2025 Foundational Application of Social Engineering

We are supporting Coalfire

Share This Post

We are supporting CoalfireIf you haven’t read the post from Coalfire’s CEO, Tom McAndrew, you should. It is here: https://www.coalfire.com/News-and-Events/Press-Releases/Coalfire-CEO-Tom-McAndrew-statement

TechRepublic’s report tells us that in 2019 so far, there is a 54% increase in breachesover 3,800 so far this year. It is this exact reason we see intelligent companies increasing their spending, efforts, and time focusing on securing their people, perimeter, networks, and everything in between.  That is exactly what two Coalfire pentesters were doing.

We personally had the privilege of having Justin Wynn as a student in our Advanced Practical Social Engineering class this summer. He was honorable and followed our motto to “always leave them feeling better for having met you.”  When we look at how Justin and Gary handled this pentest, that motto seems to have been followed.

After gaining access to the Judicial Branch Building at the Dallas Iowa County, they left a business card, left everything intact, and exited the building. The next day, they were greeted with a “congratulations text” from their point of contact. The next night, they went to test the Courthouse facility and found that some employees left the door openit was midnight. Instead of using this as part of their test (to be honest I would have), they closed the door, locked it, and proceed to perform their test as if the building was secure. After gaining access, they purposefully tripped the alarm to test the reaction times.

Upon greeting the deputies, they gave their authorization letter and had their state contacts on the phone. All of this was verified and they were just about to be released when Sheriff Chad Leonard arrived and arrested them. Now, Justin and Gary are being charged with criminal trespass.

In a time when law enforcement should be partnering with companies like Coalfire and other pentest groups, this is very disheartening indeed.

Like other companies in this space, Social-Engineer will be sending a support letter to the State of Iowa and Dallas County calling on their reason to drop these charges.

Christopher Hadnagy

CEO, Social-Engineer, LLC

More To Explore

Soft Skills for Cybersecurity Professionals
General

Soft Skills for Cybersecurity Professionals

As cyber threats continue to increase, so does the need for cyber security professionals. Some of the skills needed to succeed in the field of cyber security are programming skills,

Social Engineering

Keeping it Simple in Cybersecurity 

Today, the cybersecurity industry focuses a lot more on complicated solutions and tools. Companies are always looking to improve their security measures with the latest technologies. However, attackers often choose