Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Oracle, other co$ "punkd" @ hacking convention

  • Please log in to reply
1 reply to this topic

#1 Union_Thug


    Bleeps with the fishes...

  • Members
  • 2,355 posts
  • Gender:Male
  • Location:is everything
  • Local time:07:13 PM

Posted 08 August 2011 - 12:40 PM


(Reuters) - A weekend contest at the world's largest hacking convention in Las Vegas showed one reason why big corporations seem to be such easy prey for cyber criminals: their workers are poorly trained in security.


In one case, a contestant pretended to work for a company's IT department and persuaded an employee to give him information on the configuration of her PC, data that could help a hacker decide what type of malware would work best in an attack. "For me it was a scary call because she was so willing to comply," said Chris Hadnagy, one of the organizers of the contest at the Defcon conference in Las Vegas.


The company whose employees handed over the most data was Oracle Corp, according to Hadnagy. One of the world's largest software makers, Oracle got its start more than 30 years ago by selling secure databases to the Central Intelligence Agency.


The contestants were charged with obtaining specific information from their targets, including information about how the company backs up and secures its data, wireless network use, and the names of companies that provide on-site security, toner and copier paper.

:blink: :wacko:

BC AdBot (Login to Remove)


#2 Winterland


  • Members
  • 996 posts
  • Gender:Male
  • Location:The Land of Enchantment
  • Local time:06:13 PM

Posted 09 August 2011 - 06:12 AM

Oh my.

It always amazes me when I read something like this.

Read it out loud to the wife, esp. the spear phishing email part.

How can these employees not know? Who are their bosses?

In my (thankfully) small amount of time at a Help Desk Support position we would get these types of calls and I would always get suspicious and offer to call back or 'pass on' the request for information.

It never occurred to my other co-workers that this was the safer/secure why to handle an unusual request from someone I couldn't identify, but boy howdy, the callers were sure 'friendly'.

Thanks for the article.


Photobucket removed my cool flag - idiots!


Every calculation based on experience elsewhere fails in New Mexico.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users