Everyone in a company is responsible for company’s data security. A company can spend billions of dollars on all kinds of security equipment, but it only takes one person for company’s security to be compromised .
Among various techniques and methods used during Penetration Test sometimes we also do “Dumpster Diving”, which involves searching throughout the trash or garbage looking for something useful to gain access to the network or to get data that helps at next steps. Seemingly innocent information like organizational charts, calendar entries, or phone records can be used in a social engineering attack. (more…)