Search:

Items Tagged with "Social Engineering"


369dec31d888693bba6b6e0f39c14ce3

The Importance of Sample Size in Social Engineering Tests

January 16, 2013 Added by:Matt Neely

Information security has a problem. We make far too many decisions without having reliable data to assist in our decision making process. Because of this, far too many information security professionals use what I call Gut 1.0 to make decisions based on gut feel...

Comments  (0)

65c1700fde3e9a94cc060a7e3777287c

Do Better Technical Controls Increase People Focused Attacks?

December 16, 2012 Added by:Simon Moffatt

Social engineering can be seen as a more direct approach to exposing real security assets such as passwords, processes, keys and so on. Via subtle manipulation, carefully planned framing and scenario attacks, through to friending and spear phishing, people are increasingly becoming the main target...

Comments  (0)

E6fba550184963cb20ac46502a1fa1ee

Reflected Glory: Revealing one of my self-created social engineering tricks

December 11, 2012 Added by:Will Tarkington

What is reflected glory? To do this trick you need someone with a high social status that you can be associated with. It doesn’t have to be a close association just one that is known. You then simply state with authority your own opinion once the relationship has been recently established...

Comments  (0)

E6fba550184963cb20ac46502a1fa1ee

The Female Social Lever

November 16, 2012 Added by:Will Tarkington

In my ongoing expose on Social Engineering techniques I bring to you one of my favorites I call “The Female Social Lever.” A technique that takes advantage of social geometry and complex female group hierarchy. For this example we are going to use a party because it is where I developed this particular technique...

Comments  (0)

01ceb9281b3fb3dbb90c3efbe327717e

False Flag Phishing

November 15, 2012 Added by:Alan Woodward

There is a form of phishing becoming more common on Twitter that is likely to fool even the most suspicious of users. I very nearly fell for it myself. What stopped me? Unlike me, the person who purportedly sent me the message doesn’t make the sort of spelling mistakes that were in the message...

Comments  (0)

888605c6c25c19e41bbbb986ea6d43c1

You Believe It Because "I" Wrote It

November 14, 2012 Added by:Jim Palazzolo

Besides sheer entertainment, my objective is to practice my ability to create deception. It has been my observation that security personnel must be able to spot deception. Whether it’s covert channels or fake ID’s, deception is a very powerful tool that can be used both offensively and defensive...

Comments  (0)

E6fba550184963cb20ac46502a1fa1ee

I lost my theory of mind… or Where my mind at?

November 13, 2012 Added by:Will Tarkington

Without the theory of mind everything that social engineers do or attempt to do would fail. The theory of mind is basically one’s ability to differentiate perspectives. From perspective comes intention, from intention comes reaction, and from reaction comes reward (or failure)...

Comments  (1)

Bd07d58f0d31d48d3764821d109bf165

Have You Added Personas to your Incident Response Program?

October 23, 2012 Added by:Tripwire Inc

For any activity you do, it’s important not just to measure how well the organization did in a stress test situation, but to evaluate where your opportunities for improvement are. In my experience, personas are a great way to communicate a rich context very quickly once they are introduced...

Comments  (0)

B29000a16fad936906bbf3996fd7a593

Are You What You Tweet?

October 09, 2012 Added by:Online Privacy Foundation

The Online Privacy Foundation (OPF) encourages people to get online and consider all the great things social networking sites could do for them. But the evidence is growing that we need to think harder about how we share information online and question how that information is used...

Comments  (0)

E6fba550184963cb20ac46502a1fa1ee

Social Engineering: What the Heck Was I Doing? Part 1

September 26, 2012 Added by:Will Tarkington

The method I used for this particular tactic was to monitor the conversational rhythm. Then inject into it and take it over allowing me to guide the conversation. The skill set that allows you to walk into a conversation and take it over can’t be understated...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Clipboards, Confidence, and Information Security

September 17, 2012 Added by:Tripwire Inc

How do you teach paranoia and suspicion? We often hire people because of their willingness to help others, their good communication skills, their ability to be responsive, etc. As we work through securing our humans, we need to strike a balance – trust but verify, assist but not unquestioningly...

Comments  (1)

44fa7dab2a22dc03b6a1de4a35b7834a

As BYOD Trend Grows So Do Malware Attacks

September 06, 2012 Added by:Bill Gerneglia

The report found that the majority of employee’s devices did not have any form of security software loaded nor were company materials protected. The new report provides detailed assessments of the mobile security threat and the growing market for security solutions...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Cyberheists: Biggest Threat Facing American Businesses

August 28, 2012 Added by:Ben Rothke

It is no myth that there is plenty of money and digital assets on networks worldwide. Those that want to secure those assets need to safeguard them. This book is written specifically for smaller to medium size businesses that often lack the staff and budget necessary to ensure effective information security...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Misinformation and Manipulation in the Age of Social Media

August 21, 2012 Added by:Ben Rothke

Terms such as revolutionary, and groundbreaking are often used in reference to the web and social media. The web and social media have also been so for scammers, thieves, liars, manipulators, and the like who use social media in a big way. To avoid being caught in their lair, it is imperative to know the risks...

Comments  (1)

Ee5e595fc2be8a24327ce7cefe0f7b2c

To Tweet, or Not to Tweet, That is the Question...

August 19, 2012 Added by:Christopher Laing

Activities that threaten your business are the downloading and opening of attachments and Internet files that contain malicious software, and the electronic delivery/distribution of business sensitive information without encryption. This may done either accidentally or deliberately by a disgruntled employee...

Comments  (1)

Bd07d58f0d31d48d3764821d109bf165

Open Source Security Tools You Could Be Using

August 17, 2012

Jeff Bardin, a Principal at Treadstone 71 LLC, shared a variety of open source tools that businesses and consumers can use can for “espionage, competitive intelligence, and intellectual property” purposes. Check out this video to find out more about these tools and what they can do...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »


Popular Topics
Access Control  Anonymous  Application Security  Attacks  Authentication  Best Practices  China  Cloud Computing  Cloud Security  Compliance  Cyber Crime  Cyber Security  Cyber Warfare  Cyberwar  Data Loss  Data Loss Prevention  Denial of Service  Employees  Encryption  Enterprise Security  Espionage  Exploits  FBI  Government  Hacking  Hacktivist  Headlines  ICS  ICS-CERT  Identity Theft  Industrial Control Systems  Information Security  Information Technology  Infosec  Infrastructure  Law Enforcement  Legal  Managed Services  Management  Military  Mobile Devices  National Security  Network Security  PCI DSS  Passwords  Penetration Testing  Policies and Procedures  Policy  Privacy  Regulation  Risk Management  SCADA  Security  Security Audits  Security Awareness  Security Strategies  Social Engineering  Social Media  Stuxnet  Tools  Training  Vulnerabilities  breach  breaches  fraud  hackers  internet  malware  report  vendors