When starting an security assessment or penetration test with a new client, often the first step is information gathering or reconnaissance. Sure, you could just ask the client for the information you want, but where’s the fun in that? Here is a list of tools to use to find information that they may not know is publicly available.
Google hacking or Google “dorks” – Johnny Long literally wrote the book about Google ...
Continue Reading →
I had an interesting question from a client last month. They were looking for guidance on “egress filtering.” Egress filtering is the concept of tuning your perimeter defenses (firewalls, routers, IDS*, and UTM* devices) to review and restrict the flow of information that is leaving your network.
Historically, most perimeter defenses are are designed to keep ...
Continue Reading →I have used all three.
My analysis: Linux = fun, Windows = practical, Apple = toy. Sorry Apple fans.
Continue Reading →
It is my belief that if you are planning a crime, you might as well go for the glory. The jail time is the same whether you steal $50,000 or $50 million.
I’m not sure if this is the biggest phishing scam ever, but it is the biggest I’ve heard of. A Lithuanian man named Evaldas Rimasaukas devised a scheme that extracted over $100 million from Google and Facebook. He achieved this ...
Continue Reading →
Identity theft is a crime that can take years to recover from. One of the early problems for an identity theft victim has been the requirement to file a police report. Many police departments do not devote much effort to identity theft, so sometimes getting the police to actually create a report and provide you with a report number can difficult. If ...
Identity theft can be devastating, and painfully hard to resolve. It can have negative effects on your credit rating. It could result in you being arrested for an open warrant on charges for a crime committed by the person who is using your identity. Identity theft occurs in different ways. Sometimes is is part of an online scam that may start with ...
