recentpopularlog in

socialengineering

« earlier   
The Love Of OSINT Via Dating Sites
How can one maintain a level of safety and security on these sites and still use them? Use a dedicated username on each dating site. Do not reuse it on any social media platform or email account associated with anything beyond the dating site. Be cognizant of lines of questioning that could lead to an adversary learning or initiating a reset of your password. Be cautious what other information you provide and when meeting people in person. Practice caution when posting pictures. The background of the image could be used in reverse image searching and give away your location. Unless required to provide an ID, consider using a fake or partially fake name. Finally, exercise caution when tying your social media accounts to dating sites.

In conclusion, dating sites are not bad. They are a means for people to connect, meet and find love. In using them, it is vital to incorporate them into your threat model and adjust your behaviors accordingly. Also, consider the issues that various sites have had with data breaches including Adult Friend Finder, Ashley Madison, OkCupid and Zoosk to name a few. This should also be factored into your threat model.
OSINT  dating_apps  dating  apps  SocialEngineering  threat_model 
april 2019 by cataspanglish
Finding Weaknesses Before the Attackers Do « Finding Weaknesses Before the Attackers Do | FireEye Inc
Mandiant consultants posed as helpdesk technicians and informed employees that their email inboxes had been migrated to a new company server. To complete the “migration,” the employee would have to log into the cloned OWA portal. To avoid suspicion, employees were immediately redirected to the legitimate OWA portal once they authenticated. Using this campaign, the red team captured credentials from eight employees which could be used to establish a foothold in the client’s internal n...
redteam  socialengineering  pentest  osint 
april 2019 by whip_lash

Copy this bookmark:





to read