Editor’s Note: Angela Baudachis a security awareness consultant for DXC Technology. She is one of the speakers for the upcomingSecurity Awareness Summit 6/7 December in London. Below she gives an overview on her upcoming talk on International Awareness Programmes. Have you ever spoken to another person at cross purposes? Especially to a foreigner? Did you … Continue reading International Security Awareness Programmes – At the EU #SecAwareSummit
As you might have heard by now, Equifax was hacked and it’s up to you to take steps to protect yourself against identity theft. However, we’re here to help! We’ve collated some information from SANS Security Awareness here to help you get answers quickly. The Economist recently wrote an article on identity theft, utilizing SANS … Continue reading Identity Theft – How to Protect Yourself: List of Resources
from SANS SA
I’m finding myself more and more often speaking to senior leaders about human risk. Leaders not only want to better understand how to manage human risk, but why we are facing this growing problem. Attached is a graph I love to use when starting this discussion (feel free to steal and use if it can … Continue reading How to Gain Leadership Support for Your Awareness Program
I published the following diary on isc.sans.org: “Getting some intelligence from malspam“.
Many of us are receiving a lot of malspam every day. By “malspam”, I mean spam messages that contain a malicious document. This is one of the classic infection vectors today and aggressive campaigns are started every week. Usually, most of them are blocked by modern antivirus or anti-spam but these files could help us to get some intelligence about the topic used by attackers to fool their victims. By checking the names of malicious files (often .rar, .gip or .7r archives), we found classic words like ‘invoice’, ‘reminder’, ‘urgent’, etc… [Read more]
[The post [SANS ISC] Getting some intelligence from malspam has been first published on /dev/random]
Folks, friendly reminder I’ll be presenting Wednesday, 4 October at the Infosecurity North American Keynote event on Hacking Humans: Dissecting a Social Engineering Attack. I’ll demonstrate how targeted social engineering attacks work by walking you through a real, targeted attack and what we learned by interacting with with the hacker. As I learned from … Continue reading Infosecurity Conference – Hacking Humans: Dissecting a Social Engineering Attack