Tag Archive for: LinkedIn

Singapore’s 15 fastest-growing jobs for 2023, according to LinkedIn

/in


Jobs that help companies digitize and grow amid economic volatility are on the rise in Singapore, according to LinkedIn.

Its latest Jobs on the Rise data revealed spikes in hiring for growth specialists, technical jobs and health-care professionals in Asia — among other jobs expected to expand hiring well into 2023. 

Researchers from LinkedIn examined jobs from January 2018 to July 2022 to calculate the growth rate for each job title in a specific country. 

The hiring rate in Asia-Pacific is still relatively high despite recession fears, says LinkedIn

LinkedIn added that for a job to be ranked, a job title needs to see consistent growth on the platform over the last five years, as well as have “grown to a meaningful size” by 2022.

Workers can use this list to define their next move in their careers and “prepare for the future world of work,” it added.

Job trends in Singapore 

LinkedIn’s report found that the proportion of paid job postings that offer a remote-work option has dropped from 7.8% in December 2021 to 4.1% in the same period last year. 

Guy Berger, its principal economist said in another report last year that the economic climate is causing some companies to “pull back on the flexibility” introduced during the pandemic.

What’s on the climb, however, are technical or engineering roles — such as cloud engineer, cybersecurity engineer, back-end developer and artificial intelligence engineer.

The growth of AI, increased focus on cybersecurity and continued shift towards digital is leading to growth in technical jobs.

Pooja Chhabria

Career expert, LinkedIn

Such jobs make up almost half of LinkedIn’s list in Singapore. 

“The growth of AI, increased focus on cybersecurity and continued shift towards digital is leading to growth in technical jobs,” said Pooja Chhabria, career expert and head of editorial for Asia-Pacific at LinkedIn.

It is also “not unexpected” for tech jobs to dominate Singapore’s list, she added, given that the country has built a strong presence as a startup destination. 

From a geographical perspective, Singapore is a good base for tech companies who are looking to enter South-East Asia and other APAC markets.” 

Demand for tech workers remains strong

However, waves of tech layoffs were reported in Southeast Asia last year amid challenging macroeconomic…

Source…

BlackCat gang taunts ‘victim’ on LinkedIn

/in


Indian IT services provider SRM Technologies appears to have been hit with a ransomware attack by the BlackCat gang. The group says a successful phishing attack enabled it to gain access to SRM’s systems.

SRM Technologies ransomware
IT Services Provider SRM Technologies has apparently fallen victim to a ransomware attack (Photo by
Hispanolistic/iStock)

It is not yet clear how much damage has been inflicted on the company’s system in the attack, which was revealed overnight.

SRM Technologies is an IT services provider based in India, with offices in the US and Japan. The company was founded in 1998 and works with customers in industries including automotive, industrial, retail and education on digital transformation and other IT projects.

Attacks on IT services providers can have wide-ranging consequences, as the businesses often have access to the systems of their clients, meaning a breach can be used as a springboard for a supply chain attack such as the SolarWinds breach.

Tech Monitor has contacted SRM Technologies for a response to the allegations.

SRM Technologies ransomware attack: how it happened

According to BlackCat, a fraudulent email was sent to four employees at SRM Technologies, including the head of cloud engineering Ramkumar Dilli. It warns of an ongoing cyberattack, stating that some of the company’s files had already been encrypted.

BlackCat’s victim blog on the dark web displays the phishing email and what purports to be Dilli’s response.

The email reads: “Important files on your network was ENCRYPTED and now they have “egdd8rl” extension. In order to recover your files you need to follow the instructions below.”

Content from our partners
The state of cybercrime in 2022: What it costs and where it comes from

Ransomware groups are getting smaller and smarter

Can DAOs survive an onslaught of cybercrime?

The rest of the email implores recipients to act quickly and includes a list of the data that has apparently been lost.

Dilli then appears to reply to the email, forwarding it to the IT department along with a message thanking them for their support and diligence.

Hours later the gang says it reached out to Dilli himself…

Source…

Hackers Used Fake LinkedIn Job Listing to Steal $625 Million from Axie Infinity

/in


Earlier in March this year, Ronin Network (RON), a blockchain network underpinning the famous crypto game Axie Infinity and Axie DAO suffered the largest crypto hack against a decentralized finance network reported to date.

In May 2022, the United States issued an advisory according to which highly skilled hackers from North Korea were trying to get employed by posing as IT freelancers. Now, it has been revealed that Axie Infinity hacking was socially engineered in which North Korean government-backed hacker group Lazarus used a fake job offer to infiltrate Sky Mavis’ network by sending one of the company’s employees a PDF file containing spyware.

Lazarus’ involvement in such a high-profile hack should not come as a surprise. In January 2022, researchers from different crypto security firms concluded that North Korean hackers have so far stolen $1.3 billion from cryptocurrency exchanges across the globe, while their prime suspect in these hacks was the infamous Lazarus gang.

Axie Infinity Hack

The employee, an ex-senior engineer at the company, took the bait and thought that it was a high-paying job offer from another company and opened the PDF. However, in reality, this company didn’t exist. During the recruiting process, the ex-employee gave away critical personal information, which attackers used to steal from the company.

Sky Mavis explained that its employees are constantly threatened by “advanced spear-phishing attacks on various social channels.” In this instance, one employee was fooled, who doesn’t even work at Sky Mavis anymore.

It is worth noting that the play-to-earn game Axie Infinity is a Pokemon-inspired game developed by Sky Mavis and rakes in approximately $15 million in revenue daily.

How was Ronin Hacked?

According to The Block, when the hacking took place, Axie Infinity had nine validators from its proof-of-authority, an Ethereum-based sidechain Ronin.

“The attacker managed to leverage that access to penetrate Sky Mavis IT infrastructure and gain access to the validator nodes,” Sky Mavis stated.

The attacker had to capture five out of nine validators to infiltrate the company’s networks. The…

Source…

ESET Research: Lazarus attacks aerospace and defense contractors worldwide while misusing LinkedIn and WhatsApp

/in


DUBAI, UNITED ARAB EMIRATES, June 1, 2022 /EINPresswire.com/ — During the annual ESET World conference, ESET researchers have been presenting about a new investigation into the infamous Lazarus APT group. Director of ESET Threat Research Jean-Ian Boutin went over various new campaigns perpetrated by the Lazarus group against defense contractors around the world between late 2021 and March 2022.

In the relevant 2021-2022 attacks and according to ESET telemetry, Lazarus has been targeting companies in Europe (France, Italy, Germany, the Netherlands, Poland, and Ukraine) and Latin America (Brazil).

Despite the primary aim of this Lazarus operation being cyber-espionage, the group has also worked to exfiltrate money (unsuccessfully). “The Lazarus threat group showed ingenuity by deploying an interesting toolset, including for example a user mode component able to exploit a vulnerable Dell driver in order to write to kernel memory. This advanced trick was used in an attempt to bypass security solutions monitoring.,” says Jean-Ian Boutin.

As early as 2020, ESET researchers had already documented a campaign pursued by a sub-group of Lazarus against European aerospace and defense contractors ESET called operation In(ter)ception. This campaign was noteworthy as it used social media, especially LinkedIn, to build trust between the attacker and an unsuspecting employee before sending them malicious components masquerading as job descriptions or applications. At that time, companies in Brazil, Czech Republic, Qatar, Turkey and Ukraine had already been targeted.

ESET researchers believed that the action was mostly geared towards attacking European companies, but through tracking a number of Lazarus sub-groups performing similar campaigns against defense contractors, they soon realized that the campaign extended much wider. While the malware used in the various campaigns were different, the initial modus operandi (M.O.) always remained the same: a fake recruiter contacted an employee through LinkedIn and eventually sent malicious components.

In this regard, they’ve continued with the same M.O. as in the past. However, ESET researchers have also…

Source…