Feeds

Networking sites could help hackers

Social climbing

Intelligent flash storage arrays

Professional networking sites are unwittingly providing hackers with the possible means to carry out sophisticated social engineering scams, a UK security consultancy warns.

SecureTest was able to produce a comprehensive personal profile of an internal employee in a short time using data from social and professional networking sites such as Ryze, LinkedIn, and Ecademy. Combining the technique with careful web searching and cross referencing yielded information that would be difficult to obtain using traditional phone-based social engineering techniques.

In one example, a SecureTest researcher was able to obtain the full employment history and the names of key colleagues of an IT professional in a matter of hours. The worker involved had also listed details of his family members, professional memberships and hobbies.

SecureTest warns that the data could be used to impersonate an individual or to enable the hacker to build a relationship with key decision making personnel within a targeted organisation.

SecureTest isn't able to cite incidents where the attack has been used in practice, but warns that the risk it details is all too real. It advises firms to update their security policies in order to warn workers of the potential threat. ®

Top 5 reasons to deploy VMware with Tegile

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.