By Robert McMillan
IDG News Service
July 30, 2010
A few companies in the Fortune 500 need to upgrade their Web browsers.
And while they're at it, a little in-house training on social
engineering wouldn't be a bad idea, either.
Social engineering hackers -- people who trick employees into doing and
saying things that they shouldn't -- took their best shot at the Fortune
500 during a contest at Defcon Friday and showed how easy it is to get
people to talk, if only you tell the right lie.
Contestants got IT staffers at major corporations, including Microsoft,
Cisco Systems, Apple and Shell, to give up all sorts of information that
could be used in a computer attack, including what browser and version
number they were using (the first two companies called Friday were using
IE6), what software they use to open pdf documents, their operating
system and service pack number, their mail client, the antivirus
software they use, and even the name of their local wireless network.
The first two contestants made it look easy.
Visit InfoSec News!