Comments on: The Social Engineering CTF – How Strong is Your Schmooze

By: DEFCON 18 Social-Engineer CTF Contest Findings Report Summary « Black Hat Security

Sun, 28 Nov 2010 06:02:00 +0000

[...] Sensitive information (e.g., financial, strategic, etc.) was off limits for the CTF, but fair game ‘flags’ included employee schedules, browser versions, and anti-virus software used. Contestants were also encouraged to fool targets into opening a fake url as a way of demonstrating a very common attack technique. Based on findings from this contest, the average entry-level and call center employee did not appear to have adequate security training. Due to this fact, they typically did not sense any danger in being as helpful as possible in sharing information that they perceived to be trivial. With the right information, social engineers can pretend to be an insider, essentially gaining the trust of key gatekeepers within any organization, which ultimately leads to the compromise of sensitive information. The threat that social engineering poses to Corporate America must be taken seriously. The big challenge for any organization looking to defend itself from this threat will be to find a balance between their customer-centered training and their anti-social-engineer security training. Companies want to help their customers, but they don’t want to sink their ship by sharing seemingly-trivial information. Savvy organizations have found that the best prevention naturally falls into place when they identify any security training gaps, include all employees in their security training program, and distribute anti-social-engineer tips on a regular basis. [...]

By: Social Engineering-auto

Social Engineering-auto — Sat, 21 Aug 2010 06:57:20 +0000

[...] Social Engineering CTF – How Strong is Your Schmooze [...]

By: مسابقة ألتقاط الأعلام من فريق الهندسة الاجتماعية

مسابقة ألتقاط الأعلام من فريق الهندسة الاجتماعية — Tue, 15 Jun 2010 21:26:39 +0000

[...] Social Engineer نشرت في غير مصنف [...]

By: Exploiting The Human – CTF Style | HoneyTech Blog

Exploiting The Human – CTF Style | HoneyTech Blog — Mon, 07 Jun 2010 12:56:55 +0000

[...] are taking this idea to the next level. At Defcon this year they will be hosting a Capture The Flag (CTF) event for Social Engineering. CTF is traditionally a technical event where attendees attempt to hack each other’s [...]

By: P1RATE's Blog » Blog Archive » مسابقة ألتقاط الأعلام من فريق الهندسة الاجتماعية

Wed, 02 Jun 2010 11:27:46 +0000

[...] Social Engineer عدد المشاهدات: 2 وسوم: attacks, CTF, Defcon, information Gathering, OFFENSIVE SECURITY, social engineer, wifu هذه التدوينة نشرت يوم الأربعاء, يونيو 2nd, 2010 الساعة 2:29 م تحت تصنيف : Hackers. يمكنك متابعة آخر التعليقات بواسطة خلاصة RSS 2.0 يمكنك ترك تعليقك, أو trackback من موقعك. [...]

By: Tweets that mention Social Engineering CTF - How Strong is Your Schmooze | Social Engineering - Security Through Education -- Topsy.com

Tue, 01 Jun 2010 23:41:04 +0000

[...] This post was mentioned on Twitter by Security4all and Joe, digip. digip said: RT @humanhacker: New blog post: The Social Engineering CTF – How Strong is Your Schmooze http://bit.ly/csRsLv [...]