Ping Rmus

Discussion in 'malware problems & news' started by Longboard, Mar 4, 2010.

Thread Status:
Not open for further replies.
  1. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Thought you'd get a smile on after reading this:
    http://www.theregister.co.uk/2010/03/04/social_penetration/
    Particularly this stroke of (?) genius :D
    :eek: :D

    The enterprise phishing weaknesses are often at the top IMO...;)
     
    Last edited: Mar 4, 2010
  2. dalecosp

    dalecosp Registered Member

    Joined:
    Mar 4, 2010
    Posts:
    5
    The younger folk are more savvy ... but the older ones are the executives. Not particularly surprising, although executives are supposed to be *smart*, and this does make you wonder. o_O
     
  3. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    I suppose it would be funny if it potentially weren't serious!

    ----
    rich
     
  4. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Rmus; Truly, I am onside with your expertise and your lessons and insights; you have given me excellent information and 'templates' for safety in the food chain of the www. Make no mistake about that. :thumb:
    (response to other '..had enough..' thread in production. :) )

    Yes very serious.
    Should've posted:
    It is of course an excellent example of 2 truisms: "the chain is only as strong as...", and, "pride goeth..."
    Outstanding lesson in hubris to anyone .
    I was captivated by the razor-sharp insight into human nature and the sheer bravura of the pen testers, as well the vision of that CEO with a giant omelette all over his dial.
    :thumb:
    Regards.
     
  5. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Hi Longboard,

    Egg in the face has happened before! One that stands out from 4 years ago:

    Social Engineering, the USB Way
    http://www.darkreading.com/document.asp?doc_id=95556&WT.svl=column1_1

    To me, this demonstrated

    1) Human fallibility.

    2) That the company had no protection in place against Autorun exploits.

    3) That the company had no protection in place against the intrusion of unauthorized executables.

    regards,

    rich
     
    Last edited: Mar 7, 2010
  6. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Re: http://www.darkreading.com/document.asp?doc_id=95556&WT.svl=column1_1
    Ya. I remember that episode.
    Again brilliant exploitation of gullibility and security holes.
    I well remember the "kick in the pants" for many users re 'autoruns' :cautious:
    As you point out : failure at many levels.

    Acknowledging your palpable disappointment re baseline security at some organisations: the "benign" or contracted pen testers seem to do a valuable job identifying holes.
    What other way is there to audit security performance across the board??
    Heh::shifty: : believe the marketing of the Paid consultants or software providers ??

    The social engineering pen testers continue to demonstrate lateral thinking as per the "LOL is this U" on Twitter: seems to have pinged a lot of cluey users.
     
    Last edited: Mar 8, 2010
  7. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Why should a System Adminstrator in an organization need a pen tester to prove that allowing Autorun on the company workstations is just inviting trouble? These System Admins certainly have some credentials, the awarding of which should demonstrate some basic knowledge of security exploits and prevention.

    It's not that Autorun exploits are anything new:

    Microsoft Windows autorun.inf Vulnerability
    Published: Feb 18 2000
    http://www.securityfocus.com/bid/993/info
    As far as preventing that pen tester trojan from infiltrating the company network, it's not like reliable protection is something new:

    Using Software Restriction Policies to Protect Against Unauthorized Software
    Published: January 01, 2002
    http://technet.microsoft.com/en-us/library/bb457006.aspx
    No matter how much user training employees are given, with so many using company computers, the System Admin just can't take a chance with open roads into the system as shown in that example.

    Two things should have taken place following that incident with the USB drives in the parking lot,

    1) The CEO should have asked the System Admin why company workstations need Autorun for company work.

    2) The CEO in a nice way should have suggested that the System Admin return to school for further training, and wish him success in his next job, since this one terminates immediately.

    So there! Show no mercy!

    ----
    rich
     
  8. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Seems simple enough eh ?
    :D
     
Thread Status:
Not open for further replies.