Bluma Janowitz is a social engineer and red team agent. She specializes in what are called red-teaming exercises, which are designed to test an organization’s defenses against malicious hackers. She might try to trick employees into giving up sensitive information over the phone or drop USB drives in places where curious people might put them in their computers. She talks her way into buildings and does discreet Wi-Fi scans, taking photos along the way. These techniques are known as social engineering. Threat actors have been using social engineering as a tool to gain access for decades, and in fact, it remains one of the most potent ones today. Bluma does these exercises to help companies get better at security. That’s because access is everything. If access control is compromised, the consequences can be severe. In this episode of Cybercrime Exposed, Bluma describes two of her engagements. Would you fall for the tricks?
Participants:
Bluma Janowitz, Social Engineering and Red Team Agent
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471
Initial access brokers (IABs) sell access to compromised organizations on underground forums. Here's an analysis looking at whether these offers can be correlated to ransomware attacks.
The disruption of the XSS cybercrime forum and arrest of its administrator in Ukraine in July 2025 has shook Russian-speaking cybercriminal communities to their core and raised questions if the forum can recover.
The Lumma infostealer malware collects highly sensitive data including logins and session tokens. Here's how to conduct a threat hunt leveraging up-to-date tactics, techniques and procedures used by Lumma.
Stay informed with our weekly executive update, sending you the latest news and timely data on the threats, risks, and regulations affecting your organization.