Jun 16, 2025Ravie LakshmananMalware / DevOps Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that's capable of harvesting sensitive developer-related information, such as credentials, configuration data, and environment variables, among others. The package, named chimera-sandbox-extensions, attracted 143 downloads and likely targets users of a service called Chimera Sandbox, which was released by Singaporean tech company Grab last August to facilitate "experimentation and development of [machine learning] solutions." The package masquerades as a helper module for Chimera Sandbox, but "aims to steal credentials and other sensitive information such as Jamf configuration, CI/CD environment variables, AWS tokens, and more," JFrog security researcher Guy Korolevski said in a report published last week. Once installed, it attempts to connect to an external domain whose domain name is generated using a domain generation algorithm (DGA) in order to download and execute a next-stage payload. Specifically, the malware acquires from the domain an authentication token, which is then used to send a request to the same domain and retrieve the Python-based information stealer. The stealer malware is equipped to siphon a wide range of data from infected machines. This includes - JAMF receipts, which are records of software packages installed by Jamf Pro on managed computers Pod sandbox environment authentication tokens and git information CI/CD information from environment variables Zscaler host configuration Amazon Web Services account information and tokens Public IP address General platform, user, and host information The kind of data gathered by the malware shows that it's mainly geared towards corporate and cloud infrastructure. In addition, the extraction of JAMF receipts indicates that it's also capable of targeting Apple macOS systems. The collected information is sent via a POST request back to the same domain, after which the server assesses if the machine is a worthy target for further exploitation. However, JFrog said it was unable to obtain the payload at the time of analysis. "The targeted approach employed by this malware, along with the complexity of its multi-stage targeted payload, distinguishes it from the more generic open-source malware threats we have encountered thus far, highlighting the advancements that malicious packages have made recently," Jonathan Sar Shalom, director of threat research at JFrog Security Research team, said. "This new sophistication of malware underscores why development teams remain vigilant with updates—alongside proactive security research – to defend against emerging threats and maintain software integrity." The disclosure comes as SafeDep and Veracode detailed a number of malware-laced npm packages that are designed to execute remote code and download additional payloads. The packages in question are listed below - eslint-config-airbnb-compat (676 Downloads) ts-runtime-compat-check (1,588 Downloads) solders (983 Downloads) @mediawave/lib (386 Downloads) All the identified npm packages have since been taken down from npm, but not before they were downloaded hundreds of times from the package registry. SafeDep's analysis of eslint-config-airbnb-compat found that the JavaScript library has ts-runtime-compat-check listed as a dependency, which, in turn, contacts an external server defined in the former package ("proxy.eslint-proxy[.]site") to retrieve and execute a Base64-encoded string. The exact nature of the payload is unknown. "It implements a multi-stage remote code execution attack using a transitive dependency to hide the malicious code," SafeDep researcher Kunal Singh said. Solders, on the other hand, has been found to incorporate a post-install script in its package.json, causing the malicious code to be automatically executed as soon as the package is installed. "At first glance, it's hard to believe that this is actually valid JavaScript," the Veracode Threat Research team said. "It looks like a seemingly random collection of Japanese symbols. It turns out that this particular obfuscation scheme uses the Unicode characters as variable names and a sophisticated chain of dynamic code generation to work." Decoding the script reveals an extra layer of obfuscation, unpacking which reveals its main function: Check if the compromised machine is Windows, and if so, run a PowerShell command to retrieve a next-stage payload from a remote server ("firewall[.]tel"). This second-stage PowerShell script, also obscured, is designed to fetch a Windows batch script from another domain ("cdn.audiowave[.]org") and configures a Windows Defender Antivirus exclusion list to avoid detection. The batch script then paves the way for the execution of a .NET DLL that reaches out to a PNG image hosted on ImgBB ("i.ibb[.]co"). "[The DLL] is grabbing the last two pixels from this image and then looping through some data contained elsewhere in it," Veracode said. "It ultimately builds up in memory YET ANOTHER .NET DLL." Furthermore, the DLL is equipped to create task scheduler entries and features the ability to bypass user account control (UAC) using a combination of FodHelper.exe and programmatic identifiers (ProgIDs) to evade defenses and avoid triggering any security alerts to the user. The newly-downloaded DLL is Pulsar RAT, a "free, open-source Remote Administration Tool for Windows" and a variant of the Quasar RAT. "From a wall of Japanese characters to a RAT hidden within the pixels of a PNG file, the attacker went to extraordinary lengths to conceal their payload, nesting it a dozen layers deep to evade detection," Veracode said. "While the attacker's ultimate objective for deploying the Pulsar RAT remains unclear, the sheer complexity of this delivery mechanism is a powerful indicator of malicious intent." Crypto Malware in the Open-Source Supply Chain The findings also coincide with a report from Socket that identified credential stealers, cryptocurrency drainers, cryptojackers, and clippers as the main types of threats targeting the cryptocurrency and blockchain development ecosystem. Some of the examples of these packages include - express-dompurify and pumptoolforvolumeandcomment, which are capable of harvesting browser credentials and cryptocurrency wallet keys bs58js, which drains a victim's wallet and uses multi-hop transfers to obscure theft and frustrate forensic tracing. lsjglsjdv, asyncaiosignal, and raydium-sdk-liquidity-init, which functions as a clipper to monitor the system clipboard for cryptocurrency wallet strings and replace them with threat actor‑controlled addresses to reroute transactions to the attackers "As Web3 development converges with mainstream software engineering, the attack surface for blockchain-focused projects is expanding in both scale and complexity," Socket security researcher Kirill Boychenko said. "Financially motivated threat actors and state-sponsored groups are rapidly evolving their tactics to exploit systemic weaknesses in the software supply chain. These campaigns are iterative, persistent, and increasingly tailored to high-value targets." AI and Slopsquatting The rise of artificial intelligence (AI)-assisted coding, also called vibe coding, has unleashed another novel threat in the form of slopsquatting, where large language models (LLMs) can hallucinate non-existent but plausible package names that bad actors can weaponize to conduct supply chain attacks. Trend Micro, in a report last week, said it observed an unnamed advanced agent "confidently" cooking up a phantom Python package named starlette-reverse-proxy, only for the build process to crash with the error "module not found." However, should an adversary upload a package with the same name on the repository, it can have serious security consequences. Furthermore, the cybersecurity company noted that advanced coding agents and workflows such as Claude Code CLI, OpenAI Codex CLI, and Cursor AI with Model Context Protocol (MCP)-backed validation can help reduce, but not completely eliminate, the risk of slopsquatting. "When agents hallucinate dependencies or install unverified packages, they create an opportunity for slopsquatting attacks, in which malicious actors pre-register those same hallucinated names on public registries," security researcher Sean Park said. "While reasoning-enhanced agents can reduce the rate of phantom suggestions by approximately half, they do not eliminate them entirely. Even the vibe-coding workflow augmented with live MCP validations achieves the lowest rates of slip-through, but still misses edge cases." Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post. SHARE    

There's no shortage of reasons to stay off the Meta ecosystem, which includes Facebook and Instagram, but there are some places where WhatsApp remains the main form of text-based communication. The app is a great alternative to SMS, since it offers end-to-end encryption and was one of the go-to methods to send uncompressed photos and videos between iPhone and Android users before Apple adopted RCS. Even though Facebook, which later rebranded to Meta, acquired WhatsApp in 2014, it doesn't require a Facebook or Instagram account to get on WhatsApp — just a working phone number. How to create a WhatsApp account without Facebook or Instagram To start, you need to download WhatsApp on your smartphone. Once you open the app, you can start the registration process by entering a working phone number. After entering your phone number, you'll receive a unique six-digit code that will complete the registration process. From there, you can sort through your contacts on your attached smartphone to build out your WhatsApp network, but you won't have to involve Facebook or Instagram at any point. Alternatively, you can request a voice call to deliver the code instead. Either way, once you complete the registration process, you have a WhatsApp account that's not tied to a Facebook or Instagram account. How to link WhatsApp to