Social Engineering, the USB Way

[Axel Pettinger <api () worldonline de>]

Not sure whether it was mentioned before ... Anyway ...

"Social Engineering, the USB Way

JUNE 7, 2006 | We recently got hired by a credit union to assess the
security of its network. The client asked that we really push hard on
the social engineering button. In the past, they'd had problems with
employees sharing passwords and giving up information easily. Leveraging
our effort in the report was a way to drive the message home to the
employees.

The client also indicated that USB drives were a concern, since they
were an easy way for employees to steal information, as well as bring in
potential vulnerabilities such as viruses and Trojans. Several other
clients have raised the same concern, yet few have done much to protect
themselves from a rogue USB drive plugging into their network. I wanted
to see if we could tempt someone into plugging one into their employer's
network."

Full article:
http://www.darkreading.com/document.asp?doc_id=95556&WT.svl=column1_1


Regards,
Axel Pettinger
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.