Just read an interesting blog post from a security researcher performing a stealth penetration test on a bank, at the request of the bank incidentally.
What was interesting to me was the amount of technical information about the bank's systems that they obtained from public sources - the Facebooks and LinkedIns of the world. This was then followed up with a fake job interview where they got more useful
stuff and from all that could then craft their attack.
The actual hacking aspect was quite sophisticated -
see the full blog post here.
Eek. Do we need to be careful what we reveal to the world about our organisations' infrastructure?