The Social Engineer

Human Beings: The most easily exploitable aspect of security

The Importance of the Pretext

Social Engineering /
Chad Gutschenritter / October 8, 2018

More and more often hackers are relying on exploiting the human aspect of security to gain access to their targets through social engineering type attacks (e.g., phone, phishing, in-person, etc.). With strong firewalls, intrusion detection/prevention systems, and tools like security incident and event management (SIEM), you are seeing an increase in attacks that are targeting …

Continue reading “The Importance of the Pretext”

Destroying Data – Delete It for Good

IT Security /
Chad Gutschenritter / June 7, 2018

How is your organization handling the disposal and storage of sensitive or confidential information / data? This is often a topic / area that can be overlooked but that is a big mistake. Check out these following examples of organizations that made this mistake: –          In November of 2017, Charles River Medical Associates, a part …

Continue reading “Destroying Data – Delete It for Good”

SPF, DKIM, and DMARC – What’s the Big Deal?

IT Security /
Chad Gutschenritter / May 23, 2018

“SPF is important because it helps to prevent a malicious attacker from spoofing your address. SPF records help to prevent sender address forgery by protecting the “envelop sender address”, allowing admins to specify which mail servers are allowed to send mail from their domain. Which means it makes it harder for hackers to perform phishing …

Continue reading “SPF, DKIM, and DMARC – What’s the Big Deal?”

Micro Expressions

Social Engineering /
Chad Gutschenritter / May 8, 2018

“Emotions can override the more powerful fundamental motives that drive our lives: hunger, sex, and the will to survive.” – Paul Ekman Social engineers have to become masters at understanding, reading and influencing people. Depending on the information being communicated, a large portion of our communication will not be the words we say but the …

Continue reading “Micro Expressions”

Two Truths and a Lie? To Hide a Hack or Tell?

IT Security /
Chad Gutschenritter / March 30, 2018

  Post based on the following article found at Gizmodo.com: Clever Tool to Detect Hacks Companies Haven’t Told Users About by Melanie Ehrenkranz   People are at the mercy of the companies that they choose to give their personal or sensitive/confidential information to and companies are at the mercy of the vendors they choose to …

Continue reading “Two Truths and a Lie? To Hide a Hack or Tell?”

The Malicious Attackers Never Ending Search for the Administrative Account

IT Security /
Chad Gutschenritter / March 22, 2018

  “A survey by Centrify found that almost 60% of IT professionals shared privileged account access credentials with co-workers. Technology analyst firm, Forrester, estimates that 80% of corporate security breaches result from privileged identity compromises.”                – Josh Berman More times than not, we are coming to find out …

Continue reading “The Malicious Attackers Never Ending Search for the Administrative Account”

The Most Dangerous Aspect of Security – The Human Infrastructure

Social Engineering /
Chad Gutschenritter / March 14, 2018

“Remember: those who build walls think differently than those who seek to go over, under, around or through them. If you think you can’t be conned, you’re just the person I’d like to meet.” – Paul Wilson Blog post number 1! I am excited to have you along for the ride and greatly appreciate you …

Continue reading “The Most Dangerous Aspect of Security – The Human Infrastructure”