Social Engineering
Georgia Man Convicted for Role in Phishing Operation
July 03, 2012 Added by:Headlines
Osarhieme Uyi Obaygbona, 32, of Atlanta, Georgia, was convicted last week of conspiracy to commit wire fraud, conspiracy to commit identity theft, and conspiracy to gain unauthorized access to protected computers. Phishing attacks use fraudulent web pages that mimic the legitimate web pages...
Comments (0)
Request for Information: Social Engineering Using Social Media
June 25, 2012 Added by:Joel Harding
We’ve been saying for years that the human element is the weakest link in cybersecurity. Kevin Mitnick (out of prison now and doing well) was an extremely talented hacker but what set him apart was his research into potential victims and then having the audacity to social engineer them...
Comments (1)
Not So Tweet and Innocent: Social Networking Security Webinar
June 19, 2012 Added by:Kelly Colgan
In conjunction with the National PTA Convention, Tim Woda will present about the specific risks plaguing parents and ways to mitigate their concerns. Matt Cullina will unveil findings from a Harris Interactive survey of parents about their child’s social networking habits and what issues cause them the most fear...
Comments (0)
Mobiles and Phishing – Why They're More Dangerous
June 14, 2012 Added by:Robert Siciliano
SMiShing is a version of phishing in which scammers send text messages. The best protection from this scam is awareness. Once you understand how it works, you are better positioned to recognize mobile phishing, and how to avoid clicking links within emails or text messages and otherwise responding to such ruses...
Comments (0)
How and Why to Alert Your Employees of the LinkedIn Breach
June 07, 2012 Added by:Jason Clark
Cyber security teams should send out an employee alert explaining why LinkedIn passwords need to be changed and best practices for doing so. You may not have direct IT control over individual LinkedIn accounts, but your communication may alleviate social engineering attacks on employees and your network...
Comments (0)
Man Sentenced to Almost Five Years in Prison for Identity Theft
June 04, 2012 Added by:Headlines
Michael Garcia was sentenced by U.S. District Judge Morrison C. England Jr. to 57 months in prison for fraud. Garcia accessed the computer servers of a law firm and an accountant firm without their knowledge or authorization and downloaded the personal information of more than 1,450 clients and employees...
Comments (0)
Social Engineering: A True Story of Incredible Deception
May 31, 2012 Added by:Ben Rothke
In the vernacular of infosec, Tania Head was a type of social engineer. In the book Social Engineering: The Art of Human Hacking, Christopher Hadnagy details how attackers use social engineering to manipulate people into performing actions or divulging information...
Comments (0)
The Biggest Attack Surface is US
May 30, 2012 Added by:Scot Terban
As technologies advance and the human nature side of things continues to allow for strides in security as well as the inevitable setbacks, you will become the ultimate target of the easy score for data that could lead to compromise. After all, what do you think the real persistent threats rely on? Human nature...
Comments (0)
Twitter Hack! Five Ways to Avoid Being a Victim of Phishing
May 12, 2012 Added by:Brent Huston
Twitter is downplaying a security breach that exposed tens of thousands of user emails and passwords. The compromised Twitter accounts could have been the result of phishing attacks. Whenever you read about such breaches, it is always a good idea to change your password...
Comments (0)
It's Summer Blockbuster Season Again - Time to get Prepared
May 08, 2012 Added by:Lee Munson
One of the most used tricks that black hat hackers use during this time of year is to piggyback off of the advertising of big budget movies. There are a lot of ways that you can leverage attacks with this type of advertising and believe me they use all of them...
Comments (0)
Phishing with PDF's and Why it Works
May 02, 2012 Added by:f8lerror
During many penetration tests the need to social engineer a target may be required. Let’s talk about something that completely relies on the user being conned into following the attackers instructions. The scenario is simple send the user a PDF form and have them submit the form...
Comments (0)
On the Growth of Identity Theft
May 01, 2012 Added by:Pierluigi Paganini
It is clear that criminal organizations are devoting substantial resources in this sector. An increasing component of organized crime is specializing in this kind of activity characterized by high profits and low risks compared to traditional criminal activities...
Comments (2)
Five Steps to a Successful Social Attack
April 29, 2012 Added by:Neira Jones
You might not fall for these attacks, but how many members of your family would? How many employees in your organization would, from field staff to C-level execs? Different people will have different thresholds to these attacks. Security education and awareness is key...
Comments (0)
Social Media Security 101
April 24, 2012 Added by:Joel Harding
EVERYTHING is compromised. Every web site, every data base, every place that touches the web – I assume this at all times. There is not one among us whose network has not been compromised. The security mantra in the past was “Risk Avoidance”. That is no longer the case...
Comments (0)
Observations on Lack of Research in Social Engineering
April 19, 2012 Added by:Bozidar Spirovski
The attack was performed by multiple phone calls which created contact with multiple targets. Each call was a probing attempt to collect as much information possible. The first and second stage of the attack was aimed at the same targets but with several days delay between stages...
Comments (0)
Using a Website’s Contact Us Form to Create a Phishing Attack
April 19, 2012 Added by:f8lerror
We all have come across websites that have the forms that say “contact us” or something similar. What’s the big deal? These forms have been around forever, right? When an employee finally gets the message, they are automatically put at ease, and become trusting of the content...
Comments (0)
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
- The Emperor Is Naked!
- Infographic: Keeping Web Applications Safe
- Do You Have a Vendor Security Check List? You Should!