Feed

There’s No Such Thing as a Free Lunch

There's No Such Thing as a Free LunchAfter reading this article, that statement is now more true than ever. A team was asked to perform a Penetration Test on a credit union and was asked speciffically to push social engineering and USB security. Their approach? Develop a trojan and seed USB drives with it. They then planted the drives by the credit union entrance to be picked up by the employees as “a free USB drive”. Within MINUTES, the employees plugged these into their computers and the trojan went to work emailing confidential information to the auditors which they were then use to comprimise business critical systems. The worst part? The employees were already on alert that someone was going to be performing a Pen Test!!! This just tells me that despite the measures that some organizations take to secure their borders with firewalls and IDS’s, many companies overlook internal protection and user eductation.

Technorati Tags: , ,

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • bodytext
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • Ma.gnolia
  • Facebook
  • Live

This entry was posted on Friday, June 9th, 2006 at 3:40 pm and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Except where expressly noted, JaysonSchultz.com and all content herein is protected by a Creative Commons Attribution-ShareAlike 2.5 License.
JaysonSchultz.com is proudly powered by WordPress. Theme provided by Abhishek Tripathi of Mediawick Digital Solutions.