Solutions: Social Engineering

Michelle Drolet

10. Freely hackable Free public Wi-Fi connections are treated like a public utility, but they can be making you vulnerable to hackers. 9. Sign me up By default, most mobile phones/devices are set to ask your permission to join a network. Once you obtain credentials, the known network will join your phone automatically. 8. Sniffing

Michelle Drolet

We will be attending, sponsoring and hosting the following InfoSec events this Spring / Summer. Join us!   Security BSides Boston 2016 Saturday, May 21 2016 Security BSides is the first grass roots, DIY, open security conference in the world! Security BSides is a great combination of two event styles: structured anchor events and grass-roots

Michelle Drolet

Sophos Researcher James Wyke recently did an analysis of the malware Vawtrak. He found that Vawtrak has been targeting financial institutions, especially banks. Vawtrak injects a DLL code into the targeted bank’s website, which allows a bypass of the victim’s two-factor authentication and infects the victim with a mobile malware. The malware then automatically transfers

Michelle Drolet

Sophos Researcher James Wyke recently did an analysis of the malware Vawtrak. He found that Vawtrak has been targeting financial institutions, especially banks. Vawtrak injects a DLL code into the targeted bank’s website, which allows a bypass of the victim’s two-factor authentication and infects the victim with a mobile malware. The malware then automatically transfers

Michelle Drolet

10. Don’t trust uniforms. Wearing shirts with company logos on them can be enough to gain access to restricted areas. Verify that visitors really are who they say they are. 9. ID caller from IT. If you receive a call offering IT support for a problem you didn’t know you had, get suspicious. That’s probably

Michelle Drolet

Criminals are evolving with their techniques for hacking and breaching corporate assets, so security managers need to as well. Here are some ways companies are going beyond standard pen testing in order to increase awareness By Maria Korolov  Security professionals have long been running penetration tests against their firewalls and other security systems to find

Michelle Drolet

Hi all, there is an e-mail scam doing the rounds. The message is an invite from some random person you won’t know with a link (how original). If you get such a message don’t use the link, check your LinkedIn account as if it’s a legit request it will be there waiting for approval. Even

Michelle Drolet

Everyday there is a new threat with seemingly innocent emails being sent out that look close to an official correspondence from a company, from Paypal, ADP and BBB – to name a few. Cybercriminals are mimicking the online payment processor PayPal in a malicious spam campaign that attempts to dupe customers into downloading malware from

Michelle Drolet

According to the article in Dark Reading,  Study: Phishing Messages Elude Filters, Frequently Hit Untrained Users, many people are still being tripped up by phishing emails. The article summarizes the findings of a survey that was conducted at the Black Hat USA security conference held in July 2012. Of the 250 conference attendees that were polled,

Michelle Drolet

Beware any emails which claim to come from privacy@microsoft.com – it could be that you’re being targeted in an attack designed to steal your AOL, Gmail, Yahoo or Windows Live password. At first glance, if you don’t look too carefully, the emails entitled “Microsoft Windows Update” may appear harmless enough. But the grammatical errors and