The Unpatchable Vulnerability That Is Human Nature - Rachel Tobac - CSP #33
CISO Stories Podcast
Rachel, CEO of SocialProof Security, delves into the inner-workings of social engineering exploits where she leverages her background in neuroscience and behavioral psychology to exploit the unpatchable vulnerability that is human nature. This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/
Rachel Tobac — an OSINT expert who credits much of her success to her improv comedy skills and her childhood mentor, Harriet the Spy
No Password Required
Rachel Tobac is the CEO and co-founder of Social Proof Security who hopes to one day work herself out of a job by improving education and awareness of social engineering attacks. In this episode, Rachel joins the No Password Required team to talk about her path from studying behavioral psychology to starting a successful cybersecurity company, why Shih Tzu’s would be the best canine cybersecurity professional, how her quirky skills serve as an asset to her company, her passion for improving diversity in the cyber and technology industries, and more. BONUS: she sings an info-sec sea shanty that is as catchy as it is informative. Clabby and Ernie talk about the recent hack on the Molson Coors Beverage Company, and in the “Positively Cyber” segment, Pablo analyzes why the Mandalorian would be the perfect fit for showing our new recruits “the way” in our fictitious cybersecurity organization. You should check this episode out soon; if Rachel is correct about the time travel butterfly effect, you may never get another chance...
This week is a best of episode with special guest Rachel Tobac, CEO of Social Proof Security. In this episode we discuss social engineering, how to get more women in cybersecurity, and of course Rachel’s favorite David Lynch movies. This is one previous episode you don’t want to miss! ** Links mentioned on the show […] The post Best of Episode: Interview with Rachel Tobac appeared first on The Shared Security Show.
On this episode of Hacker Valley Studio, hosts Ron and Chris speak with Rachel Tobac, CEO of SocialProof Security and Chair of the Women in Security and Privacy Board. Their conversation covers everything from neuroscience to spearfishing and human’s place in cyber security. Rachel is a human hacker, also known as a social engineer, and she begins the episode by explaining her background in social engineering and experience in the non profit space. She credits her success in the field to her background in neuroscience and behavioral psychology as well as training in improv. Her husband works in cyber security and encouraged her into the space even though she was nervous at first because she didn’t know how to code. Rachel explains that she still does not know how to code, her most important skills in social engineering are the ability to persuade and improv. When working with companies, Rachel helps client facing employees to help confirm people are who they say they are. She sits down with them to go through processes that help her close the loopholes that allow hackers to mine information. Humans are the first line of defense, so they have to have their guard up. From there, keeping the organization up to date on the latest trends in cyber security and how hackers find their way in is key to getting the correct tools to prevent hacks. As the episode ends, Rachel shares her next steps are working with hospitals to prevent ransomware and phishing attacks. She’s also turning her attention toward the election and educating people on what the 2020 Presidential election will look like and the time it may take to announce the winner. While she does not currently think elections can be done entirely from home, she considers it a goal for the future. 1:59 - Rachel Tobac and today’s episode of Hacker Valley Red is introduced. 8:50 - What are the skills needed to become a social engineer? 10:51 - Rachel leads Ron and Chris through an improv exercise. 13:59 - Rachel shares where she thinks technology is headed. 20:20 - Rachel shares the scariest part of social engineering hacks. 25:29 - Rachel’s key takeaways. 34:11 - Rachel is looking toward 2020 election security. Links: Learn more about Hacker Valley Studio Support Hacker Valley Studio on Patreon Follow Hacker Valley Studio on Twitter Follow Ronald Eddings on Twitter Follow Chris Cochran on Twitter Follow Rachel Tobac on Twitter Learn more about the season sponsor, RiskIQ
White-hat hacker Rachel Tobac takes on “The Perfect Scam,” scouring the internet and gathering intel about host Michelle Kosinski, that a hacker could use in a real-life scenario. Rachel, a three-time DEF CON conference capture-the-flag second place winner, is the CEO and cofounder of SocialProof Security, which helps people and companies keep their data safe. Rachel shares her knowledge of social engineering and walks Michelle through a "live" phishing scam.
In episode 100 of our May monthly show we discuss the history of the podcast, some of the most interesting cybersecurity and privacy news and events over the years, and speak with former guest Rachel Tobac, CEO and Co-Founder of SocialProof Security, about what she’s been up to and of course the David Lynch daily […] The post Episode 100 with Rachel Tobac and Kathleen Smith appeared first on The Shared Security Show.
