Blog Posts Tagged with "Social Engineering"
How to Protect SMBs Against Phishing Attacks via Social Engineering
November 06, 2018 Added by:Timur Kovalev
Attackers are constantly changing tactics, so ensuring that you are armed against the latest threats is critical.
Comments (0)
Is User Training the Weakest Link for Your Email Security Approach?
June 28, 2018 Added by:Dennis Dillman
Security training and awareness should be at the top of your layered security strategy to ensure your employees are less of a liability, and the risk of a breach is significantly lower.
Comments (0)
Beyond Phishing: What You Need to Know About Whaling
June 13, 2016 Added by:Dan Lohrmann
Just when you thought you had seen it all regarding online phishing scams, along comes a new round of deceptive emails, phones calls, instant messages and even traditional printouts from your fax machine.
Comments (0)
March Madness Security Threats Can Drive Any Organization Mad!
March 14, 2016 Added by:Mark Parker
Unfortunately, while the popularity of March Madness (the NCAA Basketball Tournament) has grown exponentially, nearly every facet of any employee’s involvement with the event could open up the employee, as well as the organization, to a number of cyber risks.
Comments (0)
Get Physical with your Physical Space
August 17, 2015 Added by:Jayson Wylie
Current social engineering practice has gone beyond mail phishing scams and there is high probability that there is potential of a malicious presence in the mix within the place of work.
Comments (0)
The Importance of Sample Size in Social Engineering Tests
January 16, 2013 Added by:Matt Neely
Information security has a problem. We make far too many decisions without having reliable data to assist in our decision making process. Because of this, far too many information security professionals use what I call Gut 1.0 to make decisions based on gut feel...
Comments (0)
Do Better Technical Controls Increase People Focused Attacks?
December 16, 2012 Added by:Simon Moffatt
Social engineering can be seen as a more direct approach to exposing real security assets such as passwords, processes, keys and so on. Via subtle manipulation, carefully planned framing and scenario attacks, through to friending and spear phishing, people are increasingly becoming the main target...
Comments (0)
Reflected Glory: Revealing one of my self-created social engineering tricks
December 11, 2012 Added by:Will Tarkington
What is reflected glory? To do this trick you need someone with a high social status that you can be associated with. It doesn’t have to be a close association just one that is known. You then simply state with authority your own opinion once the relationship has been recently established...
Comments (0)
The Female Social Lever
November 16, 2012 Added by:Will Tarkington
In my ongoing expose on Social Engineering techniques I bring to you one of my favorites I call “The Female Social Lever.” A technique that takes advantage of social geometry and complex female group hierarchy. For this example we are going to use a party because it is where I developed this particular technique...
Comments (0)
False Flag Phishing
November 15, 2012 Added by:Alan Woodward
There is a form of phishing becoming more common on Twitter that is likely to fool even the most suspicious of users. I very nearly fell for it myself. What stopped me? Unlike me, the person who purportedly sent me the message doesn’t make the sort of spelling mistakes that were in the message...
Comments (0)
You Believe It Because "I" Wrote It
November 14, 2012 Added by:Jim Palazzolo
Besides sheer entertainment, my objective is to practice my ability to create deception. It has been my observation that security personnel must be able to spot deception. Whether it’s covert channels or fake ID’s, deception is a very powerful tool that can be used both offensively and defensive...
Comments (0)
I lost my theory of mind… or Where my mind at?
November 13, 2012 Added by:Will Tarkington
Without the theory of mind everything that social engineers do or attempt to do would fail. The theory of mind is basically one’s ability to differentiate perspectives. From perspective comes intention, from intention comes reaction, and from reaction comes reward (or failure)...
Comments (1)
Have You Added Personas to your Incident Response Program?
October 23, 2012 Added by:Tripwire Inc
For any activity you do, it’s important not just to measure how well the organization did in a stress test situation, but to evaluate where your opportunities for improvement are. In my experience, personas are a great way to communicate a rich context very quickly once they are introduced...
Comments (0)
Are You What You Tweet?
October 09, 2012 Added by:Online Privacy Foundation
The Online Privacy Foundation (OPF) encourages people to get online and consider all the great things social networking sites could do for them. But the evidence is growing that we need to think harder about how we share information online and question how that information is used...
Comments (0)
Social Engineering: What the Heck Was I Doing? Part 1
September 26, 2012 Added by:Will Tarkington
The method I used for this particular tactic was to monitor the conversational rhythm. Then inject into it and take it over allowing me to guide the conversation. The skill set that allows you to walk into a conversation and take it over can’t be understated...
Comments (0)
Clipboards, Confidence, and Information Security
September 17, 2012 Added by:Tripwire Inc
How do you teach paranoia and suspicion? We often hire people because of their willingness to help others, their good communication skills, their ability to be responsive, etc. As we work through securing our humans, we need to strike a balance – trust but verify, assist but not unquestioningly...
Comments (1)
- University of Arizona Researchers Going on Offense and Defense in Battle Against Hackers
- Securing the Internet of Things (IoT) in Today's Connected Society
- What Is Next Generation SIEM? 8 Things to Look For
- Cybersecurity and Online Trading: An Overview
- Artificial Intelligence: The Next Frontier in Information Security
- Five Main Differences between SIEM and UEBA
- For Cybersecurity, It’s That Time of the Year Again
- Myth Busters: How to Securely Migrate to the Cloud
- Microsoft Makes OneDrive Personal Vault Available Worldwide
- Human-Centered Security: What It Means for Your Organization