Tag: jobs
-
How we made Trail of Bits AI-native (so far)
Tags: access, ai, application-security, attack, automation, blockchain, business, ceo, chatgpt, computer, computing, conference, control, data, email, germany, government, identity, injection, jobs, macOS, marketplace, nvidia, open-source, risk, service, skills, strategy, supply-chain, technology, threat, tool, vulnerabilityThis post is adapted from a talk I gave at [un]prompted, the AI security practitioner conference. Thanks to Gadi Evron for inviting me to speak. You can watch the recorded presentation below or download the slides. Most companies hand out ChatGPT licenses and wait for the productivity numbers to move. We built a system instead.…
-
6 key takeaways from RSA Conference 2026
Tags: ai, api, attack, ceo, cio, ciso, compliance, conference, control, cyber, cybersecurity, data, framework, google, governance, government, identity, infrastructure, injection, intelligence, jobs, LLM, office, RedTeam, regulation, risk, saas, service, technology, threat, tool, trainingSecuring the AI stack: Yes, but the threat surface has grown: The first technical priority I offered for CISOs in my conference preview was securing the AI stack, RAG workflows, LLM data pipelines, vector databases, and model APIs, on the basis that prompt injection, training data poisoning, and model inversion attacks were no longer theoretical.The…
-
Insider Threats Rise with North Korean AI Hiring Fraud Schemes
AI hiring fraud lets attackers bypass screening and gain insider access. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/insider-threats-rise-with-north-korean-ai-hiring-fraud-schemes/
-
North Korean IT Worker Used Stolen Identity, AI-Generated Resume in Job Scam
Tags: ai, breach, cyber, data-breach, fraud, identity, intelligence, jobs, north-korea, scam, threatA recent investigation as exposed how a suspected North Korean IT worker allegedly used a stolen identity, AI-generated resume content, and scripted interview answers to try to secure a senior remote role at U.S.-based threat intelligence firm Nisos. The case highlights how DPRK IT employment schemes are evolving by combining traditional fraud with modern AI…
-
ShipSec Studio brings open-source workflow orchestration to security operations
Security teams have long relied on a mix of shell scripts, cron jobs, and loosely connected tools to chain reconnaissance and vulnerability scanning work together. ShipSec … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/30/shipsec-studio-security-workflow-automation-platform/
-
Identity is the first line of defense, especially in an AI-fueled threat landscape
Two new reports illustrate why companies need to do a better job of scrutinizing what their human employees and AI agents are doing. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/identity-governance-ai-cybersecurity/815964/
-
8 steps CISOs can take to empower their teams
Once when we were rolling out a well-known EDR tool, I knew the settings weren’t tight enough, nor were the received updates applied fast enough. So I asked two people to own this, come up with suggestions for tightening the screws, and guarantee a successful rollout on multiple OSes in parallel. The phased approach took…
-
Pentagon Piloting Skills-Based Assessments for Cyber Workers
Proponents Favor Performance Tests Over Certs. The U.S. Department of Defense is for the first time piloting new skills-based assessments for its cyber hiring as an alternative to checking paper qualifications. Many certificates, officials say, don’t reflect the skills their cyber teams need in the real world. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/pentagon-piloting-skills-based-assessments-for-cyber-workers-a-31222
-
Phishers Pose as Palo Alto Networks’ Recruiters for Months in Job Scam
A series of campaigns that began in August aim to defraud job candidates, using psychological tactics and data scraped from LinkedIn profiles. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/phishers-pose-palo-alto-networks-recruiters-job-scam
-
Scam compounds hiring >>AI models<< to seal the deal in deepfake video calls
Forced labor doesn’t play well on camera, so scam compounds are hiring women to deepfake their faces on video calls. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/scam-compounds-hiring-ai-models-to-seal-the-deal-in-deepfake-video-calls/
-
New ‘StoatWaffle’ malware auto”‘executes attacks on developers
Tags: attack, detection, group, infrastructure, jobs, korea, malicious, malware, north-korea, threatContagious Interview, revisited: StoatWaffle isn’t an isolated campaign. It’s the latest chapter in the Contagious Interview attacks, widely attributed to North Korea-linked threat actors tracked as WaterPlum.Historically, this campaign has targeted developers and job seekers through fake interview processes, luring them into running malicious code under the guise of technical assessments. Previously, the campaign weaponized…
-
Google Forms Job Scam Spreads PureHVNC Malware
A newly observed malware campaign is leveraging trusted platforms like Google Forms to distribute the PureHVNC Remote Access Trojan (RAT), marking a shift in how attackers initiate infections. Rather than relying on traditional phishing emails or malicious websites, threat actors are using business-themed lures such as job interviews, project proposals, and financial documents to trick…
-
AI Governance in 2026: Why Staying Current Is No Longer Optional for Your Business
AI Governance in 2026: Why Staying Current Is No Longer Optional for Your Business You deployed an AI tool to screen job applicants six months ago. Maybe you used ChatGPT to draft customer communications. Perhaps your product team quietly integrated a third-party AI into your SaaS platform. Each of these decisions, made quickly, in the…The…
-
North Korean Hacker Lands Remote IT Job, Caught After VPN Slip
New research from LevelBlue reveals how a suspected North Korean operative landed a remote IT role to fund national weapons programmes. First seen on hackread.com Jump to article: hackread.com/north-korean-hacker-remote-it-job-vpn-slip/
-
Behavioral XDR and threat intel nab North Korean fake IT worker within 10 days of hire
Key signs of NK-linked insider infiltration: SpiderLabs has found that these threat actors commonly operate from China rather than North Korea because the internet is more stable and they can employ VPN services to conceal their true geographic origin.Astrill VPN has the ability to bypass China’s Great Firewall and allows threat actors to tunnel traffic…
-
We Know You Can Pay a Million by Anja Shortland review the terrifying new world of ransomware
Criminals extorting money online have created huge businesses, complete with branding and HRThe birth of ransomware was a stunt that got out of hand. In 1989, an evolutionary biologist called Joseph L Popp Jr was working part time for the World Health Organisation on the Aids epidemic. He was a difficult man. When he was…
-
TDL 018 – How To Think, Not What To Think – Mitch Prior
Tags: access, ai, apple, attack, backup, blockchain, business, cctv, china, ciso, cloud, computer, conference, control, credentials, cvss, cyber, cybersecurity, data, defense, detection, exploit, finance, firmware, google, infrastructure, intelligence, Internet, iot, jobs, law, mail, malware, military, network, phone, privacy, resilience, risk, router, software, strategy, switch, technology, threat, tool, vulnerability, wifi, zero-trustThe Human Algorithm in a Zero-Trust World In the latest episode of The Defender’s Log, host David Redekop sits down with cybersecurity expert Mitch Prior to discuss the intersection of high-tech security and human intuition. From their first meeting in 2018″, the early days of Zero Trust”, the duo explores why the “why” behind technical…
-
That “job brief” on Google Forms could infect your device
Fake job offers on Google Forms are spreading PureHVNC malware that can take over your device. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/that-job-brief-on-google-forms-could-infect-your-device/
-
Your MFA isn’t broken, it’s being bypassed, and your employees can’t tell the difference
Three failures that keep showing up: Through my research into adversary-in-the-middle attacks and reviewing industry incident reports, I have identified three consistent failures that make these attacks successful. 1. We trained our people for the wrong threat Most security awareness programs still teach the same things: Look for misspellings, check the sender address, hover over…
-
Your MFA isn’t broken, it’s being bypassed, and your employees can’t tell the difference
Three failures that keep showing up: Through my research into adversary-in-the-middle attacks and reviewing industry incident reports, I have identified three consistent failures that make these attacks successful. 1. We trained our people for the wrong threat Most security awareness programs still teach the same things: Look for misspellings, check the sender address, hover over…
-
Elite members of North Korean society fake their way into Western paychecks
