Social-Engineer.Org : Security Through Education

6 Comments

1. [...] This post was mentioned on Twitter by Security4all and Joe, digip. digip said: RT @humanhacker: New blog post: The Social Engineering CTF – How Strong is Your Schmooze http://bit.ly/csRsLv [...]

   Pingback by Tweets that mention Social Engineering CTF - How Strong is Your Schmooze | Social Engineering - Security Through Education -- Topsy.com — June 1, 2010 @ 6:41 pm

2. [...] Social Engineer عدد المشاهدات: 2 وسوم: attacks, CTF, Defcon, information Gathering, OFFENSIVE SECURITY, social engineer, wifu هذه التدوينة نشرت يوم الأربعاء, يونيو 2nd, 2010 الساعة 2:29 م تحت تصنيف : Hackers. يمكنك متابعة آخر التعليقات بواسطة خلاصة RSS 2.0 يمكنك ترك تعليقك, أو trackback من موقعك. [...]

   Pingback by P1RATE's Blog » Blog Archive » مسابقة ألتقاط الأعلام من فريق الهندسة الاجتماعية — June 2, 2010 @ 6:27 am

3. [...] are taking this idea to the next level.  At Defcon this year they will be hosting a Capture The Flag (CTF) event for Social Engineering.  CTF is traditionally a technical event where attendees attempt to hack each other’s [...]

   Pingback by Exploiting The Human – CTF Style | HoneyTech Blog — June 7, 2010 @ 7:56 am

4. [...] Social Engineer نشرت في غير مصنف  [...]

   Pingback by مسابقة ألتقاط الأعلام من فريق الهندسة الاجتماعية — June 15, 2010 @ 4:26 pm

5. [...] Social Engineering CTF – How Strong is Your Schmooze [...]

   Pingback by Social Engineering-auto — August 21, 2010 @ 1:57 am

6. [...] Sensitive information (e.g., financial, strategic, etc.) was off limits for the CTF, but fair game ‘flags’ included employee schedules, browser versions, and anti-virus software used. Contestants were also encouraged to fool targets into opening a fake url as a way of demonstrating a very common attack technique. Based on findings from this contest, the average entry-level and call center employee did not appear to have adequate security training. Due to this fact, they typically did not sense any danger in being as helpful as possible in sharing information that they perceived to be trivial. With the right information, social engineers can pretend to be an insider, essentially gaining the trust of key gatekeepers within any organization, which ultimately leads to the compromise of sensitive information. The threat that social engineering poses to Corporate America must be taken seriously. The big challenge for any organization looking to defend itself from this threat will be to find a balance between their customer-centered training and their anti-social-engineer security training. Companies want to help their customers, but they don’t want to sink their ship by sharing seemingly-trivial information. Savvy organizations have found that the best prevention naturally falls into place when they identify any security training gaps, include all employees in their security training program, and distribute anti-social-engineer tips on a regular basis. [...]

   Pingback by DEFCON 18 Social-Engineer CTF Contest Findings Report Summary « Black Hat Security — November 28, 2010 @ 1:02 am

RSS feed for comments on this post. TrackBack URL

Sorry, the comment form is closed at this time.