Mapping Attack Surface for Enterprises: A 5-Step Guide

An attacker doesn’t see your company the way you do. They don’t see departments, projects, or business units. They see a collection of potential entry points—a web of digital assets they can probe for a single weakness. Their goal is to find the one unlocked door you forgot about. This is why...

This Free Discovery Tool Finds and Mitigates AI-SaaS Risks

Wing Security announced today that it now offers free discovery and a paid tier for automated control over thousands of AI and AI-powered SaaS applications. This will allow companies to better protect their intellectual property IP and data against the growing and evolving risks of AI usage. SaaS...

Podcast: Inside the Hackers’ Toolkit

There is no question that companies are in the sights of would-be criminals looking to exploit them. While companies look at solutions and training to help keep the perimeter secure, the biggest fail point is often the employees, AKA the human element. In this Threatpost podcast, sponsored by...

BazaCall: Phony call centers lead to exfiltration and ransomware

Our continued investigation into BazaCall campaigns, those that use fraudulent call centers that trick unsuspecting users into downloading the BazaLoader malware, shows that this threat is more dangerous than what’s been discussed publicly in other security blogs and covered by the media. Apart...

BazaCall: Phony call centers lead to exfiltration and ransomware

Our continued investigation into BazaCall campaigns, those that use fraudulent call centers that trick unsuspecting users into downloading the BazaLoader malware, shows that this threat is more dangerous than what’s been discussed publicly in other security blogs and covered by the media. Apart...

RSAC 2020: Editors' Preview of Hottest Sessions, Speakers and Themes

The RSA 2020 conference kicks off next week in San Francisco, this year with a theme looking at the “human element” of cybersecurity. As they prepare to cover the show, Threatpost editors Lindsey O’Donnell-Welch, Tom Spring and Tara Seals break down the biggest news, stories and trends that they...

Social Engineering — Free Online Training for Hackers

For most of us Hacking is Technological in Nature. But, we usually forget the most important element of hacking that makes a successful hack from 10% to over 90%... ...The Human Element. And here the Social Engineering comes in. Social Engineering deals with non-technical kind of intrusion and...

[SET] Social-Engineer Toolkit 4.1.3

TrustedSec Release the latest version of Social-Engineer Toolkit SET as 4.1.3. As most of us know that, It is an open source, python-driven, social-engineering penetration testing framework of custom tools which solely focuses on attacking the human element of penetration testing. It was designed...

Dartmouth Cyber Security Chief: More Attention Needed To Human Element In Security

Shari Lawrence Pfleeger wrote the book on cyber security – or should we say “books.” The longtime researcher and expert has authored numerous textbooks on everything from software engineering, to the application of metrics in software development, to computer security. The head of research for th...

The Social-Engineer Toolkit v1.4 latest Version !

The Social-Engineer Toolkit v1.4 latest Version ! The Social Engineering Toolkit SET is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It's main purpose is to augment and simulate social-engineering attacks and allow the tester to...