Social Engineering
Bore Them With Death-by-Awareness: That’ll Teach em!
May 08, 2013 Added by:Lee Mangold
As security professionals, we have to understand that not everyone has a passion for security. In fact, most people don’t. Given that we know “they” don’t share our passion, and we know they are the most vulnerable attack vector, why do we continue to bore them with homogenous and irrelevant training?
Comments (0)
What Security Risks Do Healthcare Organizations Face?
May 06, 2013 Added by:Michael Fornal
Today, hospitals and healthcare organizations face many risks that they didn’t have to deal with until few years ago. This ever growing list of risks includes social engineering, redundant applications, within a network and keeping patient files secure and confidential but yet available and escalation of privileges.
Comments (0)
Could the AP Twitter Hack Have Been Prevented?
April 26, 2013 Added by:Gianluca Stringhini
This is the first time that people realize that Tweets can have a large effect on financial institutions. The question that people are asking is: could this compromise have been avoided?
Comments (0)
Google: Black Hat or White Hat?
April 23, 2013 Added by:Larry Karisny
Google has a perfect opportunity to be a leader in cybersecurity. Google’s recent network -- and acquisitions and hires -- in Austin, Texas, is an opportunity to do security right the first time.
Comments (1)
Don’t Let Your Guard Down: Tragedies Pave Way for Phishing Attacks
April 16, 2013 Added by:Jake Garlie
Tragic events such as what happened during the Boston Marathon creates an opportunity for attackers in the digital world as well. With everyone scrambling for more information, the success rate of a phishing attack at this time can skyrocket.
Comments (0)
Digital Natives, Digital Immigrants, Exo-Nationals and The Digital Lord of The Flies
March 29, 2013 Added by:Krypt3ia
There seems to be a disconnect within the psyche for kids where their actions are just not real because it happens online. Some of these kids that I tracked online due to recent events with the attacks on Brian Krebs that leads me to believe some of them may in fact be on the road to sociopathy.
Comments (1)
So APT Is China *snicker* Now What?
February 28, 2013 Added by:Krypt3ia
As RSA comes to a close and the corridors of the hall stop ringing with the acronym APT, I find myself once again looking at the problem as opposed to the hype.
Comments (0)
Latest Adobe Zero-day is Serious Business
February 14, 2013 Added by:Mike Lennon
The exploits have been seen in extremely targeted attacks against high profile targets, and are a sophisticated effort that appear to be the first to successfully escape Adobe’s “protected mode” sandbox. Make no mistake about it; this attack is serious business and not the work of amateurs.
Comments (0)
New York Times Says It Was Infiltrated By Chinese Hackers
January 31, 2013 Added by:Infosec Island
The New York Times said it had fallen victim to hackers possibly connected to China's military, linking the sophisticated attacks to its expose of the vast wealth amassed by Premier Wen Jiabao's family.
Comments (0)
Resource: Defeating Advanced Persistent Threat Malware
January 29, 2013 Added by:Infosec Island
Attacks can come from anywhere. Even more daunting is that not all malware is alike. Learn about battling advanced threats and the progressive strategies to battle malware from this new white paper.
Comments (0)
Credit Card Fraud Really Isn’t Identity Theft
January 23, 2013 Added by:Robert Siciliano
With the holiday shopping season and after holiday season sales over, it’s time to review our credit card statements and make sure that everything that is on there was something you purchased. With most of us using our card a lot more during this time, there’s more chance of fraud or identity theft...
Comments (0)
The Importance of Sample Size in Social Engineering Tests
January 16, 2013 Added by:Matt Neely
Information security has a problem. We make far too many decisions without having reliable data to assist in our decision making process. Because of this, far too many information security professionals use what I call Gut 1.0 to make decisions based on gut feel...
Comments (0)
Identity Thieves Take a Bite Out of Apple
January 15, 2013 Added by:Kelly Colgan
Scammers are taking advantage of a product financing offer that presents identity thieves with the opportunity to fraudulently obtain instant credit approval to make online purchases. The crime is simple to carry out. All scammers need are the basic types of information commonly exposed in data breaches...
Comments (1)
Are You Faking It?
January 06, 2013 Added by:Rebecca Herold
A few weeks ago I got a text message from a phone number I didn’t recognize, with a rather odd message. I sent a text back asking, “Who do U think U sent ur txt 2?” The response, “Myrtle!” I’m not Myrtle. Turns out they were using a phone number they had found online that was associated for the Myrtle they knew.
Comments (0)
Turkey – Another story on use of fraudulent digital certificates
January 04, 2013 Added by:Pierluigi Paganini
It’s the news of the day, a fraudulent digital certificate that could be used for active phishing attacks against Google’s web properties. Using the certificate it is possible to spoof content in a classic phishing schema or perform a man-in-the-middle attack according Google Chrome Security Team and Microsoft experts.
Comments (0)
Fraud Files: Pay Later, Pilfer Now
December 18, 2012 Added by:Kelly Colgan
Services such as BillMeLater, a PayPal company that allows customers to make purchases on credit after a simple sign-up process and credit check, have created an identity theft trend and left victims fighting to clear their names...
Comments (0)
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform