The clean desk test
Ten ways a messy desk puts confidential information at risk.
Ten ways a messy desk puts confidential information at risk.
In 2006, Mitchell Frost, then a 19-year-old college student at the University of Akron, used the school's computer network to control the botnets he had created. Authorities say between August 2006 and March 2007, Frost launched a series of denial of service (DDOS) attacks against several conservative web sites, including Billoreilly.com, Anncoulter.com and Rudy Giuliani's campaign site, Joinrudy2008.com. He is accused of taking down the O'Reilly site five times, as well as disrupting the University of Akron's network during a DDOS attack Frost allegedly launched on a gaming server hosted by the university.
George Waller from StrikeForce Technologies demonstrations how this malicious software sneaks onto your computer and then steals your sensitive data
The saying goes that in every crisis, there is an opportunity. Compliance requirements, data and privacy demands, and the threat landscape are constantly evolving, forcing companies to realize the importance of security and invest accordingly. As security concerns expand, so does the role of the security leader.
CSOs, CISOs and other security managers are not embracing the bring-your-own-device movement set into motion by demanding employees, but they aren't refusing to allow user-owned smartphones and tablets into the work place either.
Fraud cost organizations 2.1 percent of earnings in the past 12 months, which is equivalent to a week of revenues over the course of a year, according to the Kroll Annual Global Fraud Report, a recent survey that polled more than 1,200 senior executives worldwide.
Jim Stickley got his first computer at age 12, and he was chatting with other computer "nerds" on bulletin board sites by the time he was 16. A wannabe hacker, Stickley said his first foray into playing the system was with free codes - codes that would exclude his phone and computer time from racking up charges that would incur the wrath of his parents.
Which tactic works best for a <a href="http://www.csoonline.com/article/596512/social-engineering-techniques-4-ways-criminal-outsiders-get-inside">scamming social engineer</a>? Acting like an authority figure and requiring a victim to answer questions and give up sensitive information? Or acting like a nice, trustworthy person who strikes up a friendly conversation and just needs the victim to tell them a few things to help them out?
Social engineering attacks are widespread, frequent and cost organisations thousands of dollars annually according to new research from security firm Check Point Software Technologies.
A group of security researchers based in Egypt have created a tool that will make social engineering easier because it automates the collection of hidden Facebook profile data that is otherwise only accessible to friends in a user's network.
A data-breach-investigations <a href="http://www.csoonline.com/article/679874/verizon-advanced-persistant-threat-is-overblown">report issued by Verizon</a> earlier this year found 71 percent of all <a href="http://www.csoonline.com/article/677537/industry-searches-for-lessons-after-rsa-breach">hacking attacks</a> on business take place using remote access or desktop service.
While 69 percent of organisations have employees using personal devices to connect to their corporate network, more than one-fifth, or 21 percent, currently have no policy in place to govern the use of personal mobile devices on their network. These new figures, released recently from security-products firm Courion, suggest many security leaders are still ignoring the need to address mobile-device management among their employees.
Social engineers have been using various dirty tricks to fool people for centuries. Social engineering, the art of gaining access to buildings, systems or data by exploiting human psychology, rather than by breaking in or using technical hacking techniques, is as old as crime itself and has been used in many ways for decades.
Social engineers have been using various <a href="http://www.csoonline.com/article/480589/9-dirty-tricks-social-engineers-favorite-pick-up-lines">dirty tricks</a> to fool people for centuries. <a href="http://www.csoonline.com/article/596512/social-engineering-techniques-4-ways-criminal-outsiders-get-inside">Social engineering</a>, the art of <a href="http://www.csoonline.com/article/494464/social-engineering-5-security-holes-at-the-office-includes-video-">gaining access to buildings</a>, systems or data by exploiting <a href="http://www.csoonline.com/article/663329/social-engineering-3-examples-of-human-hacking">human psychology</a>, rather than by breaking in or using technical hacking techniques, is as old as crime itself and has been used in many ways for decades.
As more people create Facebook profiles (500 million and growing), and sign on to the many social media sites available today, hiring managers are finding they have new opportunities to get background information on job candidates.