-
Gwinnett Medical Center investigating possible data breach
After being contacted by Salted Hash about a possible data breach, Gwinnett Medical Center(GMC), a not-for-profit network of healthcare providers in Gwinnett County, Georgia, has confirmed they're investigating what they're calling an IT incident.Salted Hash first became aware of a possible data breach at GMC late last week, but the...
-
Facebook: 30 million accounts impacted by security flaw (updated)
On Friday, Facebook’s VP of product management Guy Rosen, coordinating with a Facebook post by founder Mark Zuckerberg, said the company discovered someone had abused access tokens for 50 million users on Tuesday afternoon.[Note: This story was updated on October 12, with new information concerning the number of accounts impacted]While...
-
Scammers pose as CNN's Wolf Blitzer, target security professionals
Here's an interesting, if not outright comical, story for those of you just coming back to work after a long Labor Day weekend. Scammers are pretending to be a well-known CNN anchor and offering serious cash to anyone looking to be a security commentator on air.Earlier this afternoon, Salted Hash...
-
Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding
On Monday, the Energy and Commerce Committee sent letters to MITRE Corporation and the Department of Homeland Security (DHS), recommending some needed changes to the troubled CVE program.Bottlenecks, coverage gaps, and frustration:
In 1999, MITRE created the CVE database as a means of standardizing the naming convention of disclosed vulnerabilities. However,...
-
Mirai leveraging Aboriginal Linux to target multiple platforms
The Mirai botnet hasn't gone away, you don't hear about it much, but the code has been constantly updated and maintained. Recently, Symantec's Dinesh Venkatesan discovered a command and control (C&C) server hosting various types of malware, each one targeted for a specific platform.In October of 2016, the Mirai botnet...
-
Introducing Kit Hunter, a phishing kit detection script | Salted Hash, Ep. 40
Today's post is a bit different, personal really. Over the last few months, I've attempted to learn something new, and I selected Python to be that thing. It's a slow process.So, what's my point? Well, here lately I've released a number of videos where I show phishing kits from the...
