💬 true story... Social Engineering.
• Technical security measures practically do not reduce the risks from attacks by Social Engineering methods. "There is no device that prohibits people from being idiots." Two years before the Snowden incident, the US Department of Homeland Security (DHS) checked people who are responsible for preventing threats nationwide, and they behaved like small children.
💬 true story. Cards. Money. Double VPN.
This small, sometimes sad, and sometimes funny story, about how you can lose everything on an even level, if you completely forget about your conscience.
Social Engineering 💬 true story...
🖖🏻 Greetings to you user_name.
• Today I want to share with you an interesting story from a #Red_Team specialist from IBM. The text is quite long, but interesting. Let's go..
💬 true story... Attack of the century. How to cheat Google and Facebook for hundreds of millions of dollars with the help of SI.
• As the name already implies, today's story is dedicated to Facebook and Google, from whom millions of dollars were stolen with the help of social engineering.
📓 Book: Network Security.
• Today's book contains step-by-step instructions for installing and using firewalls, information about the security of wireless connections, biometric authentication methods and other modern methods of protection.
🧠 S.E. Note. Classical social engineering.
• To carry out a successful attack, attackers need three components: time, perseverance and patience. Often, attacks using social engineering are carried out gradually and methodically — not only data about the right people are collected, but also so-called "social signals". This is done in order to gain trust and circumvent the target. For example, an attacker can convince the victim with whom the dialogue is being built that they are colleagues.
Social Engineering. Cheating bloggers and hijacking channels.
• Yesterday, a video message was published from a well-known blogger (AICHI Beard), who covers the topic of programming and publishes interesting interviews with developers. The fact is that with the help of social engineering methods, the author was forced to enter data on a phishing resource, after which the account was hacked, and the Telegram * channel was hijacked. After the successful hacking, various binary options, which are a scam, began to be published in the TG channel.
🗞 The Privacy, Security, & OSINT Magazine.
• This month, the fifth issue of the magazine "UNREDACTED Magazine", authored by Michael Bazzell, appeared online.
Symantec researchers report details about the activities of a cybercrime group they track as Bluebottle, revealing significant similarities to the TTP gang OPERA1ER.
As the researchers found out, Bluebottle hackers used a signed Windows driver to attack banks in French-speaking countries. At the same time, the actions and goals correspond to the OPERA1ER profile, which were attributed to at least 35 successful attacks in the period from 2018 to 2020.
🫠 Social Engineering. MFA-fatigue (MFA Fatigue).
• MFA Fatigue is one of the social engineering methods used by attackers to bypass multi—factor authentication, causing an endless stream of push requests sent to the account owner's mobile device. If the victim accepts the request, the attacker will successfully complete the authorization.
👁 Anonymity in a modern metropolis.
The anonymity of private life and savings is something without which individual freedom cannot exist.
👨🏻💻 A complete guide to attacks on Internet of Things devices.
• Internet connection gives many of the home devices new useful features, but security in the IoT world often works on the principle of "come in who wants, take what you want."
🔄 Reverse search. Methods of searching for information on images and auxiliary tools.
• If we are faced with the task of identifying a person or object from a photograph, then we can solve it using various methods and auxiliary tools.
👨🏻💻 Mimikatz. Application guide.
• Benjamin Delpy originally created Mimikatz as a proof of concept to demonstrate to Microsoft the vulnerability to attacks of their authentication protocols. Instead, he inadvertently created one of the most widely used and downloaded hacking tools in the last 20 years.
Spain
Portugal
