Blog Posts Tagged with "Social Engineering"


LinkedIn Breach Part II: What You Need to Prepare for Next

June 09, 2012 Added by:Jason Clark

The LinkedIn breach made headlines, but I want to go deeper and provide practical advice for organizations on how they can anticipate DLP consequences and tighten network security. You need a strategy to protect against attack scenarios. Here’s a seven-step check list for mitigating your risk...

Comments  (4)


How and Why to Alert Your Employees of the LinkedIn Breach

June 07, 2012 Added by:Jason Clark

Cyber security teams should send out an employee alert explaining why LinkedIn passwords need to be changed and best practices for doing so. You may not have direct IT control over individual LinkedIn accounts, but your communication may alleviate social engineering attacks on employees and your network...

Comments  (0)


Should You Be Worried About the LinkedIn Breach?

June 06, 2012 Added by:Kelly Colgan

People who rely on LinkedIn for professional networking keep a wealth of information stored on their profile pages. With news of a possible data breach exposing 6.5 million user passwords, LinkedIn users need to take steps to protect their personal data. Here are five tips we recommend you follow...

Comments  (3)


Social Engineering: A True Story of Incredible Deception

May 31, 2012 Added by:Ben Rothke

In the vernacular of infosec, Tania Head was a type of social engineer. In the book Social Engineering: The Art of Human Hacking, Christopher Hadnagy details how attackers use social engineering to manipulate people into performing actions or divulging information...

Comments  (0)


Zeus Malware Targeting Facebook, Gmail and Yahoo Users

May 16, 2012 Added by:Headlines

"We've recently discovered a series of attacks being carried out by a P2P variant of the Zeus platform against some of the internet’s leading online services... The attacks are targeting users of Facebook, Google Mail, Hotmail and Yahoo – offering rebates and new security measures..."

Comments  (0)


Skype Malware Campaign Spreading Poison Ivy Trojan

May 16, 2012 Added by:Headlines

Malware researcher Dancho Danchev is reporting a widespread social engineering campaign on Skype that is spreading a variant of the Poison Ivy Trojan. Less than half of the 42 commercial antivirus solutions surveyed are able to detect the Trojan's signature...

Comments  (0)


It's Summer Blockbuster Season Again - Time to get Prepared

May 08, 2012 Added by:Lee Munson

One of the most used tricks that black hat hackers use during this time of year is to piggyback off of the advertising of big budget movies. There are a lot of ways that you can leverage attacks with this type of advertising and believe me they use all of them...

Comments  (0)


Busting the Ten Biggest Computer Security Myths

May 08, 2012 Added by:Headlines

While some of the myths addressed may seem to be common sense issues, they also represent widespread misconceptions that continue to be pervasive in the information technology world today, so a reminder that these notions are bunk seems in order...

Comments  (1)


Phishing with PDF's and Why it Works

May 02, 2012 Added by:f8lerror

During many penetration tests the need to social engineer a target may be required. Let’s talk about something that completely relies on the user being conned into following the attackers instructions. The scenario is simple send the user a PDF form and have them submit the form...

Comments  (0)


Five Steps to a Successful Social Attack

April 29, 2012 Added by:Neira Jones

You might not fall for these attacks, but how many members of your family would? How many employees in your organization would, from field staff to C-level execs? Different people will have different thresholds to these attacks. Security education and awareness is key...

Comments  (0)


Social Media Security 101

April 24, 2012 Added by:Joel Harding

EVERYTHING is compromised. Every web site, every data base, every place that touches the web – I assume this at all times. There is not one among us whose network has not been compromised. The security mantra in the past was “Risk Avoidance”. That is no longer the case...

Comments  (0)


ICS-CERT: Social Engineering and SCADA Security

April 24, 2012 Added by:Infosec Island Admin

Social engineering attempts can be highly targeted and conducted in a way that is much more difficult to detect than the spam and phishing emails we receive in our inbox. Phone-based social engineering attempts were recently experienced at two or more power distribution companies...

Comments  (0)


Fake LinkedIn Notifications Serving Up Malware

April 20, 2012 Added by:Headlines

Researchers are reporting bogus LinkedIn notifications that lead users to malware. The spoofed notifications look legitimate, sporting the LinkedIn logo and a format familiar to members of the business networking platform, making the operation difficult to detect...

Comments  (0)


Observations on Lack of Research in Social Engineering

April 19, 2012 Added by:Bozidar Spirovski

The attack was performed by multiple phone calls which created contact with multiple targets. Each call was a probing attempt to collect as much information possible. The first and second stage of the attack was aimed at the same targets but with several days delay between stages...

Comments  (0)


Four Tips for Teaching Your Staff About Social Engineering

April 11, 2012 Added by:Brent Huston

Social engineering, the process of obtaining confidential information through tricking people to do things they should not do; is on the rise. So how can you help your staff recognize social engineering before it’s too late? Here are a few tips...

Comments  (0)


Social Media vs. Old School

April 11, 2012 Added by:Joel Harding

As I’ve stumbled through the discovery process of social media I have also uncovered a myriad of problems. I got a phone call from a great friend in the Pentagon warning me that someone was posing as a PSYOP senior and trying to make contacts through LinkedIn...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »
Most Liked