Providing Free and Editor Tested Software Downloads

MajorGeeks.com - Chicks just love a Geek in Uniform.

All In One Tweaks

Antivirus & Malware

Drives (SSD, HDD, USB)

Graphics & Photos

MajorGeeks Windows Tweaks

Office & Productivity

· How To and Tutorials
· Life Hacks and Reviews
· Way Off Base
· MajorGeeks Deals
· News
· Off Base
· Reviews

· YouTube
· Facebook
· Instagram
· Twitter
· Pintrest
· RSS/XML Feeds

· News Blur
· Yahoo
· Symbaloo

· Top Freeware Picks
· Malware Removal
· Geektionary
· Useful Links
· About Us

· Copyright
· Privacy
· Terms of Service
· How to Uninstall

1. GS Auto Clicker

2. Smart Defrag

3. Macrium Reflect FREE Edition

4. Sergei Strelec's WinPE

6. Visual C++ Redistributable Runtimes AIO Repack

8. K-Lite Mega Codec Pack

10. FlyOobe / Flyby11

8 Windows Shortcuts That’ll Make You More Productive and Save You Time

Windows 10 Not Dead Yet - You Can Still Get Updates For Free

What is a '400 Bad Request - Request Header or Cookie Too Large' Error and How to Fix It

How to Fix Windows Install Error 0xC1900101

How to Force Enable Windows 10 Extended Security Updates If The Option Is Not Showing

Windows 11 25H2 is Out: What’s New and How to Get It Now.

Star Trek Fleet Command Promo Codes: Redeem Codes for Free Shards, Blueprints And Resources

Boost Your PC Speed with ReadyBoost: How a Thumb Drive Can Enhance Your System's Performance

5 Hidden Windows Tools You’ve Had All Along But Never Use

Use the Windows 10 Media Creation Tool Before Support Ends For Windows 10 in 2025

Phishing résumés turn up on Career Builder

Posted by: Timothy Weaver on 05/02/2015 08:41 AM [ Comments ]

Researchers at Proofpoint recently discovered that some posted résumés at Career Builder were thinly disguised rootkits. The attacker uploaded malicious attachments instead of résumés.

In this case, the malicious message is sent by Career Builder instead of the hacker making it look more legit. Plus the recipients are expecting to receive résumés.

Once the document is opened, the exploited vulnerability will place a binary on the system that downloads and unzips an image file, which in turn installs the Sheldor rootkit. 7Zip is included with the dropper, so everything happens at once.

Proofpoint said in an advisory: "This inventive combination of effective delivery with a very stealthy infection routine enables attackers to evade automated defenses and fool skeptical end-users. Instead of a new employee, the victim organizations welcome a dangerous piece of malware."

"Moreover, it is important to note that job search services are themselves also victims in this attack because they are being exploited to deliver malicious attachments that bypass organizations’ existing defenses and even user training."

Source: Csoonline

Comments

comments powered by Disqus

© 2000-2025 MajorGeeks.com

Powered by Contentteller® Business Edition