Tag Archives: security

Social Engineering from Kevin Mitnick

GitWI recently finished reading Ghost in the Wires by Kevin Mitnick. It is the story of Mitnick’s hacking career, from the start in his teens, through becoming the FBI’s most wanted hacker, to spending years in jail before finally being released. It’s a fascinating book that at times reads like a thriller. One of the things that struck me when reading it was how often he used social engineering to gain access to systems. Here are three¬†examples of what he did, and what we can learn from them. Continue reading

Coursera Course Review: Software Security

I just finished taking the course Software Security from the University of Maryland via Coursera. It was a relatively easy course (at least if you know C) that gave an overview of the following areas: buffer overflows and other memory attacks, web security (including SQL injection, CSRF and XSS), secure design, static analysis, symbolic execution, fuzzing and penetration testing. The instructor, professor Michael Hicks, was one of the more pedagogical lecturers I have listened to, and the whole course was quite enjoyable. Continue reading