Insider Threats: Breaching The Human Barrier
10/20/2014A company can spend all the money it has on technical solutions to protect the perimeter and still not prevent the attack that comes from within.
Post a Comment
Author
Profile of Christopher Hadnagy
Founder & CEO, Social-Engineer, Inc. Member Since: 9/30/2014Author
News & Commentary Posts: 1
Comments: 15
Chris Hadnagy has over 16 years' experience as a practitioner and researcher in the security field. His efforts in training, education, and awareness have helped to expose social engineering as the top threat to the security of organizations today. He established the world's first social engineering framework at http://www.social-engineer.org/, providing an invaluable repository of information for security professionals and enthusiasts. That site grew into a dynamic web resource including a podcast and newsletter, which have become staples in the security industry and are referenced by large organizations around the world. Chris also created the first hands-on social engineering training course and certification, Advanced Practical Social Engineering, attended by law enforcement, military, and private sector professionals. A sought-after writer and speaker, he has spoken and trained at events such as RSA and Black Hat. He is also the best-selling author of two books: Social Engineering: The Art of Human Hacking and Unmasking the Social Engineer: The Human Element of Security.
Articles by Christopher Hadnagy
A company can spend all the money it has on technical solutions to protect the perimeter and still not prevent the attack that comes from within.
Post a Comment
White Papers
Video
0 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Are you sure this is how we get our data into the cloud?
Latest Comment: Are you sure this is how we get our data into the cloud?
Current Issue
Flash Poll
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-17368
PUBLISHED: 2018-09-23
PUBLISHED: 2018-09-23
PUBLISHED: 2018-09-23
PUBLISHED: 2018-09-23
PUBLISHED: 2018-09-23
From DHS/US-CERT's National Vulnerability Database CVE-2018-17368
PUBLISHED: 2018-09-23
An issue was discovered in PublicCMS V4.0.180825. For an invalid login attempt, the response length is different depending on whether the username is valid, which makes it easier to conduct brute-force attacks.
CVE-2018-17369PUBLISHED: 2018-09-23
An issue was discovered in springboot_authority through 2017-03-06. There is stored XSS via the admin/role/edit roleKey, name, or description parameter.
CVE-2018-17400PUBLISHED: 2018-09-23
The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to perform Account Takeover attacks by intercepting the user name and PIN during the initial configuration of the application.
CVE-2018-17401PUBLISHED: 2018-09-23
The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to perform Account Takeover attacks by exploiting its Forgot Password feature.
CVE-2018-17402PUBLISHED: 2018-09-23
The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to discover the Credit/Debit card number, expiration date, and CVV number.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This