Social engineers collect intelligence on human targets to develop paths for attack and compromise. Picnic’s platform emulates this external, human attack surface reconnaissance to expose Target Intelligence about an organization. Picnic pairs this unique perspective of threat actors with automated actions that reduce risk for its customers.
Picnic offers Target Intelligence Reports to help security teams better understand how attackers use open-source intelligence and established infrastructure to launch attacks. By reducing their human attack surface, organizations can disrupt attacker reconnaissance and resource development, which in turn reduces the risk of attacks.
Mailchimp: Lessons Learned
In this report (Issue #3), we analyze three Mailchimp breaches that occurred between March 2022 and January 2023 to understand how the attacker leveraged open-source information and used social engineering to target Mailchimp employees. The report includes proactive remediation steps for organizations to take to help lower the risk of attackers being successful in the future.
- Summary of the attack, key findings, and risk areas
- Mitigations for Picnic customers
- Mitigations for non-Picnic customers
Become a Subscriber to receive timely articles on human-centric security issues: