SlideShare uma empresa Scribd logo

10 Fun Short IT Horror Stories

Transferir como PPTX, PDF
Stu Sjouwerman
Stu Sjouwerman

Here are 10 predictions for 2014, all cyber attacks using social engineering to penetrate the network. Have fun reading, and I will try to report back in 12 months which ones came out as real.

TecnologiaEconomia e finanças
1 de 13
Here are 10 predictions for 2014, all cyber attacks using social engineering to penetrate the network. Have fun reading, and I will try to report back in 12 months which ones came out as real.
1 The Registry Hack A mid-size Credit Union's controller shares on Facebook that she is expecting a baby. She has a detailed profile on LinkedIn, and also creates a baby registry at Amazon. She receives an email from Amazon's marketing department that they want to interview her about the registry and that she can choose one of her registry items for free. She clicks on the link. Her workstation gets infected with a Trojan
2 Legal File Corruption In-house counsel of a large defense contractor, working long days on a corruption lawsuit against a former VP Sales works closely with their outside attorneys when the case comes to trial. She receives an email from her counterpart who complains the email server of his office is down and if she can email him the case file immediately as he's on his way to court. The file is used by the competition to steal away a large deal.
3 PCI Compliance Failure A system administrator gets an email from their credit card merchant account processor that his company has failed their PCI compliance and that their card processing will be shut down in 24 hours unless he immediately reports on the recent vulnerability scan what was done. A link is provided to confirm which patches have been applied. The system admin clicks and his workstation gets infected with a zero-day exploit that gives the bad guys the keys to the kingdom: admin credentials!
4 Underperformance Review Dozens of employees in a healthcare company get an email from their CEO who is asking to participate in an anonymous "How Are We Doing?" survey. The CEO explicitly asks for feedback on herself, and also if the employee please rate the performance of their direct supervisor. 65% of the employees click on the link and all of their workstations get infected causing the IT team four days of twenty-hour frantic wipe & rebuild time.
5 iPhone Pwned A CEO of a non-profit shares on LinkedIn he really likes the new iPhone with fingerprint recognition. A few weeks later he gets a text message from Apple that there is an important update of the fingerprint software, and that he should do that as soon as possible. It will require a reboot of his phone though. He complies right away, but what gets installed is mobile malware that steals the credentials of his office VPN. Bad guys add phantom employees to their payroll and they lose $15,000 to money mules in Direct Deposit the next Friday.
6 Celebrity Trap The VP Sales of a large online ticket reservation site gets an email from the lead singer of his favorite band, inviting him to meet & greet backstage after the coming gig they have in his town. He's all excited and clicks on the link. That one click is enough to let the bad guys in, and exfiltrate their database with 275,000 full customer credit card transactions. Cha-Ching!
7 Credit Card Security Con The wife of a mid-size bank's President gets a phone call from their credit card company. The rep explains they are offering a new security service, to make sure their account is resistant against cyber attacks. This service will send a text to her phone if there is a fraudulent charge, so she can tap "no" on the phone if she wants to dispute the charge. The rep asks her to type a domain name in her browser so she can get her cell phone subscribed to the new service. The domain is malicious and drops a Trojan on her PC which allows the bad guys to take over the home network, and infect the laptop of her husband who plugs it in the bank's network during the week. The bank itself gets penetrated that way, and $2 Million gets transferred to Russia out of the bank's customer accounts.
8 Broken Cloud A few years ago, Chinese government-sponsored hackers opened a front office in the US and carefully developed it into a well-funded, up & coming cloud consultancy firm. They keep working at it, impressing cloud providers with whitepapers showing their indepth knowledge of cloud security. They even hire unwitting US employees that have security clearance. Finally they get invited by Amazon for a possible contracting job. They get access to the premises, are invited for a tour of the data center and manage to plug a small device in the ethernet jack of a conference room phone for a few seconds. That allows them to subtly sabotage that data center and write another whitepaper describing the specific problem. Next, they sit back and wait until they are called. Finally the call comes, they move in to "assist" and obtain full ownership of the cloud.
9 PDF Deception The CIO of a large insurance company gets a call from an attractive sounding recruiter, stating that he's been selected for an interview to discuss a CEO position at an online competitor. He has not heard of the recruiting firm but checks out the rep on LinkedIn. It all seems legit and she's a looker. As part of the procedure, the CIO gets a PDF with a description of the company that is interested in him. The PDF does not open up for some reason and he closes the reader. He retries but the PDF fails again. You guessed it. There was a Trojan inside and his workstation is pnwed, allowing very valuable confidential information to be exfiltrated.
10 Top Dog Social Engineer A man crafts a new web portal and establishes trust with new users, helping them to get ahead socially by sharing personal and work details, habits, and preferences. He collects all of this data, allows targeted advertising, and even goes public. It's unbelievable that he gets away with this when identity theft has become rampant and not giving out personal information is top priority. In case you did not guess, the Top Dog social engineer is Mark Zuckerberg, founder and CEO of Facebook. A billion people fell for his ruse. Remember, if you don't -pay- for the product you -are- the product.
10 Fun Short IT Horror Stories

Recomendados

Five cyber threats to be careful in 2018
Five cyber threats to be careful in 2018Five cyber threats to be careful in 2018
Five cyber threats to be careful in 2018Ronak Jain
 
IT Sample Paper
IT Sample PaperIT Sample Paper
IT Sample PaperWrite My Essay
 
Blue Coat 2013 Systems Mobile Malware Report
Blue Coat 2013 Systems Mobile Malware ReportBlue Coat 2013 Systems Mobile Malware Report
Blue Coat 2013 Systems Mobile Malware ReportContent Rules, Inc.
 
Phishing
PhishingPhishing
PhishingJayaseelan Vejayon
 
Grift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideGrift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideRoen Branham
 
Employee extortion
Employee extortionEmployee extortion
Employee extortionrhey02
 
Phishing technology
Phishing technologyPhishing technology
Phishing technologyharpinderkaur123
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldAvishek Datta
 

Recomendados

Five cyber threats to be careful in 2018
Five cyber threats to be careful in 2018Five cyber threats to be careful in 2018
Five cyber threats to be careful in 2018Ronak Jain
 
IT Sample Paper
IT Sample PaperIT Sample Paper
IT Sample PaperWrite My Essay
 
Blue Coat 2013 Systems Mobile Malware Report
Blue Coat 2013 Systems Mobile Malware ReportBlue Coat 2013 Systems Mobile Malware Report
Blue Coat 2013 Systems Mobile Malware ReportContent Rules, Inc.
 
Phishing
PhishingPhishing
PhishingJayaseelan Vejayon
 
Grift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideGrift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideRoen Branham
 
Employee extortion
Employee extortionEmployee extortion
Employee extortionrhey02
 
Phishing technology
Phishing technologyPhishing technology
Phishing technologyharpinderkaur123
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldAvishek Datta
 
A Review on Antiphishing Framework
A Review on Antiphishing FrameworkA Review on Antiphishing Framework
A Review on Antiphishing FrameworkIJAEMSJORNAL
 
Phising a Threat to Network Security
Phising a Threat to Network SecurityPhising a Threat to Network Security
Phising a Threat to Network Securityanjuselina
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gchiewmingli
 
Symantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec
 
Exploring And Investigating New Dimensions In Phishing
Exploring And Investigating New Dimensions In PhishingExploring And Investigating New Dimensions In Phishing
Exploring And Investigating New Dimensions In PhishingMuhammad Haroon CISM PCI QSA ISMS LA CPTS CEH
 
FBI And Cyber Crime | Crime Stoppers International
FBI And Cyber Crime | Crime Stoppers International FBI And Cyber Crime | Crime Stoppers International
FBI And Cyber Crime | Crime Stoppers International Scott Mills
 
Phishing attack till now
Phishing attack till nowPhishing attack till now
Phishing attack till nowelakkiya poongunran
 
