fraud – Niche cons on social media show how easy it is to mimic small businesses. Don’t forget brand impersonation when training around phishing. 🧑💼 Insider Threat Economics – A CNM insider sold credentials for just $300. Reinforce messaging around ethics, behaviour monitoring, and low-cost high-risk breaches. 🍟 Hiring Platform Data Leak – McDonald's and Paradox AI leaked data on 64M+ applicants—another reminder: third-party vendors aren’t automatically secure. 📊 Security Culture Benchmarks – Tools like KnowBe4’s Human Risk Maturity assessment help awareness pros evaluate where their culture stands and what needs improvement. ⚽ Bonus: Bletchley Park-Inspired Football Kit – What does a football shirt have to do with WWII codebreaking? A surprisingly wholesome win for security storytelling. If you care about where behaviour, tech, and trust intersect, this one’s got it all. 🕒 Timestamps 00:00 Intro: A new intro and newsletter plug 02:53 Cyber Crime Developments: M&S and Co-op Attacks 05:56 Gaming Vulnerabilities: Call of Duty Incident 10:07 Young Innovators: Dylan's Microsoft Teams Hack 12:59 AI Manipulation in Academic Research 16:57 UK Emergency Alert System Testing 20:04 Phishing Trends: The Rise of .es Domains 24:59 Bribery in Cyber Crime: The Brazilian Bank Heist 27:58 Monzo's Fake Address Scandal 31:57 MK Dons Tribute to Bletchley Park 34:02 McDonald's AI Hiring Blunder 36:19 Paradox AI and Data Breach Concerns 37:35 Human Risk Management Insights 42:17 The Importance of Authentic Internal Communication 44:41 Deepfake Technology and Its Implications 49:34 Scams Targeting Consumers: Apple Pay Warning 53:26 Identifying Scams: The Dixon Shirt Fraud 01:00:14 Victor's Near Miss with a Scam 01:11:23 Weekly Wrap-up and Final Thoughts 📩 For links, videos, and the newsletter – head to riskycreative.com 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Marketing Muscle Memory In Cybersecurity | 17 Jul 2025 | 01:09:17 | |
This week on The Awareness Angle Interviews, Anthony chats with Lori Steuart—a cybersecurity marketer with a passion for storytelling, content that resonates, and turning awareness from a box-tick into something people actually care about. From synthesisers to password managers, from yoga habits to ransomware planning, Lori brings a refreshingly human and honest perspective to what makes security communication land—or fall flat. 🔍 Cutting Through the Noise – Why most awareness content gets ignored, and how to make yours stick. 📖 Storytelling, Synths & Security – Lori shares how emotion and context help make complex topics relatable—even when they’re technical. 📣 Content People Want to Read – We talk about why trust beats fear, how to avoid “AI ick,” and why marketing is more about the reader than the writer. 🧠 Security as a Habit – What secure behaviours have in common with piano practice, bike training, and building any real muscle? 👀 Risk in Unexpected Places – Why marketing teams may be one of the riskiest parts of your org—and how to secure them without sounding like the fun police. 🛠️ From Small Teams to Strong Culture – Whether you’re a team of one or ten, Lori offers practical ways to build trust, reinforce secure habits, and communicate clearly (even on bad news days). 💬 A Thousand Seconds a Day – How small nudges and daily context can shape long-term behaviour, without resorting to doom and gloom. If you’re looking to make your security messages more human, memorable, and effective, this one’s packed with perspective, laughs, and plenty of practical takeaways. The Awareness Angle: Interviews is our series of real, candid conversations with the people reshaping security culture from the inside out, released alongside our regular episodes. 🕒 Timestamps 00:00 Introduction and Setting the Stage 03:00 Exploring Cybersecurity Marketing 05:59 The Importance of Authentic Content 08:58 Understanding Demand in Marketing 12:04 The Challenge of Awareness in Cybersecurity 14:56 Building Secure Habits 17:49 The Role of Password Managers 21:01 Ransomware Concerns for Small Businesses 23:56 The Impact of Ransomware on Operations 27:00 Storytelling in Marketing 29:56 Conclusion and Key Takeaways 34:51 Sensing the Unseen: The Art of Repair 36:52 Emotional Intelligence in Cybersecurity 38:54 Building Habits: The Power of Small Steps 40:55 Nudge Theory: Subtle Influences in Cybersecurity Awareness 42:22 Collaborative Content Creation: The Workshop Approach 44:23 The Importance of Feedback in Communication 48:59 AI in Content Creation: A Double-Edged Sword 53:37 Standing Out in a Crowded Market 56:41 Creating Trust Through Positive Engagement 01:02:58 Cross-Department Collaboration for Better Outcomes 📩 For links, videos, and the newsletter – head to riskycreative.com 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Why Was an Elevator Held Hostage by Windows? | 21 Jul 2025 | 01:14:36 | |
This week on The Awareness Angle, Anthony Davis and Luke Pettigrew dive into some of the most unexpected and revealing cyber stories of the week. From job offers to gym selfies to your dog’s microchip, this week’s stories prove no part of daily life is off-limits to cyber risk. 📸 Fitness App Photo Leak – A design flaw exposed thousands of users’ near-nude progress pics. We talk about the risks of default sharing settings and poor privacy design. 🐾 Pet Microchip Scams – Fraudsters are now using fake pet registry emails to phish for personal data. Yes, even your dog’s ID is fair game. 🛗 Windows Update Stalls Elevator – An elevator froze mid-floor during a Windows update. Embedded system risks are more common than you think. 📥 Phishing & New Hires – A new study suggests phishing simulations during onboarding may actually make things worse. We break down the nuance. 🤖 AI Prompt Abuse in Gemini – With the right input, scammers can weaponise AI responses. What does this mean for user trust and LLM safeguards? 🧳 Secret Government Breach – A low-profile government breach forced thousands to relocate. We discuss the hidden human cost of high-stakes incidents. 🧬 Reddit’s Selfie-Based Age Check – Reddit quietly rolled out biometric verification. Where do we draw the line between safety and privacy? 👜 Luxury Brands Breached – Another week, another fashion label hit. It’s a reminder that no amount of prestige protects poor security posture. 📞 The Persistence of Tech Support Scams – Fake warnings and rogue pop-ups are still fooling people. Why are they so effective—and what’s missing from awareness? 💬 Security Is Emotional – We close with a reminder: breaches impact people, not just systems. Awareness programs need empathy, feedback, and real-world context to work. If you’re building awareness programs—or just trying to stay one step ahead—this episode is packed with stories that stick. 🕒 Timestamps 00:00:00 – Intro, newsletter & YouTube plug 00:02:25 – Laurie Steuart interview recap 00:03:34 – Fitify app leaks private user photos 00:09:01 – WeTransfer AI terms backlash 00:14:32 – US National Guard hacked by Salt Typhoon 00:17:42 – Reddit age verification and Online Safety Act 00:25:54 – Pet microchip renewal phishing scam 00:31:33 – Indian police raid tech support scam call centre 00:38:23 – Secret Afghan relocation after data breach 00:44:44 – Louis Vuitton customer data breach 00:48:02 – Keepnet report: new hires more likely to fall for phishing 00:53:20 – Listener email: Boris on scam victim impact 00:58:30 – Chris Stokel-Walker’s anti-phishing placebo post 01:03:03 – Windows update traps user in elevator 01:06:15 – Gemini phishing via AI summary exploit 01:13:09 – Announcement: Ant at SANS Chicago 01:14:06 – Outro and wrap-up 📩 For links, videos, and the newsletter – head to riskycreative.com 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Hackers Asked for a Password... and Got It? | 28 Jul 2025 | 01:14:39 | |
