Tag Archives: social engineering

Jayson Brown Hones Your CTF Skills at CircleCityCon ’15

Indianapolis, CircleCityCon ’15 – June 12-14 –  Jayson Brown, an IT Security Specialist for one of Michigan’s largest health care organizations, hones your hacking skills via Capture the Flag exercises.  Participants to this 8 hour course will test their skills by attacking a complete virtual business called Corp Co. Interested attendees should sign up at: https://circlecitycon.com/tickets Continue reading

Friends, Foes and Faceless Denizens – The Real Social Network

Three years ago I performed a penetration test of a transportation company in the Midwest. Save for a few low-severity vulnerabilities, Company X had a well-managed public-facing network infrastructure. Satisfied with the status of their network security, I turned my attention to the human network.

Searching for Company X on sites like Twitter, Facebook, and LinkedIn, I discovered employee names and corporate activities that were not shared on its website. As the search continued, Company X’s culture, processes, and lexicon emerged from the social dialogue.

Within three hours I was able to collect identifying information on key employees including birth dates, employment and educational history, and hobbies. These data points were cross-referenced with other resources on the Internet to profile Company X’s community involvement activities.

Continue reading