Blog Posts Tagged with "Human Factor"
Deceptioneering: Exploring How Humans Are Wired for Deception
September 23, 2017 Added by:Perry Carpenter
No matter how much security technology we purchase, we still face a fundamental security problem: people. They are both our biggest threat and they serve as our last line of defense.
Comments (0)
Do Better Technical Controls Increase People Focused Attacks?
December 16, 2012 Added by:Simon Moffatt
Social engineering can be seen as a more direct approach to exposing real security assets such as passwords, processes, keys and so on. Via subtle manipulation, carefully planned framing and scenario attacks, through to friending and spear phishing, people are increasingly becoming the main target...
Comments (0)
Social Media Security Risks for Small Business
October 21, 2012 Added by:Robert Siciliano
For more than a decade, cyber criminals have launched countless attacks on banks’ online infrastructure, successfully one-upping security professionals and their clients by creating viruses that bypass existing security measures. In response, computer security companies have continuously updated their technologies...
Comments (1)
Social Engineering: What the Heck Was I Doing? Part 1
September 26, 2012 Added by:Will Tarkington
The method I used for this particular tactic was to monitor the conversational rhythm. Then inject into it and take it over allowing me to guide the conversation. The skill set that allows you to walk into a conversation and take it over can’t be understated...
Comments (0)
Clipboards, Confidence, and Information Security
September 17, 2012 Added by:Tripwire Inc
How do you teach paranoia and suspicion? We often hire people because of their willingness to help others, their good communication skills, their ability to be responsive, etc. As we work through securing our humans, we need to strike a balance – trust but verify, assist but not unquestioningly...
Comments (1)
Moving To The Cloud: Internal Business Considerations
July 19, 2012 Added by:Ben Kepes
Corporate IT changes dramatically with a move to the cloud – no longer do people need to spend time racking and stacking servers, patching software and other low level tasks – in the long run organizations will not have email server administrators, desktop software support personnel or systems administrators...
Comments (0)
Security: It’s All About (Human) Networking...
July 15, 2012 Added by:Tripwire Inc
Want to add layers, or change your defense in depth approach? Your Information Systems team is just the beginning. What business unit will you impact? How will they be impacted, and when is the optimum time to do this? Depending on scope, this could even ripple through your business continuity program...
Comments (0)
Myth or Fact? Debunking the Biggest Information Security Myths
June 27, 2012 Added by:Tripwire Inc
Myths have existed throughout history in different cultures and times. The information security industry isn’t excluded from having its own share of myths. So, I got in touch with some European security professionals to share their views on some of the biggest security myths that need busting...
Comments (1)
Request for Information: Social Engineering Using Social Media
June 25, 2012 Added by:Joel Harding
We’ve been saying for years that the human element is the weakest link in cybersecurity. Kevin Mitnick (out of prison now and doing well) was an extremely talented hacker but what set him apart was his research into potential victims and then having the audacity to social engineer them...
Comments (1)
Hallway Con: The Real Reason to Go to Security Conferences
June 04, 2012 Added by:Rafal Los
No matter how much we push to a connected world via digital mediums - the human interaction, the discussion, and the ability to have a deep and meaningful problem-solving session outside the confines of the office is one of the most valuable things you can ever provide for your organization...
Comments (0)
The Biggest Attack Surface is US
May 30, 2012 Added by:Infosec Island Admin
As technologies advance and the human nature side of things continues to allow for strides in security as well as the inevitable setbacks, you will become the ultimate target of the easy score for data that could lead to compromise. After all, what do you think the real persistent threats rely on? Human nature...
Comments (0)
What Good is PCI-DSS?
May 02, 2012 Added by:david barton
Credit card processors have valuable information that bad guys would love to get their hands on. So processors are the Fort Knox of the modern world. When bad guys are motivated, no amount of security can keep them out. Does that mean PCI-DSS standards are worthless?
Comments (9)
Observations on Lack of Research in Social Engineering
April 19, 2012 Added by:Bozidar Spirovski
The attack was performed by multiple phone calls which created contact with multiple targets. Each call was a probing attempt to collect as much information possible. The first and second stage of the attack was aimed at the same targets but with several days delay between stages...
Comments (0)
Building a Better Anonymous: Separating the Philosophical from the Practical
April 18, 2012 Added by:Infosec Island Admin
Boiling it down to a simplistic statement, “Anonymous” - which means “unknown” - cannot at any time ever be considered a movement/group/collective that will never be used as a scapegoat for bad actors. Nor will it ever mean that bad actors will never get into the fold...
Comments (0)
Four Tips for Teaching Your Staff About Social Engineering
April 11, 2012 Added by:Brent Huston
Social engineering, the process of obtaining confidential information through tricking people to do things they should not do; is on the rise. So how can you help your staff recognize social engineering before it’s too late? Here are a few tips...
Comments (0)
Mind Control Security Awareness
April 03, 2012 Added by:Pete Herzog
ISECOM's SmarterSaferBetter seminar teaches you to actively keep on re-filtering. Doing it right by being alerted to prompts is the best way to keep your guard up, because actively filtering your world is truly exhausting. And being tired is when we make security mistakes...
Comments (4)
- If You Don’t Have Visibility, You Don’t Have Security
- Ransomware: Why Hackers Have Taken Aim at City Governments
- 5 Limitations of Network-Centric Security in the Cloud
- 1 Million South Korean Credit Card Records Found Online
- Top Three Cross-Site Scripting Attacks You Need to Know Now
- Arkose Labs Launches Private Bug Bounty Program
- Eight Steps to Migrate Your SIEM
- What Call Center Fraud Can Teach Us about Insider Threats
- Best Practices for Remote Workers’ Endpoint Security
- Cisco Patches Critical Flaw in Vision Dynamic Signage Director