An anonymous reader quotes a report from Quartz: For Indian techies, 2017 was the stuff of nightmares. One of the top employment generators until a few years ago, India’s $160 billion IT industry laid off more than 56, 000 employees this year. Some analysts believe this spree was worse than the one during the 2008 financial crisis. Meanwhile, hiring plummeted, with entry-level openings having more than halved in 2017, according to experts. Tata Consultancy Services (TCS) and Infosys, two of India’s largest IT companies and once leaders in job creation, reduced their headcounts for the first time ever. Even mid-sized players like Tech Mahindra retrenched several employees. Compared to the normal rate of forced attrition (i.e. asking non-performers to leave) of around 1% in earlier years, 2017 saw Indian IT companies letting go of between 2% and 6% of their employees, said Alka Dhingra, general manager of IT staffing at TeamLease Services. Infosys cut 9, 000 jobs in January. “Instead of 10 people, what if we have three people to work on (a project). If we don’t have the software, then some others will take the advantage (away from us), ” Vishal Sikka, the former CEO of the Bengaluru-based company, said in February. Meanwhile, around 6, 000 Indian employees at Cognizant reportedly lost their jobs to automation. Read more of this story at Slashdot.
Originally posted here:
56,000 Layoffs and Counting: India’s IT Bloodbath This Year May Just Be the Start
An anonymous reader writes: Researchers have detected a new worm that is spreading via SMB, but unlike the worm component of the WannaCry ransomware, this one is using seven NSA tools instead of two. Named EternalRocks, the worm seems to be in a phase where it is infecting victims and building its botnet, but not delivering any malware payload. EternalRocks is far more complex than WannaCry’s SMB worm. For starters, it uses a delayed installation process that waits 24 hours before completing the install, as a way to evade sandbox environments. Further, the worm also uses the exact same filenames as WannaCry in an attempt to fool researchers of its true origin, a reason why the worm has evaded researchers almost all week, despite the attention WannaCry payloads have received. Last but not least, the worm does not have a killswitch domain, which means the worm can’t be stopped unless its author desires so. Because of the way it was designed, it is trivial for the worm’s owner to deliver any type of malware to any of the infected computers. Unfortunately, because of the way he used the DOUBLEPULSAR implant, one of the seven NSA hacking tools, other attackers can hijack its botnet and deliver their own malware as well. IOCs are available in a GitHub repo. Ars Technica quotes security researchers who say “there are at least three different groups that have been leveraging the NSA exploit to infect enterprise networks since late April… These attacks demonstrate that many endpoints may still be compromised despite having installed the latest security patch.” Read more of this story at Slashdot.