Information security is about people

Tuesday, 24 February 2004, 8:20 PM EST

One morning I pulled on hat and sweater bearing the logo of a well-known telecom company, printed up a fake work order, and headed off to the offices of one of my clients.

With my pseudo-official outfit and scrap of paper, I managed to make my way past security and into the room housing the company's telecommunications hub. A few keystrokes later I had downloaded every username and password on the system and had complete access to every account, file, mailbox and computer on the network.

Luckily for the company, I was working for them as an ethical hacker and security consultant. Unluckily for them, anyone with enough desire, access to a printer, and a few dollars for wardrobe could have done the same.

By Robert Masse at Globetechnology.

[ Read more ]




Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //