The details LinkedIn members divulge about their jobs and their coworkers can be a potent weapon for attacks on corporate networks.
That's a gold mine for hackers, who are increasingly savvy in using that kind of public -- but personal -- information for pinpoint attacks.
It's called "spear phishing," and it paid off last year in two especially high-profile security breaches: a Gmail attack that ensnared several top U.S. government officials and a separate attack on RSA, whose SecurID authentication tokens are used by millions.
Some people divulged specific technical information about their employer's infrastructure in their profiles, while others offered up details that could be used for stealth attacks. For example: If you can learn the name of a target's colleagues, it's fairly easy to fake an email that appears to come from one of them.
===> Gust MEES: #criticalthinking is needed + #learning #itsecurity for best #cybersecurity + #privacy! <===
Erst Facebook dann LinkedIn: Sicherheitsexperten melden, dass Angreifer 500 Millionen Profil-Daten zum Verkauf anbieten.
Â
Learn more / En savoir plus / Mehr erfahren:
Â
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication
Â
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA
Â
https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
Â
Â