jee.. is that easy? what's your password OP?
hunter2, but don't tell anyone because it's a secret.
All I see is ******2
Weird, because all I see is hunter*
Yup, it is. Social engineering is by far the most effective means of gaining unlawful access to any system.
Humans are always the weakest link.
Exactly. Many breaches follow this pattern:
- Learn the name and some basic details about the secretary or something
- Call corporate tech support asking for a password reset claiming to be the secretary
- Access important stuff since secretaries have a surprising amount of access
Replace "secretary" with some other relevant individual who has a surprising amount of access and wouldn't attract attention.
correcthorsebatterystaple
Hunter2
Hi, I'm Steve from corp. I need your password to verify some settings....
At least it wasn't due to a user input sanitization issue
instead it was a user sanitization issue
Cybersecurity
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world