Friday, February 06, 2009

Social Engineering with a Cisco Shirt

There's nothing particularly new or brilliant in this story from CSO Online. It's just a text book social engineering exercise about a security consultant who basically talked his way into a client's facility and hacked their network. The exercise was part of a vulnerability test for a "retail company with a large call center."

All the tester used was a Cisco shirt bought at a thrift shop, some USB keys left in the cafeteria, a Linksys wireless router and a plate of cookies. The USB keys had password-stealing rootkits. These are some of the oldest tricks in the book. The sad part is that they still work.


Post a Comment

<< Home