Latest news
Cross Analyzation
To begin social engineering you must know how to cross-analyze someone. Cross Analyzation is basically determining someone's personality by looking at them. This can be farely easy because people make the way they live so obvious to others. For example, how would you determine someone as being a homeless drunk? Well by their clothes, hygeine, smell, a bottle of alcohol in their hand, etc. Another way cross analyzation can be used is over the phone but this method is not reliable in some cases. But it is a very useful tool when social engineering. Look for things such as their tone of voice, the way they answer the phone, mumbling, stuttering, etc. You can also see how dumb someone is if you tell them that they won a sweepstakes and you want to collect some information about them and they dont hang up on you.
Information Gathering these days is very easy for example if you wanted to find out the phone # your next door neighbor simply log onto the internet and goto portal.cyberarmy.com and you just type in what you know whether it be the phone number, address, or full name. Another method would be by snooping through their mail and trash. The best method (in my opinion) is to run a tap on their line. This way you can use what you heard to make a better cross-analyzation and you might gain some valuable information such as usernames and passwords, (which could doubtfully be obtained by social engineering or you wouldnt be reading this)and maybe you'll even be able to get some dirt on them. Another method would be to get the old binoculars and watch as they enter passwords for e-mail on their computer or as they chat with people. Another method I have used in the passed is hacking their voice mail box or answering machine. Now if you do all of this you will have a shit load of information on them. Now to get to the engineering.
Getting Prepared
Spotlight
Is it time to professionalize information security?
Posted on 23 May 2013. | The issue of whether or not information security professionals should be licensed to practice has already been the topic of many a passionate debate.
Review: Logging and Log Management
Posted on 22 May 2013. | Every security practitioner should be aware of the overwhelming advantages of logging and perusing logs for discovering system intrusions. But logging and log management comes with its own set of difficulties.
Experts highlight top data breach vulnerabilities
Posted on 22 May 2013. | Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker.
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