This week on The Awareness Angle, Anthony Davis and Luke Pettigrew dig into everything from dodgy data startups to accidental database wipes by AI tools. Whether it’s passwords, passkeys, or privacy, this episode covers the real-world risks that slip through the cracks of digital life—and what security professionals can learn from them. 🔍 Farnsworth Intelligence & $50 Breach Data – A sketchy startup offers hacked data for pocket change. We unpack the ethical nightmare and what it says about the commodification of stolen info. 🔐 158-Year-Old Business Crushed by a Weak Password – Ransomware took down The Royal Mint’s paper supplier. One reused password triggered a chain reaction of damage. 🧽 Clorox Hit by “Just Asking” – Hackers used basic social engineering to trick staff into sharing passwords. The result? A lawsuit and $49M in damages. 📁 SharePoint Exploits Still Work – Legacy SharePoint systems are being targeted in the wild. We explain why updating your systems is table stakes—not optional. 🧠 Windows 11 Copilot Vision – Microsoft’s AI assistant watches how you work. We look at the privacy implications of system-level activity tracking. 🔑 Passkey Friction & Frustration – They're the future of authentication—but only if users understand them. We break down what’s working, and what’s still broken. 🇬🇧 UK Online Safety Act – New laws now require age verification for adult content in the UK. But what does that mean for privacy and enforcement? 🤖 AI Deletes a Database (Oops) – A dev tool gave one engineer too much power. We talk about guardrails, defaults, and the real risks of AI in production. 👾 Reddit Malware Ads – Malicious ads are sneaking through Reddit’s filters. We discuss the broken reporting flow and why community trust is on the line. 📉 QR Codes That Expire? – Ever scanned a QR code that no longer works? We explain why some codes time out—and what that means for security and UX. 📞 The Netstat Scam – Fake ISP reps use netstat commands to convince victims their connection is “compromised.” Old trick, still effective. 🪪 Fake IDs & Physical Access Risks – It’s not just digital anymore. We explore how low-tech social engineering can breach high-security environments. 🔁 Ring.com Login Confusion – A bug in Ring’s login system left users rattled. It’s a small issue, but a big reminder about user trust and account security. 📣 Bonus: Ant is heading to the SANS Security Awareness Summit in Chicago! Expect livestreams, interviews, and plenty of behind-the-scenes content. 🕒 Timestamps 00:00 Introduction and Overview 02:57 Breach Marketplace: Ethics & Stolen Data 05:53 One Weak Password Crashes 158-Year-Old Firm 09:12 Clorox Breach via Simple Social Engineering 11:57 SharePoint Exploits Still Active in the Wild 15:07 Windows Copilot: Privacy or Overreach? 17:57 Passkeys: Why Users Still Struggle 21:05 UK Age Checks: Safety vs. Privacy 24:01 AI Deletes Database: The Risks of Autopilot 37:44 Replit’s Data Loss Incident 39:11 What Is Vibe Coding? 42:08 Password Management Still a Mess 46:03 Reddit Malware Ads Slip Through 50:11 QR Codes That Expire? UX Meets Security 52:17 Netstat Scam: An Old Trick Returns 55:58 Phishing Emails from Local Councils 01:01:57 Gift Card Scams and Account Takeovers 01:03:23 Fake IDs and Physical Access Risks 01:10:39 Ring.com Login Bug Raises Trust Issues 📩 For links, videos, and the newsletter – head to riskycreative.com 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Magic, Mindset, and Metrics - Harley Sugarman on Rethinking Training | 31 Jul 2025 | 01:01:55 | |
This week on The Awareness Angle: Interviews, Anthony is joined by Harley Sugarman, co-founder of Anagram Security, a company taking a fresh, no-nonsense approach to security awareness. Think short, sharp challenges, real behaviour change, and zero tolerance for checkbox compliance. We talk about why so much training still misses the mark—and how Harley’s background (which involves a surprising early career twist we won’t spoil here) helps him see awareness through a very different lens. 🧯 Smoke, Mirrors & Metrics – “Most training is built to satisfy auditors, not change behaviour.” 📉 Bad Metrics, Bad Decisions – “Completion rates aren’t proof of learning. They’re proof someone clicked play.” 🧠 Nudges, Not Magic – Nudges are useful, but they’re not the main event—and people can smell the white noise. 🧍 Stop Calling People ‘Risks’ – “You can’t build trust while labelling people as the problem.” 📚 The Anagram Origin Story – From puzzle-based security training to bite-sized interactive learning—why they’re doing it differently. 🤖 The AI Bit – Why most “AI-powered training” isn’t as clever as it sounds, and what actually works. 🎩 The Secret Ingredient – Let’s just say Harley’s old job involved a bit of sleight of hand—and it explains a lot about how he thinks about engagement. If you’re tired of awareness that ticks boxes but changes nothing, this one’s packed with ideas, honesty, and a few good laughs. The Awareness Angle: Interviews is our ongoing series of honest, practical conversations with the people reshaping how we think about human risk, behaviour change, and learning that actually works. 🕒 Timestamps 00:00 Intro: Why Security Awareness Still Matters 00:35 How Awareness Training Has Evolved 03:52 Measuring Success: Metrics That Miss the Mark 09:58 Human Risk: What Are We Really Solving For? 15:34 Where AI Fits in Security Awareness 19:11 People Over Systems: A Needed Mindset Shift 25:05 Smarter, Fresher Training Approaches 30:41 What’s Next for Awareness Programs? 32:16 Compliance Isn’t Awareness (But It’s Changing) 34:54 Anagram’s Shift from Training to True Awareness 39:04 Standing Out in a Crowded Awareness Market 40:51 Reframing Human Risk Management 45:27 Real Change Requires behavioural Shifts 46:07 Diverse Paths into Security Awareness 50:34 Buzzwords We Need to Ditch 54:09 Human Risk + Communication = The Real Challenge 📩 For links, videos, and the newsletter – head to riskycreative.com 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Is the UK Online Safety Act Flawed? | 04 Aug 2025 | 01:12:31 | |
This week on The Awareness Angle, Anthony Davis and Luke Pettigrew untangle the week’s biggest cybersecurity themes—from silent data breaches to AI tool mishaps and the slow-moving train of regulatory change. Whether it’s government policies, scam trends, or workplace surveillance, this episode covers the tensions between safety, privacy, and the real-world consequences of overlooked vulnerabilities.🔞 The UK Online Safety Act & Age Verification – Luke breaks down the new age checks for adult content in the UK. Will they work? Will people just use VPNs? We explore the privacy trade-offs, the rise in demand for incognito browsing, and what the law might mean for future content regulation.📈 VPN Usage Spikes – Anthony talks about the broader privacy impact, including a 30% spike in VPN signups, especially among iPhone users. Is this privacy-conscious behaviour—or just workarounds?🚗 Digital Surveillance Creep – From employer device monitoring to always-on productivity tools, we dive into how digital surveillance is quietly creeping into the workplace and public life—and how it's being normalised.🏁 NASCAR & Allianz Breaches – Luke highlights recent major data breaches in both the finance and sports sectors. Allianz Life’s 12-million user exposure shows just how fragile enterprise security postures can be, while NASCAR joins a growing list of entertainment brands hit by attackers.🧠 Phishing Tests Reconsidered – Are traditional phishing tests actually backfiring? We debate whether they build resilience or just resentment—and how security teams can rethink the human risk approach.🖥️ Microsoft Copilot Mode & Surveillance Concerns – Anthony explains how Microsoft’s “Copilot Vision” could log user activity in the name of productivity. We discuss where the line is between helpful automation and invasive oversight.📜 GDPR vs AI Regulation – The conversation shifts to Europe’s privacy regulation legacy. We compare GDPR’s maturity to newer AI regulations and ask whether privacy is still being prioritised as new tech emerges.🧑🎓 Youth & Cyber Literacy – What are schools actually teaching about cybersecurity and digital literacy? We explore the lack of early education on scams, security, and safe digital habits—and why that matters for the next generation.Whether you’re leading security comms, shaping policy, or just trying to stay one step ahead of the next privacy headache—this episode packs practical insights, candid takes, and a few unexpected side quests. 