|
WordPress Powered Social Engineering
2008-05-22 20:22:00 I’ll be having a job interview in another company next week, so I’m googling a bit about the manager who will interview me…. Got some hits in Google… Has a website… Hey cool, it’s a WordPress blog… Having a look at his wp-content/plugins directory… OK, he’s using a plugin I wrote. Things looking fine so far Share This © Ozh for planetOzh, 2008. | Permalink | 2 comments | Add to del.icio.us Who’s linking ? Technorati Read it at the source ShareThis
By: Wp Wordpress
The Predictable Outcome of Liberalized Social Engineering Policies
2008-04-19 22:35:00 Sin taxes: the unusually high taxes we impose against disfavored activities in the hope that, if the activity becomes way too expensive, people will think twice about engaging in that particular sin. Cigarettes and alcohol are the two major targets of sin taxes. In California, in 1998, California voters passed Prop. 10, a sin ...
By: Webloggin
?Mental Illness? and Social Engineering
2008-03-27 21:41:00 Hello, folks… Now doesn’t it strain the limits of all credulity to believe that nearly HALF of the US population, despite the heightened anxiety inculcated through the main stream media, should now be considered “mentally ill” or “mentally defective”? The article below notes that no less than 200 million prescriptions are written annually in America to treat depression ...
How to hack 200.000 sites at a time using social engineering [Digg]
2008-03-18 13:57:00 Using pr0n of course
Social Engineering
2008-03-07 11:48:00 One day, in an afternoon, when you are relaxing in your home, you get a call from HSBC and they tell you they are rechecking credit cards. “Could you please tell me, your credit card number?”. Just without thinking much, most probably what you’ll do is tell it. And your personal details, etc. So, next month when the bill comes, you know someone has illegally used your credit card. Basically, that’s social engineering; Gathering information by talking to the people. This is easier than hacking, and probably more effective. Because in a computer system, system admin can patch the vulnerable products but there is no patch for human stupidity. Just wanted to tell you, “Beware of Social Engineers”.
?MonaRonaDona?: A revolution in social engineering
2008-03-06 16:10:00 Recently, infections of the malware "MonaRonaDona" have been increasingly prevelent.Once "MonaRonaDona" is installed on a user's system, it displays the following message:"Hi, My name is MonaRonaDona. I am a virus& I am here to Wreck your PC. If yo...
Council accused of social engineering over affordable homes scheme
2008-02-13 17:17:00 Hendon & Finchley Times - Barnet Council has been accused of socially engineering the borough after failing to meet targets for building affordable housing. In the past financial year, only ten... [[ This is a content summary only. Visit my website for full links, other content, and more! ]]
By: Engineers Voice
Mobile banking in crescita: tutto ma col giusto peso!
2008-01-08 13:26:00 Dal sito dell’ ANSA arriva una buona notizia per il mercato bancario internazionale: secondo le stime riportate dalla societŕ di ricerca Celent, infatti, oltre 46 milioni di famiglie americane usano i servizi di online banking per la gestione del proprio conto online. Si prevede addirittura un aumento del 30% entro il 2010! Molte banche, anche ...
Social engineering attacks and prevention [Digg]
2007-12-14 14:08:00 In computer security, social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures.
Social engineering attacks and prevention
2007-12-14 14:05:00 In computer security, social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures. A social engineer runs what used to be called a “con game”. For example, a person using social engineering ...
Why New Jersey Social Engineering Policies Inhibit Economic Growth
2007-12-04 21:57:00 Part 3 of a 3 part series The new rules, referred to as 3rd round rules, mandate that no RCA?s be allowed, a huge increase in way COAH units are calculated relative job creation and a 25% limit on the amount of low and moderate senior housing can be applied to the COAH obligation. COAH obligations ...
Why New Jersey Social Engineering Policies Inhibit Economic Growth
2007-12-04 19:55:00 Part 2 of a 3 part series For example, a small town might have a COAH requirement of 70 units. If the town does not meet it?s requirements and a builder sues under builders remedy the courts will approve a 350 unit subdivision where 70 units are COAH and 280 are market rate. If you assume that each ...
