Kevin Mitnick

•Download as PPTX, PDF•

2 likes•1,722 views

Kevin Mitnick was a famous hacker who was convicted of computer crimes and theft of intellectual property. He began hacking at age 12 and used social engineering to steal passwords from company systems. Social engineering involves manipulating people to gain access to information through deception. Mitnick advocates for security policies and personnel training to reduce the vulnerability of the human element, as social engineering is difficult to defend against through technical measures alone.

Software

Kevin Mitnick
Famous Social Engineer Hacker
• Went to prison for hacking
• Became ethical hacker
"People are generally helpful, especially to
someone who is nice, knowledgeable or
insistent."

Kevin Mitnick
 Arrested and convicted on several counts of computer crime,
including hacking and theft of intellectual property

Kevin Mitnick
 Arrested and convicted on several counts of computer crime,
including hacking and theft of intellectual property
 Began at age 12 with faking punch cards for the bus system to
gain free rides and continued on to phone phreaking.

What is Social Engineering?
• Attacker uses human interaction to obtain or compromise
information

What is Social Engineering?
• Attacker uses human interaction to obtain or compromise
information
• Attacker my appear unassuming or respectable
o Pretend to be a new employee, repair man, etc.
o May even offer credentials

Kevin Mitnick - Art of Deception:
• "People inherently want to be helpful and therefore are easily
duped"

Kevin Mitnick - Art of Deception:
• "People inherently want to be helpful and therefore are easily
duped"
• "They assume a level of trust in order to avoid conflict"

Examples of Social Engineering
• Kevin Mitnick talks his way into central Telco office

Examples of Social Engineering
• Kevin Mitnick talks his way into central Telco office
o Tells guard he will get a new badge

Examples of Social Engineering
• Kevin Mitnick talks his way into central Telco office
o Tells guard he will get a new badge
o Pretend to work there, give manager name from another
branch

Live Example
• Convinced friend that I would help fix their
computer

Live Example
• Convinced friend that I would help fix their
computer
• People inherently want to trust and will believe
someone when they want to be helpful

Weakest Link?
• No matter how strong your:
o Firewalls
o Intrusion Detection Systems
o Cryptography
o Anti-virus software

Weakest Link?
• No matter how strong your:
o Firewalls
o Intrusion Detection Systems
o Cryptography
o Anti-virus software
• You are the weakest link in computer security!
o People are more vulnerable than computers

Conclusion
 Social Engineering will always exist, and it is
extremely difficult to defend against, but the
success of such attacks can be decreased
substantially with proper policy and personnel
training

Policy from a Social Engineer
“The Art of Deception” – K. Mitnick

Policy from a Social Engineer
“The Art of Deception” – K. Mitnick
Kevin Mitnick outlines an excellent security policy at
the end of the book with detailed reasoning at every
level to defend against Social Engineering Attacks.

Kevin Mitnick was a famous hacker in the 1980s and 1990s who was known for hacking into computer systems of major corporations and government agencies. Some of his confirmed hacks included Motorola, NEC, Sun Microsystems, and Fujitsu. He is alleged to have also stolen computer manuals, read emails of security officials, and wiretapped government agencies. Mitnick carried out these hacks using techniques like IP spoofing, which allowed him to disguise his identity by spoofing the IP addresses of victims. He would then conduct session hijacking attacks or denial of service attacks. To prevent such IP spoofing attacks, organizations can implement packet filtering and encryption techniques.

Hacking

Sitwat Rao

This document discusses hacking, including definitions of hacking and different types of hackers. It defines hacking as gaining unauthorized access to a computer or network. Hackers are expert programmers who break into systems. There are three main types of hackers - white hats who help security, black hats who hack maliciously, and grey hats who notify admins of vulnerabilities. The document also outlines the history of hacking and different types of hacking like password, email, and website hacking. It provides examples of how to hack passwords, email, websites, and credit cards. Finally, it lists ways to prevent hacking like installing firewalls and antivirus software, changing passwords regularly, and not giving out personal information.

National Life IT Department's Cyber Security Awareness Presentation

Jamie Proctor-Brassard

This document discusses common cybersecurity threats such as social engineering, phishing, ransomware, and malware distributed via email. It provides tips to help avoid these threats and emphasizes that cybersecurity requires vigilance from all users as even a single weak link can compromise an entire network. National Life Group holds a yearly cybersecurity awareness fair to educate employees on threats and countermeasures as protecting sensitive customer data is critical. The document stresses the importance of user awareness and cautions staff to not be the weak link in National Life Group's cyber defenses.

