Security Cocktail Hour

This time we’re revisiting our conversation with Luke Canfield and focusing on how drones are becoming a cybersecurity problem.Luke walks through war-flying, drone-mounted Wi-Fi Pineapples, rogue access points, cartel drone operations, prison contraband drops, hybrid warfare, and why most security teams are still thinking too flat. The core takeaway: security exists in three dimensions now, and defenders need to start looking up.Full original episode with Luke Canfield: https://open.spotify.com/episode/18TYWLjiLpqGX995iDmqdL?si=67c757474cc84d33Security Cocktail Hour:https://securitycocktailhour.com

Job scams are getting scary good. We're talking AI deepfakes, fake recruiters, and cryptocurrency traps that are fooling even tech-savvy professionals. In this Security Cocktail Hour holiday special, Joe and Adam break down four of the most dangerous job scams hitting people right now—because nothing says "Happy Holidays" quite like protecting yourself from scammers, right?If you're job hunting (or know someone who is), grab a drink and settle in. We're covering everything from deepfake video interviews to the bizarre world of "lucky order" scams that'll drain your crypto wallet faster than you can say "I got the job!"What You'll Learn:✅ How scammers use real-time deepfake technology to impersonate legitimate recruiters✅ The malware delivery tactics hidden in "competency tests" and coding exercises✅ How to spot fake job postings before sharing personal information✅ The "lucky order" scam that tricks workers into depleting their own accounts00:00 Intro: Job Scams for the Holidays01:08 AI Enhanced Interview Fraud11:26 Packaging and Processing Scams17:23 Mystery Shopper Scam24:30 Gamify/Task Scams28:48 Help Spread Awareness29:40 Wrapup and Happy Holidays30:58 Bonus Bloopers!Key Takeaways:🚩 Red Flag #1: Any job asking for money upfront (deposits, equipment fees, background check fees)🚩 Red Flag #2: Payment exclusively in cryptocurrency for employment🚩 Red Flag #3: Requests for excessive personal information before an interview🚩 Red Flag #4: Downloading special software for interviews or tests🚩 Red Flag #5: "Too good to be true" easy money for simple tasksProtect Yourself:✓ Always verify recruiters through official company websites (not LinkedIn alone)✓ Never give MFA/2FA codes to anyone—even for "deposits"✓ Be wary of video interviews that seem glitchy (could be deepfakes)✓ Research the company independently before sharing personal data✓ Use multi-factor authentication on all financial accounts📧 Subscribe to Our Newsletter: Get exclusive cybersecurity insights, episode updates, and career tips delivered to your inbox every week.👉 https://securitycocktailhour.com/newsletter/🔗 Connect With Us:Website: securitycocktailhour.comLinkedIn: https://www.linkedin.com/company/security-cocktail-hour/Twitter: @SecCocktailHourShare This Episode: Know someone job hunting? Share this video to help protect them from these evolving scams.

In this episode of the Security Cocktail Hour, guest Jatin Mannepalli introduces co-hosts Joe Patti and Adam Roth the high-speed, high stakes world of high frequency trading (HFT) and its many security challenges. The conversation delves into the intricacies of high frequency trading, the stress of incident response, and the importance of redundancy in connectivity. They discuss the evolution of data transmission methods, the challenges of security in trading environments, and the role of custom hardware. The episode also touches on the current job market in cyber security and the necessity of collaboration among firms to enhance security measures.Have you worked in cyber security for trading environments, or HFT's? Tell us about your experience in the comments.The views and opinions expressed in this podcast are solely those of the speaker, Jatin Mannepalli, and do not necessarily reflect the views, positions, or policies of IMC Trading or its affiliates.

Everyone's using AI, including ransomware gangs. Podcast guest Karin Lagziel, Director Cybersecurity at consulting firm Sygnia, gives us the news and her cyber defense strategies for fighting back: With more AI, as well as a focus on fundamentals.In this episode:🔹 The first AI-powered ransomware "Prompt Lock" discovered in the wild 🔹 How Chinese hackers created "Villager" - the AI version of Cobalt Strike 🔹 Why traditional cybersecurity is failing against AI attacks 🔹 How attackers weaponize your own AI against you 🔹 The dark web's "AI as a Service" marketplace 🔹 Real-time deep fakes so realistic they fool security experts 🔹 AI governance frameworks 🔹 Why every organization needs agentic AI for defense 🔹 The future of cybersecurity careers (spoiler: humans aren't going away)Guest info: Karin LagzielLinkedIn: https://www.linkedin.com/in/karinlags/ Sygnia: https://sygnia.coHow are you preparing for AI-enabled cyber attacks? Tell us in the comments. 👇

Ever wondered what that mysterious "WiFi Pineapple" device from hacker movies actually does? Today we're unboxing the Hak5 WiFi Pineapple Mark 7 - the real penetration testing tool that's been featured in countless TV shows and movies!🔥 What We Cover:Complete unboxing of the WiFi Pineapple Mark 7How hackers use this for man-in-the-middle attackWhy you should be worried about fake WiFi hotspotsReal-world scenarios where this could be deployedEthical penetration testing applications⚠️ STAY SAFE: This video is for educational and ethical penetration testing purposes only. Always use these tools responsibly and only on networks you own or have explicit permission to test.For a discussion on these tools and the ethics of using them, listen to Episode 6: https://creators.spotify.com/pod/profile/security-cocktail-hour-po/episodes/Ep--6-Flipper-Zero-and-Other-Totally-Legit-Hacking-Tools-e2bsa4iFor more unboxing videos of hacking and cybersecurity devices, check out this episode:https://creators.spotify.com/pod/profile/security-cocktail-hour-po/episodes/Ep--58-Travel-Router-Unboxing-Dont-Get-Hacked-on-Vacation-e36dgrf#WiFiPineapple #Hak5 #CyberSecurity #PenetrationTesting #Unboxing #InfoSec #EthicalHacking #SecurityCocktailHour

It takes an advanced degree to understand the psychology behind why users hate security controls, so we got someone with two: Dr. Nikki Robinson, DSc Cybersecurity, PhD Human Factors. Nikki joins us to break down the real reasons security implementations fail—and how to fix them.What You'll Learn:🔹Why vulnerability scoring goes wrong (hint: it's not the tech)🔹How to get 99% patching rates through automation🔹The psychology behind user resistance to security controls🔹Why developers say "I can't implement secure code" (and what to do about it)🔹Human factors engineering for cybersecurity practitionersReal-World Insights:♦️From 60% to 99% vulnerability remediation in 6 months♦️Why 600-page security policies guarantee failure♦️The empathy approach to security policy enforcement♦️API sprawl and agentic AI risks keeping security pros awakeDr. Robinson combines IT operations experience with advanced degrees in cybersecurity and human factors psychology. Her research reveals why traditional security approaches create resistance—and practical frameworks that actually work.She also schools us in how to make a tequila sunrise (technique matters!)