🕒 Timestamps00:00:00 – Intro & studio update 00:03:08 – VPN chaos & Online Safety Act 00:06:05 – Labour’s VPN warning 00:08:57 – Sims beat facial recognition 00:11:10 – Spotify’s age checks 00:12:42 – Funny VPN reel 00:16:08 – YouTube uses AI to guess age 00:17:16 – Google AI search shake-up 00:21:10 – Lovense email leak 00:23:31 – Copilot Mode & privacy 00:27:05 – Allianz breach 00:29:28 – St. Paul ransomware 00:32:53 – NASCAR ransom 00:35:31 – Orange France hack 00:36:42 – QR code TikTok goes viral 00:39:47 – Copilot Vision backlash 00:42:19 – CybSafe SebDB 4.0 00:44:42 – Free maturity model tool 00:48:58 – SANS Summit preview 00:52:53 – Shoutout to Dan Connolly 00:55:08 – Phishing test horror story 01:01:09 – Bin chaos = bad UX 01:04:40 – Bird audio encryption 01:08:58 – Fable Security debut 📩 For links, videos, and the newsletter – head to riskycreative.com 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Is Microsoft Recall Still Saving Your Passwords? | 11 Aug 2025 | 01:09:02 | |
This week on The Awareness Angle, Anthony Davis and Luke Pettigrew dig into everything from privacy holes in the UK’s Online Safety Act to deepfake diet scams and a ransomware payout denied over missing MFA. It’s a mix of policy, people, and pure cyber weirdness you won’t want to miss. 🇬🇧 UK Online Safety Act – New age verification rules put privacy on the line, with overseas firms handling sensitive data, no clear safeguards, and easy VPN workarounds. 🖥️ Microsoft Recall Risks – Despite Microsoft’s reassurances, Recall can still capture passwords, credit card details, and private chats—data that’s stored locally and vulnerable if your device is compromised. 💰 Hamilton’s Insurance Nightmare – A ransomware recovery claim denied because the city hadn’t implemented MFA as required by their cyber policy. 🛡️ Proton Authenticator Launch – Free, privacy-first 2FA app with encryption, cross-device sync, and no ads or tracking. 🛍️ Deepfake Diet Scams – Fake online health stores use AI-generated before/after shots and impersonate real dietitians to push unregulated products. 📞 Google Salesforce Breach – Voice phishing used to gain CRM access, proving social engineering still outpaces many technical controls. 🎧 Pandora Data Breach – Third-party platform compromise exposed customer names and emails—possible link to ShinyHunters. 📱 WhatsApp Scam Takedowns – 6.8M accounts shut down in six months, many tied to organised crime networks in Southeast Asia. 🖥️ Old Tech Risks – From Windows Server 2003 to WEP Wi-Fi, outdated systems are still in active use, posing massive security risks. 📧 Reply-All Apocalypse – The 2016 NHS mass email storm shows how human error can grind operations to a halt. 🕵️♂️ North Korean IT Workers – Thousands of covert contractors using fake IDs to funnel foreign pay back to the DPRK regime. 💬 Community & Social Reactions – From phishing test backlash to TikTok debates, we dive into what people are really saying about security awareness. If you want the week’s big cyber stories distilled into practical takeaways—with a side of eyebrow-raising human behaviour—this one’s got it all. 🕒 Timestamps 00:00:00 – Intro & studio update 00:03:08 – VPN chaos & Online Safety Act 00:06:05 – Labour’s VPN warning 00:08:57 – Sims beat facial recognition 00:11:10 – Spotify’s age checks 00:12:42 – Funny VPN reel 00:16:08 – YouTube uses AI to guess age 00:17:16 – Google AI search shake-up 00:21:10 – Lovense email leak 00:23:31 – Copilot Mode & privacy 00:27:05 – Allianz breach 00:29:28 – St. Paul ransomware 00:32:53 – NASCAR ransom 00:35:31 – Orange France hack 00:36:42 – QR code TikTok goes viral 00:39:47 – Copilot Vision backlash 00:42:19 – CybSafe SebDB 4.0 00:44:42 – Free maturity model tool 00:48:58 – SANS Summit preview 00:52:53 – Shoutout to Dan Connolly 00:55:08 – Phishing test horror story 01:01:09 – Bin chaos = bad UX 01:04:40 – Bird audio encryption 01:08:58 – Fable Security debut 📩 For links, videos, and the newsletter – head to riskycreative.com 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Could Your Webcam Be Spying on You? | 18 Aug 2025 | 00:48:09 | |