other Meta accounts  If you change your mind and want more crossover between your Meta apps, you can go into the app's Settings panel to change that. In Settings, you can find the Accounts Center option with the Meta badge on it. Once you hit it, you'll see options to "Add Facebook account" and "Add Instagram account." Linking these accounts means Meta can offer more personalized experiences across the platforms because of the personal data that's now interconnected. You can always remove your WhatsApp account from Meta's Account Center by going back into the same Settings panel. However, any previously combined info will stay combined, but Meta will stop combining any personal data after you remove the account.This article originally appeared on Engadget at https://www.engadget.com/social-media/how-to-set-up-a-whatsapp-account-without-facebook-or-instagram-210024705.html?src=rss

12 June, 2025 In our turning points series, design studios share some of the key moments that shaped their business. This week, we meet Accept & Proceed. Accept & Proceed is a London based brand and design studio that works with clients like NASA, Nike and LEGO. Founder David Johnston talks us through some of the decisions that defined his business. In 2006, Johnston took the leap to start his own business, armed with a good name and a willingness to bend the truth about his team… I’d gone through my career learning from big organisations, and one small organisation, and I felt like I wasn’t happy where I was. It was my dad who encouraged me to take a leap of faith and try and go it alone. With nothing more than a month’s wages in the bank and a lot of energy, I decided to go and set up an agency. That really just means giving yourself a name and starting to promote yourself in the world. Accept & Proceed founder David Johnston I think the name itself is a very important thing. I wanted something that was memorable but also layered in meaning. A name that starts with an “a” is very beneficial when you’re being listed in the index of books and things like that. But it became a bit of a compass for the way that we wanted to create work, around accepting the status quo for what it is, but with a continual commitment to proceed nonetheless. Because I didn’t have anyone to work with, in those early months I just made up email addresses of people that didn’t exist. That allowed me to cost projects up for multiple people. That’s obviously a degree of hustle I wouldn’t encourage in everyone, but it meant I was able to charge multiple day rates for projects where I was playing the role of four or five people. Self-initiated projects have long been part of the studio’s DNA and played a key role in building key client relationships. A&P by… was a brief to explore these letterforms without any commercial intent apart from the joy of creative expression. I started reaching out to illustrators and artists and photographers and designers that I really rated, and the things that started coming back were incredible. I was overwhelmed by the amount of energy and passion that people like Mr Bingo and Jason Evans were bringing to this. I think in so many ways, the answer to everything is community. I’ve gone on to work with a lot of the people that created these, and they also became friends. It was an early example of dissolving these illusionary boundaries around what an agency might be, but also expanding and amplifying your potential. The first of Accept & Proceed’s Light Calendars Then in 2006, I was trying to establish our portfolio and I wanted something to send out into the world that would also be an example of how Accept & Proceed thinks about design. I landed on these data visualisations that show the amount of light and darkness that would happen in London in the year ahead. I worked with a freelance designer called Stephen Heath on the first one – he is now our creative director. This kickstarted a 10-year exploration, and they became a rite of passage for new designers that came into the studio, to take that very similar data and express it in completely new ways. It culminated in an exhibition in London in 2016, showing ten years’ of prints. They were a labour of love, but they also meant that every single year we had a number of prints that we could send out to new potential contacts. Still when I go to the global headquarters of Nike in Beaverton in Portland, I’m amazed at how many of these sit in leaders’ offices there. When we first got a finance director, they couldn’t believe how much we’d invested as a business in things like this – we even had our own gallery for a while. It doesn’t make sense from a purely numbers mindset, but if you put things out there for authentic reasons, there are ripple effects over time. In 2017, the studio became a B-corp, the fourth creative agency in the UK to get this accreditation. Around 2016, I couldn’t help but look around – as we probably all have at varying points over the last 10 years – and wondered, what the fuck is going on? All these systems are not fit for purpose for the future – financial systems, food systems, relationship systems, energy systems. They’re not working. And I was like shit, are we part of the problem? Accept & Proceed’s work for the NASA Jet Propulsion Laboratory I’ve always thought of brand as a piece of technology that can fundamentally change our actions and the world around us. That comes with a huge responsibility. We probably paid four months’ wages of two people full-time just to get accredited, so it’s quite a high bar. But I like that the programme shackles you to this idea of improvement. You can’t rest on your laurels if you want to be re-accredited. It’s like the way design works as an iterative process – you have to keep getting better. In 2019, Johnston and his team started thinking seriously about the studio’s own brand, and created a punchy, nuanced new positioning. We got to a point where we’d proven we could help brands achieve their commercial aims. But we wanted to hold a position ourselves, not just be a conduit between a brand and its audience. It still amazes me that so few agencies actually stand for anything. We realised that all the things – vision, mission, principles – that we’ve been creating for brands for years, we hadn’t done for ourselves. It’s a bit like when you see a hairdresser with a really dodgy haircut. But it’s hard to cut your own hair. So we went through that process, which was really difficult, and we landed on “Design for the future” as our promise to the world. And if you’re going to have that as a promise, you better be able to describe the world you’re creating through your work, which we call “the together world.” Accept & Proceed’s work for Second Sea We stand at this most incredible moment in history where the latest technology and science is catching up with ancient wisdom, to know that we must become more entangled, more together, more whole. And we’ve assessed five global shifts that are happening in order to be able to take us towards a more together world through our work – interbeing, reciprocity, healing, resilience and liberation. The year before last, we lost three global rebrand projects based on our positioning. Every one of them said to me, “You’re right but we’re not ready.” But this year, I think the product market fit of what we’ve been saying for the last five years is really starting to mesh. We’re working with Arc’teryx on their 2030 landscape, evolving Nike’s move to zero, and working with LEGO on what their next 100 years might look like, which is mind-boggling work. I don’t think we could have won any of those opportunities had we not been talking for quite a long time about design for the future. In 2023, Johnston started a sunrise gathering on Hackney Marshes, which became a very significant part of his life. I had the flu and I had a vision in my dreamy fluey state of a particular spot on Hackney Marshes where people were gathering and watching the sunrise. I happened to tell my friend, the poet Thomas Sharp this, and he said, “That’s a premonition. You have to make it happen.” The first year there were five of us – this year there were 300 people for the spring equinox in March. I don’t fully know what these gatherings will lead to. Will Accept & Proceed start to introduce the seasons to the way we operate as a business? It’s a thought I’ve had percolating, but I don’t know. Will it be something else? One of the 2024 sunrise gatherings organised by Accept & Proceed founder David Johnston I do know that there’s major learnings around authentic community building for brands. We should do away with these buckets we put people into, of age group and location. They aren’t very true. It’s fascinating to see the breadth of people who come to these gatherings. Me and Laura were thinking at some point of moving out of London, but I think these sunrise gatherings are now my reason to stay. It’s the thing I didn’t know I needed until I had it. They have made London complete for me. There’s something so ancient about watching our star rise, and the reminder that we are actually just animals crawling upon the surface of a planet of mud. That’s what’s real. But it can be hard to remember that when you’re sitting at your computer in the studio. These gatherings help me better understand creativity’s true potential, for brands, for the world, and for us. Design disciplines in this article Brands in this article What to read next Features Turning Points: Cultural branding agency EDIT Brand Identity 20 Nov, 2024

