Impersonation Scams Over-The-Phone

Zachary Crocket over at The Hustle wrote a very good article about phoney-pressure scams where: A person is called out of the blue by a scammer Scammer asserts authority and immediately pressures the victim about some emergency Claims “bad stuff” will happen unless person stays on the phone Scammer pressures person into buying gift cards […]

Getting Started Stories: Amanda Rousseau, Malware Researcher

In our Getting Started series, the LA Times has published the backstory of well-known malware researcher Amanda Rousseau. Rousseau started as a tinkerer and artist and was going to go into web design, until she took a computer science class with her brother. “I found it so much more interesting than what I was doing […]

This is why you don’t accept free USB sticks

USB sticks can have more than bad stuff on the flash portion of the drive, the firmware can be tweaked to emulate a keyboard as a Hardware Input Device (HID). has a walkthrough showing how easy it is. Hackaday has a great explanation of why plugging random USB devices into your computer can lead […]

Rapid7 on Implementing a Phishing Awareness Program

Via Whiteboard Wednesday: How to Implement A Phishing Awareness Training Plan in 5 Steps: In this tutorial you’ll learn: Where to start when implementing a phishing awareness training program Which aspects of phishing warrant user training How to conduct phishing simulation tests What an ongoing training program looks like How to baseline and measure training […]

GhostInTheNet – protects Linux from MITM/DOS/scan

Full details at: How it works The basic and primary network protocol is ARP for IPv4 and NDP (ICMPv6) for IPv6, located in the link and network layer, provides main connectivity in a LAN. Despite its utility and simplicity, it has numerous vulnerabilities that can lead to a MITM attack and leak of confidentiality. Patching of such […]