SecurityBrief Asia logo
Asia's leading source of security and threat news
Story image
Using data science to improve threat prevention
Story image
General staff don’t get tech jargon - expert says time to ditch it
Story image
ZombieLoad: Another batch of flaws affect Intel chips
Story image

Trustwave releases facial recognition tool for pentesters

09 Aug 2018
Kai Ping Lew

Performing intelligence gathering on is a time-consuming process, typically starting by attempting to find a person’s online presence on a variety of social media sites.

While this is an easy task when there are only a few targets, it can become incredibly tedious when done at scale.

To answer this need, Trustwave has announced the release of Social Mapper, an open source intelligence tool that uses facial recognition to correlate social media profiles across a number of different sites on a large scale.

Trustwave, which provides ethical hacking services, has successfully used the tool in a number of penetration tests and red teaming engagements on behalf of clients.

It takes an automated approach to searching popular social media sites for names and pictures of individuals to accurately detect and group a person’s presence, outputting the results into a report that a human operator can quickly review. It's primarily aimed at penetration testers and red teamers, who will use it to expand their target lists, aiding them in social media phishing scenarios.

Its primary benefit comes from the automation of matching profiles and the report generation capabilities.

As the security industry continues to struggle with talent shortages and rapidly evolving adversaries, it is imperative that a penetration tester’s time is utilized in the most efficient means possible.

Social Mapper supports the following social media platforms:

  • LinkedIn
  • Facebook
  • Twitter
  • Google+
  • Instagram
  • VKontakte
  • Weibo
  • Douban

Once Social Mapper has finished running and the reports have been collected, here are some examples of how pentesters can use the information generated. They can:

