Is Malware Hiding in Your Resume? Vulnerability in LinkedIn Messenger Would Have Allowed Malicious File Transfer

Posted: 09/05/2017 | Leave a Comment

As the world’s largest professional network, LinkedIn has acquired a noteworthy reputation. Individuals utilize the site to seek out trustworthy business connections and job opportunities. The most used feature on the site is the messenger platform. It enables users to easily send resumes, transfer academic research and share job descriptions. Users open messages under the assumption that the information is safe, secure and sent by a user with good intentions. Unfortunately, this trusting assumption can sometimes be abused. Check Point researchers discovered a vulnerability within LinkedIn’s messenger platform, that if exploited would enable attackers to spread malicious files.

http://blog.checkpoint.com/2017/08/18/malware-hiding-resume-vulnerability-linkedin-messenger-allowed-malicious-file-transfer/

The DoD Cybersecurity Policy Chart

This chart captures the tremendous breadth of applicable policies, some of which many cybersecurity professionals may not even be aware, in a helpful organizational scheme.

View the Policy Chart

CSIAC Journal - Innovation Based Ecosystems

This issue of the Journal of Cyber Security & Information Systems explores how managing fast adoption modern-based system has more to do with understanding capabilities, interdependency between systems and effectively operating in the new paradigm than it has to do with differentiating product features.

Read the Journal

CSIAC Journal - Cyber-As-Zoo: Multidisciplinary Cyber Struggle

This issue of the CSIAC Journal contains five articles that offer some perspectives to address the often-heard phrase "Cyber Is Hard", usually associated with gnashing of teeth and exasperated sighs.

Read the Journal

CSIAC Reference Document - Recent Developments in Cyberlaw: 2018

CSIAC SME and member of the American Bar Association’s Information Security Committee, Richard “Rick” Aldrich, gives a snapshot of the recent developments in cyberlaw, policy, standards, court cases and industry legal frameworks. These slides focus on emerging issues such as cloud data storage, the scope of 3rd-party doctrine, encryption, warrants for electronic searches, and artificial intelligence.

Read the Document