Collaborate Disseminate
Vol 08 Issue 100 January 2018 In This Issue What Has Happened with Social Engineering in the Past 8 Years? Social-Engineer News Upcoming classes As a member of the newsletter you have the option to OPT-IN for special offers. You can click here t… Continue reading Social-Engineer Newsletter Vol 08 – Issue 100
This is an interesting security vulnerability: because it is so easy to impersonate iOS password prompts, a malicious app can steal your password just by asking. Why does this work? iOS asks the user for their iTunes password for many reasons, the most common ones are recently installed iOS operating system updates, or iOS apps that are stuck during installation…. Continue reading Impersonating iOS Password Prompts
Sad story of someone whose computer became owned by a griefer: The trouble began last year when he noticed strange things happening: files went missing from his computer; his Facebook picture was changed; and texts from his daughter didn’t reach him or arrived changed. "Nobody believed me," says Gary. "My wife and my brother thought I had lost my mind…. Continue reading Separating the Paranoid from the Hacked
Access Now has documented it being used against a Twitter user, but it also works against other social media accounts: With the Doubleswitch attack, a hijacker takes control of a victim’s account through one of several attack vectors. People who have not enabled an app-based form of multifactor authentication for their accounts are especially vulnerable. For instance, an attacker could… Continue reading New Technique to Hijack Social Media Accounts
LyreBird is a system that can accurately reproduce the voice of someone, given a large amount of sample inputs. It’s pretty good — listen to the demo here — and will only get better over time. The applications for recorded-voice forgeries are obvious, but I think the larger security risk will be real-time forgery. Imagine the social engineering implications of… Continue reading Forging Voice
Did you realize that guessing somebody’s password (or, at least, using it to access an account without permission) is a crime? Continue reading 3 things you might not realize are cybercrimes
A mistress’s fake profile, replete with 18-month-old kid and child support demands, was meant to coax witnesses into denying an alibi. Continue reading Prosecutor suspended over fake Facebook profile used in murder prosecution
It’s planning to alert you when the pod people have glommed onto your profile photo and name. Continue reading Facebook’s testing a feature that alerts you if someone’s impersonating you