39 min listen
Unavailable
Currently unavailable
2018-032-chris Hadnagy, discusses his new book, OSINT and SE Part 1
Currently unavailable
2018-032-chris Hadnagy, discusses his new book, OSINT and SE Part 1
ratings:
Length:
38 minutes
Released:
Sep 8, 2018
Format:
Podcast episode
Description
Christopher Hadnagy Interview: Origin story connoisseur of moonshine Social Engineering: The Science of Human Hacking 2nd Edition Sponsored Link (paperback on Amazon): https://amzn.to/2NKxLD9 SEORG book list: https://www.social-engineer.org/resources/seorg-book-list/ Chris’ Podcast: https://www.social-engineer.org/podcast/ SECTF at Derby (contestants are chosen) Remembering - attention to detail Remembering details Can be the difference between success and failure Social Engineering - the different aspects: Info Gathering Time constraints Accommodating non-verbals Body language must match mood Using a slower rate of speech Suspending ego RSVP Rapport Psychology “Getting information without asking for it” Elicitation ‘The Dark Art’ -negative outcome for the target Manipulation “Getting someone to do what you want them to do” Understanding the science of compliance Influence Profiling Communications Modeling Facial Expressions Body Language Don’t overextend your reach Knowledge that comes from a point of truth, or is easily faked Pretexting Emotional Hijacking Misdirection Art Science Questions: What precipitated the need to write another book? You bring up several successful operations, and several failures… How do you regroup from a failure, especially if the point of entry is someone that ‘got you’... “The level of the assistance you request must be equal to the level of rapport you have built” - Seems like understanding this is an acquired skill, not set in stone… Many of us in the infosec world are introverts… how do you suggest we hone our skills in building rapport without coming off as creepy? Work place? On the commute? Does being an introvert mean that it might take longer to get to the goal? Can we use our introverted natures to our advantage? Get Ryan on the show… Lots of items (8 principles of influence) Typical daily SE activities Holding a door open, then the person reciprocates Framing We don’t ‘kill our dogs’, we ‘put them to sleep’. Questions from our Slack: Ben: Do you feel there's an importance for non-InfoSec adjacent folks to learn about Social Engineering, and maybe go through some sort of training in order to navigate day-to-day life in the modern world? What does an interview at Chris’ company look like? https://www.innocentlivesfoundation.org/ Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel: http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site: https://brakesec.com/bdswebsite #iHeartRadio App: https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec
Released:
Sep 8, 2018
Format:
Podcast episode
Titles in the series (100)
2020-019-Masha Sedova, customized training, phishing, ransomware, and privacy implications: Masha Sedova - Founder, Elevate Security Topic ideas from the PR company: Inability to measure human security behaviors leads to increased risk in our computing environments. For too long, we’ve accepted training completion and mock... by BrakeSec Education Podcast