Tag: linkedin

Ransomware attacks: The evolving extortion threat to US financial institutions

Aug 4, 2025 2:28 PM

Tags: access, ai, antivirus, attack, backup, banking, breach, business, cloud, communications, compliance, control, credentials, crime, crimes, cyber, cybercrime, cybersecurity, dark-web, data, ddos, defense, detection, edr, email, encryption, endpoint, extortion, finance, firewall, governance, group, identity, incident response, infrastructure, insurance, intelligence, international, korea, law, leak, least-privilege, lessons-learned, linkedin, linux, lockbit, login, malicious, mfa, monitoring, network, north-korea, organized, phishing, ransom, ransomware, resilience, risk, rust, service, soc, social-engineering, software, startup, strategy, supply-chain, tactics, theft, threat, tool, training, update, usa, vmware, vulnerability, warfare, windows, zero-trust

Before sunrise on a chilly November morning, I got the kind of call no security leader ever wants. A mid-sized U.S. bank had been hit overnight hard. Customers couldn’t access their accounts, ATMs were non-functional and every screen in the company’s environment glowed with the same ominous message: their systems were encrypted, and data had…
Ninety laptops, millions of dollars: US woman jailed over North Korea remote-work scam

Aug 3, 2025 2:28 PM

Tags: fraud, identity, jobs, korea, linkedin, north-korea, scam, technology

Christine Chapman apologizes for role in identity fraud that amassed millions to allegedly aid nuclear weapons programIn March 2020, about the time the Covid pandemic started, Christina Chapman, a woman who lived in Arizona and Minnesota, received a message on LinkedIn asking her to “be the US face” of a company and help overseas IT…
Top spy says LinkedIn profiles that list defense work ‘recklessly invite attention of foreign intelligence services’

Aug 1, 2025 8:28 PM

Tags: defense, intelligence, linkedin, service, spy

Workers on joint US/UK/Australia nuclear submarine program are painting a target on themselves First seen on theregister.com Jump to article: www.theregister.com/2025/08/01/asio_espionage_social_media_warning/
Top spy says LinkedIn profiles that list defence work ‘recklessly invite attention of foreign intelligence services’

Aug 1, 2025 9:28 AM

Tags: intelligence, linkedin, service, spy

Workers on joint US/UK/Australia nuclear submarine program are painting a target on themselves First seen on theregister.com Jump to article: www.theregister.com/2025/08/01/asio_espionage_social_media_warning/
N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto

Jul 31, 2025 4:28 PM

Tags: access, attack, cloud, container, crypto, docker, hacker, jobs, korea, linkedin, malicious, malware, north-korea, programming, social-engineering, software, threat

The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram.”Under the guise of freelance opportunities for software development work, UNC4899 leveraged social engineering techniques to successfully convince the targeted employees to execute malicious Docker containers in their First seen on…
Operation Dark Phone: Murder By Text this jaw-dropping tale of how police hacked gangs is like The Wire

Jul 26, 2025 8:27 AM

Tags: access, attack, crime, international, linkedin, network, phone, training

This docu-drama is cleverly built around the messages intercepted by the National Crime Agency when they penetrated a chat network between criminal organisations. It’s hugely revealingPolice work rarely resembles The Shield or Line of Duty. It’s mostly paperwork, online training and referring people to driver offender courses. But sometimes life imitates art. In 2020, international…
How to land your first job in cybersecurity

Jul 21, 2025 8:40 AM

Tags: cybersecurity, jobs, linkedin

According to LinkedIn, job applications have surged over 45% in the past year, with 11,000 applications submitted every minute. This flood of applications is making it harder … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/21/cybersecurity-role-skills/
7 obsolete security practices that should be terminated immediately

Jul 16, 2025 9:40 AM

Tags: access, advisory, antivirus, api, attack, authentication, awareness, breach, business, cloud, compliance, control, cybersecurity, data, defense, detection, edr, endpoint, exploit, google, grc, identity, infrastructure, iot, linkedin, mfa, microsoft, mobile, monitoring, network, office, password, phishing, phone, ransomware, risk, service, siem, social-engineering, strategy, tactics, technology, threat, tool, training, unauthorized, update, vpn, vulnerability, zero-trust

