Blog Posts Tagged with "Social Engineering"
Social Engineering: A True Story of Incredible Deception
May 31, 2012 Added by:Ben Rothke
In the vernacular of infosec, Tania Head was a type of social engineer. In the book Social Engineering: The Art of Human Hacking, Christopher Hadnagy details how attackers use social engineering to manipulate people into performing actions or divulging information...
Comments (0)
Zeus Malware Targeting Facebook, Gmail and Yahoo Users
May 16, 2012 Added by:Headlines
"We've recently discovered a series of attacks being carried out by a P2P variant of the Zeus platform against some of the internet’s leading online services... The attacks are targeting users of Facebook, Google Mail, Hotmail and Yahoo – offering rebates and new security measures..."
Comments (0)
Skype Malware Campaign Spreading Poison Ivy Trojan
May 16, 2012 Added by:Headlines
Malware researcher Dancho Danchev is reporting a widespread social engineering campaign on Skype that is spreading a variant of the Poison Ivy Trojan. Less than half of the 42 commercial antivirus solutions surveyed are able to detect the Trojan's signature...
Comments (0)
It's Summer Blockbuster Season Again - Time to get Prepared
May 08, 2012 Added by:Lee Munson
One of the most used tricks that black hat hackers use during this time of year is to piggyback off of the advertising of big budget movies. There are a lot of ways that you can leverage attacks with this type of advertising and believe me they use all of them...
Comments (0)
Busting the Ten Biggest Computer Security Myths
May 08, 2012 Added by:Headlines
While some of the myths addressed may seem to be common sense issues, they also represent widespread misconceptions that continue to be pervasive in the information technology world today, so a reminder that these notions are bunk seems in order...
Comments (1)
Phishing with PDF's and Why it Works
May 02, 2012 Added by:f8lerror
During many penetration tests the need to social engineer a target may be required. Let’s talk about something that completely relies on the user being conned into following the attackers instructions. The scenario is simple send the user a PDF form and have them submit the form...
Comments (0)
Five Steps to a Successful Social Attack
April 29, 2012 Added by:Neira Jones
You might not fall for these attacks, but how many members of your family would? How many employees in your organization would, from field staff to C-level execs? Different people will have different thresholds to these attacks. Security education and awareness is key...
Comments (0)
Social Media Security 101
April 24, 2012 Added by:Joel Harding
EVERYTHING is compromised. Every web site, every data base, every place that touches the web – I assume this at all times. There is not one among us whose network has not been compromised. The security mantra in the past was “Risk Avoidance”. That is no longer the case...
Comments (0)
ICS-CERT: Social Engineering and SCADA Security
April 24, 2012 Added by:Infosec Island Admin
Social engineering attempts can be highly targeted and conducted in a way that is much more difficult to detect than the spam and phishing emails we receive in our inbox. Phone-based social engineering attempts were recently experienced at two or more power distribution companies...
Comments (0)
Fake LinkedIn Notifications Serving Up Malware
April 20, 2012 Added by:Headlines
Researchers are reporting bogus LinkedIn notifications that lead users to malware. The spoofed notifications look legitimate, sporting the LinkedIn logo and a format familiar to members of the business networking platform, making the operation difficult to detect...
Comments (0)
Observations on Lack of Research in Social Engineering
April 19, 2012 Added by:Bozidar Spirovski
The attack was performed by multiple phone calls which created contact with multiple targets. Each call was a probing attempt to collect as much information possible. The first and second stage of the attack was aimed at the same targets but with several days delay between stages...
Comments (0)
Four Tips for Teaching Your Staff About Social Engineering
April 11, 2012 Added by:Brent Huston
Social engineering, the process of obtaining confidential information through tricking people to do things they should not do; is on the rise. So how can you help your staff recognize social engineering before it’s too late? Here are a few tips...
Comments (0)
Social Media vs. Old School
April 11, 2012 Added by:Joel Harding
As I’ve stumbled through the discovery process of social media I have also uncovered a myriad of problems. I got a phone call from a great friend in the Pentagon warning me that someone was posing as a PSYOP senior and trying to make contacts through LinkedIn...
Comments (0)
The FBI Discusses Internet Social Networking Risks
April 05, 2012 Added by:Infosec Island Admin
Social networking sites have created a revolution in connectivity. However, con artists, criminals, and other actors are exploiting this capability for nefarious purposes. There are primarily two tactics used to exploit social networks. In practice, they are often combined...
Comments (0)
DHS: Don’t be Fooled by Too Good to be True Websites
April 03, 2012 Added by:Headlines
According to a recent report, the fan craze created by the film The Hunger Games has created the perfect opportunity for devious cybercriminals to take advantage of Internet users. While clicking on a link may seem innocent enough, it can actually infect your device...
Comments (0)
Protect Yourself from Vishing Scams
March 30, 2012 Added by:Robert Siciliano
Vishing occurs when criminals cold-call victims and attempt to persuade them to divulge personal information over the phone. These scammers are generally after credit card numbers and personal identifying information, which can then be used to commit financial theft...
Comments (0)
- Brand Damage Through Information Access
- Identity & Access Management: Give Me a REST
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security