Search
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Expert comment on Linkedin investigation by Italian watchdog

April 2021 by Paul Prudhomme, Head of Threat Intelligence Advisory at IntSights

The comment by Paul Prudhomme, Head of Threat Intelligence Advisory at IntSights on the Linkedin being investigated by the Italian watchdog after the data of 500 million users had been found for sale online:

“The severity of this incident lies not so much in the data points themselves but in their potential use in attacks on enterprises via their employees, as well as the sheer volume of data. Most of the data points in this leak, such as email addresses or phone numbers, are less sensitive in and of themselves, compared to other data points like passwords, dates of birth, and Social Security numbers. Attackers could, however, use these details for reconnaissance or in spam, phishing, or other social engineering attacks on LinkedIn users. The ultimate goal of many such attacks would probably be to gain access to enterprise networks themselves via compromises of their employees’ accounts or devices. Such attacks may be more likely to succeed due to the rise of remote work and the increased use of home or personal devices for work due to the COVID-19 pandemic. Attacking companies via their employees’ personal accounts and devices is one way for attackers to work around enterprise network security defences.”




See previous articles

    

See next articles