Social Engineering Blogs

Project ‘Sender ID’

The Anti Social Engineer Blog — Sun, 01 Jan 2017 18:38:49 +0000

Over 100 Billion SMS messages are sent per year in the U.K., whilst this figure continues to fall due to mobile device users opting to use alternative communication mediums such as WhatsApp, Facebook Messenger and Signal – we are still a nation dependant on this older form of messaging. If you think it’s going to disappear anytime soon you should… Read more →

The post Project ‘Sender ID’ appeared first on Social Engineering Blogs.

2017 and Beyond

The Anti Social Engineer Blog — Tue, 27 Dec 2016 17:24:10 +0000

It’s been 2 years to the day since The AntiSocial Engineer Limited was founded; The seasonal timing and also the fact we seem to be doing enough right to pay the bills have made us sit down and question where we take it from here. It sure has been educational and part of our future plans came from a reflection on… Read more →

The post 2017 and Beyond appeared first on Social Engineering Blogs.

iMessage Preview Problems

The Anti Social Engineer Blog — Mon, 10 Oct 2016 10:51:06 +0000

In recent Apple iMessage updates the way links are handled within an SMS message have changed significantly and this adaptation poses quite a security concern for us. Early 2016 we were the first company in the UK to offer SMShing services. These SMS messages are like phishing emails and contain a pretext alongside a link within the message. When a… Read more →

The post iMessage Preview Problems appeared first on Social Engineering Blogs.

TalkTalk, one year later.

The Anti Social Engineer Blog — Wed, 05 Oct 2016 20:41:37 +0000

For nearly a year we have had a tale we’ve told to friends and business associates. The tale involves TalkTalk and how one day we found the data breach, alerted them and sparked the controversy that we all know to this day as ‘The TalkTalk Breach of 2015’. It’s been a funny year, with one NDA or another we’ve sometimes even… Read more →

The post TalkTalk, one year later. appeared first on Social Engineering Blogs.

How to Handle A Data Breach

The Anti Social Engineer Blog — Wed, 17 Aug 2016 12:43:25 +0000

To a modern business a data breach can have devastating effects. We have seen TalkTalk hastily bungle, Sage coyly dawdle and many more generally mess it up, it’s got to change. We don’t spend all day hunting these illusive beasts either, but we have had our involvement in both mentioned breaches and feel we could offer some public insight to the very elusive modern mishap.… Read more →

The post How to Handle A Data Breach appeared first on Social Engineering Blogs.

Sage UK Payroll Data Breach

The Anti Social Engineer Blog — Sat, 13 Aug 2016 13:00:20 +0000

Personal details and bank account information for employees of as many as 300 large UK companies may have been compromised as part of a data breach at Sage, a UK accountancy software group. August 11th, 2016 Sage UK Payroll services started notifying customers of a data breach effecting their staff payroll systems. A rather generic statement was believed to be provided… Read more →

The post Sage UK Payroll Data Breach appeared first on Social Engineering Blogs.

Everybody on the floor, this is a data breach

The Anti Social Engineer Blog — Wed, 03 Aug 2016 17:18:21 +0000

So it might not be immediately apparent but when I am not hacking things and complaining about the lack of security in businesses, I also do mundane things. I tidy the house, I go shopping for soy milk and vegetables, I have recently adopted running and when i’ve done all the basics of life, I even try to complete the… Read more →

The post Everybody on the floor, this is a data breach appeared first on Social Engineering Blogs.

Policing Insider Threats

The Anti Social Engineer Blog — Wed, 13 Jul 2016 10:42:08 +0000

The term insider threat is brandished around quite a lot these days, companies often talk of the weakest link in security being people. I guess they are almost right in what they say, but I can still dream about a world in which people can actually be one of our biggest strengths. The typical company sees the classic insider threat… Read more →

The post Policing Insider Threats appeared first on Social Engineering Blogs.

InfoSec Interviews – Richard De Vere

The Anti Social Engineer Blog — Sat, 18 Jun 2016 07:50:50 +0000

Original article by IT Governence: here So a while back I was interviewed by Lewis Morgan from the IT Governance Blog and thought i’d share this on the site. It is a little tongue in cheek reading it back actually! But genuine none the less. First, let’s quickly cover the basics: what is social engineering? Well, a good question straight… Read more →

The post InfoSec Interviews – Richard De Vere appeared first on Social Engineering Blogs.

How we Support Magicians, Fraudsters & Hackers

The Anti Social Engineer Blog — Tue, 10 May 2016 09:33:54 +0000

One advantage of running a small boutique consultancy is I get to steer the business activity towards subjects I personally find interesting. Throughout my career, I have always been fascinated with frauds and that is where my focus normally lies. It’s that magic-like performance for me that has a very similar feeling to the showmanship of great magicians. When you watch a magic… Read more →

The post How we Support Magicians, Fraudsters & Hackers appeared first on Social Engineering Blogs.