A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Advanced Phishing Tactics Beyond User Awareness SkyDogCon 2012 (Hacking Illustrated Series InfoSec Tutorial Videos)

Advanced Phishing Tactics Beyond User Awareness
SkyDogCon 2012

 Martin Bos & Eric Milam

Over the past 10 years, organizations have spent time, resources and considerable financial investments to protect their external perimeter from potential information security threats. Most advanced threat agents know if and when they bypass the hardened perimeter, successfully compromising assets within the internal environment is trivial, with very few controls in place to stop a focused and motivated intruder.


This talk will discuss why spear phishing penetration testing is a necessary exercise for all organizations. We will walkthrough and demonstrate live our methodology that has proven extremely effective on numerous engagements. We will also focus on why advanced techniques should be used to assess internal user environments as a whole and that approaching a social engineering exercise as a user awareness exercise is not beneficial for an enterprise.

Eric is a senior security assessor on the Accuvant LABS enterprise assessment team with over fourteen (14) years of experience in information technology. Eric has performed innumerable consultative engagements including enterprise security and risk assessments, perimeter penetration testing, vulnerability assessments, social engineering, physical security testing, wireless assessments and extensive experience in PCI compliance controls and assessments. Eric is a project steward for the Ettercap project as well as creator and developer of the easy-creds and smbexec projects.


Back to SkyDogCon 2 video list

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast