Recruitment red flags: Can you spot a spy posing as a job seeker?
ATT&CK techniques detected
T1078Valid Accounts
50%
"such as chinese phone numbers, immediate downloading of rmm software to a newly - issued laptop, and work performed outside of normal office hours. if the laptop authenticates from chinese or russian ip addresses, this should also be investigated. - keep tabs on employee behavior…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1585.001Social Media Accounts
34%
"overlaps with groups labelled unc5267 and jasper sleet by other researchers. according to microsoft, the us government has uncovered more than 300 companies, including some in the fortune 500, that have been victimized in this way between 2020 and 2022 alone, the tech firm was fo…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1586.002Email Accounts
30%
"##ke images and video, or face swapping and voice changing software, to disguise their identity or create synthetic ones. according to eset researchers, the wagemole group is linked to another north korean campaign it tracks as deceptivedevelopment. this is focused on tricking we…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Here’s what to know about a recent spin on an insider threat – fake North Korean IT workers infiltrating western firms