Five men have pleaded guilty to running laptop farms and providing other assistance to North Koreans to obtain remote IT work at US companies in violation of US law, federal prosecutors said.

The pleas come amid a rash of similar schemes orchestrated by hacking and threat groups backed by the North Korean government. The campaigns, which ramped up nearly five years ago, aim to steal millions of dollars in job revenue and cryptocurrencies to fund North Korean weapons programs. Another motive is to seed cyber attacks for espionage. In one such incident, a North Korean man who fraudulently obtained a job at US security company KnowBe4 installed malware immediately upon beginning his employment.

On Friday, the US Justice Department said that five men pleaded guilty to assisting North Koreans in obtaining jobs in a scheme orchestrated by APT38, also tracked under the name Lazarus. APT38 has targeted the US and other countries for more than a decade with a stream of attack campaigns that have grown ever bolder and more advanced. All five pleaded guilty to wire fraud, and one to aggravated identity theft, for a range of actions.

Read full article

Comments

Neil Wyler started his job amid an ongoing cyberattack. As a threat hunter, he helped his client discover that millions of records had been stolen over four months. Even though his client used sophisticated tools, its threat-hunting technology did not detect the attack because the transactions looked normal. But with Wyler’s expertise, he was able to realize that data was leaving the environment as well as entering the system. His efforts saved the company from suffering even more damage and disruption. 

Wyler shows that threat hunters can help prevent a cybersecurity catastrophe. But what is a threat hunter, and how can they improve an organization’s security posture?

What is Threat Hunting?

While enterprise security systems are a key part of cybersecurity, threat hunters provide organizations extra protection. A threat hunter reviews all the security data and systems to look for abnormalities and potential malware issues. Threat hunting complements automated security tools and is best used in conjunction with that technology. By combining the strengths of both human expertise and artificial intelligence (AI) tools, companies can find cyber threats faster and reduce damage.

Responsibilities of a Threat Hunter

Threat hunters search, log, monitor and neutralize threats to find issues before they become serious problems. In some companies, threat hunters design the threat-hunting program, which starts by building the hypothesis the program is looking to answer, such as searching for malware with specific criteria. Threat hunting typically involves looking for malware threats incorporated into commercial technology but not yet known.

Threat hunters use three approaches: structured, unstructured and situational.

During structured tests, the threat hunter leverages indicators of attack (IoAs) and the tactics, techniques and procedures (TTPs) of an attacker. Unstructured hunts occur when a trigger indicates a compromise, and the hunter looks at patterns before and after the detection. Situational hunts commence when a risk assessment is warranted, such as knowing attacks are happening at similar companies.

What makes threat hunting different from other cybersecurity tasks is that they don’t just use security information and event management (SIEM), endpoint detection and response (EDR) and other typical processes. Instead, threat hunters search through security data to look for patterns that indicate malware or attackers. Once they discover a cyber criminal’s potential entry method, they work to patch the issue to prevent future incidents.

Pursuing a Career as a Threat Hunter

Threat hunting is often one of the responsibilities of a cybersecurity analyst. However, some managed service professionals (MSPs) hire threat hunters whose primary responsibility is threat hunting for clients. Cybersecurity firms also hire threat hunters to provide the service to their clients. Additionally, threat hunters can work freelance for companies that need threat-hunting expertise but don’t want to hire an MSP.

Companies often look for certifications or bachelor’s degrees when hiring for analyst and threat-hunting positions. Candidates can also go into threat hunting with digital badges or certifications. However, cybersecurity analysts can learn threat-hunting skills on the job and then move into a threat-hunting role.

Threat hunters need strong technical skills and expertise with cybersecurity tools. However, the most important skills are problem-solving and analysis because the role requires manually reviewing data. Threat hunters must also have a strong interest in cybersecurity and a willingness to continually stay updated on cyber criminals’ latest TTPs. Additionally, threat hunters need good written skills to communicate findings to IT leaders. Because threat hunters often work on a team with other cybersecurity professionals, they also need the ability to collaborate and verbally communicate with others.