Top Cyber Threats of 2009
Top Cyber Threats of 2009Top Cyber Threats of 2009
Top Cyber Threats of 2009Symantec
 
Protecting Yourself Against Mobile Phishing
Protecting Yourself Against Mobile PhishingProtecting Yourself Against Mobile Phishing
Protecting Yourself Against Mobile PhishingAlliance Data card services - Know More Sell More
 
Seminaar Report of Phishing VIII Sem
Seminaar Report of Phishing VIII SemSeminaar Report of Phishing VIII Sem
Seminaar Report of Phishing VIII SemNarendra Singh
 
Phishing
PhishingPhishing
PhishingSouganthikaSankaresw
 
Anti phishing
Anti phishingAnti phishing
Anti phishingShethwala Ridhvesh
 
Introduction to phishing
Introduction to phishingIntroduction to phishing
Introduction to phishingRaviteja Chowdary Adusumalli
 
Social Networking Threats
Social Networking ThreatsSocial Networking Threats
Social Networking Threatsejhilbert
 
Phishing-Updated
Phishing-UpdatedPhishing-Updated
Phishing-UpdatedJayaseelan Vejayon
 
Phishing attack
Phishing attackPhishing attack
Phishing attackRaghav Chhabra
 
Cyber crime
Cyber crime Cyber crime
Cyber crime srishtig993
 
Social Media Security
Social Media SecuritySocial Media Security
Social Media Securityscstatelibrary
 
Facebook
FacebookFacebook
FacebookSteph Cliche
 
National Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationNational Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationJamie Proctor-Brassard
 
Data breach
Data breachData breach
Data breachBurhan Ahmed
 

Mais conteúdo relacionado

Mais procurados

A Review on Antiphishing Framework
A Review on Antiphishing FrameworkA Review on Antiphishing Framework
A Review on Antiphishing FrameworkIJAEMSJORNAL
 
Phising a Threat to Network Security
Phising a Threat to Network SecurityPhising a Threat to Network Security
Phising a Threat to Network Securityanjuselina
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
Symantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec
 
FBI And Cyber Crime | Crime Stoppers International
FBI And Cyber Crime | Crime Stoppers International FBI And Cyber Crime | Crime Stoppers International
FBI And Cyber Crime | Crime Stoppers International Scott Mills
 
Top Cyber Threats of 2009
Top Cyber Threats of 2009Top Cyber Threats of 2009
Top Cyber Threats of 2009Symantec
 
Seminaar Report of Phishing VIII Sem
Seminaar Report of Phishing VIII SemSeminaar Report of Phishing VIII Sem
Seminaar Report of Phishing VIII SemNarendra Singh
 
Social Networking Threats
Social Networking ThreatsSocial Networking Threats
Social Networking Threatsejhilbert
 

Mais procurados (20)

A Review on Antiphishing Framework
A Review on Antiphishing FrameworkA Review on Antiphishing Framework
A Review on Antiphishing Framework
 
Phising a Threat to Network Security
Phising a Threat to Network SecurityPhising a Threat to Network Security
Phising a Threat to Network Security
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
 
Symantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec Report On Rogue Security Software
Symantec Report On Rogue Security Software
 
Exploring And Investigating New Dimensions In Phishing
Exploring And Investigating New Dimensions In PhishingExploring And Investigating New Dimensions In Phishing
Exploring And Investigating New Dimensions In Phishing
 
FBI And Cyber Crime | Crime Stoppers International
FBI And Cyber Crime | Crime Stoppers International FBI And Cyber Crime | Crime Stoppers International
FBI And Cyber Crime | Crime Stoppers International
 
Phishing attack till now
Phishing attack till nowPhishing attack till now
Phishing attack till now
 
Top Cyber Threats of 2009
Top Cyber Threats of 2009Top Cyber Threats of 2009
Top Cyber Threats of 2009
 
Protecting Yourself Against Mobile Phishing
Protecting Yourself Against Mobile PhishingProtecting Yourself Against Mobile Phishing
Protecting Yourself Against Mobile Phishing
 
