Tags: Social Engineering

Some Thoughts on User Awareness Training

Brian Krebs published an article about a tech firm losing $46 million in a technology-based heist.  The heist used forged communications from senior executives to complete financial transactions.  This got me thinking about user awareness training and how we’re doing it and how we might do it better.

Read More…

Thoughts on Fiat Chrysler’s Patching Dilemma

Hi, my name is Aaron and I’m an INFOSEC hipster.  I was worried about the security of our increasingly connected cars back in 2013, which is way before it was cool to be worried about such things.  Someone fetch me some thick, black framed glasses and a PBR while I configure my retro NFR IDS.  […]

Read More…

Marketing and Public Relations: Social Engineering on an Industrial Scale

I stumbled across this article this morning in my Twitter feed: Richard Berman Energy Industry Talk Secretly Taped (Hat tip to Phil Plait AKA @BadAstronomer) The ethics of the actions described are certainly up for debate.  That’s not what I want to ponder with you this morning.  What I do want to ponder is how the ven […]

Read More…

The Week That Was – 2013-11-05

I’ll get this regular publication thing down yet.  I’m shooting for every Friday.  One of you data nerds out there find a good over/under number for the days past Friday I post a Week That Was article. Now for the content. Last week I talked about the fact that LinkedIn’s new application called “Intro” included […]

Read More…

The Week that Was – 10/28/2013

Last week had a number of interesting developments.  Two of them involved the law, privacy, and security implications. First, the Third Circuit Court ruled that GPS tracking devices attached to vehicles require a probable cause warrant. [9]   I think this is an important ruling for privacy and the 4th Amendment.  I’m a proponent for […]

Read More…

The Week That Was – 4/15/2013

I’ve got one metric butt load of links for you this week.  There is a lot of good stuff but here are some of the highlights: Doctor Dan Colman, Winton Professor for the Public Understanding of Risk at Cambridge University, has shared a really interesting video on risk.  [1],[9]  His point is that sometimes it’s […]

Read More…

The Week That Was – 2013-03-19

We have some good ones this week. Andrew Hay and Ray Umerley have some interesting points about brining up the next generation of information security professionals.  [2], [9]  As a profession we tend to focus on the technical aspect of the problem and encourage folks to specialize in one particular area of the profession.  We […]

Read More…

The Week That Was – 10/8/2012

Light load this week, folks.  I was out scaring trout in the Pisgah National Forrest instead of reading up on current events.  Only commentary I have is that we now have SHA-3 [3] and someone takes one more kick at the dead horse that is password technology. [1] I suppose the Mega Droid project is […]

Read More…

The Week(s) that Was (Were) – 8/31/2012

It’s been a tough couple of weeks, sports fans.  I’ve not been good about keeping up on INFOSEC current events and sharing them out with you.  Here is a backlog that has a big blind spot from last week.  Feel free to make any article suggestions I should include from the blind spot and I’ll […]

Read More…

The Week That Was – 8/13/2012

Highlights for this week include: Mat Honan getting pwn3d pretty hard through what was essentially a social engineering attack. [1],[2],[5]-[7] Mr. Alex Hutton introduces the Risk Fish.  I need to spend some quality time with this diagram.  On first glance, it looks like it can make the process of risk assessment a little easier. [8] […]

Read More…
%d bloggers like this: