2 upvotes, 2 direct replies (showing 2)
View submission: The UnitedHealthcare Gunman Understands the Surveillance State
"Social engineering by calling his secretary and sussing out his availability that way"
Of course they attend. I was referring to your quote above. Admins would never give this information out, and definitely not to an unknown caller.
Comment by r3volts at 07/12/2024 at 17:01 UTC
1 upvotes, 0 direct replies
Depends how good the social engineering is. The weakest link in any security system is the human. People spend years training their social engineering skills. With enough bankroll behind you it's possible to rent access to the SS7 network, spoof his wife's phone number, call the assistant and use AI to have a short, but realistic conversation using audio of his wife's voice.
Not saying at all that's what happened, but no one is safe from social engineering. It's the number one cause of cyber security issues. It's often admin staffs entire jobs to communicate with both their boss and associates arranging where they are going to be. Threat actors knows this and exploit it all the time.
Comment by o-o-o-o-o-o-o-o-o-c at 08/12/2024 at 07:36 UTC
0 upvotes, 0 direct replies
You should look up master social engineers on YouTube and at the DEFCON contests,you would amazed at the kind of info and access they are able to obtain.