For this year’s company picnic, Commtouch Netanya participated in an agricultural workshop at a nearby pastoral farming village. We all had a great time, worked hard, got to know each other better and found a new mascot!
And made some bearded friends…
Worked together to create a feast…
And finally got to enjoy the fruits of our labors, together!
Special thanks to Michal for planning a wonderful day!
Phony LinkedIn invitations are not a new phenomenon. What tends to change is the underlying delivery method used for the malware distribution – In this case compromised websites that unknowingly host malicious scripts. The LinkedIn reminders that are included in the attack include several variables such as names, relationships, and the number of messages awaiting response. As usual the giveaway that something strange is occurring is the link (see after mouseover).
Recipients that click on the link reach a rather bland looking “notification” page that provides no further links or instructions.
In the background, several scripts seek out software with vulnerabilities that can be exploited including:
The fully functional host website is shown below.
Of course the malware is hugely problematic – but another issue emerges from all of these phony LinkedIn invitations – they cause malware-aware users to be suspicious about genuine invitations! Following the outbreak described above, I nearly deleted this actual invitation to connect..