Freelance Word Punk

[THIS SITE IS NO LONGER BEING UPDATED - IF YOU HAVE ENDED UP HERE YOU ARE IN THE WRONG PLACE, PLEASE CLICK WWW.HAPPYGEEK.COM TO VIEW NEW CONTENT BY DAVEY WINDER]

Wednesday, August 22, 2007

Monster.com was not hacked but data theft was inevitable

A Symantec Security Response posting suggests that Monster.com, the huge job hunting website, has been subject to an online attack resulting in the theft of personal data in the form of resumes of its users.

Further investigation revealed that only connections to the subdomains of hiring.monster.com and recruiter.monster.com were being made by the Trojan, both subdomains used by employers searching for potential employees at the site. Importantly, this part of the site requires those recruitment personnel to log in if they want to view any information on candidates. No surprise then, to discover that the Infostealer.Monstres Trojan is using a number of recruiter logins to do just that.
Newer Post Older Post Home

Blog Archive




Co-founder of IT Security Thing Ltd, Davey Winder is a three time winner of the Information Security Journalist of the Year award (2006/2008/2010) and received the prestigious Enigma Award for his lifetime contribution to information security journalism in 2011.



Simple theme. Powered by Blogger.