Seminaar Report of Phishing VIII Sem
Seminaar Report of Phishing VIII SemSeminaar Report of Phishing VIII Sem
Seminaar Report of Phishing VIII Sem
 
Phishing
PhishingPhishing
Phishing
 
Anti phishing
Anti phishingAnti phishing
Anti phishing
 
Introduction to phishing
Introduction to phishingIntroduction to phishing
Introduction to phishing
 
Social Networking Threats
Social Networking ThreatsSocial Networking Threats
Social Networking Threats
 
Phishing-Updated
Phishing-UpdatedPhishing-Updated
Phishing-Updated
 
Phishing attack
Phishing attackPhishing attack
Phishing attack
 
Cyber crime
Cyber crime Cyber crime
Cyber crime
 
Social Media Security
Social Media SecuritySocial Media Security
Social Media Security
 
Facebook
FacebookFacebook
Facebook
 

Semelhante a 10 Fun Short IT Horror Stories

National Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationNational Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationJamie Proctor-Brassard
 
What Are My Risks
What Are My RisksWhat Are My Risks
What Are My Risksrothl
 
What Are My Risks
What Are My RisksWhat Are My Risks
What Are My Risksrothl
 
What Are My Risks
What Are My RisksWhat Are My Risks
What Are My Risksrothl
 
Case Project 2 Read the following Case Study and answer the que
Case Project 2 Read the following Case Study and answer the queCase Project 2 Read the following Case Study and answer the que
Case Project 2 Read the following Case Study and answer the queogglili
 
A Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comA Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comBusiness.com
 
Blue team responses to people who "hack like a girl"
Blue team responses to people who "hack like a girl" Blue team responses to people who "hack like a girl"
Blue team responses to people who "hack like a girl" Kate Brew
 
Adam Bulava GCC 2019
Adam Bulava GCC 2019Adam Bulava GCC 2019
Adam Bulava GCC 2019ImekDesign
 
Safeguarding PeopleSoft Against Direct Deposit Theft
Safeguarding PeopleSoft Against Direct Deposit TheftSafeguarding PeopleSoft Against Direct Deposit Theft
Safeguarding PeopleSoft Against Direct Deposit TheftAppsian
 
Read Ethics in IT. Information technology is the engine that make.docx
Read Ethics in IT. Information technology is the engine that make.docxRead Ethics in IT. Information technology is the engine that make.docx
Read Ethics in IT. Information technology is the engine that make.docxleonorepour284
 
Anatomy of a spear phishing attack
Anatomy of a spear phishing attackAnatomy of a spear phishing attack
Anatomy of a spear phishing attackMark Mair
 
Top Positive and Negative Impacts of AI & ML on Cybersecurity
Top Positive and Negative Impacts of AI & ML on CybersecurityTop Positive and Negative Impacts of AI & ML on Cybersecurity
Top Positive and Negative Impacts of AI & ML on CybersecurityPixel Crayons
 
12 Holiday Tech Shopping Scams
12 Holiday Tech Shopping Scams12 Holiday Tech Shopping Scams
12 Holiday Tech Shopping ScamsJim Evans
 
ImageQuest_Newsletter_July_Milton copy
ImageQuest_Newsletter_July_Milton copyImageQuest_Newsletter_July_Milton copy
ImageQuest_Newsletter_July_Milton copyAlisa Alvich
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsBen Graybar
 
Social Media Balancing Security & Authenticity without Controlling the Message
Social Media Balancing Security & Authenticity without Controlling the MessageSocial Media Balancing Security & Authenticity without Controlling the Message
Social Media Balancing Security & Authenticity without Controlling the MessageCindy Kim
 
Case 11. What exactly occurred Twitter is one of popular soci.docx
Case 11. What exactly occurred Twitter is one of popular soci.docxCase 11. What exactly occurred Twitter is one of popular soci.docx
Case 11. What exactly occurred Twitter is one of popular soci.docxtidwellveronique
 

Semelhante a 10 Fun Short IT Horror Stories (20)

National Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationNational Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness Presentation
 
Data breach
Data breachData breach
Data breach
 
What Are My Risks
What Are My RisksWhat Are My Risks
What Are My Risks
 
What Are My Risks
What Are My RisksWhat Are My Risks
What Are My Risks
 
What Are My Risks
What Are My RisksWhat Are My Risks
What Are My Risks
 
Social Engineering CSO Survival Guide
Social Engineering CSO Survival GuideSocial Engineering CSO Survival Guide
Social Engineering CSO Survival Guide
 
Case Project 2 Read the following Case Study and answer the que
Case Project 2 Read the following Case Study and answer the queCase Project 2 Read the following Case Study and answer the que
Case Project 2 Read the following Case Study and answer the que
 
A Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comA Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.com
 
Blue team responses to people who "hack like a girl"
Blue team responses to people who "hack like a girl" Blue team responses to people who "hack like a girl"
Blue team responses to people who "hack like a girl"
 
Adam Bulava GCC 2019
Adam Bulava GCC 2019Adam Bulava GCC 2019
Adam Bulava GCC 2019
 
Safeguarding PeopleSoft Against Direct Deposit Theft
Safeguarding PeopleSoft Against Direct Deposit TheftSafeguarding PeopleSoft Against Direct Deposit Theft
Safeguarding PeopleSoft Against Direct Deposit Theft
 
Read Ethics in IT. Information technology is the engine that make.docx
Read Ethics in IT. Information technology is the engine that make.docxRead Ethics in IT. Information technology is the engine that make.docx
Read Ethics in IT. Information technology is the engine that make.docx
 
Anatomy of a spear phishing attack
Anatomy of a spear phishing attackAnatomy of a spear phishing attack
Anatomy of a spear phishing attack
 
Top Positive and Negative Impacts of AI & ML on Cybersecurity
Top Positive and Negative Impacts of AI & ML on CybersecurityTop Positive and Negative Impacts of AI & ML on Cybersecurity
Top Positive and Negative Impacts of AI & ML on Cybersecurity
 
12 Holiday Tech Shopping Scams
12 Holiday Tech Shopping Scams12 Holiday Tech Shopping Scams
12 Holiday Tech Shopping Scams
 
ImageQuest_Newsletter_July_Milton copy
ImageQuest_Newsletter_July_Milton copyImageQuest_Newsletter_July_Milton copy
ImageQuest_Newsletter_July_Milton copy
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
 
Social Media Balancing Security & Authenticity without Controlling the Message
Social Media Balancing Security & Authenticity without Controlling the MessageSocial Media Balancing Security & Authenticity without Controlling the Message
Social Media Balancing Security & Authenticity without Controlling the Message
 
Case 11. What exactly occurred Twitter is one of popular soci.docx
Case 11. What exactly occurred Twitter is one of popular soci.docxCase 11. What exactly occurred Twitter is one of popular soci.docx
Case 11. What exactly occurred Twitter is one of popular soci.docx
 
Cyber safe girl e book
Cyber safe girl e bookCyber safe girl e book
Cyber safe girl e book
 