  • Create fake social media profiles to 'friend' the targets and send them links to credential capturing landing pages or downloadable malware. Recent statistics show social media users are more than twice as likely to click on links and open documents compared to those delivered via email.  
  • Trick users into disclosing their emails and phone numbers with vouchers and offers to make the pivot into phishing, vishing or smishing.  
  • Create custom phishing campaigns for each social media site, knowing that the target has an account. Make these more realistic by including their profile picture in the email. Capture the passwords for password reuse.  
  • View target photos looking for employee access card badges and familiarise yourself with building interiors.
More:
Share on: LinkedIn Twitter Facebook
Story image
Using data science to improve threat prevention
Story image
General staff don’t get tech jargon - expert says time to ditch it
Story image
ZombieLoad: Another batch of flaws affect Intel chips
Forget endpoints—it’s time to secure people instead
Security used to be much simpler: employees would log in to their PC at the beginning of the working day and log off at the end. That PC wasn’t going anywhere, as it was way too heavy to lug around.
DimData: Fear finally setting in amongst vulnerable orgs
New data ranking the ‘cybermaturity’ of organisations reveals the most commonly targeted sectors are also the most prepared to deal with the ever-evolving threat landscape.
IXUP goes "post-quantum" with security tech upgrade
The secure analytics company has also partnered with Deloitte as a reseller, and launched a SaaS offering on Microsoft Azure.
ExtraHop’s new partner program for enterprise security
New accreditations and partner portal enable channel partners to fast-track their expertise and build their security businesses.
Hackers increasingly ‘island hopping’ – so what does it mean?
Carbon Black's Rick McElroy discusses this new trend and what it means for the new age of cybercrime.
Trust without visibility is blind – Avi Networks
Enterprises are wanting to gain the trust of their customers, but are often found blindly defending themselves.
How to avoid becoming a cryptojacking victim - Bitglass
Large-scale cryptojacking is a lucrative business due to the popularity and value of cryptocurrencies like Bitcoin and Ethereum.
Symantec, Ixia combine efforts to secure hybrid networks
Ixia’s CloudLens and Symantec Security Analytics now feature complete integration, which allows Symantec customers to gain real-time visibility into their hybrid cloud environments.
Story image
Silverlake and Intel partner on edge security
With Intel’s software and hardware technologies, Silverlake’s technology stack designed for PAM will form a cybersecurity PAM product line.
Story image
How a virtual CISO can become part of a managed security regime
Security-as-a service is a particularly compelling option for smaller businesses that perhaps do not yet have the resources to adequately maintain a cybersecurity regime internally.
Story image
Unisys: Users looking for data security when choosing banks
The report studied attitudes of banking customers in Hong Kong, Australia, New Zealand, the Philippines and Taiwan.
Download image
Navigating the complicated world of DNS security
Over the years, DNS, both the protocol and the servers, have become the target of a variety of attacks, including the Lion worm.
Download
Story image
Aruba announces automated security and wireless solutions
New AI-powered ClearPass Device Insight and expanded Wi-Fi 6 portfolio extend increases Aruba’s capabilities in security, connectivity and analytics.
Download image
Whitepaper: How classifying your log messages makes for happier sysadmins
Operating systems, applications, and network devices generate text messages of the events that happen to them.
Download
Download image
IT admins: Exploit the benefits of advanced log classification
It’s not hard to say ‘I don’t envy you’ to system administrators who are lumped with the burden of classifying log messages every time somebody conducts an action on the network.
Download
Story image
What your privacy means to Google - and what it's doing about it
Google has declared that it’s all about making privacy work for everyone – despite its long-held reputation as an information harvester.
Download image
Study: Is it possible to detect breaches as they happen
Breaches often happen when businesses least expect them, causing slow reaction times and possibly catastrophic loss.
Download
Story image
SolarWinds adds Mac capabilities to dashboards
Ability to manage both Mac and Windows devices on the same dashboard will streamline monitoring and management for MSPs.
Story image
BeyondTrust updates remote access solution
Updates in version 19.1 include AWS availability, UI improvements, Mojave support, and more.
Story image
Endace enhances analytics with 10GbE deep storage solution
The 8200 Series combines accurate packet capture with deep storage capacity, rapid-search capability and hosting density in a compact 2RU footprint.
Story image
Kemp: Three common IoT security pitfalls
Research shows that IoT is disrupting markets and IT organisations worldwide, changing economics and agility in many markets.
Download image
Can your vulnerability assessments protect your organisation?
33% of enterprises surveyed are at a low maturity, conducting only limited assessments of selected assets.
Download
Story image
Paranoid Android? Examining three key trends in Android malware
It definitely doesn’t mean you are paranoid if you’re worried about Android security:  the threat landscape is growing in every dimension.
Story image
PrinterLogic software vulnerable to remote attacks
The vulnerabilities affect PrinterLogic versions 18.3.1.96 and older.
Download image
Whitepaper: Five essential steps to protect your company’s critical data
The increase in devices being used by employees and the number of cloud apps necessitate multiple different channels of accessing a company’s information in a secure manner.
Download
Story image
Axis: How artificial intelligence will impact security
AI systems are able to analyse huge amounts of data, which is advantageous when an employee has to review hours of surveillance images.
Story image
Email attacks targeting financial services up 60% - Proofpoint
These attacks are socially engineered to target specific people within financial services organisations who can execute requests on the attacker’s behalf.
Link image
How edge data centres can help accelerate your business
Edge computing is an IT architecture designed to put applications and data closer to the users or “things” that need them.
Know More
Download image
Product review: LogRhythm CloudAI a revolutionary tool
SANS has provided an independent review of a new AI analytics solution designed to rescue businesses 'drowning in data' from SIEM platforms.
Download
Download image
Whitepaper: How to manage mobile risk in a perimeter-less work environment
Enabling mobility and the ability to access data seamlessly is a great development for enterprise productivity, but it causes a serious challenge to security teams.
Download
Download image
Security and mobility in a mobile-first world
Explore security, productivity, mobility, and what solutions are available to you. Here's how to move your organisation towards the mobile-first world, securely. 
Download
Story image
D-Link security cams vulnerable to spying
Security researchers at ESET have discovered serious security holes in the D-Link DCS-2132L cloud camera.
Story image
Another cryptocurrency exchange breached, but at least investors are safe
It takes patience to steal more than 7000 Bitcoin (approximately US$41 million) from cryptocurrency exchanges, despite global awareness that such attacks are becoming more prolific.
Download image
DNS attackers love legacy systems - but how much damage can they inflict?
DNS infrastructure is vulnerable in terms of its security, availability, and integrity. An attacker just has to exploit the Domain Name System (DNS) on legacy systems and they get free reign. 
Download
Story image
Samsung left Bixby & SmartThings code wide open to the public
If you’re someone who likes to use apps and platforms with some level of confidence that they’re secure, you may want to take another look at how much you trust big brands like Samsung.
Story image
Bait, hook and catch – targeted spearphishing on the rise
Spearphishing attacks, where a threat actor impersonates employees or popular web services, are on the rise.
Story image
WatchGuard expands partner program with financial incentives
In the expanded program, partners can earn WatchGuardONE status by specialising in just one of the available product families.
Story image
Questions every security and risk management leader should ask
“Making the best investment with a potentially limited security budget can be a daunting task for security and risk management leaders."
Download image
An insider's tips on how to get more from your Splunk platform
Having the right tools is only half the battle, not until you can leverage them most effectively can you see the gains that properly managed data can provide.
Download
Download image
Case Study: Infoblox protects the network that hosts City University’s curriculum
After recovering from a ransomware attack, City University began to work with Infoblox to bring its network security to the next level.
Download
Download image
Whitepaper: The Mobile Risk Matrix - how exposed are you?
The proliferation of cloud services has increased the attack surface to include applications, devices, networks, and external web and content delivery methods.
Download
Story image
Trustwave brings database security scanning to the cloud
Trustwave DbProtect allows customers to protect big data stores across (and in between) major cloud services.
Download image
Should you run your central log server in Docker?
Collecting logs can be especially important in a containerized environment, where you start and stop containers around the clock.
Download
Download image
Whitepaper: How you can simplify compliance and SIEM with efficient logging
IT environments generate log messages with a variety of functions and significance to an organisation – but they’re only useful if they trigger the necessary responses.
Download
Download image
How using syslog-ng to store logs could help your business
Syslog-ng is a high-speed data processor that parses both structured and unstructured log messages.
Download
Story image
Exclusive: Okta CSO on scaling security alongside business growth
Yassir Abousselham shares his unique insights as the chief security officer of a fast-growing identity and access management service provider.
Story image
Failure to prioritize cybersecurity stunting digital transformation – Frost & Sullivan
Security leaders need to look beyond perimeter security, leverage automation, and have a better grasp of the psychology of both cybercriminals and their business users.
Story image
61% of IT professionals have experienced serious data breach - McAfee
Data breaches are becoming more serious as cybercriminals continue to target intellectual property.
Story image
Blockchain, edge, AI & ML - Microsoft goes all-out for devs
Microsoft is launching a swath of new developer technologies and Azure services designed to bring AI, blockchain, mixed reality, and IoT to the forefront of development.
Story image
Businesses failing to secure BYOD - Bitglass
Report finds that 74% of organisations allow BYOD but nearly half lack clear security policies and best practices.
Story image
Exabeam plans to use $75m fund to leave legacy SIEM vendors in the dust
SIEM provider Exabeam predicts that it will leave legacy providers in the dust, and it’s all down to a US$75 million Series E funding that will be used to ‘displace’ legacy security management vendors.
Story image
Two years on: Have organisations learnt from WannaCry?
This month marks a special anniversary – two years since one of the world’s most destructive pieces of ransomware ever caused chaos.
Story image
Four steps to Zero Trust network security - AlgoSec
The core principles of zero trust reflect the reality of today’s complex, heterogenous enterprise network environments.
Story image
Mimecast: Employee training must supplement application security
A company’s biggest security risk is unintentional employee negligence.
Story image
Leveraging cyber threat intelligence to benefit security posture
One out of five companies are still unsure of CTI’s value to their organisation.
Download image
Insider threats & breach reports: Why security needs more investment
Insider threats (those that come from within your organisation) are a serious concern - here's why.
Download
Story image
Red Hat’s new role in enabling modern DevOps
The global open source vendors approach has come of age.
Story image
SolarWinds: Looking beyond DevOps to fix cybersecurity
The role of DevOps in security has seen increasing popularity due to its sound philosophy around productivity and adaptability.
Story image
LogRhythm SIEM named Gartner Customer Choice
This is the third consecutive time LogRhythm been recognised as a Customers’ Choice, which is determined based on independently verified feedback and ratings
Download image
SIEM: Expensive? Storage-intensive? Not any more with these performance tips
SIEM can be expensive, eat up storage, and overwhelm IT teams with the sheer differentiation of log data formats that they need to process. Yet SIEM is now an essential part of an organisation’s security strategy.
Download
Story image
Cybera brings remote network operations into clear focus
SD-WAN and security service provider Cybera has released a cloud-based management solution designed to provide deeper insight into remote network operations.
Story image
Microsoft achieves FIDO2 certification for authentication solution
FIDO2 is a set of standards that enables easy and secure logins to websites and applications via biometrics, mobile devices and/or FIDO Security Keys.
Story image
It's 'lights out' for two more dark web marketplaces
Don’t be fooled if you see talk that Wall Street Market has been taken down – because it’s most likely not what you think.
Story image
Security alert: More than 2 million IoT devices are now junk
More than two million security cameras, baby monitors, and smart doorbells are affected by security vulnerabilities that could allow cybercriminals to hack devices and spy on homes.
Story image
Forcepoint 2019 APAC Channel Partner Award winners announced
The company recognized 9 partners across 6 categories based on criteria including overall revenue performance and new business growth secured in 2018.
Story image
CrowdStrike integrates firmware attack detection in endpoint protection
Most security products remain blind to attacks that attempt to leverage BIOS firmware to infiltrate endpoints, leaving organisations vulnerable to compromise.
Download image
The 3 essential elements to consider with SaaS security
Speed, ease of use, and low capital expenses are just some of the factors driving the continued growth in SaaS security adoption.
Download