Published June 14, 2025 10:00am EDT close Top lawmaker on cybersecurity panel talks threats to US agriculture Senate Armed Services Committee member Mike Rounds, R-S.D., speaks to Fox News Digital NEWYou can now listen to Fox News articles! Your home address might be easier to find online than you think. A quick search of your name could turn up past and current locations, all thanks to people finder sites. These data broker sites quietly collect and publish personal details without your consent, making your privacy vulnerable with just a few clicks.Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join. A woman searching for herself online. (Kurt "CyberGuy" Knutsson)How your address gets exposed online and who’s using itIf you’ve ever searched for your name and found personal details, like your address, on unfamiliar websites, you’re not alone. People finder platforms collect this information from public records and third-party data brokers, then publish and share it widely. They often link your address to other details such as phone numbers, email addresses and even relatives.11 EASY WAYS TO PROTECT YOUR ONLINE PRIVACY IN 2025While this data may already be public in various places, these sites make it far easier to access and monetize it at scale. In one recent breach, more than 183 million login credentials were exposed through an unsecured database. Many of these records were linked to physical addresses, raising concerns about how multiple sources of personal data can be combined and exploited.Although people finder sites claim to help reconnect friends or locate lost contacts, they also make sensitive personal information available to anyone willing to pay. This includes scammers, spammers and identity thieves who use it for fraud, harassment, and targeted scams. A woman searching for herself online. (Kurt "CyberGuy" Knutsson)How do people search sites get your home address?First, let’s define two sources of information; public and private databases that people search sites use to get your detailed profile, including your home address. They run an automated search on these databases with key information about you and add your home address from the search results. 1. Public sourcesYour home address can appear in:Property deeds: When you buy or sell a home, your name and address become part of the public record.Voter registration: You need to list your address when voting.Court documents: Addresses appear in legal filings or lawsuits.Marriage and divorce records: These often include current or past addresses.Business licenses and professional registrations: If you own a business or hold a license, your address can be listed.WHAT IS ARTIFICIAL INTELLIGENCE (AI)?These records are legal to access, and people finder sites collect and repackage them into detailed personal profiles.2. Private sourcesOther sites buy your data from companies you’ve interacted with:Online purchases: When you buy something online, your address is recorded and can be sold to marketing companies.Subscriptions and memberships: Magazines, clubs and loyalty programs often share your information.Social media platforms: Your location or address details can be gathered indirectly from posts, photos or shared information.Mobile apps and websites: Some apps track your location.People finder sites buy this data from other data brokers and combine it with public records to build complete profiles that include address information. A woman searching for herself online. (Kurt "CyberGuy" Knutsson)What are the risks of having your address on people finder sites?The Federal Trade Commission (FTC) advises people to request the removal of their private data, including home addresses, from people search sites due to the associated risks of stalking, scamming and other crimes.People search sites are a goldmine for cybercriminals looking to target and profile potential victims as well as plan comprehensive cyberattacks. Losses due to targeted phishing attacks increased by 33% in 2024, according to the FBI. So, having your home address publicly accessible can lead to several risks:Stalking and harassment: Criminals can easily find your home address and threaten you.Identity theft: Scammers can use your address and other personal information to impersonate you or fraudulently open accounts.Unwanted contact: Marketers and scammers can use your address to send junk mail or phishing or brushing scams.Increased financial risks: Insurance companies or lenders can use publicly available address information to unfairly decide your rates or eligibility.Burglary and home invasion: Criminals can use your location to target your home when you’re away or vulnerable.How to protect your home addressThe good news is that you can take steps to reduce the risks and keep your address private. However, keep in mind that data brokers and people search sites can re-list your information after some time, so you might need to request data removal periodically.I recommend a few ways to delete your private information, including your home address, from such websites.1. Use personal data removal services: Data brokers can sell your home address and other personal data to multiple businesses and individuals, so the key is to act fast. If you’re looking for an easier way to protect your privacy, a data removal service can do the heavy lifting for you, automatically requesting data removal from brokers and tracking