Posts tagged Social Engineering

4 min Threat Intel

How Cybercriminals Use Pinterest to Run Fraud Scams

There are a variety of scams hackers can run on Pinterest, but for this post, we’ll focus on fraud and financial scams.

5 min Threat Intel

How to Automate Identifying and Take Down Malicious Social Media Profiles

Here is how Rapid7 has automated the process of identifying and taking down fake social media profiles to help companies proactively identify these scams.

1 min Metasploit

Top 3 Takeaways from "7 Ways to Make Your Penetration Tests More Productive" Webcast

Earlier this week we heard from ckirsch [], Senior Product Marketing Manager for Metasploit at Rapid7, on the pressure penetration testers are facing. (Hint: it's a lot!). With the increase in high profile breaches and their costs, more and more emphasis is being put on the pen tester and security in general. Read on if you'd like to get the top takeaways from this week's webcast so that you aren't left in the dark about, "7 Ways to Make Your Penetratio

2 min Events

Social-Engineer CTF Report Released

For the last five years, the team at Social-Engineer have been bringing one of the most exciting events to DEF CON - the Social Engineering Capture the Flag.  The contest was designed to help bring awareness to the world about how dangerous social engineering can be.  In our 5th year, the competition was fierce and the report is the best we have ever released. This year a pool of 10 men and 10 women, from diverse backgrounds and experience levels, tested their social engineering abilities again

1 min Metasploit

Webcast: Decrease Your Risk of a Data Breach - Effective Security Programs with Metasploit

Thanks for the many CISOs and security engineers who attended our recent webcast, in which I presented some practical advice on how to leverage Metasploit to conduct regular security reviews that address current attack vectors. While Metasploit is often used for penetration testing projects, this presentation focuses on leveraging Metasploit for ongoing security assessments that can be achieved with a small security team to reduce the risk of a data breach. This webcast is now available for o

2 min Microsoft

Microsoft Patch Tuesday - November 2011

November's Microsoft Patch Tuesday contains four bulletins: one “critical”, two “importants”, and one “moderate”. The majority of these bulletins relate to Microsoft's later versions of the OS, implying that the flaws they address were possibly introduced with Windows Vista. Generally more vulnerabilities are found in earlier versions of the OS, so this month is unusual. The critical bulletin – MS11-083 – is a TCP/IP based, specifically UDP, vulnerability which affects Vista, Windows 7, Server