Why New Jersey Social Engineering Policies Inhibit Economic Growth
2007-12-04 15:54:00 PART I OF A THREE PART SERIES There may be many reasons why New Jersey is not business friendly, but most of those reasons have very complicated proofs or are impossible to quantify. That is why the current rules governing COAH housing are so shocking. According to the new rules towns MUST increase taxes massively if ...
Show Home Alone To Raise Social Engineering Awareness
2007-11-24 22:14:00 Realtime IT Compliance – I hope those of you who celebrated Thanksgiving had a great one I spent a very nice day with my family at my brothers house. After getting back home we decided to watch some Christmas movies, so we spent the evening watching one of my very favorites, A Christmas Story and then Home Alone ... read more
A fun reading on social engineering
2007-11-09 16:36:00 I recently talked at different events on social engineering or at least touched the theme. You might know the layer 8 problem J When I had some discussions after my speech I realized that close to nobody (I talked with) knew about the "The Art of Deception: Controlling the Human Element of Security" by Kevin Mitnick. You probably know Kevin Mitnick ? he was one of the first hackers being sent to jail. A lot of his attacks were about ticking people rather than really hacking systems. He then summarized his experience in a book. The way he does it is that he tells stories about different levels of attacks. When you read the first story you think: these things will never happen to me (at least this has been my initial reaction being one of these paranoid security people). When you reach towards the end of the book, you start thinking differently?.. It is definitely worth reading Roger
Social Engineering - Live
2007-11-06 05:12:00 I just found a pretty interesting article on "social engineering". It is one of these articles showing an anecdote on how to use social engineering to enter a building and get access to everything: The Spy in Your Server Room Roger
One of the oldest social engineering techniques (sex) still seems to work!
2007-11-01 05:19:00 Some would argue that sex is one of the oldest social engineering ploys to deceive someone into doing something they normally wouldn’t do. As far as I know, it’s been being used since biblical times. Roderick Ordońez at the Trend Labs Malware Blog (Trend Micro) is reporting that malware is being downloaded on systems using a ...
Khaki Bandit: Extreme Social Engineering (or, An Extreme Reason For Greenl
2007-10-31 06:10:00 The Khaki Bandit. That?s how Eric Almly was known in Milwaukee when they didn?t have a name to match up with the burglaries. He?s been connected to computer thefts in Minnesota, California, Arizona, and Florida. Supposedly, Almly?s modus operandi was to walk into corporate offices and lift laptops found in the office. He wouldn?t walk in willy-nilly. He?d stake out the soon-to-be crime scene, studying the place. He would dress the part to better match the surroundings (I guess corporate America is really into khakis). He would enter the offices close to the end of business day?when things were winding down, people were leaving work, but prior to the nighttime security staff arriving?and just hang around until people left. Hey, he looked like he belonged. On the rare times when he was confronted, he would lie. Hey, he sounded and looked like he belonged. He?d go around the deserted office, pick up the laptops, and sa...
A new way of social engineering
2007-10-26 12:18:00 Sometimes, when we speak about social engineering, we think about people at the other side of the phone trying to get our passwords to gain unauthorized access to our accounts. When this data is in their hands, panic spreads: intrusion on companies, espionage, identity theft…all the classic goals of this kind of attacks.But let’s not forget the underlying reason of social engineering. Therefore, I particularly like the following definition, which I think is the essence of these attacks: “the art and science of getting people to comply with your wishes”.Under the premise of this thinking, this week at PandaLabs we have discovered a new way to apply this concept. It is very simple and pleasant. You receive a small application on your desktop that shows a woman offering you a striptease. How can we take off this woman’s clothes? Just typing a few letters displayed next to the girl as we can see in the following image: Hmmm, can you recognise thi...
By: PandaLabs Blog
Social Engineering: The Good Guys Strike Back
2007-10-21 03:12:00 PC World - Please Wait… If you can't beat them, scam them back…or slander them into quitting. That's the approach some researchers at Carnegie Mellon University are suggesting... [[ This is a content summary only. Visit my website for full links, other content, and more! ]]
By: Engineers Voice
Social Engineering with Pretexting
2007-10-07 21:29:00 In an early scene in the movie “Sneakers“, a security guard is aroused by an alarm and rushes to the phone. The voice on the phone reassures the guard that this is a false alarm, and that it should stop in a minute. It does. The guard is visibly relieved and thanks the officer. Then ...
