Think about the information you post on Linkedin, technical forums and social media outlets. How could that information be used to hack your environment?

We give out our information to corporations with the expectation that it is being used responsibly and safely. Information has value and we give it away freely.

When a phisher / social media website asks you for the information below, consider what will happen and where that information is being used?

  • Your name. (Security engineers often use pseudonyms for all social media).
  • The people you know. (Lock your friends/connections list down to private).
  • What you look like. (Create a representative icon, instead of a picture of you).
  • The company and department you work with. (Edit your privacy settings to hide this information).
  • The server O/S you work with. (Only share technical information with people you really should be sharing it with).
  • The server hardware you work with.
  • The databases you use.
  • The software you specialise in.

An invader spends time searching forums and technical social media sites for information relating to you and the technical access you have.

Many web developers and application developers leave an easy to follow trail around the internet.

Try Googling yourself and see where your trail leads…

Weigh up the risk of putting that information on a public forum vs the risk of not solving the problem.

With all that information available about you, all it takes is one exploit for an invader/hacker to infiltrate your environment.

The invader can wreak untold havoc on an unpatched, unprotected computer system.

Ironically this post is published to LinkedIn and Twitter.

  • Patch your systems.
  • Update your anti virus.
  • Make sure your firewall is on.
  • Weigh up the risks about every bit of information you put out into a public forum.
  • Don’t accept unknown friend/connection requests no matter how tempting.
  • Don’t worry.