To follow up on the earlier thread, the impersonation of AECOM HR part 2 continues with the malicious actors respond to my reply.

I had responded to the threat actor, providing availability for a conversation. The threat actor responded with the questions below at 0331 AM PT 2026-02-04. This should have been a big tell for me as the spoofed HR persona is located in Portland, OR and not likely working in the middle of the night.
Then when I had not responded, they replied to the same email thread with the same content at 1737 PM PT 2026-02-04. This is what triggered my further analysis and recognized the miscreant at work.
I posted the IOCs and details on my Github:
https://github.com/obrientg/Analysis/blob/main/2026%2002%2004%20Impersonation%20of%20AECOM%20HR%20part%202

#jobsearch #fraud #impersonation #informationsecurity #abuse #risk #riskmanagement #gethired #hiring #threatintel #IOC #IOCs #gethired #hiring #threatlandscape #getFediHired #threatInteligence #cybersecurity #phishing

Impersonation of AECOM HR - The malicious actors continue to target individuals on the search for their next job.

Yesterday I spent the afternoon writing up a response to (what I thought) a reach out by AECOM for potential roles with the company. Having crafted thoughtful responses to the questions, I went to reply –

And realized this was fake. This is a scammer.

The tell-tale signs I missed at first:
· The name not matching the email address
· Weird subject line
· The email coming from GMail rather than their aecom.com domain
· The work signature block including a LinkedIn profile URL
· Email interaction tracking URL

This sample was specifically targeted as they pulled background from LinkedIn regarding my background and experience, hence my blocking the other telltale signs.

These threat actors are using mailsuite [DOT] com a Gmail plugin to track their targeted individuals (aka the u.list-opt-center [DOT] com URL). This appears to be a legit service being used for malicious activities. I have reached out to Mailsuite but have not received a response.

They are impersonating a pamlevesque [AT] aecom.com; I have reached out on LinkedIn Pam Levesque to warn them & connect with their abuse team but have not received a response. I also reached out to multiple other individuals in InfoSec/Risk/Abuse roles at AECOM with no response.

#jobsearch #fraud #impersonation #informationsecurity #abuse #risk #riskmanagement #gethired #hiring #threatlandscape #getFediHired #threatIntel #threatInteligence #cybersecurity #phishing

The full documentation of the initial interaction is on my Github:
https://github.com/obrientg/Analysis/blob/main/Impersonation%20of%20AECOM%20HR%202026Feb-3

and my #Linkedin posting:
https://www.linkedin.com/posts/activity-7425234187286351872-z1Wx
#stinkedin

Compliance ensures you meet regulations. Security ensures you survive real-world threats.

Too many organizations treat them as the same—and pay the price when audits pass but breaches happen.

Smart leaders integrate compliance + security into a single, risk-driven strategy focused on resilience, not just checklists.

But downtime, data loss, and lost trust can end a business.

#CyberSecurity #GRC #RiskManagement #Compliance #InformationSecurity #ISO27001 #BusinessResilience #DigitalTrust

Canada Computers now says around 1,300 customers were affected by the data breach

https://www.cbc.ca/news/business/canada-computers-data-breach-scope-9.7074605
- - -
Ordinateurs Canada dit désormais que 1300 clients ont été touchés par la brèche de données

// Article en anglais //

#Canada #CanadaComputers #OrdinateursCanada #InfoSec #InformationSecurity #Cybersécurité

If you do not acknowledge risk, you increase risk.
#InfoSec
#InformationSecurity

If your customer support people/bots aren’t trained to answer basic questions about your service’s cybersecurity and privacy, please don’t bother me with your “we take your security and privacy seriously” letter.

#InfoSec
#InformationSecurity

Kaspersky dropped a bunch of IOCs for the Notepad++ compromise today. Worth checking out if you're a thrunter or incident responder.

https://securelist.com/notepad-supply-chain-attack/118708/

#CyberSecurity #InformationSecurity

Save the date!

Monday, September 28, 2026 - BSides Saskatoon is coming back for its 3rd year!

Keep your eyes peeled for more information coming soon on tickets, Call for Papers, and venue information.

Can't wait to see you there!

#BSides #BSidesYXE #Saskatoon #InformationSecurity #infosec #cybersecurity

Notepad++ confirms it was compromised by state-sponsored hackers.

You might want to update and do some threat hunting.

https://notepad-plus-plus.org/news/hijacked-incident-info-update/

Bonus: Here's a great writeup from December from @GossiTheDog@cyberplace.social
https://doublepulsar.com/small-numbers-of-notepad-users-reporting-security-woes-371d7a3fd2d9

#CyberSecurity #InformationSecurity

That scene in Contact (1997) where they suddenly realize the code transmitted by the alien civilization doesn't form a 2D document, but a 3D one, and suddenly it's readable.

But in this version, it starts "Dear friend, I have encrypted your files...".

