Tag: jobs
-
DPRK ‘IT Workers’ Pivot to Europe for Employment Scams
By using fake references and building connections with recruiters, some North Korean nationals are landing six-figure jobs that replenish DPRK coffers. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/dprk-it-workers-europe-employment
-
North Korean IT Scammers Targeting European Companies
Inside North Korea’s IT Scam Network Now Shifting to Europe. North Koreans posing as remote IT workers have spread to Europe, where one Pyongyang fraudster assumed at least 12 personas to target companies in Germany, Portugal and the United Kingdom. Western companies have grappled for years with the prospect of unintentionally hiring a North Korean…
-
Medical device cybersecurity to be adversely impacted by HHS layoffs
First seen on scworld.com Jump to article: www.scworld.com/brief/medical-device-cybersecurity-to-be-adversely-impacted-by-hhs-layoffs
-
Wie KI und Automatisierung die DDoS-Industrie verändern
Künstliche Intelligenz (KI) hält Einzug in die DDoS-For-Hire-Landschaft und verleiht diesen ohnehin schon leistungsstarken Diensten eine neue Stufe der Raffinesse. Noch vor einigen Jahren erforderte das Starten eines DDoS-Angriffs eine Reihe von technischen Fähigkeiten. Heute haben die im Darkweb verfügbaren Booter-/Stresser-Dienste auch bekannt als DDoS-for-Hire-Industrie die Hürde für die Durchführung komplexer DDoS-Angriffe erheblich […] First…
-
Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks
North Korea’s Lazarus hackers are using the ClickFix technique for malware deployment in fresh attacks targeting the cryptocurrency ecosystem. The post Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/lazarus-uses-clickfix-tactics-in-fake-cryptocurrency-job-attacks/
-
Riesiges Datenleck bei X: War es ein Insider-Job?
Die Profil-Daten von 2,87 Milliarden Nutzern von X (ehemals Twitter) sind auf der Plattform Breach Forum entdeckt worden. Angeblich handelt es sich um die Tat eines Ex-Mitarbeiters. First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/riesiges-datenleck-bei-x-war-es-ein-insider-job
-
Nasuni Hires Veracode Veteran Sam King As CEO
Sam King, who had most recently spent five years as chief executive of cybersecurity vendor Veracode, joins Nasuni as CEO in the midst of a new channel push at the data platform provider. First seen on crn.com Jump to article: www.crn.com/news/security/2025/nasuni-hires-veracode-veteran-sam-king-as-ceo
-
North Korean hackers adopt ClickFix attacks to target crypto firms
The notorious North Korean Lazarus hacking group has reportedly adopted ‘ClickFix’ tactics to deploy malware targeting job seekers in the cryptocurrency industry, particularly centralized finance (CeFi). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-adopt-clickfix-attacks-to-target-crypto-firms/
-
ClickFake Interview Campaign by Lazarus Targets Crypto Job Seekers
New “ClickFake Interview” campaign attributed to the Lazarus Group targets crypto professionals with fake job offers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/clickfake-interview-campaign/
-
Twitter (X) Hit by 2.8 Billion Profile Data Leak in Alleged Insider Job
Note: Title edited to maintain clarity and accurately reflect the nature of the breach, emphasizing the leak of profile data rather than implying access to private information. First seen on hackread.com Jump to article: hackread.com/twitter-x-of-2-8-billion-data-leak-an-insider-job/
-
Twitter (X) Hit by Data Leak of 2.8 Billion Users; Allegedly an Insider Job
Massive Twitter (X) data breach exposes details of 2.8 billion users; alleged insider leak surfaces with no official response from the company. First seen on hackread.com Jump to article: hackread.com/twitter-x-of-2-8-billion-data-leak-an-insider-job/
-
IBM US cuts may run deeper than feared “’ and the jobs are heading to India
Big Blue ‘might as well move its headquarters’ to Bengaluru since it ‘no longer prioritizes’ America First seen on theregister.com Jump to article: www.theregister.com/2025/03/27/ibm_cuts_jobs_in_us/
-
Student-Powered SOCs Train Security’s Next Generation
University security operations centers that hire and train students are a boon to state and local governments while giving much-needed Tier 1 cybersecurity training to undergraduates. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/student-powered-socs-train-security-next-generation
-
DPRK IT Worker Scam: Mitigation Steps for Hiring Teams
Nisos DPRK IT Worker Scam: Mitigation Steps for Hiring Teams Nisos is tracking a network of likely North Korean (DPRK)-affiliated IT workers posing as Singaporean, Turkish, Finish and US nationals with the goal of obtaining employment in remote IT, engineering, and full-stack blockchain positions… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/dprk-it-worker-scam-mitigation-steps-for-hiring-teams/
-
Which Top Cybersecurity Role of 2024 Was Featured in 64,000+ Job Postings?
IT and security workforce management firm CyberSN surveyed job listings from 2022 to 2024. Yes, decreases in demand for some job titles may be related to AI. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cybersecurity-job-market/
-
Comic Agilé Luxshan Ratnaravi, Mikkel Noe-Nygaard #330 — AI For Job Hunting
via the respected Software Engineering expertise of Mikkel Noe-Nygaard and the lauded Software Engineering / Enterprise Agile Coaching work of Luxshan Ratnaravi at Comic Agilé! Permalink First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2025/03/comic-agile-luxshan-ratnaravi-mikkel-noe-nygaard-330-ai-for-job-hunting/
-
Getting the Most Value Out of the OSCP: The PEN-200 Labs
Tags: access, ai, attack, compliance, container, cyber, cybersecurity, dns, docker, exploit, firewall, guide, hacking, Hardware, infrastructure, intelligence, jobs, kubernetes, microsoft, mitigation, network, open-source, oracle, penetration-testing, powershell, risk, security-incident, service, siem, skills, technology, tool, training, vmware, vulnerability, windowsHow to leverage the PEN-200 simulated black-box penetration testing scenarios for maximal self-improvement and career success. Disclaimer: All opinions expressed in this article are solely my own. I have reviewed the content to ensure compliance with OffSec’s copyright policies and agreements. I have not been sponsored or incentivized in any way to recommend or oppose any…
-
Cyber Command official is Trump’s choice for Pentagon policy job
Katherine Sutton, currently in a top civilian post at U.S. Cyber Command, has been nominated to be assistant secretary of Defense for cyber policy. First seen on therecord.media Jump to article: therecord.media/katherine-sutton-nominee-assistant-secretary-defense-cyber-policy
-
The Password Hygiene Failure That Cost a Job – Grip Security
Actions from a real-life breach raises questions about poor password hygiene accountability and why users, policies, and security controls must work together. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/the-password-hygiene-failure-that-cost-a-job-grip-security/
-
Beware Developers Fake Coding Challenges Will Deploy FogDoor on Your System
Researchers has discovered a sophisticated malware operation that poses as a fake coding challenge and targets Polish-speaking professionals. This campaign, known as >>FizzBuzz to FogDoor,>FizzBuzz>Zadanie rekrutacyjne.iso,
-
FBI warns: beware of free online document converter tools
Don’t ‘just trust the logo’: Luke Connolly, a threat analyst with cybersecurity software and consulting firm Emsisoft, said the fact that the FBI has issued a warning is a good indication that this issue is fairly widespread, and should be taken seriously.Defenses, he said, include only using services from trusted vendors, using endpoint protection to…
-
CISOs are taking on ever more responsibilities and functional roles has it gone too far?
Tags: ai, business, cio, ciso, cloud, compliance, computing, control, corporate, cyber, cybersecurity, data, defense, framework, fraud, governance, healthcare, infosec, intelligence, international, Internet, jobs, law, mitigation, nist, privacy, regulation, resilience, risk, risk-management, service, skills, software, supply-chain, technology, threatth century alongside technology and internet-enabled threats, morphing to meet the demands of the moment. But the position hasn’t just matured; in many cases it has expanded, taking on additional domains.”The CISO role has expanded significantly over the years as companies realize that information security has a unique picture of what is going on across…
-
11 hottest IT security certs for higher pay today
Tags: access, attack, automation, business, cloud, container, control, corporate, credentials, cyber, cybersecurity, data, defense, encryption, exploit, finance, fortinet, google, governance, incident response, infosec, intelligence, Internet, jobs, linux, malicious, malware, monitoring, network, penetration-testing, remote-code-execution, resilience, reverse-engineering, risk, risk-assessment, risk-management, skills, software, technology, threat, tool, training, vulnerability, windowsOffensive Security Certified Expert (OSCE): OffSec’s Offensive Security Certified Expert consists of three courses: Advanced Web Attacks and Exploitation, Advanced Evasion Techniques and Breaching Defenses, and Windows User Mode Exploit Development. The format for each course exam is the same: Candidates have 48 hours to compromise a given target using various techniques. No formal prerequisites exist for any of the…
-
Choosing the Right Cloud Security Provider: Five Non-Negotiables for Protecting Your Cloud
Tags: attack, business, cloud, control, corporate, data, infrastructure, intelligence, jobs, risk, service, strategy, technology, threat, vulnerabilityProtecting your cloud environment for the long term involves choosing a security partner whose priorities align with your needs. Here’s what you need to know. As organizations embrace multi-cloud and hybrid environments, the complexity of securing that landscape increases. However, the overlooked risks may not come solely from threat actors. Choosing a security provider that…
-
It looks like IBM is cutting jobs again, with Classic Cloud hit hard
We’re told thousands may soon get a pink slip from Big Blue First seen on theregister.com Jump to article: www.theregister.com/2025/03/20/ibm_cuts_us_jobs/
-
Cybersecurity job market faces disruptions: Hiring declines in key roles amid automation and outsourcing
First seen on scworld.com Jump to article: www.scworld.com/analysis/cybersecurity-job-market-faces-disruptions-hiring-declines-in-key-roles-amid-automation-and-outsourcing
-
North Korean IT Workers Exploit GitHub to Launch Global Cyberattacks
A recent investigation by cybersecurity firm Nisos has uncovered a coordinated effort by North Korean IT workers to exploit GitHub for creating fake personas, enabling them to secure remote jobs in Japan and the United States. These individuals, posing as professionals from countries like Vietnam, Japan, and Singapore, primarily target roles in engineering and blockchain…
-
How CISOs are approaching staffing diversity with DEI initiatives under pressure
Staffing diversity can help avoid homogenous thinking: Similarly, Sam McMahon, senior manager of IT and security at Valimail, underscores the necessity of representing different backgrounds and mindsets.”In my experience, even small security teams benefit greatly from the variety of perspectives that come with different backgrounds and skill sets,” he says. “We know that the majority…