Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"The life of a social engineer: Hacking the human"


  • Please log in to reply
6 replies to this topic

#1 DeimosChaos

DeimosChaos

  • BC Advisor
  • 1,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States, Delaware
  • Local time:10:28 PM

Posted 19 May 2016 - 11:45 AM

 

 

Street is a master of deception: a social engineer, specializing in security awareness and physical compromise engagements. He’s outspoken, friendly, always wearing a smile, and besides working in the field, he’s also the InfoSec Ranger at Pwnie Express, and is well-known for his books and conference talks around the world.

 

The life of a social engineer: Hacking the human

 

Pretty good article about a social engineering guy. I'd say he is probably one of the best out there. One thing I don't think I ever really thought about with social engineering attacks, is that the people that do it are incredibly smart. Their skill set has to be broad. You gotta be confident and willing to talk to complete strangers and at least know above average IT related stuff.

Being a Security Engineer myself it is pretty fascinating reading these types of articles.


OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________
Bachelor of Science in Computing Security from Drexel University
Security +


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:28 PM

Posted 19 May 2016 - 11:53 AM

Nice little article, I enjoyed it quite a bit. I don't think I'm the kind of person that will fall for social engineering that easily, since I'm aware of that concept, how to protect myself against it, etc. but I'm sure that I would be totally helpess against pros like him (he could get me at any moment).

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 DeimosChaos

DeimosChaos
  • Topic Starter

  • BC Advisor
  • 1,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States, Delaware
  • Local time:10:28 PM

Posted 19 May 2016 - 12:07 PM

Glad you found it interesting, as did I!

 

I think I would be okay against most social engineering attackers, but yeah I agree, if this guy came around (or someone of his skill level) it may be hard to resist even though you probably know something is going on. Hopefully we never have to find out how we would fair!


OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________
Bachelor of Science in Computing Security from Drexel University
Security +


#4 BaronCardinal

BaronCardinal

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:28 PM

Posted 19 May 2016 - 12:07 PM

Interesting read.  thanks for the link



#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:28 AM

Posted 19 May 2016 - 02:49 PM

Ah yes, Jayson. He's very good at his job. Also known for awkward hugs :-)  http://f0rb1dd3n.com/AwkwardHugs/index.php

 

Here is an awkward hug with general Keith Alexander, retired director of the NSA:

 

http://imgur.com/1JppGPA

 

1JppGPA.jpg


Edited by Didier Stevens, 19 May 2016 - 02:49 PM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#6 DeimosChaos

DeimosChaos
  • Topic Starter

  • BC Advisor
  • 1,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States, Delaware
  • Local time:10:28 PM

Posted 19 May 2016 - 03:02 PM

That is fantastic Didier! LOL


OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________
Bachelor of Science in Computing Security from Drexel University
Security +


#7 MajesticFailure

MajesticFailure

  • Members
  • 137 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 20 May 2016 - 05:43 PM

There must be graveyards full of guys that tried to Eddie Murphy their way into a security vault. Also there's the risk of getting your privates shot off by a guard that isn't shooting to kill. Social engineering is one thing but this takes the biscuit lol.

 

Why doesn't he explain how he got into 3 branches of the same bank? Not that I actually want to know, I just want to believe :S






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users