#Contact #CISO #security #InformationSecurity #aliens #ransomware

Match Group breach exposes data from Hinge, Tinder, OkCupid and Match

https://www.bleepingcomputer.com/news/security/match-group-breach-exposes-data-from-hinge-tinder-okcupid-and-match/
- - -
Une brèche chez Match Group divulgue les données provenant de Hinge, Tinder, OkCupid et Match

https://www.bfmtv.com/tech/cybersecurite/match-group-geant-des-services-de-rencontre-avec-meetic-ok-cupid-ou-encore-tinder-confirme-un-incident-de-securite-mais-estime-que-cela-concerne-un-volume-limite-de-donnees-personnelles_AV-202601290840.html

#Match #Hinge #Tinder #OkCupid #InfoSec #InformationSecurity #Cybersécurité

Private AI Chat conversations leaked because the database was not secured properly

https://www.404media.co/massive-ai-chat-app-leaked-millions-of-users-private-conversations/
- - -
Des conversations privées avec une IA ont été divulguées à cause d’une base de données incorrectement sécurisée

https://moncarnet.com/2026/01/29/fuite-massive-de-donnees-une-application-dia-expose-des-millions-de-conversations-privees/

#AI #IA #ArtificialIntelligence #IntelligenceArtificielle #InfoSec #InformationSecurity #Cybersécurité

France 🇫🇷 fines France Travail, the country’s public employment service, €5M over failures to protect job seekers’ data

https://www.bleepingcomputer.com/news/security/france-fines-unemployment-agency-5-million-over-data-breach/
- - -
La France 🇫🇷 met France Travail, le service d’emploi public du pays, à l’amende de 5M€ pour avoir failli à protéger les données des personnes en recherche d’emploi

https://www.lemonde.fr/pixels/article/2026/01/29/france-travail-condamne-a-une-amende-de-5-millions-d-euros-apres-un-vol-massif-de-donnees_6664602_4408996.html

#France #FranceTravail #InfoSec #InformationSecurity #Cybersécurité

The Canadian Centre for Cyber Security warns that more criminals are using AI for ransomware attacks

https://www.cbc.ca/news/politics/ai-ransomeware-attacks-9.7065169
- - -
Le Centre canadien pour la cybersécurité met en garde que davantage de criminels•elles utilisent l’IA pour les attaques par rançongiciel

https://lactualite.com/actualites/les-criminels-utilisent-lia-pour-commettre-des-attaques-par-rancongiciel/

#Canada #Ransomware #Rançongiciel #InfoSec #InformationSecurity #Cybersécurité #AI #IA #ArtificialIntelligence #IntelligenceArtificielle

Happy Data Protection Day!

20th anniversary online event: https://www.coe.int/web/data-protection/data-protection-day

#Data #DataProtection #DataPrivacy #Privacy #InfoSec #InformationSecurity #CyberSecurity #Encryption #E2EE #Security #PasswordManager #SelfHost #SelfHosted #SelfHosting #Linux #DataSovereignty #CouncilOfEurope #CoE #EDPS #EuropeanDataProtectionSupervisor #DPD #DPD2026 #OpenPGP #PGP #GnuPG #GPG #VeraCrypt #Tomb #LUKS #AES #P2P #VPN #LetsEncrypt #Argon2 #Tor #XMPP #OMEMO #TorBrowser #Tails #PrivacyBadger #JShelter

The South Korean government will expand user protection by introducing dispute mediation for damages beyond personal data leaks, strengthening AI and digital product security, and aligning with EU cybersecurity regulations.
#YonhapInfomax #InformationSecurity #PersonalData #ArtificialIntelligence #DisputeMediation #CybersecurityResilienceAct #Economics #FinancialMarkets #Banking #Securities #Bonds #StockMarket
https://en.infomaxai.com/news/articleView.html?idxno=102396

Before Vegas: The “Red Hackers” Who Shaped China’s Cyber Ecosystem:

https://ethz.ch/content/dam/ethz/special-interest/gess/cis/center-for-securities-studies/pdfs/before-vegas-cyberdefense-report.pdf

#cybersecurity #redteam #informationsecurity #threathunting #exploitation #infosec

Before Vegas: The “Red Hackers” Who Shaped China’s Cyber Ecosystem:

https://ethz.ch/content/dam/ethz/special-interest/gess/cis/center-for-securities-studies/pdfs/before-vegas-cyberdefense-report.pdf

#cybersecurity #redteam #informationsecurity #threathunting #exploitation #infosec

Canada Computers starts emailing customers about data breach

https://mobilesyrup.com/2026/01/27/canada-computers-emailing-customers-data-breach/
- - -
Ordinateurs Canada commence à informer les clients au sujet d’une brèche de données

// Article en anglais //

#Canada #CanadaComputers #OrdinateursCanada #InfoSec #InformationSecurity #Cybersécurité

🔐 How Audio Sensors Are Changing Professional Bug Sweeping Services

As workplaces evolve, so do the risks around sensitive conversations and confidential information. Traditional bug sweeping is no longer enough for modern offices, shared spaces, and remote collaboration environments.

📊 Learn why physical information security matters more than ever in today’s connected world.

#informationsecurity #bugsweeping #audiosecurity #corporatesecurity #endoacustica
https://www.prlog.org/13123966-how-audio-sensors-are-changing-the-approach-to-professional-bug-sweeping-services.html