Social Engineering

Social Engineering news, information, and how-to advice

lamp data
bank vault door

saudi embassy berlin

Leaked Saudi emails reveal new victim of Iranian hackers

Documents published by WikiLeaks, sourced from the Saudi government, have revealed the country's Ministry of Foreign Affairs (MOFA) as a victim of the series of attacks in 2014 collectively called Operation Cleaver.

army artillary

Weaponized Word docs, spyware and malvertising sprouting in May

Very aggressive weaponized Word documents have been getting past standard defenses in May, according to a new report from security firm Invincea.

smartphone laptop

Report: Scam phone calls up 30%

Phone fraud aimed at finance and retail companies rose by 30 percent last year, according to a new analysis of several million calls by Pindrop Security.

gerhard eschelbeck

Google's new cybersecurity chief cooking up exciting projects

Meet Gerhard Eschelbeck, Google's VP of Security Engineering.

red bull mini

Red Bull scam will give your bank account wings

A scam email making the rounds offers to pay you to drive a Red Bull-decal adorned car. Sounds too good to be true? That's because it is

persoanl info form

Security checks that rely on PII put businesses and consumers at risk

The problem of using personal information as a security check has existed for more than a decade, but as the Internet grows and personal data becomes more easily accessible, should such information remain a key security resource?

IRS discloses breach, attackers used PII to clear security checks

On Tuesday, the Internal Revenue Service (IRS) disclosed a data breach that affects 100,000 taxpayers. In a statement on the matter, the IRS said that the attackers were able to access information through the "Get Transcript"...

st louis federal reserve bank

eNom discloses DNS attack to customers

On Thursday, Taryn Naidu, the CEO of domain registrar eNom, sent a letter to customers disclosing a "very sophisticated attack" that targeted the DNS settings on four domains. The email was sent in order to provide transparency, but...

othello iago

Social Engineering: Even Shakespeare understood security’s weakest link

What do Shakespearean tragedies and security issues have in common? Both are overwhelmingly the result of human error. Othello is one of Shakespeare's greatest plays, and Iago is one of literature’s first social engineers.

american justice courtroom gavel legal system law justice flag 000000804982

Law firm says human error to blame for client breaches in 2014

The Privacy and Data Protection team at BakerHostetler, a law firm with offices across the U.S, has released a report stating that human error was responsible for the majority of the security incident cases they worked in 2014.

handing over keys
Q&A

Professional hackers talk social engineering threats and security awareness

With years of experience pen testing and human hacking, Chris Hadnagy and Dave Kennedy are experts at how social engineers work, and what techniques they use to successfully breach an organization. In this discussion with CSO Chief...

security phishing hook

CareerBuilder listings used as Phishing platform

Researchers at Proofpoint recently discovered a Phishing campaign that originated form select job postings on CareerBuilder.

tesla supercharger station tesla model s resized

Tesla attack started with a single phone call

Last weekend, Tesla Motors had their website, and Twitter accounts hijacked by individuals looking to play a joke. They used their access to deface the company's website and spam a computer repair shop in Illinois, posting their...

1 rsa opener

RSA Conference 2015: Criminals targeting gaps in user awareness training

Common Phishing techniques were less effective last year, so criminals changed their game in order to adapt

Surveys: Employees at fault in majority of breaches

A company's own employees are a significant factor in the majority of data breaches, either through malicious activity or avoidable mistakes, say two new studies, but companies aren't doing enough to address this issue.

phishing

Russian hackers used State Dept. systems to Phish White House staffers

U.S. officials briefed on the investigation have told CNN that Russian hackers used their access after compromising the U.S. State Department to target sensitive information on the unclassified White House network.

shoulder surfing

Beware the ‘visual hack’

Social engineering is by far the largest security threat to most organizations. But recent research showed that a "surgical strike" from a hacker strolling through an office as a "part-time worker" can yield a small amount of very...

Google logo fisheye

Google error leaks website owners' personal information

A Google software problem inadvertently exposed the names, addresses, email addresses and phone numbers used to register websites after people had chosen to keep the information private.

Load More