29 Nisan 2011 Cuma

Treacherous metadata in company documents

Office documents can contain metadata such as names, storage locations and version information about the software used to create them. An attacker can exploit this information for targeted attacks. The free tool Foca shows how talkative a company's downloadable documents are.

In recent weeks, reports of hacking attacks on companies have been mounting up. HBGary, RSA, Epsilon and Barracuda Networks are among the companies from which hackers have stolen highly sensitive data. The attack on RSA was a highly focused attack which targeted individual employees. The hackers appear to have collected information on target personnel on the web; social networks such as Facebook and Xing offering ideal forums for doing so.

Often unintentionally, files available to download from a company can also be a rich source of interesting information: Office documents, presentations, images and other files contain metadata such as the author, date and software used which can provide useful tips for carrying out targeted technical or social engineering attacks.

nod32 keyleri güncel güncel nod32 keyleri nod32 guncel keyler nod32 guncel key

Hiç yorum yok:

Yorum Gönder