This week on The Awareness Angle, Anthony Davis and Luke Pettigrew share their experiences from the SANS Security Awareness Summit, exploring the latest threats, innovative awareness strategies, and the ever-evolving cybersecurity landscape. From vulnerabilities in everyday devices to scams targeting car finance payouts, this episode is packed with lessons for anyone trying to keep people—and their data—safe. 🎨 SANS Summit Insights – Key takeaways from the event for security awareness professionals, including trends, challenges, and the latest thinking in behavior-driven cybersecurity training. 🖥️ Lenovo Webcam Vulnerabilities – Why even seemingly harmless devices can create serious security risks, and what organizations should do to protect themselves. 💰 Car Finance Scams & Pig Butchering – How scammers exploit emerging financial schemes, and practical tips for spotting and preventing fraud. 🔐 Ransomware Risks – Why ransomware remains a top concern for CISOs, and how strong recovery plans are critical for organizational resilience. 🎮 Educational Games in Security Awareness – Exploring innovative approaches to train users and improve engagement with cyber awareness programs. 🛡️ Ad Blockers & Online Safety – The importance of blocking malicious ads and protecting users from hidden threats online. 💾 Farewell to AOL Dial-Up – A nostalgic look at the end of an era and what it reminds us about evolving tech and persistent risks. 📈 Metrics & Behavior Change – Measuring the real-world impact of awareness initiatives and ensuring programs actually improve security behavior. If you want the week’s biggest cyber stories distilled into actionable insights—with a side of human behaviour and tech nostalgia—this episode has it all. 🕒 Timestamps00:00:00 Intro: SANS Security Awareness Summit 00:02:54 Summit Insights: Keynote Takeaways 00:05:54 Why Security Awareness Training Matters 00:07:56 Cybersecurity News: Latest Vulnerabilities & Scams 00:11:56 Browser Security & Ad Blockers 00:15:54 Scams Targeting Car Finance Payouts 00:18:48 Critical Password Vault Vulnerabilities 00:19:52 Cyber Attack Hits French Telecom 00:22:03 Wrap-Up: Final Thoughts 00:22:38 Ransomware: Escalating Threats 00:24:48 The St. Paul Cyber Attack Explained 00:27:56 Common Password Security Myths 00:35:22 Cyber Awareness & Education Strategies 00:38:13 AOL Dial-Up Service Retires 00:42:04 Scam Calendar Invitations: How They Work 📩 For links, videos, and the newsletter – head to riskycreative.com 💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| 700+ Companies Hit by SalesLoft Drift Hack, Are You At Risk? | 08 Sep 2025 | 00:38:14 | |
This week on The Awareness Angle, Anthony Davis and Luke Pettigrew celebrate the 50th episode with community shoutouts, fresh awareness content, and a packed lineup of security stories. From password manager flaws to the first AI-powered ransomware. Whether it’s car dealerships grinding to a halt or deepfakes making truth harder to pin down, this one’s about the evolving risks, and the practical takeaways that matter most. 🎉 50th Episode & Community Updates – We mark the milestone with a shoutout to Liam, our first official member, plus new merch, Discord updates, and free Hoxhunt awareness videos on AI phishing, deepfakes, and messaging scams.Get the Cybersecurity Awareness Month videos here! https://riskycreative.com/en-gbp/pages/cybersecurity-awareness-month 🔑 Password Manager Autofill Flaw – A clickjacking bug in major tools (1Password, Bitwarden, LastPass, NordPass, ProtonPass) lets hidden fields steal your credentials. We explain why you shouldn’t ditch password managers—but why autofill and MFA settings matter more than ever. 🤖 The First AI Ransomware – “PromptLock” uses a local AI model (gpt-oss-20b) to generate its own malicious code on demand. Lightweight, cross-platform, and harder to detect—it’s a glimpse of where AI-driven attacks are heading. 