DEFCON 19: Steal Everything, Kill Everyone, Cause Total Financial Ruin! (w speaker)
Video Statistics and Information
Channel: Christiaan008
Views: 1,383,229
Rating: undefined out of 5
Keywords: DEF, CON, 19, Hacking, Conference, Presentation, By, Jayson, E, Street, Steal, Everything, Kill, Everyone, Cause, Total, Financial, Ruin, Video
Id: JsVtHqICeKE
Channel Id: undefined
Length: 40min 46sec (2446 seconds)
Published: Mon Feb 13 2012
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.
I work IT and just realized I need to start thanking that jerk in accounting for sending me all those phishing emails...
If you are interested i can post one more video with similar content, its not the same person but still very interesting to watch
If anyone's on the fence about the length it is worth it!
I was listening to this talk thinking about the two office buildings of my company I've been to and what damage somebody could cause and if they'd get in.
Door is only ajar when some people go to the toilet or for a smoke because they're too lazy to bring their keys with them. So you have one less person in the office that could detect you and the door is open.
The door to the server room is always open because it's not a server room and there's no proper ventilation so the door must stay open. The server rooms contains email server, VPN into the company network, data server with confidential and/or private data of customers and business partners.
My computer: They probably won't get in, but they could steal the hard disk, then back home they have plenty of time of mounting the disk without getting to a pass word prompt. Inside the disk they will find security keys to open emails, access data and code repositories. One silver lining there: If my hard disk got stolen I would immediately invalidate all the keys I have control over myself. They'd still had a copy of the data, but no access to our remote location. Also I don't save any passwords on my computer so they won't be able to login anywhere.
Tailgating is totally possible at the headquarters. I did it myself and I only visit there once. Nobody knows me there and they still let me in. I feel like a criminal doing it, even though I'm allowed and supposed to be there. I don't know what damage I could cause once I'm in, but nobody ever asked me anything in there and I've been to places where nobody knew me in the office. All computers are just there, all doors are open. Stealing something would be easy.
Now you might say: "Hey, it's maybe not so important what you do if the security is so lax." I don't think you could kill anybody with the data and information we have here, true, but I'm not even supposed to talk to other employees about the project I'm working on. They taught us phrases to answer without saying anything important and to evade questions. Yet the data could be easily extracted if anybody wanted to.
/r/SocialEngineering
This is amazing.
Can someone explain this? Literally have no idea what its about
Just getting around to watching this now so apologies for the late comment, but I couldn't help but think this guy seems like the Danny McBride of pen testing. The swig from the 2 liter of Diet Pepsi sold it to me at the end. Glorious.