June 04, 2012 Added by:Headlines
Michael Garcia was sentenced by U.S. District Judge Morrison C. England Jr. to 57 months in prison for fraud. Garcia accessed the computer servers of a law firm and an accountant firm without their knowledge or authorization and downloaded the personal information of more than 1,450 clients and employees...
May 31, 2012 Added by:Ben Rothke
In the vernacular of infosec, Tania Head was a type of social engineer. In the book Social Engineering: The Art of Human Hacking, Christopher Hadnagy details how attackers use social engineering to manipulate people into performing actions or divulging information...
May 30, 2012 Added by:Scot Terban
As technologies advance and the human nature side of things continues to allow for strides in security as well as the inevitable setbacks, you will become the ultimate target of the easy score for data that could lead to compromise. After all, what do you think the real persistent threats rely on? Human nature...
May 12, 2012 Added by:Brent Huston
Twitter is downplaying a security breach that exposed tens of thousands of user emails and passwords. The compromised Twitter accounts could have been the result of phishing attacks. Whenever you read about such breaches, it is always a good idea to change your password...
May 08, 2012 Added by:Lee Munson
One of the most used tricks that black hat hackers use during this time of year is to piggyback off of the advertising of big budget movies. There are a lot of ways that you can leverage attacks with this type of advertising and believe me they use all of them...
May 02, 2012 Added by:f8lerror
During many penetration tests the need to social engineer a target may be required. Let’s talk about something that completely relies on the user being conned into following the attackers instructions. The scenario is simple send the user a PDF form and have them submit the form...
May 01, 2012 Added by:Pierluigi Paganini
It is clear that criminal organizations are devoting substantial resources in this sector. An increasing component of organized crime is specializing in this kind of activity characterized by high profits and low risks compared to traditional criminal activities...
April 29, 2012 Added by:Neira Jones
You might not fall for these attacks, but how many members of your family would? How many employees in your organization would, from field staff to C-level execs? Different people will have different thresholds to these attacks. Security education and awareness is key...
April 24, 2012 Added by:Joel Harding
EVERYTHING is compromised. Every web site, every data base, every place that touches the web – I assume this at all times. There is not one among us whose network has not been compromised. The security mantra in the past was “Risk Avoidance”. That is no longer the case...
April 19, 2012 Added by:Bozidar Spirovski
The attack was performed by multiple phone calls which created contact with multiple targets. Each call was a probing attempt to collect as much information possible. The first and second stage of the attack was aimed at the same targets but with several days delay between stages...
April 19, 2012 Added by:f8lerror
We all have come across websites that have the forms that say “contact us” or something similar. What’s the big deal? These forms have been around forever, right? When an employee finally gets the message, they are automatically put at ease, and become trusting of the content...
April 11, 2012 Added by:Brent Huston
Social engineering, the process of obtaining confidential information through tricking people to do things they should not do; is on the rise. So how can you help your staff recognize social engineering before it’s too late? Here are a few tips...
April 05, 2012 Added by:Infosec Island Admin
Social networking sites have created a revolution in connectivity. However, con artists, criminals, and other actors are exploiting this capability for nefarious purposes. There are primarily two tactics used to exploit social networks. In practice, they are often combined...
March 30, 2012 Added by:Robert Siciliano
Vishing occurs when criminals cold-call victims and attempt to persuade them to divulge personal information over the phone. These scammers are generally after credit card numbers and personal identifying information, which can then be used to commit financial theft...
March 29, 2012 Added by:Quintius Walker
When it comes to the vulnerabilities presented by the online aspects of the music industry, the opportunities for penetration tester’s to employ their skills are far and wide. However, they are still for the most part often overlooked. And with great peril...
March 29, 2012 Added by:Headlines
“While businesses are making efforts, all too often they are overlooking the fundamentals which could curb upwards of 90% of online threats to their data. We have a shared responsibility to harden our systems and those of our customers..."
Mass Disclosure of Vulnerabilities in SAP... john niko on 12-09-2013
Join Trend Micro & SecurityWeek in Belle... Shah Alam on 12-06-2013
Looking Beyond "Black Box Testing"... Paul Reed on 12-03-2013