teaser seef hack in paris presentation
TRANSCRIPT
www.seef.reputelligence.com
Hack in Paris, 2016
Paris, France
Unlike in the past, social engineering has become an
engineering discipline with precise tools, selected dynamic
approaches and execution plans. This makes it also so damn
hard to define counter-measures against SE attacks on the
receiving end. You really never know where you could get hit
next.
www.seef.reputelligence.com
Attack Vector Development (AVD) Standard AV’s take it and use it – it might work already
GRC++: If a person discards trash,
he or she has no "reasonable
expectation of privacy" in the
discarded items. It is very different
when the garbage bins are in an
enclosed area or on private
property. Dumpster
Diving
www.seef.reputelligence.com
Attack Vector Development (AVD) Standard AV’s take it and use it – it might work already
Eaves-dropping
GRC++:
One of the best sources for social
engineering is active listening. A social
engineer can gain so much information
with just listening in on others’
communication. One of the really great
side effects for just listening in is that it
is (mostly) legal.
www.seef.reputelligence.com
Attack Vector Development (AVD) SER map example – how a finished SER map looks like
www.seef.reputelligence.com
Attack Vector Development (AVD)One of the biggest problems is? EGO (me myself and I)
EGO!
www.seef.reputelligence.com
Interpersonal Distance – The Concept of SpaceThe best approach for desk or cubicle small talk