What they don’t tell you about hiring — how to save time and land your dream job tomorrow…

What You’ve Been Told Is a Lie

No doubt you’ve been told there is a set of “rules” to follow and a specific way to write your resume. Maybe you’ve even been convinced by now that you need someone who is a “Professional Resume Writer” and that you need to pay them to make it “ATS compliant” (ATS = Applicant Tracking System).

They’re lying to you to make easy money from your desire for a great job in Tech, one of the highest-paying fields currently.

I’ll tell you for free that my resume isn’t all that ATS compliant.

It doesn’t contain nearly all the buzzwords I’m qualified and experienced enough to have on it.

I had the same resume from my first job at 15 for just over a decade, just slowly adding to the sections. I use the same resume and cover letter to apply for almost every job I apply to, and they have only been redone (less than a year ago) by a Career Coach once in my life. That was by Drew Corbin (who is an expert Career Coach if you need advice), who was able to make them beyond an improvement, to say the least.

When it comes to resumes, there’s also no limit to the number of pages they can be; that’s also a myth.

In my experience, there’s one big truth about resumes that’s not mentioned: they shouldn’t be a list of your job descriptions. In fact, if your resume is just a list of bullet points from the jobs you have worked, it is probably getting tossed.

What your resume needs is personality. Hiring managers aren’t looking for a grey box to sit in the office. Every company has its own culture, and they want to know if you will fit because your resume’s job is to get you in the door or on the phone.

That’s over half the battle: getting an interview. If you can get an interview, your chances of getting the job go up magnitudes.

How to handle an interview is another topic. It’s enough to be its article for almost any job, but even the general principles and strategies fit an entire article, so I won’t get into that here.

Before I move on, I have another word to say about the application process and comparing it to your resume: the odds of you having every single qualification for a job you want are extraordinarily slim. One might even say that if you have them all, you’re applying for the wrong job. You want a job that will teach you and help you grow, not make you the same person when you leave as when you arrived.

When it comes to a job’s qualifications list vs your list of mastered skills, I’ve learned something from my own experiences that I know others will disagree with. It’s not as black and white as it appears when looking at jobs I’m interested in and the skills and experiences they require.

What I always focus on understanding about a job I’m interested in is what you can learn before starting or while doing the job and what you can’t.

Knowing that limit is crucial and can be the difference between career growth and embarrassment and being let go.

The Depressing Truths About Hiring

No one talks about this: the hiring process is not a fair game. Sometimes, the reason you didn’t get hired has nothing to do with your abilities, resume, or interview; it’s nothing you could have changed. You didn’t get the job because someone doing the hiring or their boss has a friend in the same industry who needs a job.

You’re not in a fair competition. Humans, by nature, are corrupt, and thus, so is the hiring practice. So don’t feel bad if you don’t get the job. Sometimes, not getting a job is not equal to failing. You can learn from the process and get your name out there.

I’ve had interviews that didn’t land me a job, but I later got interviews with directors at companies like Cisco, Microsoft, and Google because of those original interviews. The key point is that just because you didn’t get the job, don’t lose your composure or respect for those you’re dealing with.

I hope you found this content informative and that it encourages you to request information about specific types of malware or cybersecurity vulnerabilities. Please let me know if you have any questions or requests for something else you want to learn about.

As always, thanks for reading, and stay safe!

---

— Devon Griffith A.K.A. rootPHAGE / 我爱数据

Introduction.

In recent weeks, a surge of cyber threats has been detected, specifically targeting Microsoft SQL database servers (MSSQL) within organizations based in the U.S., EU, and Latin America. Cybersecurity experts at Securonix have been closely monitoring this ongoing campaign, revealing a meticulously orchestrated sequence of actions by threat actors seeking to deploy ransomware.

The Methodical Approach of Threat Actors

In the observed campaign, attackers initiate their assault by employing brute force techniques to compromise administrative passwords on MSSQL servers. This initial breach enables them to download a series of payloads, pilfer credentials, execute lateral movements across the network, and ultimately deliver ransomware. Intriguingly, researchers suspect that these threat actors have been capitalizing on their unauthorized access by selling it to various compromised organizations.

The ransomware of choice in this campaign is Mimic ransomware, strategically utilizing the legitimate application Everything by VoidTools for file reconnaissance. As highlighted by Den Iuzvyk, Tim Peck, and Oleg Kolesnikov of the Securonix threat research team, Mimic ransomware gained prominence in January 2023 and employs the seemingly innocuous ‘red25.exe’ dropper to facilitate the encryption process.

Exploiting SQL Server Features

Upon gaining initial access, threat actors leverage the powerful xp_cmdshell procedure inherent in SQL servers. This feature allows them to execute commands, initiating a sequence that involves system enumeration, deployment of obfuscated Cobalt Strike payloads for advanced code execution, downloading Mimikatz for credential extraction, and installing AnyDesk as a conduit for the ransomware payload. Notably, the installation of AnyDesk includes the addition of a new local user to the administrators group, emphasizing the threat actors’ intent to establish persistence within the compromised environment.

Over the course of several days, these threat actors demonstrate an adept ability to move laterally within the network. Leveraging data provided by Mimikatz and the Advanced Port Scanner utility, they successfully transfer in the Sysinternals utility, psexec. This facilitates the creation of a new session on a domain controller using a Domain Admin password obtained earlier in the intrusion.

Operational Oversight and Unintended Exposure

Despite the sophistication displayed by threat actors, a notable operational security error emerges: the enabling of the AnyDesk clipboard-sharing feature. This oversight grants cybersecurity researchers a unique window into threat actor communications and negotiations, providing invaluable insights into their strategies and interactions. However, the researchers acknowledge that, at this stage, specifics regarding the number of victims and the vertical industries targeted remain undisclosed.

Security Measures and Recommendations

For security teams, the ongoing campaign serves as a poignant reminder of the importance of implementing robust security measures. One key takeaway is the imperative for organizations to refrain from exposing critical servers directly to the internet. Publicly exposed MSSQL servers present an easily exploitable entry point for attackers, a vulnerability highlighted by similar brute force attacks observed in September 2023.

The researchers strongly advocate for a more secure infrastructure, suggesting that access to critical resources be provided behind a secure layer, such as a Virtual Private Network (VPN). Additionally, they caution against the indiscriminate enabling of the xp-cmdshell procedure, emphasizing its default disabled status for a reason. To enhance detection capabilities, the enablement of process-level logging for endpoints and servers, utilizing tools like Sysmon or PowerShell logging, is recommended.

Conclusion: Navigating the Cybersecurity Landscape

In conclusion, the ongoing MSSQL ransomware campaign underscores the dynamic and persistent nature of cyber threats. By shedding light on the attackers’ methodologies and recommending proactive security measures, cybersecurity researchers aim to empower organizations to fortify their defences against evolving cyber threats. As the cybersecurity landscape continues to evolve, continuous vigilance, adaptation, and collaboration remain paramount in safeguarding digital assets against sophisticated adversaries.

---

Article By:

Trevor Kutto Hacks