Summary:

A group called "ResumeLooters" has been stealing user information from employment agency and retail websites in the APAC region. The group compromised 65 websites using SQL injection attacks and injected XSS scripts into additional sites. The stolen data includes names, phone numbers, emails, dates of birth, employment history, and other personal data. Over two million email addresses were stolen and the data was sold in Chinese-speaking hacking groups. The attacks primarily targeted India, Taiwan, Thailand, and Vietnam. The report recommends using web application firewalls and implementing input validation/sanitization as protection against these attacks.

Hashtags:

#ResumeLooters #DataTheft #APAC #Cybersecurity #SQLInjection #XSSAttacks #UserPrivacy #WebSecurity

https://www.infosecurity-magazine.com/news/resumelooters-gang-retail-job-site/