Social Engineering The Most Underestimated APT - Hacking the Human Operating System

Presented at DeepSec 2016 „Ten“, Unknown date/time (Unknown duration).

The content I am going to share is brand-new and has been developed over the past years based on experience as an international consultant (Big 4, KPMG, Deloitte, Australia, China, Switzerland, Singapore, Malaysia, etc.) by myself and my colleague and not been presented anywhere else. At this conference I will share the work results for the first time publicly and exclusively. Just recently we decided to open source our knowledge by sharing the content of our Social Engineering Engagement Framework (SEEF). It offers a brand new point of view: Until now most Social Engineering frameworks were based on technical tools but rarely focused on the business and risk side of social engineering. On a corporate level there was no methodology making Social Engineering engagements plannable, secure and the achieved results comparable as well as repeatable. Most Social Engineering definitions are technically focused, while we define Social Engineering simply as "The elicitation of information from systems, networks or human beings through methods and tools". For this presentation I selected elements from the framework in order to show the audience how to successfully plan, document and execute a professional Social Engineering (attack). As a successful participant of the recent Social Engineering Capture the Flag (SECTF) competition at Defcon 22 I have a lot of experience I like to share with the audience and lots of stories to tell.

Presenters:

  • Dominique Brack - Reputelligence, Social Engineering Engagement Framework (SEEF)   as Dominique C. Brack
    Dominique C. Brack is a recognized expert in information security, including identity theft, social media exposure, data breach, cyber security, human manipulation and online reputation management. He is a highly qualified, top-performing professional with outstanding experience and achievements within key IT security, risk and project management roles confirming expertise in delivering innovative, customer-responsive projects and services in highly sensitive environments on an international scale. Mr. Brack is accessible, real, professional, and provides topical, timely and cutting edge information. Dominique's direct and to-the-point tone of voice can be counted on to capture attention, and - most importantly - inspire and empower action. https://ch.linkedin.com/in/dominiquebrack https://www.xing.com/profile/DominiqueCedric_Brack http://de.slideshare.net/slideshare807am

Links:

Similar Presentations: