"A socially engineered e-mail, which contains a Trojan file that exploits a zero-day vulnerability and then hides behind a rootkit, might be the perfect attack and impossible to defend against." It made me think is socially engineered hacks the perfect hack? Is fooling users considered the perfect hack? I feel finding a security vulnerability in software and using that vulnerability in a attack should be considered in a perfect attack.
Patrick Runald, senior security specialist at Finnish antivirus firm F-Secure last week told me that some users are obliged to open certain documents as part of their job -- so no amount of education can stop such an attack.
The link for this article located at ZDNet is no longer available.