Social engineering

Abdelhamid Limami

This document discusses social engineering and its threats. Social engineering refers to manipulating people into performing actions or divulging confidential information. It is a significant threat because existing computer security technologies do not protect against human vulnerabilities. Common social engineering attacks include phishing emails, vishing phone calls, leaving infected USB drives in parking lots, and impersonating maintenance workers. The document demonstrates real examples of vishing attacks and provides tips for preventing social engineering, such as verifying identities of people requesting information. However, it notes that fully preventing social engineering attacks can be difficult due to human factors.

Social engineering hacking attack

Pankaj Dubey

Ethical hacking presentation

Suryansh Srivastava

This document provides an overview of security and hacking. It defines security as protection from harm and defines differences between security and protection. It then discusses what hacking and hackers are, provides a brief history of hacking from the 1960s to present day, and describes different types of hackers like white hat and black hat hackers. The document also outlines the hacking process and some common tools used. It lists some famous hackers and recent news stories about hacking.

Social Engineering new.pptx

Santhosh Prabhu

Social engineering is manipulating people into taking actions that may not be in their best interest. Hackers use social engineering because it is less resistant than other attacks and more successful. Common goals are money, ego, revenge, or knowledge. Typical attacks involve posing as customer service, deliveries, tech support, etc. Social engineering methods include dumpster diving, shoulder surfing, baiting, vishing, phishing, and whaling. Dumpster diving involves searching trash for useful information. Shoulder surfing means watching people enter passwords. Baiting uses enticing offers to infect systems with malware. Phishing fools people via email into revealing sensitive info or installing malware. Vishing and smishing are phone- and text-

Hacking

Ranjan Som

Hacking refers to gaining unauthorized access to computer systems or networks. There are different types of hacking such as website hacking, email hacking, network hacking, password hacking, and online banking hacking. Ethical hacking involves testing a system's security vulnerabilities to help secure it. The document discusses these types of hacking in further detail, explaining how they work and can be prevented. It emphasizes using strong passwords, protecting computers, only downloading from trusted sources, and not using public networks without protection. Ethical hackers play an important role in evaluating security systems.

Este documento describe la ingeniería social, incluyendo su definición, cómo se lleva a cabo y algunas técnicas comunes. La ingeniería social implica obtener información confidencial de usuarios legítimos a través de la manipulación y engaño. Algunas técnicas comunes incluyen el phishing, spear phishing y el simple engaño para obtener información personal o financiera de las víctimas. El documento también explica que la ingeniería social se basa en principios humanos como la confianza y la credulidad para enga

Social Engineering - Human aspects of industrial and economic espionage

Marin Ivezic

Social Engineering Attacks & Principles

LearningwithRayYT

This document provides an overview of social engineering attacks. It defines social engineering as manipulating people into giving up confidential information through deception and manipulation. Various social engineering principles are described, including authority, social proof, urgency, and scarcity, which attackers use to carry out successful attacks. Different types of social engineering attacks are also outlined, such as phishing, spear phishing, baiting, DNS spoofing, honey traps, tailgating, shoulder surfing, and impersonation attacks.

Social Engineering,social engeineering techniques,social engineering protecti...

ABHAY PATHAK

What is Hacking? AND Types of Hackers

infosavvy

Infosavvy is a training institute that provides courses in IT management, information security, cyber security, and quality management. It discusses the definition of hacking as exploiting vulnerabilities to gain unauthorized access. There are three main types of hackers - white hat hackers who perform ethical security testing, black hat hackers who hack maliciously, and grey hat hackers who fall between the two.

Phishing: Swiming with the sharks

Nalneesh Gaur

The document discusses phishing attacks and how they work. It describes common phishing techniques like fraudulent links and forms in emails that steal personal information. It also explains how phishing kits are used to launch attacks and how money mules are recruited to launder stolen funds. Technical aspects like address bar spoofing and DNS hijacking are also covered, showing how phishers exploit systems and social engineering to target victims.

HACKING

UpendraSingamsetty

Hacking can refer to modifying how a system functions in an unauthorized manner. Hackers are classified into different types like black hat, white hat, and gray hat hackers based on whether they hack illegally or are employed legally for security testing. An ethical hacker's skills include platform knowledge, networking, computer expertise, security knowledge, and technical abilities. Some of the world's best known hackers today include Gary McKinnon, LulzSec, and Adrian Lamo.

Social Engineering | #ARMSec2015

Hovhannes Aghajanyan

Cybersecurity Attack Vectors: How to Protect Your Organization

TriCorps Technologies

The document discusses various cybersecurity attack vectors and how organizations can protect themselves. It outlines common attack methods like ransomware, malicious code delivery, social engineering, and phishing. It then recommends that organizations conduct regular security audits, establish governance policies, create an incident response plan, and provide cybersecurity education to employees. The document promotes cybersecurity services from Future Point of View including vulnerability testing, forensics, and training to help organizations enhance their protections.