As cybersecurity risks and threats continue to increase, threat hunting is apt to become an even more crucial facet of cybersecurity. Organizations need the human touch to catch sophisticated threats, even using sophisticated tools. Cybersecurity professionals specializing in threat hunting or adding it to their skill set will likely have solid employment opportunities.

The post How Do Threat Hunters Keep Organizations Safe? appeared first on Security Intelligence.

A well-written cover letter can be the make or break for your job application. And given how competitive the job market in the UK is at the moment, every advantage you have over your competitors can be crucial.

Before you even think about how to write the perfect cover letter, you need a well-written CV that grabs a Hiring Manager’s attention. Lucky for you, we’ve put together tips on writing CVs here. But once you’ve got the attention of the Hiring Manager, that’s where your cover letter comes in and highlights why you’re the right candidate for the job.

Here at Dynamic we speak to Hiring Managers everyday. And we know exactly what they want to see from a candidate. And we’re here to share those secrets with you, so you can write a cover letter that’s impossible to ignore, and lands you that interview for your dream job.

How Important Is a Cover Letter?

But before we get started, it’s important to ask the question, do you need a cover letter in 2023? We would argue that whether a job application asks for a cover letter or not, you should still include one. And we’re not the only ones who think so.

A study from ResumeLab, shows that 83% of recruiters agree that while they aren’t ‘strictly necessary’, a well-written cover letter, tailored to the job you are applying for, can be an important part of their hiring decision.

And 74% of recruitment decision makers prefer to receive a job application which includes a cover letter that’s separate from the CV.

So while skilled professionals are as in demand as they have ever been, there is still a huge amount of competition for the roles out there. And a great way to set yourself apart from other applicants is to write a cover letter that shows you’ve done your research and want the job more than the next applicant.

How To Write The Perfect Cover Letter in 7 Easy Steps

So here’s our 7 steps on how to write a cover letter that helps you stand out from the crowd and gets you into that interview!

1. Do Your Research and Tailor Your Cover Letter to the Job, Company, and Hiring Manager

Let’s start with the most obvious. If you send over a generic cover letter that you send for every job, it’s going to be just that: Generic.

Your cover letter should talk about the role and how your experience relates to the job. Use specific examples from the job description and your own experience. And what work does the company do that you’re excited to be a part of? Even showing your understanding of the work the company does, or the clients they work with, shows you’ve done your research. 

And you should also aim to address the cover letter to the hiring manager of the business. You can usually find out this information from LinkedIn or the company website.

2. Use Specific Examples of Your Experience, to Demonstrate Why You Can Do the Job.

Similar to in your CV, you should aim to use statistics and figures to back up any arguments you make in your cover letter. If the job is asking for applicants to have experience 

When writing your cover letter, you should keep the job description you’re applying for close to hand. This is so you can relate your experience to the requirement of the job: Essentially showing why you’re perfectly equipped to do the job at hand.

Spelling it out and making it a reality for the hiring manager on why you’re their perfect candidate, makes it impossible for them to not give you an interview.

3. Emphasise Your Technical Ability to do the Job.

At the end of the day, a lot of hiring decisions are based on technical ability to do the job. So in an industry like IT where you need experience with a variety of technologies and software, this becomes even more important. 

And despite what you may think, from our experience there is very rarely the perfect candidate for a job. Businesses will happily hire someone who fills 80% of the requirements, who they can teach the other 20%, and build them out into the employee they are looking for. 

And given the wide variety of tech out there in the IT industry, you may not have worked with all the software they want. But if you have worked with similar tech, it’s well worth emphasising the fact that you do have those transferable skills: Alongside all the tech that you have worked with that they want.

4. Explain Why You’re Excited for the Opportunity and the Company.

A cover letter should also convey your excitement at the opportunity, for both the position and the company.

Highlight examples of what’s so great about the company, and what aspect of the job interests you the most. Because what really interests hiring managers is seeing your passion for your work come through the page: Something that’s often hard to convey with merely a CV.

5. Keep It Short.

Hiring Managers want to see a cover letter. But, what they don’t want to see is a 10 page cover letter detailing your life story, or repeating everything you already stated in your CV!

So aim to keep your cover letter to one page or less. The Hiring Manager reading your application is likely reading through many CVs and cover letters. So you want to keep yours short, to the point, and get straight into why they should give you the job.

