InfoSec, Mobile and Social Engineering - Cyber Security Informer

Tim Hortons Privacy Investigation, Social Engineering Kill-Chain, Hospitals Sending Facebook Your Data

Security Boulevard

JUNE 26, 2022

The Tim Hortons mobile app created a “a mass invasion of Canadians’ privacy” by conducting continuous location tracking without user consent even when the app was closed, what is a social engineering kill-chain and how can this help understand and prevent attacks, and new research shows 33 out of the top 100 hospitals in America […].

Social Engineering

Social Engineering Engineering Mobile Healthcare

US Helped Ukraine With Infosec—Story is ‘Dangerous Arrogance’

Security Boulevard

MARCH 10, 2022

The post US Helped Ukraine With Infosec—Story is ‘Dangerous Arrogance’ appeared first on Security Boulevard. But scratch the surface and there’s not much of a There there. What looks like a coordinated PR campaign relies on “people familiar with the.

InfoSec

InfoSec Media Hacking Social Engineering

Rethinking Responsibilities and Remedies in Social-Engineering Attacks

Threatpost

SEPTEMBER 18, 2019

The idea that humans are the weakest link shouldn't guide the thinking on social-engineering defense.

Social Engineering

Social Engineering Engineering InfoSec Mobile

DuckDuckGo Browser Allows Microsoft Trackers, Stolen Verizon Employee Database, Attacking Powered Off iPhones

Security Boulevard

JUNE 5, 2022

The DuckDuckGo mobile browser allows Microsoft trackers due to an agreement in their syndicated search content contract, a database of contact details for hundreds of Verizon employees was compromised after an employee was social engineered to give the attacker remote access to their corporate computer, and details about new research that shows that (..)

Social Engineering

Social Engineering Mobile Engineering Data privacy

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

The attacker gained initial access to two employee accounts by carrying out social engineering attacks on the organization’s help desk twice. Leveraging its English proficiency, the collective uses social engineering for initial access. Within six hours, the attacker began encrypting the organization’s systems.

Social Engineering

Social Engineering Accountability Engineering Backups

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

I seem to be doing most of that activity now on Mastodon , which appears to have absorbed most of the infosec refugees from Twitter, and in any case is proving to be a far more useful, civil and constructive place to post such things. For a variety of reasons, I will no longer be sharing these updates on Twitter.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

Complete Guide to Phishing Attacks: What Are the Different Types and Defenses?

eSecurity Planet

MARCH 31, 2022

Phishing is a type of social engineering attack in which bad actors pose as a trustworthy entity via phone, email, or text message in order to steal personal information from the recipient. Attackers may try to get their victims to reveal their date of birth, social security number, credit card information, or account passwords.

Phishing

Phishing Banking Social Engineering Scams

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

The attacker gained initial access to two employee accounts by carrying out social engineering attacks on the organization’s help desk twice. Leveraging its English proficiency, the collective uses social engineering for initial access. Within six hours, the attacker began encrypting the organization’s systems.

Social Engineering

Social Engineering Accountability Engineering Backups

Meet the 2021 SC Awards judges

SC Magazine

MAY 1, 2021

Bell has more than 20 years’ experience in information technology and security strategy, most recently serving as chief security and trust officer for Verdigris Holdings, a mobile banking platform. His expertise is in social engineering, technology, security algorithms and business.

Computers and Electronics

Computers and Electronics Technology Information Security Education

Security Roundup May 2023

BH Consulting

MAY 23, 2023

Say it again, I double dare you Anyone familiar with phishing and social engineering will know scammers often use psychological tricks to get victims to divulge personal data. MORE Threat Prompt newsletter covers the intersection between AI and infosec. MORE Working in the transportation sector?

Identity Theft

Identity Theft Artificial Intelligence Social Engineering InfoSec

Getting the Most Value Out of the OSCP: After the Exam

Security Boulevard

JUNE 2, 2025

If youre entering the cybersecurity job market, I highly recommend the Infosec Job Hunting w/ BanjoCrashland YouTube playlist. The skills these courses help you develop are essential to advanced post-exploitation, red teaming, and custom implant engineering.

Penetration Testing

Penetration Testing Engineering Wireless Cybersecurity

Top Breach and Attack Simulation (BAS) Vendors

eSecurity Planet

MAY 5, 2021

DXC Technology has over 40 years of infosec experience, most of which as HPE’s Enterprise Services. Add-on features include mobile device support, cloud security assessments, and container runtime security. Deploying Cymulate with near-unlimited attack simulations can be completed within minutes via a single lightweight agent.