Cyber security

Manjushree Mashal

Presentation on ethical hacking

Sunny Sundeep

The document discusses ethical hacking, which involves identifying security vulnerabilities in systems with the owner's permission in order to improve security. It notes that while hacking originally just meant highly skilled programming, it now has negative connotations due to increased system access. Ethical hackers help organizations by finding security holes before criminals can exploit them. The document outlines different types of hackers and attacks, such as SQL injection and cross-site scripting. It emphasizes the importance of ethical hackers working within legal and ethical guidelines to avoid misusing access or violating privacy.

Man in the middle attack .pptx

PradeepKumar728006

A man-in-the-middle (MitM) attack is a type of cyber attack where the attacker secretly intercepts communications between two parties who believe they are directly communicating with each other. The attacker can then steal sensitive information like user credentials by redirecting traffic to fake websites or intercepting network traffic. Common MitM attacks include DNS spoofing, HTTP spoofing, cache poisoning, and session hijacking. Organizations can help prevent these attacks by using HTTPS, avoiding public WiFi, implementing endpoint security, and warning users about phishing emails.

Social Engineering - Are You Protecting Your Data Enough?

JamRivera1

Social engineering involves deceiving people into providing private information through manipulation. Common social engineering attacks include phishing scams by email or phone that try to steal login credentials. Other methods are shoulder surfing to see passwords, dumpster diving to find sensitive trash, and tailgating to access restricted areas. Social engineering works because people are inclined to trust authority, follow social proof, reciprocate kindness, and make decisions based on scarcity and distractions. Protecting against social engineering requires vigilance, secure disposal of documents, awareness of manipulation tactics, and escalating any suspicious requests for information.

Social engineering

Alexander Zhuravlev

Social engineering is the use of deception to manipulate people into divulging confidential information. It relies on human tendencies to trust others and takes advantage of "the weak link" in security - users. There are two categories of social engineering attacks: technology-based approaches that deceive users into thinking they are interacting with real systems, and non-technical approaches using deception alone. Common tactics include phishing emails, phone calls (vishing), pretending to be technical support, and observing users (shoulder surfing). Organizations can help prevent social engineering by having security policies, training employees, and monitoring compliance.

ETHICAL HACKING

Sweta Leena Panda

This document discusses ethical hacking and provides information on various types of hackers, why people hack, and the hacking process. It defines ethical hacking as legal hacking done with permission to identify vulnerabilities. The hacking process involves preparation, footprinting, enumeration and fingerprinting, vulnerability identification, gaining access, escalating privileges, covering tracks, and creating backdoors. It also discusses how to protect systems and what to do if hacked, such as restoring from backups and patching security holes.

Social engineering

Robert Hood

This document discusses social engineering and why organizations should use it. Social engineering involves using psychological manipulation to trick people into revealing confidential information. It works because people are inherently lazy, want to help, and are curious. The document outlines common social engineering techniques like phishing, impersonation, and physical security compromises. It recommends that organizations conduct social engineering assessments of their own employees to identify vulnerabilities and provide ongoing training. Regular social engineering tests can help educate employees and strengthen an organization's security over time.

Information Security Awareness: at Work, at Home, and For Your Kids

Nicholas Davis

This is the security awareness presentation which I will be giving to Quartz Health Solutions, on October 24, 2018. If focuses in on three areas: information security best practices for work, at home, and also contains some tips for kids. Topics include: PHI, ePHI, HIPAA, Identity Theft, Social Engineering, phishing, password management, malware, insider threats, social networks, and mobile devices.

PPT on Phishing

Pankaj Yadav

This document discusses phishing, which is an attempt to acquire personal information like usernames, passwords, and credit card details under false pretenses. It covers common phishing techniques like link manipulation and website forgery. It also discusses types of phishing like deceptive, malware-based, and DNS-based phishing. The document outlines causes of phishing like misleading emails and lack of user awareness. It proposes both technical and social approaches to anti-phishing and examines the effects of phishing like identity theft and financial loss. Finally, it recommends defenses like education and detection tools to counter phishing attacks.

Social engineering

ankushmohanty

Social engineering is manipulating people into revealing sensitive information or performing actions, rather than using technical hacking methods. It involves gaining people's trust and obtaining information that seems harmless but can be combined to compromise security. Famous social engineer Kevin Mitnick used only social engineering to access private networks. Common social engineering attacks include phishing scams, impersonating help desk staff, stealing documents, and installing malware under false pretenses. The weakest link is often human rather than technical, as people are more vulnerable to manipulation. Training employees, testing defenses with ethical hackers, and verifying unsolicited contacts can help prevent social engineering attacks.

Social engineering

Maulik Kotak

Social engineering is manipulating people into revealing confidential information through deception rather than technical hacking methods. It includes techniques like quid pro quo, phishing, baiting, pretexting, and diversion theft. Famous social engineer Kevin Mitnick emphasized that people inherently want to be helpful and trustworthy, making them vulnerable. Training and policies can help prevent social engineering by raising awareness of common tactics and restricting disclosure of private information. The human element remains the weakest link despite strong technical security defenses.

