Social Engineering
Is everyone familiar with social engineering testing? It’s a test of the natural tendency of a person to trust another person’s word, rather than exploiting actual computer security holes. (more…)
Is everyone familiar with social engineering testing? It’s a test of the natural tendency of a person to trust another person’s word, rather than exploiting actual computer security holes. (more…)
There is often confusion with the difference between “vulnerability scanning” and “penetration testing“, the latter being synonymous with “ethical hacking”. This article/podcast, from the president of the EC Council, the accreditation body for the Certified Ethical Hacker designation, includes a nice explanation of this very important kind of security testing. (more…)
Before proceeding, please note that there are many tools and methods that have the ability to scan for weak or blank MS-SQL passwords. SQLPing comes to mind which is a great tool if you’re on a Windows host. Metasploit has the ability to scan for MS-SQL passwords as well but it isn’t ideal for targeted lists and it can take time trying to connect to hosts that don’t have SQL installed. I could probably write a few extra pages just about tools and methods so I’ll stop there and get started. (more…)
If you’re doing your quarterly vulnerability scans you may be wondering if that is the same as a penetration test or if you really need to do both. (more…)
I recently wrote about Security Awareness Training, and mentioned that a well-trained staff and general employee population can be a good deterrent against Social Engineering practitioners. Social Engineering is a service offering of Halock Security Labs, and it’s probably one of our team’s favorite exercises. Social engineering is basically a test of the security awareness of your employees. (more…)
Cyber Security Awareness Training – There is plenty of technology that can be applied in all manner of ways to help protect against a breach, but if the employee culture doesn’t embrace being mindful of security, it makes the CISO’s job a little harder. (more…)