http://www.csoonline.com/article/601615/how-to-steal-corporate-secrets-in-20-minutes-ask By Robert McMillan IDG News Service July 30, 2010 A few companies in the Fortune 500 need to upgrade their Web browsers. And while they're at it, a little in-house training on social engineering wouldn't be a bad idea, either. Social engineering hackers -- people who trick employees into doing and saying things that they shouldn't -- took their best shot at the Fortune 500 during a contest at Defcon Friday and showed how easy it is to get people to talk, if only you tell the right lie. Contestants got IT staffers at major corporations, including Microsoft, Cisco Systems, Apple and Shell, to give up all sorts of information that could be used in a computer attack, including what browser and version number they were using (the first two companies called Friday were using IE6), what software they use to open pdf documents, their operating system and service pack number, their mail client, the antivirus software they use, and even the name of their local wireless network. The first two contestants made it look easy. [...] -- Visit InfoSec News! http://www.infosecnews.org/Received on Wed Aug 04 2010 - 00:30:45 PDT
This archive was generated by hypermail 2.2.0 : Wed Aug 04 2010 - 00:42:54 PDT