Happy Easter everyone, I have some spare time so I thought I would put fingers to keyboard and put a blog post out I have had on my mind for the last month. Even though I plan to post every month, life with a little one and busy at work does get in the way, and I really don’t want to post something just for the sake of it. I always want to share information that is relevant and will be of value. So with that in mind I wanted to talk...

Happy New Year Everybody. Sorry I have been slack with blog posts this year, family and work are keeping me busy at the moment. So less about the excuses and more about the doing When I speak to people about Social Engineering there are many common themes, most common being how to handle failure and how to go about being the person / group you are impersonating. The other one is how you make that initial introduction, and start getting...

I think most people would accept, that when it comes to building rapport and getting to a stage of some form of manipulation is normally always possible with anyone give a decent amount of time. This is great for making REAL friends, but in the social engineering context we normally don’t have or want this lucky, we like it quick and dirty so to speak. We have discussed many ways to have this happen, but I think we have a little...

In my recent talk Social Engineering Like In the Movies – The Reality of Awareness and Manipulation I talk about how important it is to understand body language, especially in the right context. I also mention how even though generally once you have a baseline alot of body language is global, but some gestures can catch you out. With this in mind I thought I would share something with you that I stumbled across this week. Its a book...

I have the great pleasure of speaking at the 2011 IRISSCERT Cyber Crime Conference in Ireland this November. IRISSCERT Cyber Crime Conference The IRISSCERT Cyber Crime Conference will be held this year on Wednesday the 23rd of November 2011 in the D4Berkley Court Hotel, in Ballsbridge Dublin.  This is an all day conference which focuses on providing attendees with an overview of the current cyber threats facing businesses in Ireland and...

The dictionary defines Elicitation as bringing or drawing out information, or to call forth and provoke a desired reaction. Elicitation is a powerful tool to anyone looking to influence and gather information in a relatively low risk and covert manner. The reason for me remembering I should write a post on this topic is due to an experience that happened this weekend at a local beer festival, as well as lots of drinking I entertained with...