compliance.While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap — and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services here. Get a free scan to find out if your personal information is already out on the web2. Opt out manually : Use a free scanner provided by a data removal service to check which people search sites that list your address. Then, visit each of these websites and look for an opt-out procedure or form: keywords like "opt out," "delete my information," etc., point the way.Follow each site’s opt-out process carefully, and confirm they’ve removed all your personal info, otherwise, it may get relisted.3. Monitor your digital footprint: I recommend regularly searching online for your name to see if your location is publicly available. If only your social media profile pops up, there’s no need to worry. However, people finder sites tend to relist your private information, including your home address, after some time.4. Limit sharing your address online: Be careful about sharing your home address on social media, online forms and apps. Review privacy settings regularly, and only provide your address when absolutely necessary. Also, adjust your phone settings so that apps don’t track your location.Kurt’s key takeawaysYour home address is more vulnerable than you think. People finder sites aggregate data from public records and private sources to display your address online, often without your knowledge or consent. This can lead to serious privacy and safety risks. Taking proactive steps to protect your home address is essential. Do it manually or use a data removal tool for an easier process. By understanding how your location is collected and taking measures to remove your address from online sites, you can reclaim control over your personal data.CLICK HERE TO GET THE FOX NEWS APPHow do you feel about companies making your home address so easy to find? Let us know by writing us at Cyberguy.com/ContactFor more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/NewsletterAsk Kurt a question or let us know what stories you'd like us to cover.Follow Kurt on his social channels:Answers to the most-asked CyberGuy questions:New from Kurt:Copyright 2025 CyberGuy.com. All rights reserved.   Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Are you in search of a company that resonates with your proactive spirit and entrepreneurial mindset? Your search ends here with Premier Truck Rental! Company Overview At Premier Truck Rental (PTR), we provide customized commercial fleet rentals nationwide, helping businesses get the right trucks and equipment to get the job done. Headquartered in Fort Wayne, Indiana, PTR is a family-owned company built on a foundation of integrity, innovation, and exceptional service. We serve a wide range of industriesincluding construction, utilities, and infrastructureby delivering high-quality, ready-to-work trucks and trailers tailored to each customers needs. At PTR, we dont just rent truckswe partner with our customers to drive efficiency and success on every job site. Please keep reading Not sure if you meet every requirement? Thats okay! We encourage you to apply if youre passionate, hardworking, and eager to contribute. We know that diverse perspectives and experiences make us stronger, and we want you to be part of our journey. Inside Sales Representative (ISR) at PTR is a friendly, people-oriented, and persuasive steward of the sales process. This role will support our Territory Managers with their sales pipeline while also prospecting and cross-selling PTR products themselves. This support includes driving results by enrolling the commitment and buy-in of other internal departments to achieve sales initiatives. The Inside Sales Representative will also represent PTRs commitment to being our customers easy button by serving as the main point of contact. They will be the front-line hero by assisting them in making informed decisions, providing guidance on our rentals, and resolving any issues they might face. We are seeking someone eager to develop their sales skills and grow within our organization. This role is designed as a stepping stone to a Territory Sales Manager (TSM) position, providing hands-on experience with customer interactions, lead qualification, and sales process execution. Ideal candidates will demonstrate a strong drive for results, the ability to build relationships, and a proactive approach to learning and development. High-performing ISRs will have the opportunity to be mentored, trained, and considered for promotion into a TSM role as part of their career path at PTR. COMPENSATION This position offers a competitive compensation package of base salary ($50,000/yr) plus uncapped commissions =OTE $85,000 annually. RESPONSIBILITIES Offer top-notch customer service and respond with a sense of urgency for goal achievement in a fast-paced sales environment. Build a strong pipeline of customers by qualifying potential leads in your territory. This includes