Blog Posts Tagged with "Social Engineering"

2e4d1e4bb6b5e2d5901e2ede8065fb24

Why Effective Awareness Training Matters

August 12, 2012 Added by:Brent Hutfless

Training and education are key elements to securing data. The advances in detection and monitoring solutions have placed more capable tools in the security professional’s toolbox, but APT attacks have grown in sophistication and perseverance – often leading to successful attacks and subsequent data loss...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Yourikan Claims Ninety-One Iranian Websites Hacked

August 07, 2012 Added by:Headlines

Pro-Israeli hacker Yourikan (you-r!-k@n) is claiming to have hacked and defaced as many as ninety-one Iranian websites including government, education and business targets in protest of Iran's continued pursuit of nuclear weapons and support for terrorist activities targeting Israel...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

On Security Awareness Training

August 05, 2012 Added by:PCI Guru

Security awareness training has its place, but it is not a silver bullet. The world is full of risks and a security professional’s job is to minimize those risks and manage the remaining residual risk. This is why security is done in layers, so that when people make that mistake you minimize the impact...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Facebook, the Poisoned Network: 83 Million Questionable Profiles

August 03, 2012 Added by:Pierluigi Paganini

There are bots creating a significant number of fake profiles, which are managed by machines capable of interacting with each other and with real users, thus changing the "sentiment" and "conversation" on a large-scale, as well as altering the social graph to preclude meaningful correlations of data...

Comments  (2)

D13f77e036666dbd8f93bf5895f47703

Cyber Criminals Prey on Worried Parents

August 02, 2012 Added by:Theresa Payton

Cyberthieves are trolling the internet for information and with a convincing phone call trying to trick parents out of thousands of dollars. It sounds like this scam would be easy to spot but it’s so scary, so emotional, and happens so often even Western Union employees are trained to ask questions...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Mahdi Campaign and Cyber Espionage in the Middle East

July 19, 2012 Added by:Pierluigi Paganini

The Mahdi attack is based on two well known techniques used to deliver malicious payloads, and the huge quantity of data collected reveals the real targets of the operation are government agencies, critical infrastructure engineering firms and financial houses...

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

AttacksTargeting Activists Uses Blackshades Trojan

July 16, 2012 Added by:Electronic Frontier Foundation

A new campaign using Blackshades Remote Controller has been discovered via a message sent from a compromised Skype account. This malware gives an attacker the ability to execute arbitrary code on the infected computer. There is no guarantee that the attacker has not installed additional malicious software...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Harvesting Credentials with the Social Engineering Toolkit

July 09, 2012 Added by:Dan Dieterle

The Social Engineering Toolkit included with Backtrack 5 is a great way for penetration testers to see how well their network and users would stand up to Social Engineering attacks. In this tutorial I will demonstrate how SET can be used to set up a realistic looking website to harvest e-mail usernames and passwords...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

Georgia Man Convicted for Role in Phishing Operation

July 03, 2012 Added by:Headlines

Osarhieme Uyi Obaygbona, 32, of Atlanta, Georgia, was convicted last week of conspiracy to commit wire fraud, conspiracy to commit identity theft, and conspiracy to gain unauthorized access to protected computers. Phishing attacks use fraudulent web pages that mimic the legitimate web pages...

Comments  (0)

71d85bb5d111973cb65dfee3d2a7e6c9

How Fast Can Your Password Be Cracked? Instantly...

July 02, 2012 Added by:f8lerror

Instantly with a JavaScript keylogger. In this brief tutorial, we show you how we can use the Metasploit JavaScript Keylogger auxiliary module in a penetration testing phishing campaign or user awareness training. This is intended for informational and/or educational purposes only...

Comments  (0)

94ae16c30d35ee7345f3235dfb11113c

Request for Information: Social Engineering Using Social Media

June 25, 2012 Added by:Joel Harding

We’ve been saying for years that the human element is the weakest link in cybersecurity. Kevin Mitnick (out of prison now and doing well) was an extremely talented hacker but what set him apart was his research into potential victims and then having the audacity to social engineer them...

Comments  (1)

37d5f81e2277051bc17116221040d51c

Mobiles and Phishing – Why They're More Dangerous

June 14, 2012 Added by:Robert Siciliano

SMiShing is a version of phishing in which scammers send text messages. The best protection from this scam is awareness. Once you understand how it works, you are better positioned to recognize mobile phishing, and how to avoid clicking links within emails or text messages and otherwise responding to such ruses...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Analysis of Passwords Dumped from LinkedIn

June 11, 2012 Added by:Dan Dieterle

People put a lot of personal information on LinkedIn - their education and job experience, along with the groups that they belong to - treasure trove of information to Social Engineers. Of all the online social sites, LinkedIn users should really choose a long complex password to secure their account...

Comments  (0)

54b393d8c5ad38d03c46d060fa365773

LinkedIn Breach Part II: What You Need to Prepare for Next

June 09, 2012 Added by:Jason Clark

The LinkedIn breach made headlines, but I want to go deeper and provide practical advice for organizations on how they can anticipate DLP consequences and tighten network security. You need a strategy to protect against attack scenarios. Here’s a seven-step check list for mitigating your risk...

Comments  (4)

54b393d8c5ad38d03c46d060fa365773

How and Why to Alert Your Employees of the LinkedIn Breach

June 07, 2012 Added by:Jason Clark

Cyber security teams should send out an employee alert explaining why LinkedIn passwords need to be changed and best practices for doing so. You may not have direct IT control over individual LinkedIn accounts, but your communication may alleviate social engineering attacks on employees and your network...

Comments  (0)

F29746c6cb299c1755e4087e6126a816

Should You Be Worried About the LinkedIn Breach?

June 06, 2012 Added by:Kelly Colgan

People who rely on LinkedIn for professional networking keep a wealth of information stored on their profile pages. With news of a possible data breach exposing 6.5 million user passwords, LinkedIn users need to take steps to protect their personal data. Here are five tips we recommend you follow...

Comments  (3)

Page « < 1 - 2 - 3 - 4 - 5 > »