A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Silent Compromise: Social Engineering Fortune 500 Businesses - Joe Gray Derbycon 2018 (Hacking Illustrated Series InfoSec Tutorial Videos)

Silent Compromise: Social Engineering Fortune 500 Businesses
Joe Gray
Derbycon 2018

Social Engineering and Open Source Intelligence (OSINT) are silent modes of compromising businesses. This presentation takes experience from the field and from a simulated compromise of a Fortune 500 from a Social Engineering Capture the Flag and applies it to help organizations better understand the threat landscape and arms them with actionable advice to employ internally to minimize the impact of such attacks. We also identify places to find data, which provides insight for more valuable data sources. This includes a demo of OSINT techniques, phishing, and a pretexting discussion. This aims to help penetration testers, social engineers, and other interested (and authorized) parties find ways to gain information about an organization and its people to be able to overcome the technical limitations of the perimeter and gain access to allow further exploitation.

Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is currently a Senior Security Architect and maintains his own blog and podcast called Advanced Persistent Security. In his spare time, Joe enjoys attending information security conferences, contributing blogs to various outlets, training in Brazilian Jiu Jitsu (spoken taps out A LOT!), and flying his drone. Joe is the inaugural winner of the DerbyCon Social Engineering Capture the Flag (SECTF) and was awarded a DerbyCon Black Badge. Joe has contributed material for the likes of AlienVault, ITSP Magazine, CSO Online, and Dark Reading.

@C_3PJoe

Back to Derbycon 2018 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast