SE

Search for:


Archive for August, 2010

Cyber Stalking and Smart Phones – Making Social Engineering Easier

Thursday, August 19th, 2010

It seems that every month we are tweeting, blogging or writing in our newsletter something about the amazing world of social media. Something just came across our desks that will really blow your mind. All about how smart phones are a cyber stalking dream tool.

stalkingsign Cyber Stalking and Smart Phones   Making Social Engineering EasierWhat if I told you that there was a way to create a profile on you that could reveal
• Where you live
• Who else lives there
• Your commuting patterns
• Where you go for lunch each day
• Who you go to lunch with

And all I need you to do is use a social media site or two and post a picture or two here or there?

Most phones when used for taking pictures will embed certain data in the meta-tag. Meta data is often used by software to help process the picture and open it correctly. Yet there is so much space this is also often used to store the photographer’s name, date and other juicy bits of info about the picture.

One of the juiciest bits is geo-location. Yes the age of the smart phone has opened up this flaw and allows a person to see the exact location of an individual when that picture was taking. Smart phones actual embed the longitude and latitude of the location in the meta data of the picture.

Then when the user (you) posts it to twitter, facebook, and the world begins to awe at your photographic prowess malicious social engineers are finding out the location seeing if you are near home, near a good spot to be abducted, profiling you for id theft or home invasion… pick your poison and although I sound sarcastic, this is very serious.

(more…)

A New Era of Security Awareness Training

Tuesday, August 17th, 2010

Each year companies lose millions in security breaches. As these breaches wreak havoc on companies and people we feel that high quality Information Security Awareness is probably one of the most important remedies. The whole social-engineer framework is geared toward our thought that the human element is the weakest link in the chain, and the Social Engineering CTF at Defcon 18 really drove that point home.

Offensive Security and Social-Engineer.Org have joined forces to launch a new era in security awareness programs.  This course is different than everything on the market today. It is a one day, managerial security awareness training program, geared to expose the threats of modern day attackers.
(more…)

Social-Engineer Breaks a Defcon Record

Wednesday, August 4th, 2010

SEDefconSign Social Engineer Breaks a Defcon RecordDefcon is over and after the long treks home we take some time to review the past few days and there is so much to say it seems like I have to write a book to get it all out. Most of it can be summed up by saying, “Security Through Education.”

The Social-Engineer.Org CTF took off with a bang that I think was heard around the world. We have counted just a tad under 100 articles that have been printed about the CTF in magazines, newspapers and media journals around the globe. Companies, people and governments are very curious about the results of the contest and the report that is soon coming.
(more…)




SE Polls

SE CTF

Brad Smith