Social Engineering - How Hacking is Really Done
2007-10-05 18:15:00 The movies and even TV media have misled us countless times; somebody is trying to hack into a system. They have a screen of scrolling, indecipherable code going by. The hacker types in some mystical incantation and a big, dumb box pops up on the screen: “access grated”. The crafty hacker cackles at his own ...
Social Engineering: Good Triggers and Bad Triggers
2007-10-05 02:21:00 By Joe Wells, CTO of Lavasoft ABCall them shortcuts. Call them rules of thumb. Call them heuristics. Herein I will call them triggers. We all have these triggers, we all use them, and, in fact, we all need them to survive in today?s world. Robert Cialdini gives an excellent description of these triggers in his book ...
Social Engineering
2007-09-02 17:47:00 Statt nur die EDV auf dem aktuellen Stand zu halten, sollten auch die Mitarbeiter gegen Social Engineering geschult werden. Viren und anderes technisches Ungeziefer kommt nämlich nicht unaufgefordert zugelaufen. Hier die 10 Gebote zur Prävention: 1. Seien Sie zurückhaltend mit Auskünften 2. Lassen Sie sich nicht unter Druck setzen 3. Trauen Sie sich, ein Gespräch zu beenden 4. Überprüfen Sie die Identität eines Anrufers 5. Sichern Sie sich ab 6. Achten Sie auf sensible Dokumente 7. Seien Sie schweigsam in der Öffentlichkeit 8. Sprechen Sie fremde Personen an 9. Sicherheit geht vor Höflichkeit10.Seien Sie auch in der Freizeit wählerisch mit den GesprächsthemenWeitere Infos wie Bücher und Videos zum Thema gibt es zuhauf.
By: Landstrasse
Lucknow University to offer social engineering course
2007-05-30 15:21:00 Lucknow, May 30 (IANS) Clearly inspired by the Bahujan Samaj Party’s (BSP) success with Mayawati’s social engineering experiment in Uttar Pradesh, the Lucknow University has decided to introduce a two-year master’s degree programme in the subject from the next academic session. Although a diploma programme in the subject was started in the academic year 2006-07, the ...
By: Latest News
Spammers exploiting social engineering to spread malware: Commtouch
2007-05-06 07:23:00 dmnews.com - Malware Outbreak Trends,” describes how malware writers use speed, variation and social-engineering techniques to mass distribute malicious software over the Internet. They have adopted... [[ This is a content summary only. Visit my website for full links, other content, and more! ]]
By: Engineers Voice
Social Engineering Blamed for Xbox Live Hacks
2007-05-04 10:15:00 Unscrupulous players on the Microsoft Xbox Live system were able to gain access to other players’ accounts. The gamers reportedly used pretexting and other forms of social engineering to trick customer service staffers into revealing private information.Microsoft downplayed the attacks saying they were isolated incidents. Ill-willed players on the Microsoft (Nasdaq: ...
A curious technique of social engineering
2007-02-23 08:38:06 We have recently detected many infections of Trj/Abox.A. This high number of infections is due to the curious technique of social engineering that it uses in order to deceive users. This malware sends email messages with an asx file attached. The code of the file can be recognized in the following tags:TITLE “Codec not found”, which deceives users into thinking that they have not the appropriate codec to watch the video.REF HREF, which is the URL of the video that is displayed. Actually, it is a one-minute long video with a black background, whose main purpose is to make users think that they do not have the suitable codec.MOREINFO HREF, which is the URL that is opened when the banner that appears in the video is clicked This is what users see when they try to open the file .asx:When users are infected, it downloads a downloader type Trojan (detected as Trj/Abox.A), which downloads via FTP 3 files that receive instructions from a server in order to send em...
By: PandaLabs Blog
|
|
 |
|
 |
