Sorry this has gotten a little of topic lately... In an effort to continue this blog nearly daily I guess there will be posts about some differing topics as well. At the referenced OWASP meeting yesterday the moderator got to speaking about a colleague of his that is a professional social engineer, testing companies fortitude. Some of the stories were quite interesting how easily he was able to get an employee to give up either sensitive information or complete remote control of their local system. I guess my point here is that this type of attack is possibly the first type of "hack" ever executed and it still works today. So even with all of our technology and security, you can still get someone to give you the "keys to the front door" just by asking. And that is by far the best solution right? I guess what I am saying is that don't over look anything, even if you think it will not work because you just never know. Dumpster diving anyone?
Saturday, December 8, 2007
Social Engineering
Sorry this has gotten a little of topic lately... In an effort to continue this blog nearly daily I guess there will be posts about some differing topics as well. At the referenced OWASP meeting yesterday the moderator got to speaking about a colleague of his that is a professional social engineer, testing companies fortitude. Some of the stories were quite interesting how easily he was able to get an employee to give up either sensitive information or complete remote control of their local system. I guess my point here is that this type of attack is possibly the first type of "hack" ever executed and it still works today. So even with all of our technology and security, you can still get someone to give you the "keys to the front door" just by asking. And that is by far the best solution right? I guess what I am saying is that don't over look anything, even if you think it will not work because you just never know. Dumpster diving anyone?
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment