Security Through Education

A free learning resource from Social-Engineer, Inc

Home

2 Comments

What comes after the huffing and puffing?

In the midst of all the recent articles about information breaches, a trend is emerging. We seem to be hearing more lately that prevention of breaches, while not to be ignored, should not be the sole focus of digital or physical security programs. More news articles, tweets from the infosec community, and even commercial products […]

4 Comments

Friends Don’t Send Friends Malware on Facebook

Yes, the kittens are cute and who wouldn’t want to see another photo of the latest celebrity embarrassing themselves? But can we all just agree that as cool as the latest trending video is on Facebook, it’s probably not worth getting infected over? We’re sure you’ve heard about the malware infecting 110,000 Facebook users. Yes, […]

6 Comments

What damage does social engineering really cause anyway?

Sometimes in the tech field, we can get so caught up in “what’s new” that we lose sight of the importance of “what’s practical.” The coolest new digital hacks are interesting but when it comes to information security, longevity and popularity of attacks relevant to your industry are what awareness campaigns are built on. The […]

2 Comments

Let’s Go Vishing

Vishing, or eliciting information over the phone, is a common social attack vector. It’s proven to be one of the most successful methods of gaining information needed to breach an organization, even when used by an inexperienced attacker. When you can’t hack your way through your pentest, when you can’t break in with your red-team, […]

3 Comments

Post-Cyber Monday survival

Congratulations! You survived Black Friday and Cyber Monday (personally, I’m holding out for “Free Cookies Friday”), but what now? You could sit back and enjoy your spoils of war, ahem, I mean shopping, or you could start a new tradition: Post-Cyber-Monday checklist. Sounds exciting, doesn’t it? Maybe it’s not up there with “Free Cookie Friday” […]

3 Comments

Danger: Dopamine Addiction

People like to be appreciated and know they are good at what they do. This goes for social engineering pentesters, too. We are contracted to think like the bad guys but are actually the good guys. This means we don’t post the details of a cool hack we found to get through a specific organization’s […]

7 Comments

Be The Change – Education, is it working?

An article from Dark Reading came out earlier this month that is still getting a lot of traction in the news. What’s the big band wagon that everyone is scrambling to jump on? It’s simple. Train employees on social engineering tactics. The article points out that more than half of security professionals say that social […]

1 Comment

Winning the SECTF – DEF CON 22

As written by Stephanie Carruthers The Social Engineering Capture The Flag (SECTF) is a competition that is held at DEF CON. The competition is comprised of two parts, an information gathering phase and live call phase. A target company is randomly assigned and the information gathering stage begins with research of the company (by only using […]

Looking for a Good Book?

  

Become a newsletter subscriber