Increased federal activity, including indictments over the past year, has drawn attention to a pattern that has been unfolding inside corporate hiring pipelines. North Korean … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/19/north-korean-remote-it-workers-corporate-infiltration-scheme/
-
Technical Analysis of SnappyClient
Tags: access, antivirus, api, attack, browser, chrome, cloud, communications, computer, control, credentials, crypto, data, defense, detection, encryption, endpoint, finance, framework, github, infection, injection, jobs, login, malicious, malware, network, password, software, startup, theft, threat, update, windowsIntroductionIn December 2025, Zscaler ThreatLabz identified a new command-and-control (C2) framework implant that we track as SnappyClient, which was delivered using HijackLoader. SnappyClient has an extended list of capabilities including taking screenshots, keylogging, a remote terminal, and data theft from browsers, extensions, and other applications. In this blog post, ThreatLabz provides a technical analysis of SnappyClient, including…
-
OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned six individuals and two entities for their involvement in the Democratic People’s Republic of Korea (DPRK) information technology (IT) worker scheme with an aim to defraud U.S. businesses and generate illicit revenue for the regime to fund its weapons of mass…
-
New research unpacks North Korea’s stealthy, sophisticated remote IT worker schemes
The report recommends that businesses practice several forms of vigilance to avoid unwittingly hiring Pyongyang’s operatives. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/north-korea-remote-it-worker-ibm-flare/815063/
-
CISOs rethink their data protection strategies
Tags: access, ai, attack, automation, breach, business, cisco, ciso, cloud, compliance, computing, control, cyber, data, defense, framework, governance, healthcare, identity, jobs, LLM, privacy, resilience, risk, service, strategy, technology, tool, zero-trustFactors driving strategy evaluations CISOs, security experts, and data practitioners cite the expanding use of AI in the enterprise as the main reason they’re rethinking their data protection strategies.”AI is exposing more sensitive information as [workers] are taking that information and typing it into LLMs,” says Errol Weiss, CSO at Health-ISAC.AI tools make it easy…
-
EU sanctions Iranian cyber front over election meddling, Charlie Hebdo breach
State-sponsored attackers joined by Chinese snoops and hackers-for-hire in latest round of economic penalties First seen on theregister.com Jump to article: www.theregister.com/2026/03/17/eu_iran_cyber_sanctions/
-
AWS Bedrock’s ‘isolated’ sandbox comes with a DNS escape hatch
Tags: access, bug-bounty, credentials, cvss, data, dns, iam, infrastructure, jobs, network, service, strategy, update, vulnerabilityAWS allegedly rolled back a fix: BeyondTrust said it discovered and reported the vulnerability to AWS on September 1, 2025, via the bug bounty platform HackerOne. AWS reportedly acknowledged receipt of the report and deployed an initial fix to production in November.However, BeyondTrust was informed a few days later that the initial fix was rolled…
-
Runtime: The new frontier of AI agent security
Tags: access, ai, automation, ceo, ciso, computer, container, control, crowdstrike, cybersecurity, data, detection, edr, endpoint, firewall, framework, incident response, jobs, monitoring, network, openai, risk, saas, technology, threat, tool, vulnerability, zero-dayWhat runtime monitoring looks like: Once an organization knows where its agents are, the question is what to watch for, and how.Elia Zaitsev, CTO of CrowdStrike, tells CSO that existing endpoint detection and response (EDR) tools already capture the kinds of behavior needed to track AI agents. They instrument operating systems like a flight data…
-
Gartner suggests Friday afternoon Copilot ban because tired users may be too lazy to check its mistakes
Admins may be even more exhausted by then, because securing Microsoft’s AI helper is not a trivial job First seen on theregister.com Jump to article: www.theregister.com/2026/03/17/gartner_copilot_security_mitigations/
-
Gartner suggests Friday afternoon Copilot ban because tired users may be too lazy to check its mistakes
Admins may be even more exhausted by then, because securing Microsoft’s AI helper is not a trivial job First seen on theregister.com Jump to article: www.theregister.com/2026/03/17/gartner_copilot_security_mitigations/