Core Security Expert to Detail Automated Social Engineering Techniques at RSA Security Conference 2010


Security Researcher to Illustrate Methods Through Which Social Networking Data Can Be
Aggregated to Create Targeted Attacks

SAN FRANCISCO - Feb 22, 2010 - Core Security Technologies, provider of CORE IMPACT Pro, the most comprehensive product for proactive enterprise security testing, today announced that one of its CoreLabs researchers will serve as a featured presenter at the RSA Security Conference 2010 being held at the Moscone Center March 1-5

At the conference, CoreLabs Security Researcher Pedro Varangot will offer his presentation "State of the Art Automation of Open Source Intelligence and Impersonation in Social Networks" which will highlight how the trust that users have in social networks can be leveraged to execute targeted social engineering attacks.

During the talk, Varangot will demonstrate automated means through which attackers can locate and aggregate information about social networking users to help craft potential threats. The expert will also illustrate how any information gathered may be used to carry out so-called "impersonation" attacks through which people's identities are co-opted for the purpose of delivering client-based exploits.

"Individuals and organizations have more of their private data disseminated throughout social networks and other open systems today than they might ever even realize - enough that automated tools can be used to pull this data together to create extremely targeted attacks," said Varangot. "Risk analysts at the enterprise remain unaware of how this modern attack vector can be leveraged into targeted attacks against their assets, especially when they must measure the potential impact to their organization. This happens even though it has been consistently shown that these techniques increase the probability of a successful attack."

What: "State of the Art Automation of Open Source Intelligence and Impersonation in Social Networks"

When: Thurs. Mar. 04 10:40 a.m. PT

Where: RSA Security Conference 2010, Moscone Center, Orange Room 308

Who: Pedro Varangot, CoreLabs Security Researcher

Core Security continues to feed the intelligence garnered via the work of its CoreLabs research experts and Core SCS consultants directly into its CORE IMPACT family of automated penetration testing solutions to ensure that organizations can proactively determine their exposure to such widely available vulnerabilities.

For more information about the presentation or to schedule meetings with Core Security’s experts at RSA Security Conference 2010, please contact Tim Whitman or Lauren O’Leary at 781-684-0770 or via email at:

About Core Security Technologies

Core Security Technologies is the leader in comprehensive penetration testing software solutions that IT executives rely on to expose vulnerabilities, measure operational risk and assure security effectiveness. The company’s CORE IMPACT product family offers a comprehensive approach to assessing the security of network systems, endpoint systems, email users and web applications against complex threats. All CORE IMPACT security testing solutions are backed by trusted vulnerability research and leading-edge threat expertise from the company’s Security Consulting Services, CoreLabs and Engineering groups. Based in Boston, MA and Buenos Aires, Argentina, Core Security Technologies can be reached at 617-399-6980 or on the Web at


Tim Whitman or Lauren O’Leary

Schwartz Communications 

781 684-0770

Mon, February 22