Tag Archive for: Means

Hiring? New scam campaign means ‘resume’ downloads may contain malware

/in


A cybercrime gang is targeting hiring managers and recruiters in a new campaign to spread the “more_eggs” backdoor malware.

Emails from supposed job seekers are luring victims to malicious “resume” downloads using sophisticated social engineering and infrastructure, Proofpoint said in a security briefing Tuesday.

The briefing outlines the evolving tactics of the threat actor tracked as TA4557, which Proofpoint researchers have been monitoring since 2018.

Spear phishing strategy convinces recruiters to stray from safety

Secure email gateways are one of the most common endpoint security measures used by organizations; new methods by TA4557 seek to bypass these measures and lure job recruiters to attacker-controlled websites.

“The social engineering is very compelling leading up to the download of the file from the resume website,” Proofpoint Senior Threat Analyst Selena Larson told SC Media.

The attacks, which Proofpoint first detected in October 2023, begin with an email inquiring about an open position. With no links or attachments, the seemingly benign email gets the foot in the door to start building trust.

If the victim responds, the attack chain continues with the supposed job candidate inviting the hiring manager or recruiter to download a resume from their “personal website.”

Unlike classic jobs scams targeting job seekers themselves, there is no need to impersonate an established business through methods like typosquatting. Additionally, researchers began seeing in early November that attackers avoided sending links altogether by directing their victims to “refer to the domain name of my email address to access my portfolio.”

Requiring the victim to copy and paste the malicious domain name increases the likelihood the emails will make it past secure email gateways. Plus, with unassuming domain names like “wlynch[.]com” for a candidate named William Lynch and “annetterawlings[.]com” for a candidate named Annette Rawlings, the emails are less likely to raise alarm bells than those from free email providers like Gmail or Yahoo.

The attacker-controlled “candidate” websites were found to apply filters based on details like the victim’s IP address to…

Source…

People are just realising easy Wi-Fi hack means they’ll never endure a buffering movie again

/in


EXPERTS have revealed a Wi-Fi hack that means households relying on streaming apps won’t have to suffer through buffering movies.

It’s easy and free, but it does require a little forethought.

Streaming apps like Netflix and Prime TV let subscribers download content for watching on-the-go

1

Streaming apps like Netflix and Prime TV let subscribers download content for watching on-the-goCredit: Alamy

According to lecturer James Jin Kang and Paul Haskell-Dowland, associate dean of computing and security at Edith Cowen University, planning your internet usage is the simplest way to avoid buffer.

It’s a tip the pair recommended during the first UK Covid-19 lockdown, when much of the world went online.

So, the trick will become increasingly more useful over the winter months.

This is when members of your household and the neighbours are more likely slink off inside for internet-based entertainment to escape the gloomy weather.

“If multiple people are streaming video at your home, which often requires ten times the daytime demand, a limited internet connection will soon be fully used,” the pair wrote in The Conversation in 2020.

Bandwidth is the maximum amount of data that can be transmitted over an internet connection within a given period.

It is shared by all internet users in a particular area.

And it gets eaten up quickly when more people in the area are at home using Wi-Fi.

To watch a movie pain-free during heightened bandwidth activity, the experts say households should think ahead.

“Try to plan your and family members’ online activities around peak times,” they wrote.

“Outside your home, connectivity is likely to be on a ‘best effort’ plan, which shares a fixed bandwidth with other users.

“In other words, your mobile internet bandwidth is shared with others in your area when they access the internet at the same time.

“A shared bandwidth results in slower individual speeds.

“You can’t control how many people access the internet, but you can manage your own internet activity by downloading large files or content overnight, or outside of peak hours (when there is less traffic).”

Streaming apps like Netflix and Prime TV let subscribers download content for watching on-the-go.

But the feature can also be used to download a movie or the next few episodes of a series…

Source…

What GoDaddy’s Years-Long Breach Means for Millions of Clients

/in


For years, the domain registrar and Web hosting company GoDaddy has experienced a cyber barrage of extraordinary scale, it has confirmed — affecting both the company and its many individual and enterprise clients.

As described in its 10K filing for 2022, released Feb. 16, the company has been breached once every year since 2020 by the same set of cyberattackers, with the latest occurring just last December. It’s worth also mentioning that the company has been the subject of earlier cyber incursions as well. The consequences to GoDaddy are one thing, but, more notably, the breaches have led to data compromises for more than 1 million of the company’s users.

That may well be the key to why the bad guys keep coming back. Because of the nature of its business, GoDaddy is a connecting link to millions of businesses around the world. As Brad Hong, customer success lead at Horizon3ai puts it: “This is the equivalent of your landlord’s office being left unlocked, giving a bad actor access to the keys to your house.”

GoDaddy’s Three-Headed Breach

While the world was coming to grips with COVID-19, thousands of GoDaddy customers had a second problem on their hands. In March 2020, the company discovered that an attacker had compromised the login details for a small number of their employees, as well as 28,000 of their hosting customers.

It was a harbinger of worse things to come.

In November 2021, a threat actor got their hands on a password that allowed them access to Managed WordPress, GoDaddy’s hosting platform for building and managing WordPress sites. This case touched 1.2 million Managed WordPress customers.

There was yet more. In a statement published alongside its 10K, GoDaddy shared details of yet a third compromise.

“In early December 2022, we started receiving a small number of customer complaints about their websites being intermittently redirected,” the company said. It turned out that an attacker had breached and planted malware on the company’s hosting servers for cPanel, a control panel program for Web hosts. This malware intermittently redirected users from the websites they intended to visit, to malicious sites.

In their statement, the company claimed to “have evidence, and law…

Source…

National Passenger Safety Week means double-checking car seats

/in


COLORADO — The Colorado Department of Transportation (CDOT) is urging the importance of car seat safety during National Passenger Safety Week.

Four out of five car seats are installed and used incorrectly, according to the U.S. Department of Transportation, posing a serious and even deadly risk to children in the case of a car crash. According to CDOT, car crashes are the leading cause of death for children under 12 years old.

Now is a good time to double-check that your child is properly fitting in their car seat and that it is installed securely. Here are recommendations from the National Highway Traffic Safety Administration (NHTSA) to make sure your child is safe in the backseat:

Rear-facing car seats

  • Newborn to three years (use as long as possible)
  • Use until child outgrows the manufacturer’s height or weight requirements
  • Harness at or below child’s shoulders
  • Chest clip at chest/armpit level

Forward-facing car seats

  • Two to five years old
  • Use until child outgrows the manufacturer’s height or weight requirements
  • Install with lower anchors or seat belt and top tether anchor

Booster seats

  • Four to 12 years old (or until adult seatbelt fits properly)
  • Use until child outgrows the manufacturer’s height or weight requirements
  • Shoulder belt across the shoulder (not across neck or face)
  • Lab belt across upper thighs (not stomach)

Adult seat belts (no car seat)

  • Older than eight years old

The NHTSA also recommends all children under 13 years old ride in the backseat due to front seat airbags. These recommendations differ slightly from Colorado’s child retrain law which includes the following:

  • Child Age/Size Statutory Requirement
    Less than 1 year and weighing less than 20 pounds Properly secured in a rear‑facing child restraint system in a rear seat of the vehicle
    1 year to 4 years, and weighing 20 to 40 pounds Properly secured in a rear‑facing or forward‑facing child restraint system
    Children up to 8 years Properly secured in a child restraint system, such as a booster seat, according to the manufacturer’s instructions
    8 to 15 years Properly restrained in a safety belt or child restraint system according to manufacturer’s instructions
    Source: Sections 42‑4‑236 and 42-4‑237, C.R.S.

The citation for…

Source…