SOCIAL ENGINEERING THREATS AND COUNTERMEASURES IN AN OVERLY CONNECTED WORLD presented at Blackhat Abu Dhabi 2012

by Shane Macdougall,

Tags: Social Engineering

Summary : In this presentation, two-time winner of the Defcon Social Engineering CTF competition, Shane MacDougall, will examine how many of the techniques used by national intelligence agencies and corporate intelligence units have been adopted by social engineers to create devastatingly effective attacks.
Social engineering is rapidly becoming one of the hot topics in information security, which is curious since it has been an oft-used attack vector for decades (technically centuries). But what are the most effective social engineering attacks, and how can an enterprise protect itself? This presentation will discuss new tools being utilized by attackers, and will include a breakdown of the speakers last two victories at the Defcon SECTF.
Especially effective OSINT resources, combined with well-designed gambits and pre-texts will be discussed, along with effective, field-proven countermeasures. By the end of the session, participants will have learned of the OSINT world that exists outside of the Maltego-driven paradigm.
We will also discuss (and hopefully demo) ShmoozeKit a realtime pre-text generator package being developed by the presenter.