6. Have a Clear Structure: Introduction, Body, Conclusion.

Your cover letter should have a clear structure that makes it easy for the reader to follow and find the relevant information: Introduction, body, and conclusion.

The introduction paragraph should introduce yourself and why you are writing.

The body of the message should discuss why you are applying for the role, and why they should give it to you. Using specific examples of your previous experience and skills to show why you’re a good fit for the job.

Finally, you should use the conclusion as an opportunity to reiterate your interest in the position and to thank the hiring manager for considering your application.

7. Proofread, or Have Someone Else Look Over it.

Now it’s all finished, it’s time to proofread before you send it off. When hiring managers are looking for their next Network Engineer or Cyber Security Analyst, they’re not looking for someone who has a passion for writing. But if your cover letter is riddled with spelling mistakes, it doesn’t look great, and can actually hurt your chances of getting an interview.

Another great step to take (if possible) is to have someone else look over it for you. Sometimes a fresh pair of eyes can help you spot mistakes you don’t even realise you’re making.

Cover Letter Template

But better than telling you how to write the perfect cover letter, is giving you a cover letter template to work with. Below is an example cover letter you can use to create your own individual cover letter. 

The areas marked in red are the details you will need to edit for your cover letter. Many of these areas will need to be changed for each individual job that you apply for.

Dear (Hiring Manager’s Name),

My name is (Your Name) and I am writing to express my interest in the (Position) role. I have (Number) years of experience as a (Your current position) and I am confident in my ability to make a valuable contribution to your team.

I have previous experience working with (Skills and technologies mentioned in job posting), and I’m excited to continue to develop these skills at (Company). What really excites me about this position, is the opportunity to work with (Specific technology). I have previous experience working with (Technology), and this previous experience will be crucial to my success in the (Position).

I currently hold (Relevant/ similar certifications to those mentioned in the job posting) certifications, that will assist me in the (Position) role. Additionally, I am working towards earning (X certification), to support my own professional development, and my career goal of reaching a (Position you want to reach in your career).

Thank you for considering my application. I look forward to speaking with you further about how my skills and experience will make me an effective part of your team.

Sincerely,

(Your Name)

Cover Letter Template Example

Now the above may seem a bit confusing. So here is what this Cover Letter may actually look like for you.

Dear Mrs Brown,

My name is Hames Jones and I am writing to express my interest in the Network Engineer position. I have 2 years of experience as a Junior Network Engineer and I am confident in my ability to make a valuable contribution to your team.

I have previous experience working with LAN and WLAN environments, from implementation to management, and I’m excited to continue to develop these skills at IT Solutions Inc. What really excites me about this position, is the opportunity to work with Cisco FirePOWER. While I haven’t used it before, I’ve previously worked with FortiGate, and this previous experience will be crucial to my success in the Network Engineer Position.

I currently hold a CCNA certification, which will assist me in the Network Engineer role. Additionally, I am working towards earning a CCNP Enterprise, to support my own professional development, and my career goal of reaching a Senior Network Engineer position in the near future.

Thank you for considering my application. I look forward to speaking with you further about how my skills and experience will make me an effective part of your team.

Sincerely,

James Jones

Your cover letter may contain much more information than this, referencing more of the skills that the job advert asks applicants to have. But this should give you an accurate idea of how to create your own cover letter, and how to relate your own experiences to the position you are applying for.

The Only Time You Don’t Need to Write a Cover Letter.

One of the only times when you don’t need to know how to write a cover letter, is when you’re working with a recruiter or recruitment agency in your industry. 

Here at Dynamic, we’re experts in recruiting in the IT Industry: Network, Infrastructure, IT Sales, Cyber and Cloud… Because we understand our market, our clients and our candidates: And our clients trust us to bring applicants to them who are right for the role. This means they often don’t ask for a cover letter, because a recruiters job is to sell you to the Hiring Manager without the need for a cover letter.

If you’re looking for your next IT position, you can look at our open job vacancies here. Or reach out to us here for a confidential chat about taking the next step in your IT career.

The post How To Write The Perfect Cover Letter in 2023 appeared first on Dynamic Search Solutions.