Cybercrime and the Developer: How to Start Defending Against the Darker Side...

Steve Poole

JavaOne 2016 Talk In the world of DevOps and the cloud, most developers have to learn new technologies and methodologies. The focus tends to be on adding capabilities such as resilience and scaling to an application. One critical aspect consistently overlooked is security. In this session, learn about a few of the simple actions you can take (and some behaviors you must change) to create a more secure Java application for the cloud. The world of the cybercriminal is closer than you realize. Hear how at risk your application may be, see practical examples of how you can inadvertently leave the doors open, and understand what you can do to make your Java solution more secure.

What's hot

Social Engineering

Cyber Agency

Ingenieria social

albalucia1983

Social Engineering - Human aspects of industrial and economic espionage

Marin Ivezic

Social Engineering Attacks & Principles

LearningwithRayYT

Social Engineering,social engeineering techniques,social engineering protecti...

ABHAY PATHAK

What is Hacking? AND Types of Hackers

infosavvy

Phishing: Swiming with the sharks

Nalneesh Gaur

HACKING

UpendraSingamsetty

Social Engineering | #ARMSec2015

Hovhannes Aghajanyan

Cybersecurity Attack Vectors: How to Protect Your Organization

TriCorps Technologies

Cyber security

Manjushree Mashal

Presentation on ethical hacking

Sunny Sundeep

Man in the middle attack .pptx

PradeepKumar728006

Social Engineering - Are You Protecting Your Data Enough?

Social engineering

ETHICAL HACKING

Social engineering

Information Security Awareness: at Work, at Home, and For Your Kids

Nicholas Davis

PPT on Phishing

Pankaj Yadav

Social engineering

ankushmohanty

What's hot (20)

Social Engineering

Ingenieria social

Social Engineering - Human aspects of industrial and economic espionage

Social Engineering Attacks & Principles

Social Engineering,social engeineering techniques,social engineering protecti...

What is Hacking? AND Types of Hackers

Phishing: Swiming with the sharks

HACKING

Social Engineering | #ARMSec2015

Cybersecurity Attack Vectors: How to Protect Your Organization

Cyber security

Presentation on ethical hacking

Man in the middle attack .pptx

Social Engineering - Are You Protecting Your Data Enough?

Social engineering

ETHICAL HACKING

Social engineering

Information Security Awareness: at Work, at Home, and For Your Kids

PPT on Phishing

Social engineering

Similar to Kevin Mitnick

Social engineering

Maulik Kotak

Cybercrime and the Developer: How to Start Defending Against the Darker Side...

Steve Poole

Jax london2016 cybercrime-and-the-developer

Steve Poole

In the emerging world of DevOps and the Cloud, most developers are trying to learn new technologies and methodologies. The focus tends to be on adding capabilities such as resiliency and scaling to an application. Still, one critical item consistently overlooked is security. The world of the Cyber Criminal is closer than you realize. Watch a real man-in-the-middle demonstration and learn just how simple it can be for others to steal your secrets. In this talk you’ll learn about other practical examples of how you can inadvertently leave the doors open and what you can do to keep your system secure. In the end, security is everyone’s concern and this talk will teach you a few of simple actions you can take (and some behaviours you must change) to create a more secure application in the Cloud.

Social Engineering

Nicholas Davis

This document discusses social engineering techniques used to gain unauthorized access to information systems. It defines social engineering and provides examples of common methods like pretexting, phishing, and exploiting human trust relationships. Specific tactics like establishing credibility through small details and transferring trust between individuals are examined. The importance of security awareness training and careful handling of personal information are emphasized to combat social engineering threats.

Social engineering

Nicholas Davis

Introduction to Social engineering | Techniques of Social engineering

Prem Lamsal

Social Engineering Basics

Luke Rusten

hacking

mayank1293

Hacking involves gaining unauthorized access to computer systems, which is illegal. There are different types of hackers, including white hats who help find security vulnerabilities, black hats who hack with malicious intent, and grey hats in between. Reasons for hacking include financial gain, showing off skills, or just for fun. Experts recommend using antivirus software, avoiding suspicious links and downloads, and keeping software updated to help prevent hacking.

Devnexus 2017 Cybercrime and the Developer: How do you make a difference?

