Cyber Security Articles & News

Look after yourself, the hacker is watching!

Do you think that you are safe by entrusting data to Microsoft, Google or Apple? And logging in with two-step verification?

None of this, even there you can hack - claims the most famous hacker Kevin Mitnick.

(Ed. note: Translated using Google)

To prove this, Mitnick, the guest of the "Inside Trends" conference, demonstrated several hacking attacks live. Let's take a login with a two-stage version. To be safer, in addition to the login and password, you must enter the code from an SMS sent to your mobile phone. Theoretically, without cell access, you can not enter your account. However, Mitnick showed on the example of LinkedIn that in practice this protection can be circumvented. How?

The hacker first breaks into the user's computer and waits for that to log into LinkedIn and enter a one-time code from an SMS. Then just download the "cookie" generated by LinkedIn from the attacked computer and enter it in your own browser. And here is someone stranger entered our account.

The live presentation of remote encryption of e-mails in the "cloud" Outlook box was equally dangerous. The trick is to get the user to click on the email with an attachment that will infect the mailbox. How to do it? Just impersonate Microsoft, which recommends updating the software. If an inattentive user clicks on the attachment, he will give remote control over the hacker's box. And this one can quickly encrypt the content of e-mails and demand a ransom (that's how "ransomware" software works).

Kevin Mitnick, after his passing from youth (in the 90s he was detained by the FBI and convicted by a court for 5 years in prison for hacking into secure systems), founded a company that, at the request of other companies, breaks into their network to find weak points. Completely legally and for money.

- The most important part is "breaking a man" - convinces Mitnick. The so-called. "Social hacking", that is, drawing information about employed people or the habits of the company is a necessary introduction to real hacking. A properly prepared hacker thanks to psychological tricks and manipulation is able to penetrate everywhere. The Mitnick Security team boasts almost 100% here. efficiency.

To view the original article and other important news articles, please refer to the source.

Source: Newsweek Polska

Topics: Social Engineering, SMS, Warsaw, Poland, two-step verification, cloud, encryption, cell access, Inside Trends conference, keynote speaker, malicious email, Mitnick Security Team, cookie, Outlook box, ransomware, Kevin Mitnick

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

5 Holiday Cybersecurity Tips To Prepare Your Organization

Protecting your organization from outside threats should always be a top priority. However, you may need to shore up your security as we approach the ..

Read more ›

Spear Phishing vs Phishing: Recognizing the Difference

Since the dawn of the internet, there have been threat actors looking to exploit systems, steal data, and compromise the integrity and reputation of p..

Read more ›

Kevin Mitnick Security Awareness Training: Microsoft Teams

Kevin Mitnick — founder of Mitnick Security and Knowbe4’s Chief Hacking Officer — helps organizations find and remediate vulnerabilities through penet..

Read more ›