Archive | Social Engineering


20 June 2014 | 3,045 views

Source Code Hosting Service Code Spaces Deleted By Hacker

There’s been a LOT of noise about this incident in the past day or two, the very definition of a cloud nightmare. Git/SVN & Project Management SaaS Code Spaces has been hacked and completely deleted by a hacker. It started off with a large scale DDoS attack (the likes of which Feedly and Evernote have [...]

Continue Reading


03 February 2014 | 890 views

A Story Of Social Engineering – How @N Lost His $50,000 Twitter Handle

So last week I read an interesting tale about social engineering on Medium, a story by a chap named Naoki Hiroshima and his Twitter handle, which was @N. Yes just one letter, a pretty rare and it seems valuable handle as he had offers of up to $50,000 for it. In the end though, someone [...]

Continue Reading


30 October 2013 | 3,479 views

FoxOne Free OSINT Tool – Server Reconnaissance Scanner

FoxOne is a free OSINT tool, described by the author (th3j35t3r) as a Non-Invasive and Non-Detectable Server Reconnaissance Scanner. Bypassing API limitations and currently detecting 6500+ vulnerable server paths/files – without ever touching the target server. Very good for getting hold of intel on a given domain (example.com). The intel gained serves both as actionable [...]

Continue Reading


05 March 2012 | 8,607 views

Hacker On Hacker Action – Zeus Botmaster Targets Anonymous Supporters

It somehow reminds me of the oldskool game Spy vs Spy, anyone remember that? Anyhow, that’s off-topic right now. The news is, some smart malware pimp managed to dupe a whole bunch of Anonymous supporters into installing the Zeus botnet – when they thought they were getting a DDoS tool. It’s a pretty big base [...]

Continue Reading


22 December 2011 | 10,438 views

Social Engineering Vulnerability Evaluation and Recommendation Project

Social engineering has been around for tens of thousands of years so it is time we approach the topic in a professional manner. The Social Engineering Vulnerability Evaluation and Recommendation (SEVER) Project is one way to help penetration testers become more consistent. It is also intended to be the best way to teach novices about [...]

Continue Reading


12 October 2011 | 9,852 views

VeriSign Demands The Power To Take Down Websites/Domains

I was scanning the news today, and nothing much was going on. There were some half-arsed stories about Anonymous and LulzSec – but nothing really worth writing about. And then, and then I spotted this, which quite frankly scares the shit out of me. As much as it may well have a use in law [...]

Continue Reading


25 October 2010 | 18,102 views

The Social-Engineer Toolkit (SET) – Computer Based Social Engineering Tools

The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET was designed to be released with the http://www.social-engineer.org launch and has quickly became a standard tool in a penetration testers arsenal. SET was written by David Kennedy (ReL1K) and with a lot of help from the community it has [...]

Continue Reading


21 October 2010 | 7,368 views

Malware Pushers Abuse Firefox Warning Page

This is a pretty neat attack from the malware pushes leveraging on the ignorance of the average user – which in all honestly is a safe bet most of the time! You could consider it a Social Engineering attack as it’s taking something that’s familiar and changing it to deliver malware. I’m sure all the [...]

Continue Reading


08 July 2010 | 9,794 views

Regional Trojan Threat Targeting Online Banks

Well it was inevitable really, I’ve noticed in the last couple of years Phishing e-mails have started to use targeted lists especially for banking sites and the next up of course is trojans developed for specific regions. A security company Trusteer (who makes Rapport) has done some research on this matter which has pin-pointed certain [...]

Continue Reading


22 December 2009 | 3,946 views

Brittany Murphy Dies & Scareware Scammers Strike

It seems to be a trend now, whenever someone famous dies some kind of malware or phishing scam will pop up playing on their death with the usual social engineering aspect. The most memorable one recently of course was the passing of The King of Pop – Michael Jackson The latest one is Brittany Murphy [...]

Continue Reading