LinkedIn Acquires Startup Refresh

In a move that could produce even more automated suggestions and tips for LinkedIn users, the professional network has purchased California startup Refresh, the maker of an app that gathers news and insights about participants in meetings.

Launched three years ago, Refresh is designed to be a “digital briefing book” that can call up online information related to people that users are scheduled to meet. The information can be anything from blog posts, news articles or Facebook posts to personal notes or favorite sports teams.

The Refresh mobile and desktop app is aimed at helping people relate to one another more quickly, but it can also be used to refresh one’s memory when running into acquaintances unexpectedly.

The details of the deal were not disclosed. Refresh has stopped taking on new users and its app will shut down April 15.

“Refresh has surfaced insights associated with hundreds of millions of meetings, and has been central to countless connections and closed deals,” co-founder Bhavin Shah wrote on the Refresh blog in announcing the deal.

LinkedIn already has an app called Connected that was somewhat of a rival to Refresh. It can log the people users have met and offer updates and information about interests shared with “connections,” which are acquaintances in the LinkedIn lingo. It’s unclear whether Refresh features will be added to Connected or the LinkedIn website itself.

“Our team will focus its efforts on providing LinkedIn members with more insights to help them better do their jobs,” Shah wrote.

Source

Malware Targets Job-seekers

A new version of the Gameover computer Trojan is targeting job hunters and recruiters by attempting to steal log-in credentials for Monster.com and CareerBuilder.com accounts.

Gameover is one of several Trojan programs that are based on the infamous Zeus banking malware, whose source code was leaked on the Internet in 2011. Like Zeus, Gameover can steal log-in credentials and other sensitive information by injecting rogue Web forms into legitimate websites when accessed from infected computers.

The ability to inject content into browsing sessions in real time has traditionally been used by computer Trojans to steal online banking credentials and financial information. However, cybercriminals are increasingly using this technique to compromise other types of accounts as well.

For example, in February, researchers from security firm Adallom found a Zeus variant that stole Salesforce.com log-in credentials and scraped business data from the compromised accounts.

The latest development involves a new Gameover variant that contains a configuration file to target Monster.com accounts, one of the largest employment websites in the world, security researchers from antivirus firm F-Secure said.

“A computer infected with Gameover ZeuS will inject a new ‘Sign In’ button [into the Monster.com sign-in page], but the page looks otherwise identical,” they said.

After the victims authenticate through the rogue Web form the malware injects a second page that asks them to select and answer three security questions out of 18. The answers to these questions expose additional personal information and potentially enable attackers to bypass the identity verification process.

Targeting Monster.com is a new development, but the Gameover malware had already been targeting CareerBuilder.com, another large employment website, for some time.

Recruiters with accounts on employment websites should be wary of irregularities on log-in pages, especially if those accounts are tied to bank accounts and spending budgets, the F-Secure researchers said. “It wouldn’t be a bad idea for sites such as Monster to introduce two factor authentication beyond mere security questions.”

The authors of the Gameover Trojan program have been particularly active recently. In early February researchers from security firm Malcovery Security reported that a new variant of Gameover was being distributed as an encrypted .enc file in order to bypass network-level defenses. Later that month researchers from Sophos detected a Gameover variant with a kernel-level rootkit component that protected its files and processes, making it harder to remove.

Unlike most other Zeus spinoffs, Gameover is also using peer-to-peer technology for command-and-control instead of traditional hosted servers, which improves its resilience to takedown efforts by security researchers.

Source

Tech Hiring Up This Year

Hiring of technology professionals has been increasing since the first half of this year, with new IT hires accounting for about 10% of all the job growth in the U.S. in June, according to two independent assessments.

Total tech employment reached 4.47 million in June, an increase of 22,600 jobs from the prior month, or a .51% gain, according to TechServe Alliance, an IT services industry group which tracks employment data month-to-month. The total excludes tech manufacturing employment.

Similarly, Foote Partners, which researches IT employment trends, reported a gain of 18,200 new tech jobs last month.

These gains are coming at the same time that some tech employers are cutting jobs.

IBM has cut more than 3,000 workers over the past few weeks, struggling Hewlett-Packard is still eliminating jobs, and Symantec is seeing layoffs as well.

The U.S. economy added 195,000 jobs overall in June, according to the Labor Dept.

Foote said that IT employment in the first half of this year is averaging 13,500 new jobs per month.

“While the pace of job creation in the national labor force appears stuck at 7.6% unemployment and new jobs are heavily in part-time positions and low wage full-time segments, IT jobs have been on a sustained growth upswing and wages are holding steady if not growing slightly,” said David Foote, chief analyst, in a statement.

Reports on IT employment figures from analyst can differ widely depending on what U.S. labor department categories are use in the calculations.

Another firm that analyzes the labor market, Janco Associates, reported a gain of 9,900 jobs in June based on the categories it tracks.

Despite the increase in hiring, IT salaries remain flat, said Janco.

“Based on our interviews with over 96 CIOs in the last 30 days, we concluded that CIOs are not in a great hurry to hire new staff except to meet short term needs until they see a clear trend as to what is happening with the economy,” said Janco CEO Victor Janulaitis in a statement.

Janulaitis said that “67% of the CIOs we interviewed do not see any real push to expand staffing over the next 12 months.”

Source

IBM Freezes Employee Salaries

IBM this year won’t be granting any pay raises to its executives or to many of its workers in its Global Technology Services division.

The company said it is only giving pay raises to workers with high-demand skills that the company needs.

IBM customarily issues pay raises during the mid-year period.

“There are targeted skill groups of employees that are eligible for salary increases in 2012,” said Trink Guarino, an IBM spokeswoman. “No executives will be eligible for salary increases.”

Business Insider Tuesday published an internal IBM memo announcing the action that was sent to employees from Global Technology Services executives.

One IBM employee, who didn’t want to be identified, said he believes the lack of pay raises “is part of IBM’s hyper-aggressive plan to meet its 2015 roadmap.”

That IBM roadmap lays out an aggressive growth strategy, which calls for increasing the company’s earnings per share by $20 by 2015.

The employee noted that the company has been spending billions in stock buybacks, but says it can’t afford pay increases.

Rather than reaching profit goals “the old-fashioned way by increasing market share, developing and selling new products,” the company is “maniacally focused on cutting labor costs and off-shoring work to low-cost countries,” the employee said.

Source…

Woman Sues LinkedIn

An Illinois woman has filed a $5 million lawsuit against LinkedIn Corp, claiming that the social network violated promises to consumers by not having better security in place when more than 6 million customer passwords were stolen.

The lawsuit, which was introduced in federal court in San Jose, California, on June 15 and seeks class-action status, was filed less than two weeks after the stolen passwords turned up on websites frequented by computer hackers.

The attack on Mountain View, California-based LinkedIn, an employment and professional networking site with more than 160 million members, was the latest massive corporate data breach to have attracted the attention of class-action lawyers.

A federal judicial panel last week consolidated nine proposed class-action lawsuits in Nevada federal court against online shoe retailer Zappos, a unit of Amazon.com, over its January disclosure that hackers had siphoned information affecting 24 million customers.

The LinkedIn lawsuit was filed by Katie Szpyrka, a user of the website from Illinois. In court papers, her Chicago-based law firm, Edelson McGuire, said LinkedIn had “deceived customers” by having a security policy “in clear contradiction of accepted industry standards for database security.”

.

Source…