Tag Archive for: resume

Hiring? New scam campaign means ‘resume’ downloads may contain malware

/in


A cybercrime gang is targeting hiring managers and recruiters in a new campaign to spread the “more_eggs” backdoor malware.

Emails from supposed job seekers are luring victims to malicious “resume” downloads using sophisticated social engineering and infrastructure, Proofpoint said in a security briefing Tuesday.

The briefing outlines the evolving tactics of the threat actor tracked as TA4557, which Proofpoint researchers have been monitoring since 2018.

Spear phishing strategy convinces recruiters to stray from safety

Secure email gateways are one of the most common endpoint security measures used by organizations; new methods by TA4557 seek to bypass these measures and lure job recruiters to attacker-controlled websites.

“The social engineering is very compelling leading up to the download of the file from the resume website,” Proofpoint Senior Threat Analyst Selena Larson told SC Media.

The attacks, which Proofpoint first detected in October 2023, begin with an email inquiring about an open position. With no links or attachments, the seemingly benign email gets the foot in the door to start building trust.

If the victim responds, the attack chain continues with the supposed job candidate inviting the hiring manager or recruiter to download a resume from their “personal website.”

Unlike classic jobs scams targeting job seekers themselves, there is no need to impersonate an established business through methods like typosquatting. Additionally, researchers began seeing in early November that attackers avoided sending links altogether by directing their victims to “refer to the domain name of my email address to access my portfolio.”

Requiring the victim to copy and paste the malicious domain name increases the likelihood the emails will make it past secure email gateways. Plus, with unassuming domain names like “wlynch[.]com” for a candidate named William Lynch and “annetterawlings[.]com” for a candidate named Annette Rawlings, the emails are less likely to raise alarm bells than those from free email providers like Gmail or Yahoo.

The attacker-controlled “candidate” websites were found to apply filters based on details like the victim’s IP address to…

Source…

How I Went from $33k Helpdesk to $200k Cybersecurity Architect (Self-taught without a Degree)

/in



There is a cybersecurity talent gap across the US. Here’s what to put on your résumé to a land high-paying job in the industry.

/in


“There certainly is a talent gap in the United States,” Kevin Bordlemay, senior manager of talent acquisition at computer security firm Mandiant, told Insider. “There is by no means enough talent to fulfill the roles that are out there.”

Source…

China allows tech trio to resume business after cyber probe

/in


Chinese authorities are allowing Full Truck Alliance and Kanzhun to sign up new users again almost a year after both companies were entangled in cyber security investigations alongside ride-hailing group Didi.

Beijing launched probes into Full Truck, online recruiting platform Kanzhun and Didi last July just weeks after the companies had raised money on Wall Street, as Chinese regulators sought to tighten their grip on the data on which the country’s tech groups rely.

On Monday, Full Truck’s two lorry-hailing apps Yunmanman and Huochebang, known as China’s “Uber for trucks”, were allowing new driver sign-ups.

Kanzhun’s app Boss Zhipin continued to bar new user sign-ups, but the Cyberspace Administration of China (CAC) had informed both companies they could begin signing up new users immediately, according to a person familiar with the matter.

The removal of the ban on new users for the two companies was first reported by the Wall Street Journal, which also said that regulators were wrapping up a probe into Didi.

Shares in Full Truck jumped 15 per cent and Kanzhun climbed 22 per cent in early trading in New York, while Didi’s stock surged more than 50 per cent.

The signs of progress in resolving the investigations follows vice-premier Liu He’s repeated pledges of support for private companies and may signal a departure from a period of regulatory scrutiny that ensnared almost every large Chinese tech company.

Liu, who is President Xi Jinping’s closest economic adviser, has been manoeuvring to help the economy amid a deep slump triggered by Xi’s zero-Covid policy.

The CAC did not tell the companies that the investigations had concluded on Monday, nor did it mention possible fines, according to a person familiar with the matter, adding that that left the agency with the power to decide final penalties based on the companies’ “performance” during the probe.

Nevertheless, investors were quick to seize on any evidence that the crackdown on the tech sector may be easing.

“We expect marginal improvement in regulatory pressure on internet sectors in the near term, leading to sentiment improvement and technical rebounds,” said Bruce Pang, head of research at…

Source…