Social engineering has been around for tens of thousands of years so it is time we approach the topic in a professional manner. The Social Engineering Vulnerability Evaluation and Recommendation (SEVER) Project is one way to help penetration testers become more consistent. It is also intended to be the best way to teach novices about […]
Social Engineering
Facebook Attachment Uploader Owned By A Space
Oh look – another vulnerability in Facebook! It wasn’t long ago we reported New Research Shows Facebook’s URL Scanner Is Vulnerable To Cloaking. Well this time the private messaging function has been compromised, you can attach an executable and send it to anyone as long as you put a space after the filename. It’s not […]
The Social-Engineer Toolkit (SET) – Computer Based Social Engineering Tools
The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET was designed to be released with the http://www.social-engineer.org launch and has quickly became a standard tool in a penetration testers arsenal. SET was written by David Kennedy (ReL1K) and with a lot of help from the community it has […]
Malware Pushers Abuse Firefox Warning Page
This is a pretty neat attack from the malware pushes leveraging on the ignorance of the average user – which in all honestly is a safe bet most of the time! You could consider it a Social Engineering attack as it’s taking something that’s familiar and changing it to deliver malware. I’m sure all the […]
Brittany Murphy Dies & Scareware Scammers Strike
[ad] It seems to be a trend now, whenever someone famous dies some kind of malware or phishing scam will pop up playing on their death with the usual social engineering aspect. The most memorable one recently of course was the passing of The King of Pop – Michael Jackson The latest one is Brittany […]