Be Careful What You Reveal Online


Recommended Posts

Sep10 - 2010

Be Careful What You Reveal Online

In this YouTube

, Trend Micro CTO Raimund Genes discusses how an attacker can use information from social networks such as LinkedIn and Facebook to hack into a corporate network.

The picture Raimund paints shows how attackers can get publicly available email addresses on social networks and send a customized targeted email to the person containing a malicious URL, which points to an exploit that triggers the download of a Trojan.

Some people may scoff at this scenario and say, "Too many things need to happen for me to get infected." If you are part of this group, you probably have a point. The email needs to pass through spam filters first and needs to be convincing enough for the target to click on the link. Should the target click on it, the exploit scripts need to get through antivirus detection. To do so, the exploit should be a zero-day to become 100 percent successful. Otherwise, the attacker can just keep hoping that the target has not applied the latest patches yet.

Too many things need to happen in order for the attack to succeed, right?

Then again, an attacker can take the long route in, as with the Twitter hack last year wherein a hacker going by the pseudonym Hacker Croll was able to infiltrate Twitter's corporate network.

More details - http://blog.trendmicro.com/

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...