News &
Information

Failure To Timely Report Data Breaches Leads To Loss And Blunts Mitigation Efforts

SEC rules require prompt reporting of data breaches. Learn about a $10 million fine, and why timely notification is important.

Medusa Ransomware Is Turning Unpatched Systems To Stone

Cybercriminals can exploit a single unpatched device to infect the entire organization with Medusa ransomware. We examine.

Ransomware Attacks Increase, Forcing Organizations To Respond

Emails remain cybercriminals' chosen method of delivering ransomware. We discuss tips on combatting the risk.

Authenticator Software: Being Exploited By Cybercriminals

Users seeking stronger security are duped into downloading fake security apps.

Social Media Posts Lead To Malware-Ridden Resumés

The Hacker News reported a link was posted in the comments section of LinkedIn's job hosting site. That link redirected unsuspecting users to a fraudulent resumé download site that facilitates malicious LNK file downloads.

These files enable malicious DLL retrieval and remain in a system until the "more_eggs" malware is downloaded. That malware is linked to Venom Spider, also known as Golden Chickens, and other malicious payloads.

More_eggs, also known as SpicyOmelette, is a type of malware that steals sensitive data, can remotely control infected devices, and can download additional malware. Cybercriminals use it spear phishing attacks – where cybercriminals customize emails and payloads to target specific people. It's often used in spear phishing attacks, where cybercriminals can customize emails to target specific people. "Malicious resumes used to spread more_eggs malware anew" www.scmagazine.com (Jun. 11, 2024)

Commentary

Malware distribution via social media is a real threat. Organizations that solicit potential employees or subcontractors through social media should closely review their protocols on postings and resumé attachments via email or text. 

A typical resume/job seeker attack uses both malware and social engineering techniques to bypass normal security protocols. The phishing emails purport to be from a job seeker, with a variation of a message to the effect of: "Hello, I saw your website and I'm interested in a position. Please see my attached resumé." The message is intended for hiring managers or the HR department, and contains an attached Microsoft Word document called "resumé." This attachment, in actuality, delivers malware and uses several counter-detection measures.

Human resource personnel and those who perform hiring duties within an organization should not open attachments, including resumés, unless the document is expected from a known source. Unexpected and/or unrequested resumés should be viewed as spam and discarded.

The use of third-party services to vet resumés is also a good use of corporate resources, helping shield your organization from malware exposure.

Finally, your opinion is important to us. Please complete the opinion survey: