Beim Hacken von Banken ist der Mensch noch immer das größte Sicherheitsproblem ✼

The Firewall:

In a blog post Monday evening, Desautels laid out a recent hacking operation that his SNOsoft research team was hired to perform on a bank client. Though he doesn't name the target, he describes step by step the social engineering involved in sussing out the bank's defenses, including staging a fake job interview with unwitting employees of the company. The technical strategy for breaching the bank's defenses--a targeted, booby-trapped PDF attachment--isn't a surprise. But the detailed description of the preparation for that exploit is a rare window into the hacking process.

Lektüre zum Thema: The Art of Deception: Controlling the Human Element of Security von Kevin Mitnick.