Impersonation Scams Over-The-Phone

Zachary Crocket over at The Hustle wrote a very good article about phoney-pressure scams where: A person is called out of the blue by a scammer Scammer asserts authority and immediately pressures the victim about some emergency Claims “bad stuff” will happen unless person stays on the phone Scammer pressures person into buying gift cards […]

This is why you don’t accept free USB sticks

USB sticks can have more than bad stuff on the flash portion of the drive, the firmware can be tweaked to emulate a keyboard as a Hardware Input Device (HID). has a walkthrough showing how easy it is. Hackaday has a great explanation of why plugging random USB devices into your computer can lead […]

Rapid7 on Implementing a Phishing Awareness Program

Via Whiteboard Wednesday: How to Implement A Phishing Awareness Training Plan in 5 Steps: In this tutorial you’ll learn: Where to start when implementing a phishing awareness training program Which aspects of phishing warrant user training How to conduct phishing simulation tests What an ongoing training program looks like How to baseline and measure training […]

GhostInTheNet – protects Linux from MITM/DOS/scan

Full details at: How it works The basic and primary network protocol is ARP for IPv4 and NDP (ICMPv6) for IPv6, located in the link and network layer, provides main connectivity in a LAN. Despite its utility and simplicity, it has numerous vulnerabilities that can lead to a MITM attack and leak of confidentiality. Patching of such […]

Passively Cable Tapping Cat5

I always figured it would work to simply push the individual wires into the “pinch” areas of a Cat 5 jack, allowing you to “patch in” to the cable without needing to clip it… and it works! Pics and story at: 7 Habits of Highly Effective Hackers: Passively Cable Tapping Cat5.