🚗 Jaguar Land Rover Breach – Registrations halted, staff sent home, and Scattered Spider linked to an exploit of SAP NetWeaver. With hackers claiming stolen data but JLR insisting otherwise, we also warn about opportunistic “compensation scam” ads targeting worried customers. 💬 SalesLoft/Drift Breach – Stolen authentication tokens exposed Salesforce integrations at companies like Google, Palo Alto, and Zscaler. We break down what UNC6395 pulled off, why SaaS “shiny tools” can be risky, and the urgent need for token hygiene. 📧 Phishing Campaigns That Work – From “lost puppy” photos to cider raffles and free pizza, Reddit’s favourite phish templates spark a debate: are tricksy simulations effective, or should awareness always tie back to real workplace processes? 🎭 Deepfakes & Denial – Joe Rogan fooled by a fake video, Trump dismissing real footage as AI. We explore the new problem of “liar’s dividend”—where fakes make truth itself harder to defend. 🖼️ Hidden Gemini Prompts in Images – Malicious instructions embedded in pictures, not just text. We ask: when AI gets conflicting commands, what wins? Policies and training will need to catch up fast. This week’s major cyber headlines, decoded into useful takeaways—and sprinkled with moments that make you raise an eyebrow. 🕒 Timestamps00:00 — Introduction & Milestone Celebration 02:57 — Cybersecurity Awareness & Community Engagement 06:00 — Password Manager Vulnerabilities 09:00 — AI Ransomware & the Rise of AI in Cybersecurity 12:01 — Cyber Attacks on Major Corporations 17:20 — Reflections on Cybersecurity Trends 18:37 — Compensation Claims & Data Breaches 22:26 — SalesLoft Drift Breach: Implications & Insights 27:17 — Cyber Awareness & Phishing Campaigns 32:31 — AI, Misinformation & Media Risks 37:41 — Emerging Cybersecurity Threats 📩 For links, videos, and the newsletter – head to riskycreative.com 💬 Check Out This Episode's Discussion Points 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Grok Chatbot Leaks 370,000 Private Conversations | 01 Sep 2025 | 00:44:56 | |
This week on The Awareness Angle, Anthony Davis and Luke Pettigrew come together for a special in-person episode while filming new Cybersecurity Awareness Month videos. From exposed AI chats to insider sabotage, telecom breaches, and Denmark’s bold new deepfake law, the conversation digs into how human behaviour, weak controls, and patchy regulation continue to shape today’s cyber risks. 🤖 AI Data Leaks – Elon Musk’s Grok chatbot exposed over 370,000 private conversations in Google search results due to a flawed share feature. 🍏 Mac Malware Masquerades – A new info-stealer (“Shamos”) tricks users with fake fixes and malvertising, targeting those with admin rights or poor IT support. 🕵️ Insider Sabotage – A developer planted a kill switch in his former employer’s systems, locking out staff after termination and causing massive damage. 📱 Telecom Breach in Belgium – Orange Belgium exposed data of 850,000 customers, raising sim-swapping and phishing risks despite quick containment. 📲 Android Developer Verification – From 2026, only verified developers will be able to distribute apps—even outside Google Play—in a long overdue accountability move. ⚖️ Legal Battles Over Online Safety – 4chan and Kiwi Farms challenge the UK’s Online Safety Act in US courts, arguing it violates First Amendment rights. 📊 The UK Government’s Costly Leak – A hidden-tab spreadsheet exposed Afghan allies’ identities, despite staff being explicitly warned. A breach officials called “the most expensive email ever sent.” 🎭 Denmark’s Deepfake Law – A pioneering amendment gives people copyright control over their likeness and voice—even extending 50 years after death. 📡 Wi-Fi Motion Tracking – Researchers show Wi-Fi signals can map human posture and movement indoors, raising both fascinating applications and surveillance fears. 