Add on of Physical Security for the
Vulnerability Assessment and Penetration Test service
We comprehensively test
the physical security of your company
Some of the physical security services offered
With encounters that may seem casual, requests for help that point to empathy, or verbal scams, social hackers can have important information about the company revealed. Not necessarily sensitive information like passwords, but also information about the company structure that can then be used to carry out the attack.
Large companies, which have tens or hundreds of employees, perhaps divided into different locations, should pay close attention to the information that is communicated by telephone. There are known cases of hackers who, pretending to be new employees from other offices, managed to have access passwords or security codes revealed.
These techniques fall within the field of phishing , for which we have a dedicated service. These are emails, web pages or otherwise websites that look like legitimate portals, but are instead the work of hackers, who through these copies are able to trick users into downloading malware or entering their credentials.
How to prevent
Rogue Access Point installation
Capture of sensitive data on the network
Man in the Middle refers to a type of attack in which the hacker retransmits or alters messages between two users or machines, obtaining sensitive data from responses.
Similar to Man in the middle attacks, the sniffing of a wifi network intercepts packets between connected computers and the access point and then tries to decrypt them to obtain sensitive data.
Network tampering, Tailgating, Shoulder surfing
Businesses are connected to the telephone and internet networks like any other building. If you can have access to the control units and therefore to the physical connections of the cables, it is possible to install data interception devices passing through a specific cable. Access to the cable can take place by forcing or by using tailgating.
This technique, widely used in the London and New York subways, consists in entering a building by queuing up with an employee and taking advantage of the very short period of time in which the door is closing to avoid using bells or badge. Once inside, the possibilities of attack become manifold.
This technique involves spying on a user who types a password or access code and then re-uses it later. For example: If company doors are protected by a code, it may be easy to wait for an employee to enter it and look at what digits make up the code.
Contact us for more information
Estimated reading time: 8 minutes Il termine shoulder surfing potrebbe evocare immagini di un piccolo surfista su… https://t.co/PKEpO1Mvzn
Ten years ago, on June 16, 2011, Secure Online Desktop was born. Many things have changed in ten years and we have… https://t.co/DN23n6BK7q
Dieci anni fa, il 16 giugno del 2011, nasceva Secure Online Desktop. Sono cambiate moltissime cose in dieci anni e… https://t.co/H7TPlWJ5Pk
Estimated reading time: 8 minutes The term shoulder surfing might conjure up images of a little surfer on his… https://t.co/3poUTq9MUc
Estimated reading time: 5 minutes I ricercatori della sicurezza hanno appena digerito il protocollo HTTP/2, ma gl… https://t.co/XsFsgBTpia