Friends Don’t Send Friends Malware on Facebook

4815259737_4b08662719_o

Yes, the kittens are cute and who wouldn’t want to see another photo of the latest celebrity embarrassing themselves? But can we all just agree that as cool as the latest trending video is on Facebook, it’s probably not worth getting infected over? We’re sure you’ve heard about the malware infecting 110,000 Facebook users. Yes, it’s porn. Yes, at least 20 of your friends will be tagged when the malware takes over your computer, showing everyone on your feed that you viewed a video you might not want grandma or the PTA to know you watched. But the next malware video could be cute puppies, so let’s nip this in the bud!
Continue Reading >

Implicit Bias – Chances Are, You Have One

you-cant-handle-the-truth-meme-generator-you-want-the-truth-you-can-t-handle-the-truth-9789dd

Here’s an oldie but goodie. A man and his son are in a serious car accident and both are taken to the emergency room, unconscious. The boy is wheeled immediately into surgery. The surgeon takes one look at him and says, “I can’t operate on this child, he’s my son.” Who is the surgeon?

Let’s Go Vishing

VISHING

Vishing, or eliciting information over the phone, is a common social attack vector. It’s proven to be one of the most successful methods of gaining information needed to breach an organization, even when used by an inexperienced attacker. When you can’t hack your way through your pentest, when you can’t break in with your red-team, Continue Reading >

Post-Cyber Monday survival

holiday_scams-100532824-carousel.idge

Congratulations! You survived Black Friday and Cyber Monday (personally, I’m holding out for “Free Cookies Friday”), but what now? You could sit back and enjoy your spoils of war, ahem, I mean shopping, or you could start a new tradition: Post-Cyber-Monday checklist. Sounds exciting, doesn’t it? Maybe it’s not up there with “Free Cookie Friday” Continue Reading >

Danger: Dopamine Addiction

il_340x270.600637724_m4jv

People like to be appreciated and know they are good at what they do. This goes for social engineering pentesters, too. We are contracted to think like the bad guys but are actually the good guys. This means we don’t post the details of a cool hack we found to get through a specific organization’s Continue Reading >

THE SOCIAL ENGINEERING CAPTURE THE FLAG ROUNDUP

default-featured-image

As sophisticated, targeted attacks become increasingly prevalent, today’s organizations are being challenged, now more than ever.  In effort to shed light on the nature of these types of attacks, Social-Engineer hosts an annual Social Engineering Capture the Flag (SECTF) competition at the DEF CON hacking conference in Las Vegas.  At this conference the security elite Continue Reading >