CSO offers the latest information and best practices on business continuity and data protection, best practices for prevention of social engineering scams, malware and breaches, and tips and advice abut security careers and leadership.
After being contacted by Salted Hash about a possible data breach, Gwinnett Medical Center(GMC), a not-for-profit network of healthcare providers in Gwinnett County, Georgia, has confirmed they're investigating what they're calling an IT incident.
Salted Hash first became aware of a possible data breach at GMC late last week, but the exact details surrounding the incident were not immediately available.
What we learned was that on Saturday (Sept. 29), IT staff at GMC Lawrenceville became aware of an incident involving several hundred patient records at the least. Immediately following the discovery, the alleged attackers sent threats.
Sometime later, an agent from the local FBI field office arrived and offered to assist, but it isn't clear if the FBI knew something was wrong, or if the law enforcement agency was called in after the threats were made.
On Friday, Facebook’s VP of product management Guy Rosen, coordinating with a Facebook post by founder Mark Zuckerberg, said the company discovered someone had abused access tokens for 50 million users on Tuesday afternoon.
[Note: This story was updated on October 12, with new information concerning the number of accounts impacted]
While the impacted accounts only represent a small fraction of the billions of monthly active users worldwide, the incident is still significant, as the abused tokens enable full access to a person's account.
Here's an interesting, if not outright comical, story for those of you just coming back to work after a long Labor Day weekend. Scammers are pretending to be a well-known CNN anchor and offering serious cash to anyone looking to be a security commentator on air.
Earlier this afternoon, Salted Hash was contacted by a trusted source who shared a screenshot of a recent text conversation a friend and fellow security professional had.
The potential victim in this story did not want their name or organization referenced on the record.
The person responsible for the text messages pretends to be CNN's Wolf Blitzer, and offers security professionals $300,000 yearly to come on to "The Situation Room with Wolf Blitzer" and act as security commentators. All the victim needs to do is pay $3,000 via Western Union to get security clearance and approval.
In 1999, MITRE created the CVE database as a means of standardizing the naming convention of disclosed vulnerabilities. However, as Salted Hash reported in 2016, the program has faced several problems, including coverage gaps and bottlenecks.
The Mirai botnet hasn't gone away, you don't hear about it much, but the code has been constantly updated and maintained. Recently, Symantec's Dinesh Venkatesan discovered a command and control (C&C) server hosting various types of malware, each one targeted for a specific platform.
This week on Salted Hash we’re joined by Lookout’s Jeremy Richards, who manages the @PhishingAI account on Twitter, as well as a good friend and fellow reporter from Ars Technica.
All this week, while we’re on location in Las Vegas, Salted Hash has been discussing phishing and the impact it has had on the public. Today, we’re getting an insider view on how @PhishingAI operates, and learning about a recent phishing campaign targeting Apple users.
Today on Salted Hash, we're going to look at a phishing attack that targeted me directly. It's got a few interesting elements, including a weak attempt to spoof an HTTPS connection, and a sort of hybrid lure, which starts as Dropbox but ends at Microsoft Office.
Microsoft is a popular target with criminals, especially when it comes to phishing. If a criminal can compromise your Microsoft Office account, they have a good deal of leverage over your professional life, and it gets worse if your Microsoft Office password is used on other services (it happens, and criminals do check for this).
Email security vendor Vade Secure recently published a list of the top brands spoofed by phishing attacks, and Microsoft topped the list. This is notable because PayPal is usually in the top spot. According to Vade Secure's list, Microsoft held the number one position by more than 40 percent. PayPal drops to second, followed by Facebook, Netflix, Wells Fargo, Bank of America, DocuSign, Dropbox, DHL, and Apple to round out the top ten.
Reddit, one of the largest websites on the internet, announced on Wednesday that someone was able to compromise staff accounts at their cloud and source code hosting providers, leaving backups, source code, and various logs exposed.
As a result, they are notifying some users who maintained accounts on the website prior to 2007, as their accounts were impacted.
Sometime between June 14th and 18th, the attackers were able to compromise staffer accounts on unnamed cloud and source code hosting providers, bypassing what was assumed to be solid defenses using multi-factor authentication (2FA).