At the recent RSA Conference held in San Francisco, there was a huge focus on threat intelligence and some of the techniques being used to gain access to systems. One that grabbed our attention was the use of the Internet Wayback Machine.
Job search picture from Shutterstock
In order to locate potential targets, the bad guys are using the Wayback Machine — which holds archives of individual sites at specific points in time — to look back through expired job ads to work out what systems companies are using.
They are then using that data to target companies based on the vulnerabilities they know about for the systems.
It’s a pretty clever tactic and, while it’s not the only tool hackers are using, it points to the growing sophistication being employed by the dark side.
Comments
One response to “How Job Ads Create Security Vulnerabilities”
Interesting post. Definitely not something I or probably most people have considered! 😀
More often then not the hiring company’s name isn’t mentioned, just the recruitment agency.