People like to be appreciated and know they are good at what they do. This goes for social engineering pentesters, too. We are contracted to think like the bad guys but are actually the good guys. This means we don’t post the details of a cool hack we found to get through a specific organization’s security over social media. Embarrassing a client is never good business! Despite the fact that SEs don’t often get to discuss their success story specifics of clients, we can get swept away in the high of validation just by being good at what we do. This means we can get caught up in the same neurotransmitter high that we rely on to encourage information out of others. The more information we elicit from the person, the more validated we feel about our own skills, thus increasing our dopamine levels. The trick is to not get so caught up in it that you can’t see when it is time to walk away.
As sophisticated, targeted attacks become increasingly prevalent, today’s organizations are being challenged, now more than ever. In effort to shed light on the nature of these types of attacks, Social-Engineer hosts an annual Social Engineering Capture the Flag (SECTF) competition at the DEF CON hacking conference in Las Vegas. At this conference the security elite Continue Reading >
An article from Dark Reading came out earlier this month that is still getting a lot of traction in the news. What’s the big band wagon that everyone is scrambling to jump on? It’s simple. Train employees on social engineering tactics. The article points out that more than half of security professionals say that social Continue Reading >
“This is DerbyCon” where the final words echo’ed in a very emotional closing video that David Kennedy put together for the ending of the DerbyCon 4.0 Conference. Its a con… why would it affect anyone so strongly? Don’t we all just go to these things to see new hacks, spend some quality time with beer Continue Reading >
Lots of questions have been coming in regards our DerbyCon Contest to be held at our Social-Engineer, Inc. sponsor booth. So let me take a few moments to answer the questions and outline the competition. We wanted to have something fun, challenging and also unique. Chris reached out to the National Institute of Polygraph Examiners and Continue Reading >
Social-Engineer is on the road again! This time you’ll see our friendly faces popping up in Louisville, KY at DerbyCon, 24-28 September. In true SEORG style, we’ll be hitting the ground at 150 mph leaving secret decoder rings and lock picks in our wake. You’ll have plenty of chances to say hello to Chris and meet Continue Reading >
The sweat has finally dried and we are back to the normal swing of things here at Social-Engineer. I scoff at my own ridiculous self as I write that sentence and say, “What is normal?” But never-the-less, we wanted to give you a small glimpse of the craziness that was DEF CON 22 and the Continue Reading >