2. Taking a compliance-driven approach to security: Too many teams let compliance drive their security programs, focusing more on checking boxes than solving actual cybersecurity challenges, says George Gerchow, CSO at data security services firm Bedrock Security. He notes that many enterprises drive to meet compliance standards, yet still suffer serious breaches. The reason? They…
CrowdStrike CEO: Resilience Efforts, ‘Incredible Partners’ Key To Rebound Over Past Year

Jul 15, 2025 5:40 AM

Tags: ceo, crowdstrike, cybersecurity, linkedin, resilience, update

CrowdStrike has emerged from the global IT outage caused by a faulty update as a “stronger company” thanks to extensive work to boost the resilience of its cybersecurity platform along with the efforts of its “incredible partners,” CrowdStrike CEO George Kurtz wrote in LinkedIn post. First seen on crn.com Jump to article: www.crn.com/news/security/2025/crowdstrike-ceo-resilience-efforts-incredible-partners-key-to-rebound-over-past-year
You have a fake North Korean IT worker problem here’s how to stop it

Jul 14, 2025 4:40 PM

Tags: linkedin, north-korea

Thick resumes with thin LinkedIn connections are one sign. Refusing an in-person interview is another First seen on theregister.com Jump to article: www.theregister.com/2025/07/13/fake_it_worker_problem/
You have a fake North Korean IT worker problem – here’s how to stop it

Jul 13, 2025 1:40 PM

Tags: linkedin, north-korea

Thick resumes with thin LinkedIn connections are one sign. Refusing an in-person interview is another First seen on theregister.com Jump to article: www.theregister.com/2025/07/13/fake_it_worker_problem/
Deutschland (leider) auf Platz 4: Betrügerische Finanzanzeigen bei Meta

Jul 11, 2025 5:40 AM

Tags: cybercrime, germany, linkedin

Allein in Deutschland gingen im Jahr 2024 267 Milliarden Euro durch Cyberkriminalität verloren. Anlagebetrug in sozialen Medien hat in den letzten drei Jahren dramatisch zugenommen. Instagram und Facebook sind die am häufigsten gemeldeten Plattformen, während TikTok und Linkedin mit den höchsten finanziellen Verlusten pro Opfer im Durchschnitt in Verbindung gebracht werden [1] [2]. Aber wo……
Dispersive Earns Prestigious “Deployed on AWS” Badge

Jun 26, 2025 10:36 PM

Tags: access, ai, attack, best-practice, cloud, communications, computing, cybersecurity, data, defense, infrastructure, intelligence, linkedin, marketplace, network, resilience, service, strategy, technology, threat, zero-trust
Wie aus einer FakeFirma eine echte Bedrohung wurde

Jun 20, 2025 2:35 PM

Tags: cybersecurity, linkedin

Mehr und mehr Betrüger tummeln sich auf sozialen Plattformen wie Linkedin und machen sich die Not der Jobsuchenden zu Nutze. Was aktuell immer öfters in der Security-Community diskutiert wird, ist eigentlich kein neues Phänomen, sondern eine sich seit mindestens der Pandemie verstärkende Entwicklung. Bereits im Jahr 2021 versprach das Unternehmen ‘Bastion Secure” ein Top-Gehalt, Remote-Arbeit…
Cybersecurity Snapshot: NIST Offers Zero Trust Implementation Advice, While OpenAI Shares ChatGPT Misuse Incidents

Jun 13, 2025 7:54 PM

Tags: access, ai, attack, best-practice, breach, chatgpt, china, cloud, computer, computing, control, credentials, crime, cyber, cybercrime, cybersecurity, dark-web, data, deep-fake, defense, detection, encryption, endpoint, exploit, finance, fraud, government, guide, Hardware, identity, infrastructure, intelligence, Internet, iot, korea, law, least-privilege, linkedin, malicious, malware, military, ml, mobile, monitoring, network, nist, north-korea, openai, phishing, phone, programming, ransomware, risk, russia, scam, service, social-engineering, software, supply-chain, technology, theft, threat, tool, update, vulnerability, zero-trust