Último

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 

Último (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 

10 Fun Short IT Horror Stories

  • 1.
  • 2. Here are 10 predictions for 2014, all cyber attacks using social engineering to penetrate the network. Have fun reading, and I will try to report back in 12 months which ones came out as real.
  • 3. 1 The Registry Hack A mid-size Credit Union's controller shares on Facebook that she is expecting a baby. She has a detailed profile on LinkedIn, and also creates a baby registry at Amazon. She receives an email from Amazon's marketing department that they want to interview her about the registry and that she can choose one of her registry items for free. She clicks on the link. Her workstation gets infected with a Trojan
  • 4. 2 Legal File Corruption In-house counsel of a large defense contractor, working long days on a corruption lawsuit against a former VP Sales works closely with their outside attorneys when the case comes to trial. She receives an email from her counterpart who complains the email server of his office is down and if she can email him the case file immediately as he's on his way to court. The file is used by the competition to steal away a large deal.
  • 5. 3 PCI Compliance Failure A system administrator gets an email from their credit card merchant account processor that his company has failed their PCI compliance and that their card processing will be shut down in 24 hours unless he immediately reports on the recent vulnerability scan what was done. A link is provided to confirm which patches have been applied. The system admin clicks and his workstation gets infected with a zero-day exploit that gives the bad guys the keys to the kingdom: admin credentials!
  • 6. 4 Underperformance Review Dozens of employees in a healthcare company get an email from their CEO who is asking to participate in an anonymous "How Are We Doing?" survey. The CEO explicitly asks for feedback on herself, and also if the employee please rate the performance of their direct supervisor. 65% of the employees click on the link and all of their workstations get infected causing the IT team four days of twenty-hour frantic wipe & rebuild time.
  • 7. 5 iPhone Pwned A CEO of a non-profit shares on LinkedIn he really likes the new iPhone with fingerprint recognition. A few weeks later he gets a text message from Apple that there is an important update of the fingerprint software, and that he should do that as soon as possible. It will require a reboot of his phone though. He complies right away, but what gets installed is mobile malware that steals the credentials of his office VPN. Bad guys add phantom employees to their payroll and they lose $15,000 to money mules in Direct Deposit the next Friday.
  • 8. 6 Celebrity Trap The VP Sales of a large online ticket reservation site gets an email from the lead singer of his favorite band, inviting him to meet & greet backstage after the coming gig they have in his town. He's all excited and clicks on the link. That one click is enough to let the bad guys in, and exfiltrate their database with 275,000 full customer credit card transactions. Cha-Ching!
  • 9. 7 Credit Card Security Con The wife of a mid-size bank's President gets a phone call from their credit card company. The rep explains they are offering a new security service, to make sure their account is resistant against cyber attacks. This service will send a text to her phone if there is a fraudulent charge, so she can tap "no" on the phone if she wants to dispute the charge. The rep asks her to type a domain name in her browser so she can get her cell phone subscribed to the new service. The domain is malicious and drops a Trojan on her PC which allows the bad guys to take over the home network, and infect the laptop of her husband who plugs it in the bank's network during the week. The bank itself gets penetrated that way, and $2 Million gets transferred to Russia out of the bank's customer accounts.
  • 10. 8 Broken Cloud A few years ago, Chinese government-sponsored hackers opened a front office in the US and carefully developed it into a well-funded, up & coming cloud consultancy firm. They keep working at it, impressing cloud providers with whitepapers showing their indepth knowledge of cloud security. They even hire unwitting US employees that have security clearance. Finally they get invited by Amazon for a possible contracting job. They get access to the premises, are invited for a tour of the data center and manage to plug a small device in the ethernet jack of a conference room phone for a few seconds. That allows them to subtly sabotage that data center and write another whitepaper describing the specific problem. Next, they sit back and wait until they are called. Finally the call comes, they move in to "assist" and obtain full ownership of the cloud.
  • 11. 9 PDF Deception The CIO of a large insurance company gets a call from an attractive sounding recruiter, stating that he's been selected for an interview to discuss a CEO position at an online competitor. He has not heard of the recruiting firm but checks out the rep on LinkedIn. It all seems legit and she's a looker. As part of the procedure, the CIO gets a PDF with a description of the company that is interested in him. The PDF does not open up for some reason and he closes the reader. He retries but the PDF fails again. You guessed it. There was a Trojan inside and his workstation is pnwed, allowing very valuable confidential information to be exfiltrated.
  • 12. 10 Top Dog Social Engineer A man crafts a new web portal and establishes trust with new users, helping them to get ahead socially by sharing personal and work details, habits, and preferences. He collects all of this data, allows targeted advertising, and even goes public. It's unbelievable that he gets away with this when identity theft has become rampant and not giving out personal information is top priority. In case you did not guess, the Top Dog social engineer is Mark Zuckerberg, founder and CEO of Facebook. A billion people fell for his ruse. Remember, if you don't -pay- for the product you -are- the product.