📧 Email Unsubscribe Hack – A hidden Gmail feature lets users see all active subscriptions and unsubscribe in one place—finally making inbox clean-up easier. Whether you’re building awareness programs, tracking regulations, or just trying to keep up with scam tactics, this in-person episode packs sharp insights and practical takeaways. Note: Apologies for the changes in video brightness/exposure throughout the episode — filming conditions varied during recording. 🕒 Timestamps 00:00 — Introduction & Collaboration Announcement 01:07 — Cybersecurity Awareness Month: Key Topics 01:55 — News Roundup: Breaches & Security Flaws 08:26 — Insider Threats & Malicious Code 11:26 — Telecom Data Breach: User Awareness 13:37 — Android Developer Verification & Security 17:28 — Legal Challenges in Online Safety Regulations 20:34 — Password Breaches & Public Perception 23:55 — Government Data Breach & Accountability 29:45 — Denmark’s Deepfake Legislation 31:18 — Cultural Views on Hackers 33:26 — Wi-Fi Signal Tracking Technology 36:51 — Email Unsubscribe Features & UX 📩 For links, videos, and the newsletter – head to riskycreative.com 💬 Check Out This Episode's Discussion Points 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||
| Your VPN Extension Might Be Watching You Right Now | 25 Aug 2025 | 00:59:05 | |
This week on The Awareness Angle, Anthony Davis and Luke Pettigrew unpack the latest mix of cyber weirdness, policy drama, and awareness lessons—from fake law firm emails dropping malware to pro-Russian hackers playing with dam floodgates. It’s a week of scams, slips, and security culture stories you’ll want to hear.
🍏 Apple vs. UK Backdoors – Reports say the UK quietly dropped its iMessage backdoor push. We look at privacy pressure, government demands, and why the crypto wars never end. 📩 “Noodle-o-file” Infostealer – Malware dressed up as copyright takedown notices. Fake law firms, DLL sideloading, and another reason not to trust scary attachments. 💳 15.8M PayPal Credentials? – A threat actor claims to be selling plaintext logins. Likely infostealer loot, not PayPal itself—but a sharp reminder for MFA and unique passwords. 📊 Workday Breach – Social engineering exposed employee data. We unpack the follow-on risks when attackers weaponise stolen contact lists. 📱 iOS & Android Messaging Security – Could iOS 26 finally encrypt RCS end-to-end? We look at global habits—and why iMessage, WhatsApp, and SMS all carry different risks. 💧 Norway Dam Hack – Pro-Russian attackers briefly hijacked hydropower floodgates. A stark warning on hybrid cyber campaigns hitting critical infrastructure. 🛑 Malicious VPN Extension – “Free VPN.1” hit 100k+ Chrome installs while screenshotting users. How does malware this blatant slip past Chrome’s checks? 🌐 Google Chrome Zero-Day – Google’s AI tool “Big Sleep” spotted a critical V8 flaw. Emergency patches are out for Chrome and Edge—update now. 📒 SANS 2025 Awareness Report – From 1,000+ pros: small teams, social engineering still top risk, AI as an assistant (not replacement), and a rebrand to “Workforce Security & Risk Training.” ⚽ NowTV’s Anti-Piracy Ad – Lag, pop-ups, and missed goals used to mock illegal streams. We explore how entertainment risks mirror security awareness. If you want the week’s biggest cyber stories distilled into actionable insights—with a side of human behaviour and tech nostalgia—this episode has it all. 🕒 Timestamps 00:00:00 — Episode Introduction 00:03:48 — Porn Censorship: Internet Impact 00:07:36 — UK Government Demands Apple Backdoor 00:11:24 — Noodle-o-file: Emerging InfoStealer Threat 00:20:47 — PayPal Credential Dump: Security Risks 00:24:07 — Workday Breach: Social Engineering Tactics 00:26:33 — Potential Messaging Security Upgrades 00:30:41 — The Evolution of Communication Tools 00:32:08 — Cyber Threats to Critical Infrastructure 00:34:30 — VPN Risks and Privacy Concerns 00:39:30 — Google AI’s Role in Cybersecurity 00:41:20 — Key Insights from SANS Security Awareness Report 00:51:19 — Creative Approaches to Cybersecurity Awareness
💬 Check Out This Episode's Discussion Points 📧 hello@riskycreative.com 🔗 riskycreative.com 🎵 Our Intro & Outro Song (© 16! by falling forever) License: https://creativecommons.org/licenses/by/4.0 | |||