Social Engineering Blogs

An Aggregator for Blogs About Social Engineering and Related Fields

psychmechanicsblog January 18, 2017

How to achieve long term goals (A psychological trick)

Do you find yourself unable to stick to your goals?

Do you quit on your goal as soon as you encounter the first hurdle?

Have you made resolutions countless times only to break them later?

If your answer is in the affirmative to any of the above questions, you’re not alone. Most people are like this because it’s the default way our brains are wired.

With the help of this post, I hope to create a shift in your mindset that will enable you to persist until you accomplish your important goals.   

We’re wired for short-term rewards

For the most part of our evolutionary history, our ancestors hunted and gathered food. These were activities that provided instant gratification. The ability to think long-term and plan ahead is fairly recent in our evolutionary history.

This is why it’s easy to indulge in an activity that promises a reward now and difficult to delay gratification. It takes some mental effort to delay gratification and think long-term.

When you’re doing a task, your brain’s default wiring makes it ask, “Is this activity giving me what I want?” This is because you’re inclined to think that rewards are to be attained as soon as possible, that either your activity is taking you towards your goal or away from it.

The figure A below shows what usually happens when you start out on a goal…

starting out on a goal
figure A


When you reach A starting from O, you see yourself making progress and are highly motivated as a result. 

Soon, something goes terribly wrong and you hit a low point B. At B, the goal seems too far away and you’re motivated to quit because you don’t see your efforts yielding any fruits.

Most people quit at this point because, remember, our mind is constantly asking us, “Is this activity giving me what I want?”

If the answer to that question is “No” there’s no point in motivating you to continue pursuing your goal and you’re in a state of demotivation. So you quit because that’s the sane thing to do in such a situation.

A task that eats away your time, energy and resources without providing you with any benefit is perceived as costly by your mind. 

You could devote your time, energy and resources to something else that’s probably more promising- such as tasks that provide you with instant gratification. (see why we do what we do and not what we don’t do)

It’s not over yet

What if you hijack the way your mind works to prevent yourself from quitting when things don’t go your way?

The figure A shown above tells us that when we do things that take us closer to our goals we’re motivated to continue and when we do things that take us away from our goal, we’re de-motivated and likely to quit.

What if I told you that figure A is not the whole story?

Yes, figure A is actually a part of a larger figure B shown below…

The whole story graph
figure B


The obstacle you faced at B that motivated you to quit was just one of the many obstacles that you were going to face on the journey towards reaching your goal.

Most people quit at B, others do so at D, yet others at F, and some at H. When people are at A, C, E, and G they’re highly motivated because their mind is telling them, “Yes, what I’m doing now has taken me closer to my goal.”

The key message that figure B is sending you is that no matter how many low points and high points you hit on the road to accomplishing your goal, the general trend of the graph is akin to a straight line going upward.

figure C (representing the general trend of figure B)


When you remember this you can trick your mind into thinking that what you’re currently doing is, after, all taking you closer toward your goal over time. You hack your short-term brain wiring to apply it to long-term thinking.

The low point that you may be currently experiencing is but a temporary inconvenience, an insignificant dip in the general upward trend of your efforts.

Whether you’re trying to lose weight, build muscle, start a business, or write a book, and have hit a low point, remind yourself that if you persist you’ll eventually get there. 

Filed Under: needs, Perception, subconscious-mind

Security Metrics Blog January 17, 2017

Different Types of Penetration Tests for Your Business Needs

What area of your business would benefit the most from a penetration test? By: Chad HortonPenetration Testing ManagerCISSP, QSAPenetration testing is a form of ethical hacking that simulates attacks on a network and its systems. It goes beyond running an automated vulnerability scanner; the tests are performed by experts that dive deeper into your environment.In a previous blog post, Types of Penetration Testing: The What, The Why, and The How, we discussed the different ways a penetration test can be performed: black-box, white-box, and gray-box. We also told you why it’s a good idea for a business to have penetration tests performed regularly.So, what type of penetration test should you get for your business?Tweet: What type of penetration test should you get for your business? http://ow.ly/wO743086lOw #PCIDSS #datasecurityTweetWhat areas should you focus on? There are several tests or activities that penetration tests include. Here are a few you may want to consider.Network penetration testThe objective of a network penetration test is to identify security issues with the design, implementation, and maintenance of servers, workstations, and network services.Commonly-identified security issues include:Misconfigured software, firewalls, and operating systemsOutdated software and operating systemsInsecure protocolsThe remediation of commonly-identified security issues include:Reconfigure software, firewalls, and operating systemsInstall updatesEnable encryption or choose a more secure protocolSEE ALSO: Configuring and Maintaining Your Firewall with SecurityMetrics Managed FirewallSegmentation checkThe objective of a segmentation check is to identify whether there is access into a secure network because of a misconfigured firewall.Commonly-identified security issues include:TCP access is allowed where it should not beICMP (ping) access is allowed where it should not beThe remediation of commonly-identified security issues are the same:Reconfigure the segmentation control (firewall rules) to properly restrict accessSEE ALSO: New 3.2 Requirements for Penetration Testing and Segmentation: What You Don’t KnowApplication penetration testThe objective of an application penetration test is to identify security issues resulting from insecure development practices in the design, coding, and publishing of the software.Commonly-identified security issues include:Injection vulnerabilities (SQL injection, Cross-site scripting, remote code execution, etc.)Broken authentication (The log-in panel can be bypassed.)Broken authorization (Low-level accounts can access high-level functionality.)Improper error handlingThe remediation of commonly-identified security issues include:Re-design the authentication and authorization modelRecode the softwareDisable remote viewing of errors meant for developersFollow for more data security articles like thisWireless penetration testThe objective of a wireless penetration test is to identify misconfigurations of authorized wireless infrastructure and the presence of unauthorized access points.Commonly-identified security issues include:Insecure wireless encryption standardsWeak encryption passphraseUnsupported wireless technologyRogue/open access pointsThe remediation of commonly-identified security issues include:Update wireless protocol to an industry accepted protocol (WPA2)Replace the insecure passphrase with a longer, more complicated oneIdentify the open access point and disable itSEE ALSO: Wireless Access Point Protection: Finding Rogue Wi-Fi NetworksSocial engineeringThe objective of a social engineering assessment is to identify employees that do not properly authenticate individuals, follow processes, or validate potentially dangerous technologies. Any of these methods could allow an attacker to take advantage of the employee and trick them into doing something they shouldn’t.Commonly-identified issues include:Employee(s) clicked on malicious emailsEmployee(s) allowed unauthorized individuals onto the premisesEmployee(s) connected a randomly discarded USB to their workstationThe remediation is always the same: training.Because the intent of this assessment is to take advantage of the trusting nature of employees, this type of assessment should only be done after employees have completed a training course on defending against social engineering attacks.SEE ALSO: Social Engineering Training: What Your Employees Should KnowWhich type of penetration test is right for you?For starters, choose the type of penetration test that focuses on the controls you are most concerned about:Web application or API = application penetration testInfrastructure = network penetration test (and possibly a wireless penetration test)People = social engineeringIf your objective is to obtain PCI compliance, at the very least, you’ll want to consider getting a network and an application penetration test.Once you have an idea on the type of test you would like and how comprehensive you would like the results to be, you need to decide from which perspective you would like testing to be performed.By making these decisions wisely, you can choose a penetration test that matches your business’ needs and budget.Need a penetration test? Talk to us!Chad Horton has been the Penetration Testing Manager at SecurityMetrics for over five years. His responsibility includes managing a team of eight employees who conduct manual assessments of web applications and corporate networks. In addition, Horton is QSA, CISSP, and CompTIA Security+ certified, and has written numerous web application tools to assist in exploiting vulnerabilities.SecurityMetrics Webinar, Web Application Penetration Testing 101

Filed Under: Social Engineering

The Humintell Blog January 17, 2017

Look Beyond Face Value

Moebius Syndrome, a rare form of facial paralysis, makes social interaction particularly difficult.  Because this condition prevents people from displaying any form of facial expression, those dealing with it are often seen as unhappy or downright unfriendly.

This condition makes it difficult for those with Moebius Syndrome to relate interpersonally, but that does not mean it is impossible. Instead, many people turn to other forms of self-expression, and it is important for us to remember that there are a myriad of ways to express ourselves: through laughter, humor, dress, or hair color.

This is the very reason why Moebius Syndrome Awareness Day was established. This day, January 24, is intended to promote education and understanding of the condition.

Research conducted by Dr. Kathleen Bogart at Oregon State University’s Disability and Social Interaction Lab has shown that by promoting education about this condition, we can help create a more positive impression of those who live with facial paralysis.

Because Moebius Syndrome often occurs alongside autism, making interpersonal connection even harder, this sort of awareness is crucial to promoting inclusion for all sorts of people who struggle to communicate.

If you have Moebius Syndrome, or know anybody that does, consider sending in an image to the Moebius Syndrome Foundation’s Facebook page. Using this template, the Foundation seeks to display images of people with Moebius Syndrome alongside descriptions of how they express themselves in lieu of facial expression.

Many of those featured turn to forms of art, such as music, photography, or writing, in an effort to better communicate who they are. Anybody who is passionate about these art forms understands that art can channel a lot of emotion and individualism. Similarly, many compensate in interpersonal interactions by cultivating an expressive laugh or a particularly warm handshake.

Even if you do not experience Moebius Syndrome, there is plenty that you can do on behalf of those who do.

A good place to start is by sharing support for Moebius Syndrome Awareness by posting flyers on public billboards or through social media, using the hashtag #moebiusawareness. Similarly, the official color of Moebius Syndrome Awareness day is purple, so you might also consider wearing purple on January 24, in solidarity with the event.

These forms of support, while they promote education and awareness, also have a special purpose for those who deal with Moebius Syndrome themselves. Because the condition is poorly understood and potentially isolating, demonstrating solidarity shows those who deal with Moebius Syndrome that they are not alone.

For more information on Moebius Syndrome, see our past blogs here and here.

Filed Under: Emotion, Nonverbal Behavior, Science

  • « Previous Page
  • 1
  • …
  • 93
  • 94
  • 95
  • 96
  • 97
  • …
  • 559
  • Next Page »

About

Welcome to an aggregator for blogs about social engineering and related fields. Feel free to take a look around, and make sure to visit the original sites.

If you would like to suggest a site or contact us, use the links below.

Contact

  • Contact
  • Suggest a Site
  • Remove a Site

© Copyright 2025 Social Engineering Blogs · All Rights Reserved ·