May 4, 2017
Via: Help Net SecurityThe vast majority (82 percent) of users open email attachments if they appear to be from a known contact, despite the prevalence of well-known sophisticated social engineering attacks, according to Glasswall. Of these respondents, 44 percent open these email attachments […]
May 2, 2017
Via: InfoWorldAs a traveling consultant, I visit lots of businesses during the year and examine their security plans. For decades, I’ve secretly scoffed at what they’ve tried to do because it was often too little, too late—and misdirected. But these days, […]
April 24, 2017
Via: CSO OnlineLast August a Baltimore substance abuse treatment facility had its database hacked. Patient records subsequently found their way onto the Dark Web, according to DataBreaches.net. The group noticed such things as dates of admission, whether the patients are on methadone, […]
February 22, 2017
Via: Naked SecurityWhen it comes to social engineering, the devil really is in the details: you’re much more likely to believe the story of someone claiming fraudulently to be a colleague (or even claiming to be your CEO or CFO) if they […]
December 9, 2016
Via: Naked SecurityWinning your trust with a pack of believable lies, especially technical lies, is known as social engineering, and that’s how most ransomware works its way in. A recent spam campaign in Germany shows up the sort of techniques that cyber-criminals […]
September 22, 2016
Via: CSO OnlineYou’ve trained them. You’ve deployed simulated phishing tests. You’ve reminded your employees countless times with posters and games and emails about avoiding phishing scams. Still, they keep falling for the same ploys they’ve been warned about for years. It’s enough […]
August 12, 2016
Via: CSO OnlineMost organizations’ external perimeter is pretty buttoned up. But once you make it inside it’s still pretty weak. It’s a pretty quick operation to go from social engineering to exploit somebody’s workstation, to pivoting in the environment and escalate all […]
June 7, 2016
Via: CSO OnlineOver the weekend a screenshot circulating on Twitter caught our attention. Normally, this would be a one-off story for the weekly Rehashed round up, but this scam teaches a lesson that’s worth some focus. The lesson is that Social Engineering […]
April 12, 2016
Via: Dark ReadingFBI warns US companies about rising email scams that have cost businesses up to $2.3 billion since 2013. The FBI this month issued a warning on a dramatic surge in business email compromise (BEC) scams that have resulted in huge […]
November 25, 2015
Via: Dark ReadingWhile store managers and salespeople gear up for long lines, social engineering, and point-of-sale malware on Black Friday, CIOs and development teams gear up for fraudulent online purchases and Web-based data breaches on Cyber Monday. The most immediate concern is […]
October 29, 2015
Via: Russel EdwardsIn our article on organizational doxing we mentioned social engineering with a promise on detailing this subject. The connection is straightforward – malicious digital entities use doxing as part of their social engineering maneuvers. However, what does social engineering mean? […]
October 28, 2015
Via: malwareComputer users have often been warned to be wary of opening unsolicited email attachments because of the risk of malware infection, and yet many continue to be infected via precisely this method. In other words, the malicious hackers attempting to […]
October 21, 2015
Via: phishingA panel of #security professionals at the SC Congress in New York agreed that instead of using #phishing email “#social engineering” #tests to raise security threat awareness among employees they should turn it into a game. During the October 20 […]
October 12, 2015
Via: network-securityNo doubt you’ve received a #linkedin invitation from someone you don’t know — or you’re not sure you know. Next time, you might want to think a little harder before accepting. Researchers from Dell SecureWorks Counter Threat Unit have identified […]
October 7, 2015
Via: cyber-crimeThe Counter Threat Unit (CTU), the Dell SecureWorks research team, uncovered an initiative by an Iran-based threat group it dubbed #threat group 2889, to create a network of fake #linkedin profiles for “obtaining confidential #information they can use for cyber […]
September 15, 2015
Via: malwareAlthough it may be tempting to imagine hackers as being shy and socially inept types, whose only human interaction is via their computers, this is an assumption which rarely corresponds to the reality. In fact, in some cases, the social […]
August 5, 2015
Via: Russel EdwardsThe latest types of security exploits target connected cars and airplanes. Attacks aiming the essential systems of these kind of machines take the idea of cyber warfare to a whole new level. Since firewalls cannot offer the needed degree of […]
July 28, 2014
Via: threats-and-malwareUnder the pretext of providing a method to hack into any Facebook account, cybercriminals incite unsuspecting users into pasting malicious code into their web browser. This scam is relied on social engineering, because all the scammer has to do is […]