Episode 037: “Trust Me I’m Lying” an Interview with Ryan Holiday

https://www.youtube.com/watch?v=1LXD9RFy5g4 Media Manipulation.  What Is it?  How does it work?  Can you really make people see, buy and read things they may not normally read, buy or see? Ryan is an experienced and very talented media manipulator.  Date Sept 10, 2012 Download Episode 037 - Trust Me I'm Lying an Interview with Ryan Holiday. Our new poll will be part of a study in trust.…

Spearing the biggest phish

One of the major things our Social Engineering Capture the Flag events highlight is the rampant leaking of information by the very companies themselves. Defcon 19 showed us that a full-scale social engineering attacks could be carried out by simply using Open Source Information (OSI) freely available on the internet, most of which came from the companies themselves. We saw postings of access…

The Power of Nonsexual Touch

Often when we think about social engineering we think about manipulating individuals by speaking to them. We think of talking the call center employee into doing our bidding or posing as a delivery representative and talking our way onto the facilities. We rely on our eyes and ears as we navigate the world but we often forget about, or don’t give enough credit to, the power of nonsexual touch.…

Analysis of the Lower Merion School District Remote Monitoring of Students

Simply typing “Lower Merion County WebCam” into Google brings back 35,000 websites and “Lower Merion County” 185,000. This is no small news story. Yet, the focus of many is on the ability the IS department had to take unsolicited and private pictures of minors/students in their homes using school issued laptops. On February 16th, 2010 a civil suit was brought against the Lower Merion PA school…

SET 0.5 – Client Sides, Web Cloning and HakSaws – The Lemon Strikes Back

The Social-Engineer Toolkit (SET) has progressed over the months thanks to the suggestions and collaboration with the security community. With this version, I am proud to announce the immediate release of the Social-Engineer Toolkit v0.5. 4/16/2010 at 9:00pm EST Before getting into the new attack vectors, let's talk about the improvements from 0.4 to 0.5: * The ability to utilize the -x…

The Importance of Information Gathering

Our friend and contributor Matt was kind enough to put into writing a few stories from his law enforcement days. This excellent example shows how important it is to pay attention to the little details when information gathering. Sometimes the littlest details can make or break the story..... I got into work one Saturday morning and was immediately called out to a home invasion. It was summer…