Well it seems Linkedin has some use after all.
Do you expect me to talk? Yes, Mr Bond, I expect you to reply: 10k Brits targeted on LinkedIn by Chinese, Russian spies
Ten thousand Britons have been targeted on LinkedIn by recruiters for the Chinese and Russian intelligence services, according to an awareness campaign launched by domestic spy agency MI5 this morning. Details were previewed in this morning's Times newspaper, which warned specifically of people with "access to classified or …
COMMENTS
-
-
-
-
Monday 26th April 2021 13:49 GMT Cliffwilliams44
Re: But I thought
There was no concern for Asians being targeted in the Us when those doing the targeting were black! One white knucklehead with a prostitute addiction and some mental health problems shoots up a few "massage parlors" and now it's "white supremacists' who hate Asians. More like the Western "baizaos" trying to play a situation to their advantage.
The real interesting thing was how they played one of the victims who was without a doubt a practitioner of human trafficking (you really think those young Chinese girls are free to leave the "brothels when they chose?) as some kind of Saint!
-
-
-
-
Tuesday 20th April 2021 18:03 GMT gr00001000
Recruitment/eCrime 'businesses'
Ties in nicely to the Combi/FIN7 incident.
Notorious FIN7 gang Cybercrime gang posed as penetration testing firm to recruit hackers
35-year-old Ukrainian national Fedir Hladyr worked as the sysadmin for the FIN7 gang, realised it was actually an eCrime unit after joining.
Beware those startups!! Its all starting to fall in place, gangs such as PYSA leave notes about 'better security' and improving posture after payment.
The attackers have sys admin skills as well as pen-testing skills, they are converted IT workers some of them. They are operating as business units, with targeted BUs, organised reconnaissance, front end correspondence helpdesks.
-
-
-
Wednesday 21st April 2021 11:23 GMT Antron Argaiv
Re: How stupid we are they think?
This must explain the random emails I get from people I don't know, whose only content is "Please add me to your contact list". (Trolling headhunters, most likely)
Not a chance, mate. You do know that you can edit the canned message LinkedIn sends, don't you? Tell me who you are and why you're contacting me, and maybe I'll reply.
-
-
Wednesday 21st April 2021 09:45 GMT Lunatic Looking For Asylum
At least in the olden days, some beautiful Russian woman (or young man...)
would try sleeping with you - now it's just a spotty nerd in a run down office block clicking 'Like' icons :-(
Never done LinkedIn, or any other social media platform for that matter.
I was working at <I'd rather not say> defence contractor in a security role (it may or may not have been patroling the perimter and issuing car park passes but it was still security) a few years ago and the missive came round telling staff to remove their clearance status from LinkedIn.
Personally, if you are stupid enough to put your clearance status on LinkedIn then you should be fired and have no place in a security role. The only exception I can think of is if you are phishing for foreign agents to contatct you.
I _REALLY_ don't get social media.
-
Thursday 22nd April 2021 06:25 GMT Danny 2
operating with unefarious intent
Less than twenty years ago otherwise intelligent engineers would post their full CVs on publicly searchable websites, or their recruitment agents would. They'd list their military projects in detail that they'd worked on - many of which were unknown otherwise - their contact details, and of course hobbies and interests.
As apolitical pacifists we couldn't do anything useful with that information, but we'd send them the odd anonymous email letting them know they'd let their guard down to a dangerous degree. We never threatened anyone but presumably scared them into better IT security. Real life equivalent of a bug tester, or how the SAS try to break into nuclear sites to test their defences while stupid amateurs actually do fairly easily.
I labelled the tactic 'tag terrorism', as in if I was a terrorist then you or maybe a lot of people would be dead. Just so they knew. Tag, you are shit. Tag is a graffiti term for signing your nom de plume, and we'd do that in supposedly highly secure places.
It amazes me that Banksy "works of art" sell for millions when anyone could just copy them, yet apart from his Palestinian work mine were far more dangerous. I don't grudge him it, he is mocking and exploiting the amazingly stupid art market,
-
Thursday 22nd April 2021 09:26 GMT Robin Bradshaw
Dont let the Russians steal your shitposts
I presume the "figure of 10,000 compromise attempts over five years was a conservative one" as they didnt count all the UK's operations or the ones were we were merely tampering with a linkedin profile in transit as that doesnt count.
https://www.theregister.com/2013/11/11/gchq_used_fake_linkedin_profiles_to_access_belgian_telco/