Category: Mandiant

On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. The next day, half of those profiles no longer existed. A similarly dramatic drop in the number of LinkedIn profiles claiming employment at Amazon comes as LinkedIn is struggling to combat a significant uptick in the creation of fake employee accounts that pair AI-generated profile photos with text lifted from legitimate users.

Jay Pinho is a developer who is working on a product that tracks company data, including hiring. Pinho has been using LinkedIn to monitor daily employee headcounts at several dozen large organizations, and last week he noticed that two of them had far fewer people claiming to work for them than they did just 24 hours previously.

Pinho’s screenshot below shows the daily count of employees as displayed on Amazon’s LinkedIn homepage. Pinho said his scraper shows that the number of LinkedIn profiles claiming current roles at Amazon fell from roughly 1.25 million to 838,601 in just one day, a 33 percent drop:

The number of LinkedIn profiles claiming current positions at Amazon fell 33 percent overnight. Image: twitter.com/jaypinho

As stated above, the number of LinkedIn profiles that claimed to work at Apple fell by approximately 50 percent on Oct. 10, according to Pinho’s analysis:

Image: twitter.com/jaypinho

Neither Amazon or Apple responded to requests for comment. LinkedIn declined to answer questions about the account purges, saying only that the company is constantly working to keep the platform free of fake accounts. In June, LinkedIn acknowledged it was seeing a rise in fraudulent activity happening on the platform.

KrebsOnSecurity hired Menlo Park, Calif.-based SignalHire to check Pinho’s numbers. SignalHire keeps track of active and former profiles on LinkedIn, and during the Oct 9-11 timeframe SignalHire said it saw somewhat smaller but still unprecedented drops in active profiles tied to Amazon and Apple.

“The drop in the percentage of 7-10 percent [of all profiles], as it happened [during] this time, is not something that happened before,” SignalHire’s Anastacia Brown told KrebsOnSecurity.

Brown said the normal daily variation in profile numbers for these companies is plus or minus one percent.

“That’s definitely the first huge drop that happened throughout the time we’ve collected the profiles,” she said.

In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. A follow-up story on Oct. 5 showed how the phony profile problem has affected virtually all executive roles at corporations, and how these fake profiles are creating an identity crisis for the businesses networking site and the companies that rely on it to hire and screen prospective employees.

A day after that second story ran, KrebsOnSecurity heard from a recruiter who noticed the number of LinkedIn profiles that claimed virtually any role in network security had dropped seven percent overnight. LinkedIn declined to comment about that earlier account purge, saying only that, “We’re constantly working at taking down fake accounts.”

A “swarm” of LinkedIn AI-generated bot accounts flagged by a LinkedIn group administrator recently.

It’s unclear whether LinkedIn is responsible for this latest account purge, or if individually affected companies are starting to take action on their own. The timing, however, argues for the former, as the account purges for Apple and Amazon employees tracked by Pinho appeared to happen within the same 24 hour period. Continue reading "Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn"

Google Cloud has made an official announcement that it has completed the acquisition process of cybersecurity firm Mandiant for $5.4 billion. Trade analysts felt that the business purchase will help the cloud business of the web search giant mitigate risks associated with cyber threats with great confidence driven readiness.

For the information of our readers, Mandiant is the same company that revealed the Solar Winds hack details to the world and uncovered the after details such as the attack impact, the procedure in which it was conducted and how the Russian hackers took control of servers that were assigned with the task of sending updates to consumers using Orion software.

Thomas Kurian, the CEO of Google Cloud, confirmed the finish of the buyout and added that integrating new technology into its portfolio will help enterprises shield themselves at every stage of their security lifecycle.

Note- Mandiant rose to fame in Feb’13 when it discovered and revealed to the world the espionage activities taken up by China. Previously, it was acquired by FireEye in December 2013 for $1 billion and in March this year, the internet juggernaut announced it will acquire the security firm for $5.4 billion and will integrate the newly gained technology into its Google Cloud Division. In May 2021, the White House tasked Mandiant to investigate the ransomware attack on fuel supply operator Colonial Pipeline. And within a few weeks’ time, the company revealed that the hack was conducted by a Russian hacking group that also infiltrated the US Infrastructure by exploiting the SolarWinds Software in December 2020.

 

The post Google Cloud completes Mandiant acquisition for $5.4 billion appeared first on Cybersecurity Insiders.

Mandiant, a globally renowned Cybersecurity firm was reportedly been targeted by LockBit 2.0 Ransomware attack in May this year. And reports are in that Lockbit is interested in releasing the stolen documents, as the IT staff of Mandiant was not responding positively to its ransom demands.

On the other hand, the security firm denied any kind of outside invasion on its servers and added that it lacks evidence about the claimed cyber attack by Lockbit Ransomware spreading group.

A website that publicizes all stolen info about Lockbit victims confirmed the news that Mandiant’s IT infrastructure was cyber attacked by hackers and the details are now available on the dark web for sale.

Mandiant released a public statement saying it is investigating LockBit claims and needs some more time to deeply scrutinize the attack information.

What’s interesting about the incident is the internet giant Google has made a public announcement recently on acquiring Mandiant for $5.4 billion, all on net cash and after the deal, Mandiant’s IT Infrastructure will be part of Google Cloud.

So, Lockbit might have tarnished Mandiant in the media to break its lucrative deal with Google as the latter published a report in June that US Treasury Department’s Office of Foreign Assets Control (OFAC) has issued sanctions on the ransom payments made to Lockbit, also known as Evil Corp.

And out of vengeance, Lockbit organizers might have desired to tarnish the image of the security firm, to force Google pull back from its 5 billion dollar offer.

 

The post Lockbit 2.0 Ransomware targets Cybersecurity firm Mandiant appeared first on Cybersecurity Insiders.