John Orlando continues his two-part series on the ethics of social engineering for penetration testing. What follows in this column and the next is entirely Orlando’s work with minor edits. The cases ...

A detailed guide for testing your organization's insiders and their vulnerability to a social-engineering attack via a targeted spear-phishing campaign Investing the time and money into guarding your ...

Social engineering-based attacks are a popular form of security manipulation, with cybercriminals using this technique for 98% of attacks in 2022. Social engineering can take many forms, including ...

When Alethe Denis conducts a social engineering attack as part of a red team exercise, the Bishop Fox security consultant often presents the targets with the exact email template that her team intends ...

In recent years, and particularly with the rise in use of social media, cyber criminals have taken to using psychological as well as technical methods of attack. Human beings, after all, are ...

Organizers of a recent Defcon social engineering contest will release their results next week. One conclusion is that women did well in protecting corporate secrets. Of the 135 Fortune 500 employees ...

Social engineering is the very common practice of exploiting a human element to initiate and/or execute a cyberattack. Human weakness and ignorance present such easy targets that fully 82% of the ...

Social engineering takes advantage of the emotions and fallibility of end users rather than relying on technical hacking techniques — and it represents a massive threat to modern organizations.

Social engineering is often described as a cybersecurity issue, but that framing increasingly misses the point. The most effective social engineering attacks today do not rely on technical exploits or ...

Security consultant details how his crew gained access to a client's entire network and database all too easily -- and why IT should think of the office more like they do their homes As the founder of ...

Only five Fortune 500 employees targeted by social engineering hackers refused to give up any corporate information -- all were women Of the 135 people Fortune 500 employees targeted by social ...