Blog Posts Tagged with "Human Factor"
December 16, 2012 Added by:Simon Moffatt
Social engineering can be seen as a more direct approach to exposing real security assets such as passwords, processes, keys and so on. Via subtle manipulation, carefully planned framing and scenario attacks, through to friending and spear phishing, people are increasingly becoming the main target...
October 21, 2012 Added by:Robert Siciliano
For more than a decade, cyber criminals have launched countless attacks on banks’ online infrastructure, successfully one-upping security professionals and their clients by creating viruses that bypass existing security measures. In response, computer security companies have continuously updated their technologies...
September 26, 2012 Added by:Will Tarkington
The method I used for this particular tactic was to monitor the conversational rhythm. Then inject into it and take it over allowing me to guide the conversation. The skill set that allows you to walk into a conversation and take it over can’t be understated...
September 17, 2012 Added by:Tripwire Inc
How do you teach paranoia and suspicion? We often hire people because of their willingness to help others, their good communication skills, their ability to be responsive, etc. As we work through securing our humans, we need to strike a balance – trust but verify, assist but not unquestioningly...
July 19, 2012 Added by:Ben Kepes
Corporate IT changes dramatically with a move to the cloud – no longer do people need to spend time racking and stacking servers, patching software and other low level tasks – in the long run organizations will not have email server administrators, desktop software support personnel or systems administrators...
July 15, 2012 Added by:Tripwire Inc
Want to add layers, or change your defense in depth approach? Your Information Systems team is just the beginning. What business unit will you impact? How will they be impacted, and when is the optimum time to do this? Depending on scope, this could even ripple through your business continuity program...
June 27, 2012 Added by:Tripwire Inc
Myths have existed throughout history in different cultures and times. The information security industry isn’t excluded from having its own share of myths. So, I got in touch with some European security professionals to share their views on some of the biggest security myths that need busting...
June 25, 2012 Added by:Joel Harding
We’ve been saying for years that the human element is the weakest link in cybersecurity. Kevin Mitnick (out of prison now and doing well) was an extremely talented hacker but what set him apart was his research into potential victims and then having the audacity to social engineer them...
June 04, 2012 Added by:Rafal Los
No matter how much we push to a connected world via digital mediums - the human interaction, the discussion, and the ability to have a deep and meaningful problem-solving session outside the confines of the office is one of the most valuable things you can ever provide for your organization...
May 30, 2012 Added by:Infosec Island Admin
As technologies advance and the human nature side of things continues to allow for strides in security as well as the inevitable setbacks, you will become the ultimate target of the easy score for data that could lead to compromise. After all, what do you think the real persistent threats rely on? Human nature...
May 02, 2012 Added by:david barton
Credit card processors have valuable information that bad guys would love to get their hands on. So processors are the Fort Knox of the modern world. When bad guys are motivated, no amount of security can keep them out. Does that mean PCI-DSS standards are worthless?
April 19, 2012 Added by:Bozidar Spirovski
The attack was performed by multiple phone calls which created contact with multiple targets. Each call was a probing attempt to collect as much information possible. The first and second stage of the attack was aimed at the same targets but with several days delay between stages...
April 18, 2012 Added by:Infosec Island Admin
Boiling it down to a simplistic statement, “Anonymous” - which means “unknown” - cannot at any time ever be considered a movement/group/collective that will never be used as a scapegoat for bad actors. Nor will it ever mean that bad actors will never get into the fold...
April 11, 2012 Added by:Brent Huston
Social engineering, the process of obtaining confidential information through tricking people to do things they should not do; is on the rise. So how can you help your staff recognize social engineering before it’s too late? Here are a few tips...
April 03, 2012 Added by:Pete Herzog
ISECOM's SmarterSaferBetter seminar teaches you to actively keep on re-filtering. Doing it right by being alerted to prompts is the best way to keep your guard up, because actively filtering your world is truly exhausting. And being tired is when we make security mistakes...
March 20, 2012 Added by:Ben Rothke
Liars and Outliers is an absolutely fascinating and groundbreaking book. In this election year where the candidates attempt to make sweeping simplistic promises to fix complex problems, Schneier simply answers that in our complex society, there are no simple answers...
ENISA Report on Network Information Security... Iren Vonnie on 02-27-2015
The Danger of Mixing Cyber Espionage with Cy... leijon 19 on 02-27-2015
Old School On-Target NBNS Spoofing... carson Perry on 02-27-2015