19 matches found
Be careful responding to unexpected job interviews
One of our customers was contacted on LinkedIn about a job offer. The initial message was followed up by an email: “Thank you for your interest in the Senior Construction Manager position at company. After reviewing your background, we were impressed with your experience and would like to invite...
Watch out for the “We are hiring” remote online evaluator message scam
Looking at our team’s recent text messages, you’d think that remote online evaluators are in high demand right now. Several members of our team have received the almost exact same job offer scam texts. The content of the messages is almost identical, but there is a variation in background images...
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware
The Lazarus Group, an infamous threat actor linked to the Democratic People's Republic of Korea DPRK, has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024. The...
Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam
Cybersecurity researchers have shed light on a sophisticated mobile phishing aka mishing campaign that's designed to distribute an updated version of the Antidot banking trojan. "The attackers presented themselves as recruiters, luring unsuspecting victims with job offers," Zimperium zLabs Vishnu...
North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called Kaolin RAT. The malware could, "aside from standard RAT functionality, change the last write timestamp of a selected file and load any received DLL...
3CX Breach Was a Double Supply Chain Compromise
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX. The lengthy, complex intrusion has all the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening...
The weirdest security stories of 2022
Theres been a lot of weird and frankly bizarre attacks over the course of 2022, nestled in amongst the usual ransomware outbreaks and data breaches. Whether were talking social media, email, or even malware, theres been a mind bending tale of tall behaviour in almost every corner. Its time to...
Hackers Used Fake Job Offer to Hack and Steal $540 Million from Axie Infinity
The $540 million hack of Axie Infinity's Ronin Bridge in late March 2022 was the consequence of one of its former employees getting tricked by a fraudulent job offer on LinkedIn, it has emerged. According to a report from The Block published last week citing two people familiar with the matter, a...
Fake job offer leads to $600 million theft
Back in March, popular NFT battler Axie Infinity lay at the heart of a huge cryptocurrency theft inflicted on the Ronin network. From the Ronin newsletter: There has been a security breach on the Ronin Network. Earlier today, we discovered that on March 23rd, Sky Mavis’s Ronin validator nodes and...
Fake Cyberpunk Ape Executives target artists with malware-laden job offer
The wacky world of ape jpegs are at the heart of yet another increasingly bizarre internet scam, which contains malware, stolen accounts, a faint possibility of phishing, and zips full of ape pictures. The Ape Executives have a job offer you can, and must, refuse Lots of people with art profiles ...
How to Tell a Job Offer from an ID Theft Trap
One of the oldest scams around -- the fake job interview that seeks only to harvest your personal and financial data -- is on the rise, the FBI warns. Heres the story of a recent LinkedIn impersonation scam that led to more than 100 people getting duped, and one almost-victim who decided the job...
Starbucks: Stored XSS on www.starbucks.com.sg/careers/career-center/career-landing-*
Summary: While enumeration of the webpage for Starbucks I observed the following pages. https://www.starbucks.com.sg/careers/career-center/career-landing-5? The webpage have been highly spam by automated scanners or malicious attack. By clicking on any of the pages it would redirect the user to a...
modelingcreator.com XSS vulnerability
Vulnerable URL: http://www.modelingcreator.com/fr/offre-d-emploi.php/%22%27--!%3E%3Cscript%3Ealert'OPENBUGBOUNTY'%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 12.08.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknow...
Threat Outbreak Alert: Fake Job Offer Notification Email Messages on January 16, 2014
Medium Alert ID: 32475 First Published: 2014 January 17 14:30 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a job offer for the recipient. The text in the email message attempts to convince the recipient to open the...
Threat Outbreak Alert: Fake Job Offer Information Email Messages on January 9, 2014
Medium Alert ID: 32388 First Published: 2014 January 9 17:21 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a job offer notification for the recipient. The text in the email message attempts to convince the recipient to...
Threat Outbreak Alert: Fake Job Offer Documents Email Messages on December 24, 2013
Severity Alert ID: 32283 First Published: 2014 January 2 14:43 GMT Version: 1 Threat Outbreak Threat Outbreak Summary Cisco Security has detected significant activity on December 24, 2013. Revision History Initial ReleaseShow Less Legal Disclaimer THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND...
Threat Outbreak Alert: Fake Job Offer Notification Email Messages on November 19, 2013
Medium Alert ID: 31826 First Published: 2013 November 19 17:50 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a job offer from Altran Company for the recipient. The text in the email message attempts to convince the...
Threat Outbreak Alert: Fake Job Offer Inquiry Email Messages on November 12, 2013
Medium Alert ID: 31742 First Published: 2013 November 13 17:11 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a job offer for the recipient. The text in the email message attempts to convince the recipient to open the...
Threat Outbreak Alert: Fake Job Offer Email Messages on July 3, 2013
Medium Alert ID: 29945 First Published: 2013 July 5 13:16 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a job offer for the recipient. The text in the email message attempts to persuade the recipient to download a .zip...