Home Tags Social Engineering

Tag: Social Engineering

Exploits: how great is the threat?

How serious, really, is the danger presented by exploits? The recent leak of an exploit toolset allegedly used by the infamous Equation Group suggests it’s time to revisit that question. Using our own telemetry data and intelligence reports as well as publicly available information, we’ve looked at the top vulnerabilities and applications exploited by attackers.

Latest Tax Scams Include Phishing Lures, Malware

Microsoft warns this year’s crop of tax scams use social engineering attacks based on fear to spread banking Trojans and collect personal info.

Vastly improve your IT security in 2 easy steps

It’s a rough number, but I’d wager that 99 percent of computer security risk in most organizations can be attributed to two root causes: social engineering and unpatched software. I’m not talking about pure numbers of success exploits, but overall impact. Many CISOs and threat intelligence analysts have told me that 100 percent of the biggest events at their company involved social engineering.

Certainly, bad breaks enter your environment through other means, which is why we still need to secure our servers, encrypt our disks, and prevent physical intrusions.

But in terms of the biggest impact, most organizations can tie those events to two root causes.To read this article in full or to leave a comment, please click here

6 of the most effective social engineering techniques

Social engineering is the strongest method of attack against the enterprise’s weakest vulnerability, its people.

Criminal hackers recognize this fact.
In 2015, social engineering became the No. 1 method of attack, according to Proofpoint’s 2016 Human Factor Report.To read this article in full or to leave a comment, please click here(Insider Story)

How did Yahoo get breached? Employee got spear phished, FBI suggests

Unwitting sysadmin or other employee was conned out of credentials, FBI theorizes.

A five star review and the ads go away: How trojan...

Social engineering is in order to trick victims into giving trojan apps a five star rating on Google's official App Store.

A five-star review and the ads go away: How trojan Android...

Social engineering tricks victims into giving trojan apps a five-star rating on Google's official App Store.

4 strategies to root out your security risks

You’ll never reduce your security risk if you can’t identify and mitigate the root causes of those vulnerabilities. It isn’t enough to have a list of malware programs that your antimalware has detected. You need to to determine how viruses and hackers have penetrated your environment in the past. In the vast majority of organizations, two root causes are responsible for successful exploits: unpatched software and social engineering. All other root causes generally account for less than a few percentage points of the risk. The key to reducing computer security risk is that every organization needs to determine its own, most prevalent root causes.To read this article in full or to leave a comment, please click here

Hackers are using this Android malware to spy on Israeli soldiers

Social engineering employed to distribute ViperRAT malware which uses infected devices to take photos and record audio.

Researchers Turn Table on Fraudster Using Own Phishing Tricks

SecureWorks researchers used social engineering techniques to trick a phishing fraudster into revealing account numbers and ID information that allowed them to shut down the scam.

Mobile apps and stealing a connected car

The concept of a connected car, or a car equipped with Internet access, has been gaining popularity for the last several years.

By using proprietary mobile apps, it is possible to get some useful features, but if a car thief were to gain access to the mobile device that belongs to a victim that has the app installed, then would car theft not become a mere trifle?

SecureWorks Exposes Phishing Fraudster Using Social Engineering Tricks

Pretending to be a willing dupe can help security firms identify and shut down the bank accounts used by scammers, turning the tables on attackers.