strategic prospecting and sourcing. Develop creative ways to engage and build rapport with prospective customers by pitching the Premier Truck Rental value proposition. Partner with assigned Territory Managers by assisting with scheduling customer visits, trade shows, new customer hand-offs, and any other travel requested. Facilitate in-person meetings and set appointments with prospective customers. Qualify and quote inquiries for your prospective territories both online and from the Territory Manager. Input data into the system with accuracy and follow up in a timely fashion. Facilitate the onboarding of new customers through the credit process. Drive collaboration between customers, Territory Managers, Logistics, and internal teams to coordinate On-Rent and Off-Rent notices with excellent attention to detail. Identify and arrange the swap of equipment from customers meeting the PTR de-fleeting criteria. Manage the sales tools to organize, compile, and analyze data with accuracy for a variety of activities and multiple projects occurring simultaneously.Building and developing a new 3-4 state territory! REQUIREMENTS MUST HAVE2+ years of strategic prospecting or account manager/sales experience; or an advanced degree or equivalent experience converting prospects into closed sales. Tech-forward approach to sales strategy. Excellent prospecting, follow-up, and follow-through skills. Committed to seeing deals through completion. Accountability and ownership of the sales process and a strong commitment to results. Comfortable with a job that has a variety of tasks and is dynamic and changing. Proactive prospecting skills and can overcome objections; driven to establish relationships with new customers. Ability to communicate in a clear, logical manner in formal and informal situations. Proficiency in CRMs and sales tracking systems Hunters mindsetsomeone who thrives on pursuing new business, driving outbound sales, and generating qualified opportunities. Prospecting: Going on LinkedIn, Looking at Competitor data, grabbing contacts for the TM, may use technology like Apollo and LinkedIn Sales Navigator Partner closely with the Territory Manager to ensure a unified approach in managing customer relationships, pipeline development, and revenue growth. Maintain clear and consistent communication to align on sales strategies, customer needs, and market opportunities, fostering a seamless and collaborative partnership with the Territory Manager. Consistently meet and exceed key performance indicators (KPIs), including rental revenue, upfit revenue, and conversion rates, by actively managing customer accounts and identifying growth opportunities. Support the saturation and maturation of the customer base through strategic outreach, relationship management, and alignment with the Territory Manager to drive long-term success. Remote in the United States with some travel to trade shows, quarterly travel up to a week at a time, and sales meetingsNICE TO HAVE Rental and/or sales experience in the industry. Proficiency in , Apollo.io , LinkedIn Sales Navigator, Power BI, MS Dynamics, Chat GPT. Established relationships within the marketplace or territory. Motivated to grow into outside territory management position with relocation On Target Earnings: ($85,000)EMPLOYEE BENEFITSWellness & Fitness: Take advantage of our on-site CrossFit-style gym, featuring a full-time personal trainer dedicated to helping you reach your fitness goals. Whether you're into group classes, virtual personal training, personalized workout plans, or nutrition coaching, weve got you covered!Exclusive Employee Perks: PTR Swag & a Uniform/Boot Allowance, On-site Micro-Markets stocked with snacks & essentials, discounts on phone plans, supplier vehicles, mobile detailing, tools, & equipmentand much more!Profit SharingYour Success, rewarded: At PTR, we believe in sharing success. Our Profit-SharingComprehensive BenefitsStarting Day One:Premium healthcare coverage (medical, dental, vision, mental health & virtual healthcare)401(k) matching & long-term financial planning Paid time off that lets you recharge Life, accidental death, and disability coverage Ongoing learning & development opportunitiesTraining, Growth & RecognitionWe partner with Predictive Index to better understand your strengths, ensuring tailored coaching, structured training, and career development. Performance and attitude evaluations every 6 months keep you on track for growth.Culture & ConnectionMore Than Just a JobAt PTR, we dont just build relationships with our customerswe build them with each other. Our tech-forward, highly collaborative culture is rooted in our core values. Connect and engage through:PTR Field Days & Team EventsThe Extra Mile Recognition ProgramPTR Text Alerts & Open CommunicationPremier Truck Rental Is an Equal Opportunity Employer We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. If you need support or accommodation due to a disability, contact us at PI6e547fa1c5-