Ep. 60: How Rachel Tobac went from medicine to infosec
The freeCodeCamp Podcast
In this episode, Abbey interviews social engineering expert Rachel Tobac and learns how she transitioned from teaching to infosec by way of one exhilarating competition. Growing up, Rachel’s family didn’t have normal dinner table conversations. Her father was in medicine, so their chats revolved around strange diseases and scary edge cases. So when Rachel went to college, she aimed to follow in her father’s footsteps. However, life had other plans, and she ended up becoming a teacher instead. But she wanted to do more than teach a small number of students – she wanted to help more people at scale. So she tried to figure out a way to do that. After moving across the country to Silcon Valley and learning more about the world of tech, she stumbled upon her true calling (with a little nudge from her husband and now co-founder): social engineering. She took a trip to Defcon four years ago, won second place in a social engineering capture the flag hacking event, and she was hooked. She dove in head first, learned all she could about infosec, social engineering, and security, and never looked back. Now, she and her husband run Social Proof Security, the boutique educational security firm they founded two years ago, and boast some of the largest tech companies in the Valley as clients. Rachel is also chair of the board of the non-profit WISP (Women in Security and Privacy), helps get scholarships for women to attend Defcon each year, and travels and speaks at all kinds of conferences and events herself. When she isn’t educating companies about making their processes safer, she’s traveling the world, thinking up new ways to hack, or staring at her rescue dog. In this episode, you’ll learn all about Rachel’s somewhat meandering path into security, how she discovered her passion for educating teams about social engineering, what it takes to get into the field, and why she loves her job. Find Rachel on Twitter: https://twitter.com/RachelTobac Check out Rachel's company: https://www.socialproofsecurity.com/ Learn more about DefCon: https://www.defcon.org/ Read up on WISP: https://www.wisporg.com/ Find Abbey on Twitter: https://twitter.com/abbeyrenn
Ep. 56, I spy with my little SpyEar (with Rachel Tobac)
The Many Hats Club
[00:06:35] I wanted to be a neuroscience major and promptly sucked at school and there were a lot of tears along the way but I did end up getting my double major in neuroscience and cognitive and behavioral psychology [00:06:48] (2019-04-04) This time TMHC was privileged to host Rachel Tobac talking mostly about social engineering. Rachel is CEO & Co-founder SocialProof Security and Board Member of WISP (Women in Security & Privacy). She specializes in Social Engineering and has been a winner of DEFCON Social Engineering Capture the Flag competition, 3 years in a row. Some of the topics covered: neuroscience, cognitive psychology, DEF CON -> social engineering expert; why does social Engineering work? war stories from the field; Women in Security and Privacy: helping women find their spot in infosec, DEF CON scholarships; rant of the show: users are not stupid. plus, as always, a ton of questions from our fantastic audience. Some key excerpts: [00:10:07] the very first thing that I did is I called my insurance company and I tried to get information about me without authenticating the correct way and see if you can do that - see you can talk yourself through that situation and do OSINT enough to be able to accomplish that [00:10:22], [00:30:20] Anybody who loves working at the company and loves posting about it on Instagram and joking and tagging; I have been able to find and be successful in about three hours for the majority my of clients [00:30:32], [00:36:37] that pretext works but you probably delivered it with more confidence that anyone ever has because you legitimately believed it [00:36:44], [00:50:12] Every social engineer I know has been successfully phished, every single one [00:50:16], [01:06:34] we want to send more women and give them more opportunities to find a future boss a future mentor and these things happen because last year we sent 57 women to DEF CON in each scholarship of $780 [01:06:46], [01:15:15] infosec Twitter sometimes is a dumpster fire, but most of the time it's pretty great. So I would say absolutely make a Twitter follow people join in on the conversation [01:15:24]. Places on the Internet to see: People to follow: https://twitter.com/humanhacker 6 principles of persuasion: https://www.influenceatwork.com/principles-of-persuasion/ Women In Security and Privacy: https://www.wisporg.com/ and https://twitter.com/wisporg Rachel's talk at KringleCon: https://www.youtube.com/watch?v=L5J2PgGOLtE Listen here: downloadHosted by Stu, episode production Meadow and the Moderators team. Please subscribe! Apple: http://bit.ly/TMHC-Podcast-Apple Spotify: http://bit.ly/TMHC-Podcast-Spotify Google Podcasts: http://bit.ly/TMHC-Podcast-Google Android: http://bit.ly/TMHC-Podcast-Android RSS Feed: http://bit.ly/TMHC-Podcast-RSS
Ep 18 Rachel Tobac: Leveraging Creativity and a Neuroplastic Mindset
Rachel was a winner of the DEFCON Social Engineering Capture the Flag (SECTF) competition 3 years in a row, and has shared her animated story, OSINT experience, and the modern threat of Social Engineering. During the day Rachel works at Course Hero, an online learning platform, in UX Research. In her spare time, Rachel works as the Creative Director for the nonprofit group, Women in Security and Privacy (WISP), where she empowers women to lead the converging fields. And the rest of her time is spent on, Social Proof Security, her co-founded SE cybersecurity company.
Politely Paranoid: It's you, not your devices - When SuperBowl security plans are left on an airplane, people not devices are leaking information. Security expert Rachel Tobac, CEO & Co-Founder of SocialProof Security, joins Liz to discuss how you can protect your home and business.