Penetration Testing

Penetration Testing Risk Technology Marketing

Defending Against State and State-Sponsored Threat Actors

Threatpost

DECEMBER 21, 2020

Saryu Nayyar of Gurucul discusses state and state-sponsored threat actors, the apex predators of the cybersecurity world.

Cybersecurity

Cybersecurity Social Engineering InfoSec Engineering

Apple Finally Adopts RCS, AI Powered Scams Targeting the Elderly

Security Boulevard

NOVEMBER 26, 2023

In this episode, Tom shows off AI generated images of a “Lonely and Sad Security Awareness Manager in a Dog Pound” and the humorous outcomes. The conversation shifts to Apple’s upcoming support for Rich Communication Services (RCS) and the potential security implications.

Scams

Scams Security Awareness Social Engineering Data privacy

Janet Jackson Can Crash Laptops, Credential Phishing Attacks Skyrocket, A Phone Carrier That Doesn’t Track You

Security Boulevard

AUGUST 28, 2022

Janet Jackson’s “Rhythm Nation” has been recognized as an exploit for a vulnerability after Microsoft reported it can crash the hard drives of certain old laptop computers, phishing attacks that compromise credentials using brand impersonation are on the rise, and details about a new privacy focused phone carrier that doesn’t track your location or (..)

Phishing

Phishing Social Engineering Surveillance Data privacy

The Hacker Mind Podcast: So You Want To Be A Pentester

ForAllSecure

FEBRUARY 23, 2021

She is an impressive force within the infosec world. And they also try to specifically devise campaigns that mimic trends that we see in the mobile cyber threat landscape. I mean if you can’t handle the details, then what do you think working in infosec is all about? available wherever books are sold.

Penetration Testing

Penetration Testing InfoSec Cyber Attacks Education

The Hacker Mind Podcast: So You Want To Be A Pentester

ForAllSecure

FEBRUARY 23, 2021

She is an impressive force within the infosec world. And they also try to specifically devise campaigns that mimic trends that we see in the mobile cyber threat landscape. I mean if you can’t handle the details, then what do you think working in infosec is all about? available wherever books are sold.

Penetration Testing

Penetration Testing InfoSec Cyber Attacks Education

Truths and Myths of Privacy, Fake Shopping Apps, Borat RAT Malware

Security Boulevard

APRIL 10, 2022

Scott and Tom explain why privacy isn’t dead, why should everyone should care about their privacy, and how you should respond to someone that says “I don’t care about privacy, I have nothing to hide!”. Plus, details on a new attack using fake shopping apps and how a new malware toolkit called “Borat RAT” is […].

Malware

Malware Social Engineering Scams Engineering

The Hacker Mind Podcast: Surviving Stalkerware

ForAllSecure

SEPTEMBER 21, 2021

And what if that unease was coming from your mobile device. For example, the way, mobile phone pings the local cell tower are used by the Transportation Department to report traffic conditions on major roads and highways. Vamosi: That talk focused on the fact that there are InfoSec hackers openly working to address this problem.

Technology

Technology Software Surveillance Media

Cyber Security Informer

Tim Hortons Privacy Investigation, Social Engineering Kill-Chain, Hospitals Sending Facebook Your Data

US Helped Ukraine With Infosec—Story is ‘Dangerous Arrogance’

Trending Sources

Rethinking Responsibilities and Remedies in Social-Engineering Attacks

DuckDuckGo Browser Allows Microsoft Trackers, Stolen Verizon Employee Database, Attacking Powered Off iPhones

Scattered Spider x RansomHub: A New Partnership

Happy 13th Birthday, KrebsOnSecurity!

Complete Guide to Phishing Attacks: What Are the Different Types and Defenses?

Scattered Spider x RansomHub: A New Partnership

Meet the 2021 SC Awards judges

Security Roundup May 2023

Getting the Most Value Out of the OSCP: After the Exam

Top Breach and Attack Simulation (BAS) Vendors

Defending Against State and State-Sponsored Threat Actors

Apple Finally Adopts RCS, AI Powered Scams Targeting the Elderly

Janet Jackson Can Crash Laptops, Credential Phishing Attacks Skyrocket, A Phone Carrier That Doesn’t Track You

The Hacker Mind Podcast: So You Want To Be A Pentester

The Hacker Mind Podcast: So You Want To Be A Pentester

Truths and Myths of Privacy, Fake Shopping Apps, Borat RAT Malware

The Hacker Mind Podcast: Surviving Stalkerware

Stay Connected