|
|
|
Attacking Social Networks: Endering |
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Présentation : The sci-fi masterpiece Ender's Game details the formative years of the story's hero - Ender Wiggin. Upon entering battle school, he is immediately made into an outcast by his superiors and begins an uphill climb to gain power and a following. Early on, he figures out that he can send messages that appear to come from other students. He does this by creating a new identity in the shcool computers and exploiting an implementation flaw within the system. Ender leverages the weakness to twist his opponent's words, humiliating his adversary and winning over his friends. The 44th president has a LinkedIn profile and a Twitter account. How do we know that it's actually Barack tweeting and making connections? Ignoring the fact that an aid is probably responsible for managing Barack's online identities, what is to stop any barely computer literate individual from setting up a facebook account in your name? How long could an impostor go undetected? Social networks naturally support multiplicities of an identity. Take for example the many faces of Paris Hilton on LinkedIn. Impersonating online identities, or "Endering", uses personal information from one or more sources and turns that into an online identity within a social network. The potential sources vary wildly and include court records, job boards, wikipedia, mailing lists, social networks, background checks, credit reports etc. In its simplest form, Endering involves an exact duplication of an existing online identity. Endering is actively being conducted on popular social networks. Tweeple were left confused in May of this year after witnessing what appeared to be an MP's tweets indicating inside knowledge of an upcoming general election. At least one Moroccan individual has received Jail time for Endering. Less extreme cases in the US have resulted in Law Suits. Endering and its variations are attacks with political implications and consequences. In practical terms, these attacks can be used to market products, stage hilarious practical jokes, subvert employees, distribute propaganda, manipulate the press, recruit talent, monitor employees, and more. More Examples Fake facebook student used to monitor student body Northwestern officials declined to comment on whether they use or would consider using a false Facebook account to gain access to students? information. But in general, they said, they would not rule out using information found through Facebook, or other Web communication, in disciplinary matters. Guyana President Impersonated Facebook said that under the network's terms of use members are banned from attempting to "impersonate any person or entity". Stealing Friends Once your fake identity has been setup, you'll want to do something with it. Before you can do much of anything useful, you will need to convince some of your target's associates to become your clone's associates. A little research goes a long way here. Some of the best candidates are those you can learn about from public sources but do not have accounts on the social network you're operating within. For example, you want to impersonate the CEO of a company. You know that the CEO is friends with a VP of the same company however the VP does not have a Facebook/LinkedIn/Hi5/YouNameIt account. Another option is to hijack connections. This one requires some grifting but can be just as fruitful. The associate being targeted already has an account on the social network but you will need to trick them into becoming your associate, so in your invitation to connect message, you let them know that your other account was hacked, you lost the password, or some other form of "my dog ate it". It's already fairly common for this to happen without attackers being thrown into the mix.[]
Les mots clés de la revue de presse pour cet article : social
Les videos sur SecuObs pour les mots clés : social
Les éléments de la revue Twitter pour les mots clé : social
Les derniers articles du site "From a malicious attacker" :
- What is Mathematics Page 38 Exercise 3.
- f0 segfault recovery
- f0 blocks
- f0 dlopen
- args
- Ammonite
- Cross Cloud Scripting
- Django User Enumeration
- Tracing Objective-C
- Finding the Heap of an iPhone Application
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.191.75.173 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.191.75.173 to any 80"
- Nous contacter par mail
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
| Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|
