- Web Security Three Web Attack Vectors Using the Browser
Three browser attack vectors cause most web-based attacks: social engineering (phishing, fake software installs), attacking web applications through the browser (XSS, CSRF, clickjacking), and...
- Social Engineering Deception Lessons for Cybersecurity from World War II
WWII deception succeeded through ambiguity that paralyzed enemy decisions and false attractiveness that drew attention to the wrong plan. Modern honeypots, honeytokens, and decoy services rely on the...
- Malware 5 Common Malware Infection Approaches
Five common infection vectors: client-side exploits (browser, PDF, Office), server-side network vulnerabilities, social engineering to trick users into installing malware, propagation via USB drives...
- Social Engineering When Targeted Attacks Aren't Targeted: The Magic of Cold Reading
Mass-scale attacks feel targeted due to cold reading—like fortune tellers making generalized statements that seem specific. A fake UPS delivery notice works because many people actually sent...
- Social Networking Information Security and Social Media Marketing Campaigns
Social media marketing creates security challenges: marketers need social network access (greater risk exposure), fast-changing campaigns may spawn uncontrolled satellite web servers, brand...
- Social Engineering Social Engineering and Mirroring the Emotional State
Effective social engineers are "high self-monitors"—they subconsciously pick up social cues and adjust their presentation, identifying topics of interest, appearing non-threatening through nonverbal...