Steve Poole

Cybercrime how bad can it be? Organised attacks around the world in 2016 have shown how unprepared we are to deal with the growth of Cybercrime. In this talk learn a little about the scale of the challenge developers face from assaults on our systems. Be prepared to be appalled and scared. Fainting is not allowed. Discover how to fight back and see how you can change your behaviour and your code to defend against these attacks. Your destiny is clear - it’s time to be come a Cyber Defender

People. The Social Engineer's Dream - TechPulse 2017

Evan Francen

Social engineering by-rakesh-nagekar

Raghunath G

Social engineering is manipulating people into taking actions or revealing confidential information. It has been used for over 100 years by con artists known as social engineers. Popular social engineers from the 20th century included Victor Lustig, who sold the Eiffel Tower multiple times, and Frank Abagnale Jr., who impersonated professionals like pilots and lawyers. More recently, Kevin Mitnick used social engineering to gain unauthorized access to computer networks in the 1990s. Social engineering works by gathering information about targets, developing trust with them, then exploiting that trust to obtain information or actions. It is accomplished using techniques like phone calls, online chatting, looking through trash, and shoulder surfing. Organizations can help prevent social engineering by establishing frameworks for

Social Engineering Techniques - The Dark Arts

n|u - The Open Security Community

Social engineering is manipulating people into taking actions or revealing confidential information. It has been used for over 100 years by con artists known as social engineers. Popular social engineers from the 20th century included Victor Lustig, who sold the Eiffel Tower multiple times, and Frank Abagnale Jr., who impersonated professionals like pilots and lawyers. More recently, Kevin Mitnick used social engineering to gain unauthorized access to computer networks in the 1990s. Social engineering works by gathering information about targets, developing trust with them, then exploiting that trust to obtain information or actions. It is accomplished using techniques like phone calls, online chatting, looking through trash, and watching someone from over their shoulder. Organizations can help prevent social engineering by

Cybercrime and the Developer: How to Start Defending Against the Darker Side

Steve Poole

In the world of DevOps and the cloud, most developers have to learn new technologies and methodologies. The focus tends to be on adding capabilities such as resilience and scaling to an application. One critical aspect consistently overlooked is security. In this session, learn about a few of the simple actions you can take (and some behaviours you must change) to create a more secure Java application for the cloud. The world of the cybercriminal is closer than you realize. Hear how at risk your application may be, see practical examples of how you can inadvertently leave the doors open, and understand what you can do to make your Java solution more secure.

Hacking (1)

rishirvk1995

Security refers to protection from harm or threat. It involves measures to increase protection from external threats like hacking. Hacking involves exploiting security flaws to access secured networks for malicious purposes and has a long history dating back to the 1960s. There are different types of hackers like white hat hackers who help with computer security, black hat hackers who hack illegally for personal gain, and grey hat hackers who have a mix of motivations.

Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...

Infosecurity2010

This document discusses how social engineers exploit social networking sites for malicious purposes such as gathering sensitive information, distributing malware, and executing attacks. It provides examples of common social engineering techniques used over social networks, including impersonating individuals to gain their trust, hijacking accounts to target friends, and setting up fake groups or sending malicious attachments disguised as coming from trusted sources like Facebook. The document also explains how social networks are used for reconnaissance by revealing personal details that can help social engineers craft more convincing phishing attacks.

Social Engineering By Rakesh Nagekar

nforceit

Social engineering is the act of manipulating people into performing actions or divulging confidential information through the use of deception. It has been used for over 100 years by con artists to target individuals and obtain information. Some common techniques used in social engineering include developing trust through personal interactions, exploiting biases and preconceived notions, and manipulating targets into willingly providing access or information that can then be misused. Organizations can help prevent falling victim to social engineering through educating employees, identifying and protecting sensitive data, and establishing security protocols for handling such information.

Progscon cybercrime and the developer

Steve Poole

n the world of DevOps and the cloud, most developers have to learn new technologies and methodologies. The focus tends to be on adding capabilities such as resilience and scaling to an application. One critical aspect consistently overlooked is security. In this session, learn about a few of the simple actions you can take (and some behaviors you must change) to create a more secure Java application for the cloud. The world of the cyber criminal is closer than you realize. Hear how at risk your application may be, see practical examples of how you can inadvertently leave the doors open, and understand what you can do to make your Java solution more secure.

NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...

North Texas Chapter of the ISSA

Steven Hatfield, Vulnerability Management Senior Advisor, Dell Social Engineering 101 or the Art of How You Got Owned by That Stranger Steven will be covering the basics of Social Engineering, different attack vectors that have worked with real world examples from friends currently conducting such tests, provide different sources to gather information on this topic, and present ways to prevent such attacks from happening in the future.

- Social Engineering Unit- II Part- I.pdf

Ramya Nellutla

This document discusses social engineering cyberattacks and how to prevent them, especially during COVID-19. It begins by defining social engineering and explaining how it relies on manipulating human psychology using fear, greed, curiosity, helpfulness, and urgency. Various social engineering attack types are described, including phishing and business email compromise scams. Technical defenses that can help prevent social engineering attacks are then outlined, such as multi-factor authentication, email filtering gateways, email banners, and outbound traffic filtering using firewalls and proxies.

