The list of friends of the user (included in the information made
accessible to the application developer with the "Access
my basic information ") can be exploited by attackers. a
intruder can gather data on the size of the organization for which
the person works, its hierarchy, its experience and level
computer skills, etc.. This information can locate a
employee who may be led to reveal even more sensitive data
opening a backdoor in the corporate network.
Other scenarios involving different strategies are also
possible. With social engineering very versatile,
Attackers can use a professional online network to target
employees who, although not necessarily security experts can
access to critical information resources of the network
organization.
Consider the hypothetical scenario of an attack of persuading
unsuspecting victims to disclose sensitive data
e-mail. Carefully refine the message to make it look
a legitimate message (from the CEO, for example) is likely to
bear fruit. If the message contains a PDF file attached, charged
malware, and the employee opens the attacker accesses the network
organization and extracts the data of interest.
accessible to the application developer with the "Access
my basic information ") can be exploited by attackers. a
intruder can gather data on the size of the organization for which
the person works, its hierarchy, its experience and level
computer skills, etc.. This information can locate a
employee who may be led to reveal even more sensitive data
opening a backdoor in the corporate network.
Other scenarios involving different strategies are also
possible. With social engineering very versatile,
Attackers can use a professional online network to target
employees who, although not necessarily security experts can
access to critical information resources of the network
organization.
Consider the hypothetical scenario of an attack of persuading
unsuspecting victims to disclose sensitive data
e-mail. Carefully refine the message to make it look
a legitimate message (from the CEO, for example) is likely to
bear fruit. If the message contains a PDF file attached, charged
malware, and the employee opens the attacker accesses the network
organization and extracts the data of interest.
Posts, comments and videos can be converted into adware
spyware and spam. Failing to strengthen security measures and
to devote constant efforts to preserve the integrity of content
displayed, pages, groups and profiles of social networks can
be spoofed or hijacked.
spyware and spam. Failing to strengthen security measures and
to devote constant efforts to preserve the integrity of content
displayed, pages, groups and profiles of social networks can
be spoofed or hijacked.
Aucun commentaire:
Enregistrer un commentaire