AOH :: ISNQ6569.HTM

How to Steal Corporate Secrets in 20 Minutes: Ask




How to Steal Corporate Secrets in 20 Minutes: Ask
How to Steal Corporate Secrets in 20 Minutes: Ask



http://www.csoonline.com/article/601615/how-to-steal-corporate-secrets-in-20-minutes-ask 

By Robert McMillan
IDG News Service
July 30, 2010 

A few companies in the Fortune 500 need to upgrade their Web browsers. 
And while they're at it, a little in-house training on social 
engineering wouldn't be a bad idea, either.

Social engineering hackers -- people who trick employees into doing and 
saying things that they shouldn't -- took their best shot at the Fortune 
500 during a contest at Defcon Friday and showed how easy it is to get 
people to talk, if only you tell the right lie.

Contestants got IT staffers at major corporations, including Microsoft, 
Cisco Systems, Apple and Shell, to give up all sorts of information that 
could be used in a computer attack, including what browser and version 
number they were using (the first two companies called Friday were using 
IE6), what software they use to open pdf documents, their operating 
system and service pack number, their mail client, the antivirus 
software they use, and even the name of their local wireless network.

The first two contestants made it look easy.

[...]


--
Visit InfoSec News!
http://www.infosecnews.org/ 


Site design & layout copyright © 1986-2014 CodeGods