MHTA Social Engineering Presentation - 050917

Evan Francen

Similar to Kevin Mitnick (20)

Social engineering

Cybercrime and the Developer: How to Start Defending Against the Darker Side...

Jax london2016 cybercrime-and-the-developer

Social Engineering

Social engineering

Introduction to Social engineering | Techniques of Social engineering

Social Engineering Basics

hacking

Devnexus 2017 Cybercrime and the Developer: How do you make a difference?

People. The Social Engineer's Dream - TechPulse 2017

Social engineering by-rakesh-nagekar

Social Engineering Techniques - The Dark Arts

Cybercrime and the Developer: How to Start Defending Against the Darker Side

Hacking (1)

Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...

Social Engineering By Rakesh Nagekar

Progscon cybercrime and the developer

NTXISSACSC2 - Social Engineering 101 or The Art of How You Got Owned by That ...

- Social Engineering Unit- II Part- I.pdf

MHTA Social Engineering Presentation - 050917

Recently uploaded

How to write a program in any programming language

Rakesh Kumar R

Webinar On-Demand: Using Flutter for Embedded

ICS

Flutter is a popular open source, cross-platform framework developed by Google. In this webinar we'll explore Flutter and its architecture, delve into the Flutter Embedder and Flutter’s Dart language, discover how to leverage Flutter for embedded device development, learn about Automotive Grade Linux (AGL) and its consortium and understand the rationale behind AGL's choice of Flutter for next-gen IVI systems. Don’t miss this opportunity to discover whether Flutter is right for your project.

KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD

rodomar2

Microservice Teams - How the cloud changes the way we work

Sven Peters

A lot of technical challenges and complexity come with building a cloud-native and distributed architecture. The way we develop backend software has fundamentally changed in the last ten years. Managing a microservices architecture demands a lot of us to ensure observability and operational resiliency. But did you also change the way you run your development teams? Sven will talk about Atlassian’s journey from a monolith to a multi-tenanted architecture and how it affected the way the engineering teams work. You will learn how we shifted to service ownership, moved to more autonomous teams (and its challenges), and established platform and enablement teams.

Requirement Traceability in Xen Functional Safety

Ayan Halder

openEuler Case Study - The Journey to Supply Chain Security

Shane Coughlan

Oracle 23c New Features For DBAs and Developers.pptx

Remote DBA Services

2024 eCommerceDays Toulouse - Sylius 2.0.pdf

Łukasz Chruściel

GreenCode-A-VSCode-Plugin--Dario-Jurisic

Green Software Development

Odoo ERP Vs. Traditional ERP Systems – A Comparative Analysis

Envertis Software Solutions

When it is all about ERP solutions, companies typically meet their needs with common ERP solutions like SAP, Oracle, and Microsoft Dynamics. These big players have demonstrated that ERP systems can be either simple or highly comprehensive. This remains true today, but there are new factors to consider, including a promising new contender in the market that’s Odoo. This blog compares Odoo ERP with traditional ERP systems and explains why many companies now see Odoo ERP as the best choice. What are ERP Systems? An ERP, or Enterprise Resource Planning, system provides your company with valuable information to help you make better decisions and boost your ROI. You should choose an ERP system based on your company’s specific needs. For instance, if you run a manufacturing or retail business, you will need an ERP system that efficiently manages inventory. A consulting firm, on the other hand, would benefit from an ERP system that enhances daily operations. Similarly, eCommerce stores would select an ERP system tailored to their needs. Because different businesses have different requirements, ERP system functionalities can vary. Among the various ERP systems available, Odoo ERP is considered one of the best in the ERp market with more than 12 million global users today. Odoo is an open-source ERP system initially designed for small to medium-sized businesses but now suitable for a wide range of companies. Odoo offers a scalable and configurable point-of-sale management solution and allows you to create customised modules for specific industries. Odoo is gaining more popularity because it is built in a way that allows easy customisation, has a user-friendly interface, and is affordable. Here, you will cover the main differences and get to know why Odoo is gaining attention despite the many other ERP systems available in the market.

A Study of Variable-Role-based Feature Enrichment in Neural Models of Code

Aftab Hussain

Understanding variable roles in code has been found to be helpful by students in learning programming -- could variable roles help deep neural models in performing coding tasks? We do an exploratory study. - These are slides of the talk given at InteNSE'23: The 1st International Workshop on Interpretability and Robustness in Neural Software Engineering, co-located with the 45th International Conference on Software Engineering, ICSE 2023, Melbourne Australia

8 Best Automated Android App Testing Tool and Framework in 2024.pdf

kalichargn70th171

Atelier - Innover avec l’IA Générative et les graphes de connaissances

Neo4j

Atelier - Innover avec l’IA Générative et les graphes de connaissances Allez au-delà du battage médiatique autour de l’IA et découvrez des techniques pratiques pour utiliser l’IA de manière responsable à travers les données de votre organisation. Explorez comment utiliser les graphes de connaissances pour augmenter la précision, la transparence et la capacité d’explication dans les systèmes d’IA générative. Vous partirez avec une expérience pratique combinant les relations entre les données et les LLM pour apporter du contexte spécifique à votre domaine et améliorer votre raisonnement. Amenez votre ordinateur portable et nous vous guiderons sur la mise en place de votre propre pile d’IA générative, en vous fournissant des exemples pratiques et codés pour démarrer en quelques minutes.