Check out NIST best practices for adopting a zero trust architecture. Plus, learn how OpenAI disrupted various attempts to abuse ChatGPT. In addition, find out what Tenable webinar attendees said about their exposure management experiences. And get the latest on cyber crime trends, a new cybersecurity executive order and more! Dive into six things that…
FIN6 cybercriminals pose as job seekers on LinkedIn to hack recruiters

Jun 11, 2025 2:55 PM

Tags: cybercrime, cybersecurity, group, jobs, linkedin, malware

FIN6, a financially motivated group tracked for years by cybersecurity researchers, is now lurking on sites such as LinkedIn and Indeed to spread malware, a new report says. First seen on therecord.media Jump to article: therecord.media/fin6-recruitment-scam-malware-campaign
FIN6 Uses AWS-Hosted Fake Resumes on LinkedIn to Deliver More_eggs Malware

Jun 10, 2025 7:55 PM

Tags: group, infrastructure, jobs, linkedin, malware, phishing, service, threat

The financially motivated threat actor known as FIN6 has been observed leveraging fake resumes hosted on Amazon Web Services (AWS) infrastructure to deliver a malware family called More_eggs.”By posing as job seekers and initiating conversations through platforms like LinkedIn and Indeed, the group builds rapport with recruiters before delivering phishing messages that lead to malware,”…
Getting the Most Value Out of the OSCP: After the Exam

Jun 2, 2025 10:54 PM

Tags: access, attack, automation, bug-bounty, business, cloud, compliance, conference, control, corporate, credentials, cyber, cybersecurity, data, data-breach, defense, detection, exploit, finance, flaw, framework, google, governance, group, guide, hacker, hacking, incident response, infosec, injection, intelligence, Internet, iran, jobs, kali, linkedin, linux, malicious, malware, microsoft, mobile, network, office, open-source, penetration-testing, powershell, privacy, RedTeam, reverse-engineering, risk, service, skills, soc, social-engineering, sql, strategy, stuxnet, technology, threat, tool, training, update, vulnerability, windows

In the final post of this series, I’ll discuss what to do after your latest exam attempt to get the most value out of your OSCP journey. DISCLAIMER: All opinions expressed in this article are solely my own. I have reviewed the content to ensure compliance with OffSec’s copyright policies and agreements. I have not been…
Fake AI Video Tool Ads on Facebook, LinkedIn Spread Infostealers

May 28, 2025 7:55 PM

Tags: ai, defense, group, linkedin, malicious, mandiant, threat, tool

Mandiant Threat Defense uncovers a campaign where Vietnam-based group UNC6032 tricks users with malicious social media ads for… First seen on hackread.com Jump to article: hackread.com/fake-ai-video-tool-ads-facebook-linkedin-infostealers/
From LinkedIn to Lies: What a Job Scam Looks Like Now

May 22, 2025 5:54 AM

Tags: jobs, linkedin, scam

Job scams are on the rise, targeting remote workers and new grads. Learn how to spot red flags, protect your info, and avoid falling victim. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/trends/what-job-scams-look-like/
Researchers warn of China-backed espionage campaign targeting laid-off US workers

May 20, 2025 6:54 PM

Tags: china, espionage, linkedin

A report by FDD says an elaborate online recruiting effort is using LinkedIn and fake online companies to gather sensitive intelligence. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/china-espionage-campaign-laid-off-workers/748607/
MY TAKE: Semantics aside, “agentic AI” is already reshaping how we work, think, envision what’s next

May 19, 2025 11:54 PM

Tags: linkedin

Stephen Klein didn’t just stir the pot. He lit a fire. Related: Klein’s LinkedIn debate In a sharply worded post that quickly went viral on LinkedIn, the technologist and academic took direct aim at what he called the “hype-as-a-service” business… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/my-take-semantics-aside-agentic-ai-is-already-reshaping-how-we-work-think-envision-whats-next/
Fired US govt workers, Uncle Xi wants you! to apply for this fake consulting gig

May 17, 2025 1:54 AM

Tags: government, linkedin

Phony LinkedIn recruitment ads? Groundbreaking First seen on theregister.com Jump to article: www.theregister.com/2025/05/16/attn_fired_us_govt_workers/
MY TAKE: Beyond agentic AI mediocrity, the real disruption is empowering the disenfranchised

