Social Engineering

Social Engineering

Slack App Leaked Hashed User Passwords for 5 YEARS

Slack App Leaked Hashed User Passwords for 5 YEARS

Since 2017, if you’ve invited anyone to a Slack workspace, your password has leaked. How could this have happened? ...
Security Boulevard
US Emergency Alert System Has ‘Huge Flaw’ — Broadcasters Must Patch NOW

US Emergency Alert System Has ‘Huge Flaw’ — Broadcasters Must Patch NOW

The Emergency Alert System run by FEMA and the FCC is vulnerable to hacking. This is NOT a test. All will be revealed next week at DEF CON 30 ...
Security Boulevard
Impersonation Scams: Social Engineering News

Impersonation Scams: Social Engineering News

At Social-Engineer, we define impersonation as the “practice of pretexting as another person with the goal of obtaining information or […] ...
An illustration of a red team fake attacker ranking above two blue team members on a medal stand to illustrate the idea of red teams outperforming blue teams in most simulated attacks

What Is a Red Team? 5 Tips for Safe Red Teaming

It’s tough to figure out which vulnerabilities exist within your organization that criminals can exploit. But what if you hired a team of faux cybercriminals to detect the trouble areas... The post ...
Social Media: How to keep yourself safe

Social Media: How to Keep Yourself Safe

Human beings are social animals. We like to stay connected with friends, family and even workmates via social media. It […] ...
FAIL: Nomad DeFi Bridge ‘Loses’ $190M of Worthless Tokens

FAIL: Nomad DeFi Bridge ‘Loses’ $190M of Worthless Tokens

Cryptocurrency startup Nomad claimed its “optimistic bridging” protocol would “would keep users’ funds safe.” We take a closer look ...
Security Boulevard
APT29 ransomware NATO Barracuda Networks ATO Attacks

APT29 Leverages Google Drive, Dropbox to Evade Detection

Call them Cozy Bear or APT29 or Nobelium or, as Palo Alto Networks’ Unit 42 does, Cloaked Ursa—no matter what name they go by, Russia’s Intelligence Service is still at it, this ...
Security Boulevard
Solved: Subzero Spyware Secret — Austrian Firm Fingered

Solved: Subzero Spyware Secret — Austrian Firm Fingered

DSIRF GmbH codenamed ‘Knotweed’ by Microsoft and RiskIQ ...
Security Boulevard
Google ‘Delays Making Less Money’ — Third-Party Cookie Ban on Hold

Google ‘Delays Making Less Money’ — Third-Party Cookie Ban on Hold

Google’s plan to kill third party cookies is delayed—yet again. And it’s probably not surprising ...
Security Boulevard
🥇

DE:CODED – Testing like hackers

“When it’s not a pay-to-play test that’s behind the curtain…” Show notes for series 2, episode 3 What does it mean to test like a hacker? Can a well-intentioned tester behave the ...