The aftermath what follows a social engineering attack? There are multiple types of endpoint setups that you may encounter when responding in the aftermath of a social engineering attack on a given network target. The victim may be targeted for pwning inside a browser—a cloud-only attack; the victim may be targeted on a workstation/end user home system, or the victim [...]
What is Social Engineering Social Engineering is, involving clever manipulation of the natural human tendencies of trust to obtain information to help facilitate fraud, network intrusion, industrial espionage, and identity theft or network/system disruption. I do like also the definition from Bruce Schneier: “Amateurs Hack Systems, Professional hack People” To gain the trust of the people Social Engineers trick their victims [...]
Forensic investigation of a Social Engineering attack In this article I am going to share with you a real Social Engineering attack , where we worked in a case to investigate if there was any forensic evidence to suggest that the laptop computer a) had been compromised by the perpetrator(s), b) if found to be compromised, how, when, and by whom [...]
The Art of Human Hacking If you in Ankara do not miss out the Free BreakFast Event and exclusive Book Signing event for my brand new books: The Art of Human Hacking Getting Started with Cybersecurity I will also deliver a session about Phishing Attacks right after Keepnet Labs Turkey Country Manager Erdnic We are looking forward to seeing you there When : 18 November [...]
Inside the Dark Web Summary Inside the Dark Web provides a broad overview of emerging digital threats and computer crimes, with an emphasis on cyberstalking, hacktivism, fraud and identity theft, and attacks on critical infrastructure. The book also analyzes the online underground economy and digital currencies and cybercrime on the dark web. The book further explores how dark web crimes are conducted [...]
Prevent Social Engineering We call social engineering, the deception art. It is, simply, capturing information by deceiving/manipulating the target person. There are several ways to do this. For example, a fake message that you have sent to someone to hack his/her email is a simple way of social engineering, or an email or SMS saying, You have earned $500 constantly, is meant to deceive you. News about celebrities, [...]
Information Gathering Methods Information gathering is not as challenging as it used to be a few years ago when one would only get details about a target either directly from the target or from asking around. The internet, more specifically the use of social media, has simplified this stage with newer and faster techniques of data collection. In the process [...]
Foreword by Troy Hunt - Founder of Have I Been Pwned I remember precisely where I was when I first saw Erdal talk about social engineering: it was a jam-packed room at Microsoft’s TechEd, overflowing into the hallway if memory serves me. Software developers and IT pros alike had flooded into the room to hear about this phenomenon which sounded [...]
25 Best Social Engineering Books of All Time Learn Social Engineering made it to the Best New Social Engineering Books I'm happy to announce that my book, "Learn Social Engineering", made it to BookAuthority's Best New Social Engineering Books: BookAuthority collects and ranks the best books in the world, and it is a great honor to get this kind of recognition. Thank you [...]
Keynote MFA Turkey It was an honor to present to the MFA staff, Ministers and Turkish consulates from all over the world about the importance of Cybersecurity and SocialEngineering. On behalf of Microsoft & myself I would like to thank them for their great hospitality. https://www.erdalozkaya.com/?s=feedback
