The Social Engineer

Human Beings: The most easily exploitable aspect of security

The Importance of the Pretext

Social Engineering /

More and more often hackers are relying on exploiting the human aspect of security to gain access to their targets through social engineering type attacks (e.g., phone, phishing, in-person, etc.). With strong firewalls, intrusion detection/prevention systems, and tools like security incident and event management (SIEM), you are seeing an increase in attacks that are targeting …

Destroying Data – Delete It for Good

IT Security /

How is your organization handling the disposal and storage of sensitive or confidential information / data? This is often a topic / area that can be overlooked but that is a big mistake. Check out these following examples of organizations that made this mistake: –          In November of 2017, Charles River Medical Associates, a part …

SPF, DKIM, and DMARC – What’s the Big Deal?

IT Security /

“SPF is important because it helps to prevent a malicious attacker from spoofing your address. SPF records help to prevent sender address forgery by protecting the “envelop sender address”, allowing admins to specify which mail servers are allowed to send mail from their domain. Which means it makes it harder for hackers to perform phishing …

Micro Expressions

Social Engineering /

“Emotions can override the more powerful fundamental motives that drive our lives: hunger, sex, and the will to survive.” – Paul Ekman Social engineers have to become masters at understanding, reading and influencing people. Depending on the information being communicated, a large portion of our communication will not be the words we say but the …

Two Truths and a Lie? To Hide a Hack or Tell?

IT Security /

  Post based on the following article found at Gizmodo.com: Clever Tool to Detect Hacks Companies Haven’t Told Users About by Melanie Ehrenkranz   People are at the mercy of the companies that they choose to give their personal or sensitive/confidential information to and companies are at the mercy of the vendors they choose to …

The Malicious Attackers Never Ending Search for the Administrative Account

IT Security /

  “A survey by Centrify found that almost 60% of IT professionals shared privileged account access credentials with co-workers. Technology analyst firm, Forrester, estimates that 80% of corporate security breaches result from privileged identity compromises.”                – Josh Berman More times than not, we are coming to find out …

The Most Dangerous Aspect of Security – The Human Infrastructure

Social Engineering /

“Remember: those who build walls think differently than those who seek to go over, under, around or through them. If you think you can’t be conned, you’re just the person I’d like to meet.” – Paul Wilson Blog post number 1! I am excited to have you along for the ride and greatly appreciate you …