How Can Hiring A Mobile App Development Company Help Your Business Grow?

ToXSL Technologies

Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris

Neo4j

Energy consumption of Database Management - Florina Jonuzi

Green Software Development

E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies

Quickdice ERP

Graspan: A Big Data System for Big Code Analysis

Aftab Hussain

We built a disk-based parallel graph system, Graspan, that uses a novel edge-pair centric computation model to compute dynamic transitive closures on very large program graphs. We implement context-sensitive pointer/alias and dataflow analyses on Graspan. An evaluation of these analyses on large codebases such as Linux shows that their Graspan implementations scale to millions of lines of code and are much simpler than their original implementations. These analyses were used to augment the existing checkers; these augmented checkers found 132 new NULL pointer bugs and 1308 unnecessary NULL tests in Linux 4.4.0-rc5, PostgreSQL 8.3.9, and Apache httpd 2.2.18. - Accepted in ASPLOS ‘17, Xi’an, China. - Featured in the tutorial, Systemized Program Analyses: A Big Data Perspective on Static Analysis Scalability, ASPLOS ‘17. - Invited for presentation at SoCal PLS ‘16. - Invited for poster presentation at PLDI SRC ‘16.

What is Master Data Management by PiLog Group

aymanquadri279

Using Query Store in Azure PostgreSQL to Understand Query Performance

Grant Fritchey

Recently uploaded (20)

How to write a program in any programming language

Webinar On-Demand: Using Flutter for Embedded

KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD

Microservice Teams - How the cloud changes the way we work

Requirement Traceability in Xen Functional Safety

openEuler Case Study - The Journey to Supply Chain Security

Oracle 23c New Features For DBAs and Developers.pptx

2024 eCommerceDays Toulouse - Sylius 2.0.pdf

GreenCode-A-VSCode-Plugin--Dario-Jurisic

Odoo ERP Vs. Traditional ERP Systems – A Comparative Analysis

A Study of Variable-Role-based Feature Enrichment in Neural Models of Code

8 Best Automated Android App Testing Tool and Framework in 2024.pdf

Atelier - Innover avec l’IA Générative et les graphes de connaissances

How Can Hiring A Mobile App Development Company Help Your Business Grow?

Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris

Energy consumption of Database Management - Florina Jonuzi

E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies

Graspan: A Big Data System for Big Code Analysis

What is Master Data Management by PiLog Group

Using Query Store in Azure PostgreSQL to Understand Query Performance

Kevin Mitnick

1. The Art of Deception

2. Kevin Mitnick Famous Social Engineer Hacker • Went to prison for hacking • Became ethical hacker "People are generally helpful, especially to someone who is nice, knowledgeable or insistent."

3. Kevin Mitnick  Arrested and convicted on several counts of computer crime, including hacking and theft of intellectual property

4. Kevin Mitnick  Arrested and convicted on several counts of computer crime, including hacking and theft of intellectual property  Began at age 12 with faking punch cards for the bus system to gain free rides and continued on to phone phreaking.

5. Kevin Mitnick  Arrested and convicted on several counts of computer crime, including hacking and theft of intellectual property  Began at age 12 with faking punch cards for the bus system to gain free rides and continued on to phone phreaking.  Used social engineering to steal passwords to company systems.

6. Kevin Mitnick  Arrested and convicted on several counts of computer crime, including hacking and theft of intellectual property  Began at age 12 with faking punch cards for the bus system to gain free rides and continued on to phone phreaking.  Used social engineering to steal passwords to company systems  He still believes this is far easier to do, even today, than hacking into a system.

7. Kevin Mitnick  Arrested and convicted on several counts of computer crime, including hacking and theft of intellectual property  Began at age 12 with faking punch cards for the bus system to gain free rides and continued on to phone phreaking.  Used social engineering to steal passwords to company systems  He still believes this is far easier to do, even today, than hacking into a system.  Since his release from prison, Kevin has started his own computer security company and gives talks around the country about social engineering and other security topics.

9. What is Social Engineering?

10. What is Social Engineering? • Attacker uses human interaction to obtain or compromise information

11. What is Social Engineering? • Attacker uses human interaction to obtain or compromise information • Attacker my appear unassuming or respectable o Pretend to be a new employee, repair man, etc. o May even offer credentials

12. What is Social Engineering? • Attacker uses human interaction to obtain or compromise information • Attacker my appear unassuming or respectable o Pretend to be a new employee, repair man, etc. o May even offer credentials • By asking questions, the attacker may piece enough information together to infiltrate a companies network o May attempt to get information from many sources

13. Kevin Mitnick - Art of Deception:

14. Kevin Mitnick - Art of Deception: • "People inherently want to be helpful and therefore are easily duped"

15. Kevin Mitnick - Art of Deception: • "People inherently want to be helpful and therefore are easily duped" • "They assume a level of trust in order to avoid conflict"

16. Kevin Mitnick - Art of Deception: • "People inherently want to be helpful and therefore are easily duped" • "They assume a level of trust in order to avoid conflict" • "It's all about gaining access to information that people think is innocuous when it isn't"

17. Kevin Mitnick - Art of Deception: • "People inherently want to be helpful and therefore are easily duped" • "They assume a level of trust in order to avoid conflict" • "It's all about gaining access to information that people think is innocuous when it isn't" • Here a nice voice on the phone, we want to be helpful

18. Kevin Mitnick - Art of Deception: • "People inherently want to be helpful and therefore are easily duped" • "They assume a level of trust in order to avoid conflict" • "It's all about gaining access to information that people think is innocuous when it isn't" • Here a nice voice on the phone, we want to be helpful • Social engineering cannot be blocked by technology alone

19. Examples of Social Engineering

20. Examples of Social Engineering • Kevin Mitnick talks his way into central Telco office

21. Examples of Social Engineering • Kevin Mitnick talks his way into central Telco office o Tells guard he will get a new badge

22. Examples of Social Engineering • Kevin Mitnick talks his way into central Telco office o Tells guard he will get a new badge o Pretend to work there, give manager name from another branch

23. Examples of Social Engineering • Kevin Mitnick talks his way into central Telco office o Tells guard he will get a new badge o Pretend to work there, give manager name from another branch o Fakes a phone conversation when caught

24. Examples of Social Engineering • Kevin Mitnick talks his way into central Telco office o Tells guard he will get a new badge o Pretend to work there, give manager name from another branch o Fakes a phone conversation when caught • Free food at McDonalds

25. Examples of Social Engineering • Kevin Mitnick talks his way into central Telco office o Tells guard he will get a new badge o Pretend to work there, give manager name from another branch o Fakes a phone conversation when caught • Free food at McDonalds

26. Live Example

27. Live Example • Convinced friend that I would help fix their computer

28. Live Example • Convinced friend that I would help fix their computer • People inherently want to trust and will believe someone when they want to be helpful

29. Live Example • Convinced friend that I would help fix their computer • People inherently want to trust and will believe someone when they want to be helpful • Fixed minor problems on the computer and secretly installed remote control software

30. Live Example • Convinced friend that I would help fix their computer • People inherently want to trust and will believe someone when they want to be helpful • Fixed minor problems on the computer and secretly installed remote control software • Now I have total access to their computer through ultravnc viewer

31. Weakest Link?

32. Weakest Link? • No matter how strong your: o Firewalls o Intrusion Detection Systems o Cryptography o Anti-virus software

33. Weakest Link? • No matter how strong your: o Firewalls o Intrusion Detection Systems o Cryptography o Anti-virus software • You are the weakest link in computer security! o People are more vulnerable than computers

34. Weakest Link? • No matter how strong your: o Firewalls o Intrusion Detection Systems o Cryptography o Anti-virus software • You are the weakest link in computer security! o People are more vulnerable than computers • "The weakest link in the security chain is the human element" -Kevin Mitnick

35. Conclusion  Social Engineering will always exist, and it is extremely difficult to defend against, but the success of such attacks can be decreased substantially with proper policy and personnel training

36. Policy from a Social Engineer “The Art of Deception” – K. Mitnick

37. Policy from a Social Engineer “The Art of Deception” – K. Mitnick Kevin Mitnick outlines an excellent security policy at the end of the book with detailed reasoning at every level to defend against Social Engineering Attacks.

38. Policy from a Social Engineer “The Art of Deception” – K. Mitnick Kevin Mitnick outlines an excellent security policy at the end of the book with detailed reasoning at every level to defend against Social Engineering Attacks. This book teaches you the tricks of deception so that you can learn how to protect against them.

39. Policy from a Social Engineer “The Art of Deception” – K. Mitnick Kevin Mitnick outlines an excellent security policy at the end of the book with detailed reasoning at every level to defend against Social Engineering Attacks. This book teaches you the tricks of deception so that you can learn how to protect against them. This is a must read for all security professionals.

40. Questions?

Kevin Mitnick

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Kevin Mitnick

Similar to Kevin Mitnick (20)

Recently uploaded

Recently uploaded (20)

Kevin Mitnick