May 10, 2025 8:10 PM

Tags: ai, linkedin

Is agentic AI accelerating mediocrity? Plenty of folks on LinkedIn seem to think so. Related: The 400th journalist A growing chorus of academics, tech workers, and digital culture watchers are pointing out the obvious: the more we prompt, the more… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/my-take-beyond-agentic-ai-mediocrity-the-real-disruption-is-empowering-the-disenfranchised/
Microsoft OneDrive move may facilitate accidental sensitive file exfiltration

May 9, 2025 7:10 AM

Tags: access, ai, automation, business, ceo, ciso, cloud, compliance, control, corporate, data, email, gartner, linkedin, microsoft, privacy, risk, risk-assessment, saas, startup, threat, tool, vulnerability, windows

want to make syncing easier, as it can create lots of security and IT headaches.The rollout was originally scheduled for this weekend (May 11), but sometime late on Thursday, the Microsoft page about the feature was changed to say that it was being pushed out in June. Microsoft did not immediately explain the delay, but discussions…
Cyberattacks on Critical Infrastructures Makes Us Very Vulnerable

May 8, 2025 6:10 AM

Tags: attack, communications, cyber, cyberattack, cybersecurity, data, healthcare, infrastructure, linkedin, strategy, update, vulnerability

Many don’t realize that cyberattacks against Critical Infrastructure sectors, can cause more than an inconvenience of a temporary power outage. Critical Infrastructures are a favorite of aggressive Nation State cyber threats. In addition to communications disruptions, power outages, and healthcare billing, these attacks can also seek to disrupt food distribution. The result empty shelves…
RSAC Strategic Reel: Cyber experts on the front lines unpack ‘Shadow AI,’ ‘Ground Truth’

May 6, 2025 8:50 PM

Tags: ai, cyber, linkedin

The response to our first LastWatchdog Strategic Reel has been energizing, and telling. Related: What is a cyber kill chain? The appetite for crisp, credible insight is alive and well. As the LinkedIn algo picked up steam and auto-captioning… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/rsac-strategic-reel-cyber-experts-on-the-front-lines-unpack-shadow-ai-ground-truth/
Fake resumes targeting HR managers now come with updated backdoor

May 6, 2025 5:53 AM

Tags: attack, awareness, backdoor, best-practice, ciso, control, cybersecurity, data, defense, detection, email, endpoint, espionage, exploit, government, infection, infrastructure, intelligence, jobs, linkedin, malicious, microsoft, mitigation, network, password, phishing, radius, scam, soc, social-engineering, spear-phishing, theft, threat, windows

%temp%\ieuinit.inf and writes obfuscated commands to it, including a Windows batch file.When this code is executed, Microsoft WordPad is automatically launched in a ploy to distract the user, who is meant to believe the promised resumÃ© is being opened. The batch script will then covertly launch the legitimate Windows utility %windir%\system32\ie4uinit.exe, which in turn executes the commands from…
INTRODUCING: LastWatchdog strategic LinkedIN reels insights from the ground floor at RSAC 2025

May 5, 2025 9:50 PM

Tags: ai, cybersecurity, linkedin, threat

Every year at RSAC, the cybersecurity conversation swells with new terms, emerging threats, and fresh takes on familiar problems. What exactly is ‘agentic AI?’ At RSAC 2025, the volume knob turned to AI, its potential, its peril, and its… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/introducing-lastwatchdog-strategic-linkedin-reels-insights-from-the-ground-floor-at-rsac-2025/
Microsoft ernennt Deputy-CISO für Europa

May 2, 2025 2:50 PM

Tags: ciso, cybersecurity, cyersecurity, governance, linkedin, microsoft, nis-2, resilience

Microsoft ernennt einen Deputy-CISO für Europa.Die immer lauter werdenden Rufe nach einer digitalen Souveränität Europas angesichts des erratisch agierenden Mannes im Weißen Haus lassen Microsoft um seine Geschäfte bangen. Der jüngste Coup nach der Ankündigung eines Investitionsprogramms in EU-Rechenzentren, frei von US-Zugriffen: Für Europa wird ein Deputy-CISO im Rahmen des Microsoft Cybersecurity Governance Council ernannt.Die…