San Francisco Bay Area
8K followers 500+ connections

Join to view profile

About

Interested in advising early stage (tech|security) startups on product vision, growth…

Activity

Join now to see all activity

Experience & Education

  • Bishop Fox

View Rob’s full experience

See their title, tenure and more.

or

By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.

Volunteer Experience

Publications

  • Why You Need To Worry About Wire Fraud

    Forbes

    Phishing emails eliciting wire transfers are a top threat to businesses, according to information released by FBI Internet Crime Center (IC3). This threat has, in fact, overshadowed reported losses of ransomware and any other direct financial loss.

    See publication

  • Defeating Social Engineering, BECs & Phishing

    Interop ITX

    Over 90 percent of cyber attacks start the same way: with a phishing message. Attackers slip all manner of malware into your organization just by convincing users -- even admin-level users in the IT department -- to click on a link. Fraudsters carrying out business email compromise attacks are even more clever, forgoing malware and malicious links altogether, and scamming companies out of $47 million, $75 million and more, simply by asking for it the right way. Social engineering is, at the…

    Over 90 percent of cyber attacks start the same way: with a phishing message. Attackers slip all manner of malware into your organization just by convincing users -- even admin-level users in the IT department -- to click on a link. Fraudsters carrying out business email compromise attacks are even more clever, forgoing malware and malicious links altogether, and scamming companies out of $47 million, $75 million and more, simply by asking for it the right way. Social engineering is, at the very least, how attackers get their foot in the door, and at worst, how they get away with your crown jewels. In this session, learn about attackers' new twists on the oldest tricks in the book, and how to protect your organization against them.

    See publication

  • Don’t Be Another Statistic: How to Recognize and Prevent Social Engineering Attacks

    What makes us human? Language, empathy, and helpfulness are only a few of the traits that make us unique. However, these fundamental characteristics also leave room for deception.

    Social engineering is nothing new. From the Trojan Horse that collapsed Troy to Frank Abagnale's famous deceptions portrayed in the film Catch Me If You Can, conmen and hackers have preyed on people’s innate tendency to trust.

    We invite you to listen in as internationally recognized technology analyst…

    What makes us human? Language, empathy, and helpfulness are only a few of the traits that make us unique. However, these fundamental characteristics also leave room for deception.

    Social engineering is nothing new. From the Trojan Horse that collapsed Troy to Frank Abagnale's famous deceptions portrayed in the film Catch Me If You Can, conmen and hackers have preyed on people’s innate tendency to trust.

    We invite you to listen in as internationally recognized technology analyst Michael Krigsman leads a discussion featuring four social engineering experts. Panelists include Christopher Hadnagy, founder of Social-Engineer, Inc.; Michele Fincher, chief influencing agent at Social-Engineer, Inc.; Rob Ragan, managing security associate at IT security consulting firm Bishop Fox; and Austin Whipple, Sr. application security engineer at BetterCloud. The hour-long panel will equip you with the knowledge needed to remain safe and secure in the modern workplace.

    See publication

  • Never Surrender: Reducing Social Engineering Risk

    BSidesPGH

    The weakest link in the security chain is often between the keyboard and the chair. People are a problem. We have a natural instinct as humans to trust someone's word. Although various technical means have been developed to cope with security threats, human factors have been comparatively neglected.

    Once you put a human in a security chain, you have a weakness. That problem should be addressed by security practitioners, not every member of an organization. Very few would disagree that…

    The weakest link in the security chain is often between the keyboard and the chair. People are a problem. We have a natural instinct as humans to trust someone's word. Although various technical means have been developed to cope with security threats, human factors have been comparatively neglected.

    Once you put a human in a security chain, you have a weakness. That problem should be addressed by security practitioners, not every member of an organization. Very few would disagree that social engineering is the the most common and least challenging way to compromise an organization, but most accept the notion that there isn't much they can do about it. False!

    This talk will focus on the psychological, technical, and physical involvement of social engineering, and also look at how we can remove the human element of the human problem. We will explore what organizations are doing wrong, also the processes and technical controls that can be put in place to achieve a strong social engineering defense.

    We'll template a solution that can be customized. What will really help? What is the truth? What if we don't want to surrender our organization to social engineers?

    See publication

  • How Hackers Hid a Money-Mining Botnet in the Clouds of Amazon and Others

    Wired

    HACKERS HAVE LONG used malware to enslave armies of unwitting PCs, but security researchers Rob Ragan and Oscar Salazar had a different thought: Why steal computing resources from innocent victims when there’s so much free processing power out there for the taking?

    See publication

  • Cloud Ninja: Catch Me If You Can!

    What happens when computer criminals start using friendly cloud services such as Dropbox, Google Apps, Heroku, Amazon EC2 and Yahoo Pipes for malicious activities? This presentation will explore how to (ab)use the free public cloud for the business of computer crime. Oh! Also we violate the hell out of some terms of service.

    See publication

  • Web Hacking Exposed 3rd Edition

    McGraw-Hill Osborne Media

    First, we catalog the greatest threats your web application will face and explain how they work in excruciating detail. How do we know these are the greatest threats? Because we are hired by the world's largest companies to break into their web applications, and we use them on a daily basis to do our jobs. Once we have your attention by showing you the damage that can be done, we tell you how to prevent each and every attack.

    Other authors
    See publication

  • Google, Bing: A hacker's best friends

    Hackers still use search engines like Google and Microsoft Bing to accelerate and automate attacks against vulnerable websites

    See publication

  • Filter Evasion - Houdini on the Wire

    Outerz0ne 5

    See publication

Projects

  • Search Diggity

    - Present

    The Search Hacking Diggity Project is a research and development initiative dedicated to investigating the latest techniques that leverage search engines, such as Google and Bing, to quickly identify vulnerable systems and sensitive data in corporate networks. This project page contains downloads and links to our latest Google Hacking research and free security tools. Defensive strategies are also introduced, including innovative solutions that use Google Alerts to monitor your network and…

    The Search Hacking Diggity Project is a research and development initiative dedicated to investigating the latest techniques that leverage search engines, such as Google and Bing, to quickly identify vulnerable systems and sensitive data in corporate networks. This project page contains downloads and links to our latest Google Hacking research and free security tools. Defensive strategies are also introduced, including innovative solutions that use Google Alerts to monitor your network and systems.

    Other creators
    See project

Honors & Awards

  • United Bug Bounty

    United Airlines

    https://www.united.com/web/en-US/content/Contact/bugbounty.aspx

  • Eagle Scout

    Boy Scouts of America

Languages

  • English

    Native or bilingual proficiency

  • German

    Elementary proficiency

  • French

    Elementary proficiency

  • Mandarin

    Elementary proficiency

  • Latin

    Elementary proficiency

Recommendations received

1 person has recommended Rob

Join now to view

More activity by Rob

View Rob’s full profile

  • See who you know in common
  • Get introduced
  • Contact Rob directly
Join to view full profile

Other similar profiles

Explore more posts

Explore top content on LinkedIn

Find curated posts and insights for relevant topics all in one place.

View top content

Add new skills with these courses

See all courses