rwg , to random
@rwg@aoir.social avatar

NYTimes reporting about an influence operation, using fake X accounts with -powered talking points, to influence US legislators, public opinion:

https://www.nytimes.com/2024/06/05/technology/israel-campaign-gaza-social-media.html

[sorry, it's paywalled]

@seanlawson and I are publishing articles about this exact sort of masspersonal right now. It's only going to get worse.

rwg OP ,
@rwg@aoir.social avatar

@seanlawson We have a short summary of our argument about /generative AI and its potential uses in political propaganda here:

https://theconversation.com/chatbots-can-be-used-to-create-manipulative-content-understanding-how-this-works-can-help-address-it-207187

Basically, we argue things won't be structurally or procedurally different than past -- but they will be much more intense.

2/3

appassionato , to bookstodon group
@appassionato@mastodon.social avatar

Social Engineering in Cybersecurity; Threats and Defenses by Gururaj H L & Janhavi V & Ambika V, 2024

In today’s digitally interconnected world, the threat landscape has evolved to include not just sophisticated technical exploits but also the art of human manipulation. The primary aim of this textbook is to provide a comprehensive and in-depth exploration of social engineering attacks.

@bookstodon



The book seeks to equip cybersecurity professionals, IT practitioners, students, and anyone concerned with information security with the knowledge and tools needed to recognize, prevent, and mitigate the risks posed by social engineering. The scope of this textbook is broad and multifaceted. It covers a wide range of social engineering attack vectors, including phishing, vishing, pretexting, baiting, tailgating, impersonation, and more. Each attack vector is dissected, with detailed explanations of how they work, real-world examples, and countermeasures. Thorough exploration of various social engineering attack vectors, including phishing, vishing, pretexting, baiting, quid pro quo, tailgating, impersonation, and more. Psychological Insights: In-depth examination of the psychological principles and cognitive biases that underlie social engineering tactics. Real-World Case Studies: Analysis of real-world examples and high-profile social engineering incidents to illustrate concepts and techniques. Prevention and Mitigation: Practical guidance on how to recognize, prevent, and mitigate social engineering attacks, including security best practices. Ethical Considerations: Discussion of ethical dilemmas and legal aspects related to social engineering that emphasises responsible use of knowledge. This comprehensive textbook on social engineering attacks provides a deep and practical exploration of this increasingly prevalent threat in cybersecurity.
ALT
  • Reply
    • appassionato , to bookstodon group
    @appassionato@mastodon.social avatar

    The Language of Deception: Weaponizing Next Generation AI by Justin Hutchens

    A penetrating look at the dark side of emerging AI technologies
    In The Language of Deception: Weaponizing Next Generation AI , artificial intelligence and cybersecurity veteran Justin Hutchens delivers an incisive and penetrating look at how contemporary and future AI can and will be weaponized for malicious and adversarial purposes.

    @bookstodon





    In the book, you will explore multiple foundational concepts to include the history of social engineering and social robotics, the psychology of deception, considerations of machine sentience and consciousness, and the history of how technology has been weaponized in the past. From these foundations, the author examines topics related to the emerging risks of advanced AI technologies, to include: The use of Large Language Models (LLMs) for social manipulation, disinformation, psychological operations, deception and fraud The implementation of LLMs to construct fully autonomous social engineering systems for targeted attacks or for mass manipulation at scale The technical use of LLMs and the underlying transformer architecture for use in technical weapons systems to include advanced next-generation malware, physical robotics, and even autonomous munition systems Speculative future risks such as the alignment problem, disembodiment attacks, and flash wars. Perfect for tech enthusiasts, cybersecurity specialists, and AI and machine learning professionals, The Language of Deception is an insightful and timely take on an increasingly essential subject.
    ALT
  • Reply
    • appassionato , to bookstodon group
    @appassionato@mastodon.social avatar

    Fighting Phishing: Everything You Can Do To Fight Social Engineering and Phishing by Roger R. Grime serves as the ideal defense against phishing for any reader, from large organizations to individuals. Unlike most anti-phishing books, which focus only on one or two strategies, this book discusses all the policies, education, and technical strategies that are essential to a complete phishing defense.

    @bookstodon



    Keep valuable data safe from even the most sophisticated social engineering and phishing attacks This book gives clear instructions for deploying a great defense-in-depth strategy to defeat hackers and malware. Written by the lead data-driven defense evangelist at the world's number one anti-phishing company, KnowBe4, Inc., this guide shows you how to create an enduring, integrated cybersecurity culture. Learn what social engineering and phishing are, why they are so dangerous to your cybersecurity, and how to defend against them Educate yourself and other users on how to identify and avoid phishing scams, to stop attacks before they begin Discover the latest tools and strategies for locking down data when phishing has taken place, and stop breaches from spreading Develop technology and security policies that protect your organization against the most common types of social engineering and phishing Anyone looking to defend themselves or their organization from phishing will appreciate the uncommonly comprehensive approach in Fighting Phishing. From the Back Cover A complete approach to defending yourself and your organization against phishing Social engineering and phishing are involved in up to 90% of all successful hacker and malware attacks, making them by far the most common strategies. They are also the most dangerous, because they take advantage of the human element, manipulating individuals into willingly providing sensitive data like passwords.
    ALT
  • Reply
    • pluralistic , to random
    @pluralistic@mamot.fr avatar

    I wuz robbed.

    More specifically, I was tricked by a phone-phisher pretending to be from my bank, and he convinced me to hand over my credit-card number, then did $8,000+ worth of fraud with it before I figured out what happened. And then he tried to do it again, a week later!

    --

    If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

    https://pluralistic.net/2024/02/05/cyber-dunning-kruger/#swiss-cheese-security

    1/

    18+ pluralistic OP ,
    @pluralistic@mamot.fr avatar

    And most summers, I go to @defcon, and I always go to the competitions where an audience listens as a hacker in a soundproof booth cold-calls merchants (with the owner's permission) and tries to con whoever answers the phone into giving up important information.

    But I'd been conned.

    Now look, I knew I could be conned. I'd been conned before, 13 years ago, by a Twitter worm that successfully phished out of my password via DM:

    https://locusmag.com/2010/05/cory-doctorow-persistence-pays-parasites/

    13/

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • test
  • worldmews
  • mews
  • All magazines
    •