Security

Here's an interesting, if not outright comical, story for those of you just coming back to work after a long Labor Day weekend. Scammers are pretending to be a well-known CNN anchor and offering serious cash to anyone looking to be a security commentator on air.

Earlier this afternoon, Salted Hash was contacted by a trusted source who shared a screenshot of a recent text conversation a friend and fellow security professional had.

More than 7,500 Mikrotik routers have been compromised with malware that logs and transmits network traffic data to an unknown control server.

This according to researchers from 360 Netlab, who found the routers had all been taken over via an exploit for CVE-2018-14847, a vulnerability first disclosed in the Vault7 data dump of supposed CIA hacking tools.

A new financial malware camouflaged as a security module and dubbed “CamuBot” is targeting Brazilian Banking customers.

The malware was first spotted in Brazil in August 2018 in a series of targeted attacks against business banking users and has been since been actively used to target companies and public sector organizations using social engineering and malware tactics to bypass authentication and security controls, IBM X-Force researchers said in a Sept. 4 blog post.

Do you use the same password for all your online services? Are you worried somebody can hack one and then take all?

Google on Tuesday released an improved built-in password manager that automatically generates a random password when you sign up on a new website, according to the company's blog post. It's one of the new features Google unveiled as part of a redesign of its Chrome browser.

Having the same password for everything could be dangerous. If a hacker infiltrates one of your accounts, all of your accounts could be at risk.

The crypto automated trading machine (ATM) market will grow to $114.5 million by 2023, according a report published Sept. 4 on ResearchandMarkets.com.

Researchers expect the cryptocurrency ATM market to grow from $16.3 million in 2018 to $144.5 million by 2023, citing a compound annual growth rate (CAGR) of 54.7 percent from 2018 to 2023.

Security researchers look at how macOS users can be remotely targeted using document handlers and custom URL schemes – which is behind the “Do you want to allow” popup seen in the above screenshot.

Patrick Wardle explains how a custom APT abuses URL schemes to remotely infect macOS targets

A cyberattack on a New England power grid during January’s sub-zero temperatures is a nightmare scenario for America’s top spy.

“A lot of people are going to suffer and die,” director of national intelligence Dan Coates said during a July event at the Hudson Institute.

Apple Macs are rarely the target of digital espionage. But in recent years, a mysterious hacker crew called WindShift has targeted specific individuals working in government departments and critical infrastructure across the Middle East. And they’re exploiting weaknesses believed to affect all Apple Mac models.

The Five Eyes allies have threatened to introduce legislation if technology providers don’t help them to break end-to-end encryption in specific cases where private info is sought on suspects.

The five-country partnership of the UK, US, Australia, Canada and New Zealand met in Australia last week with homeland security, public safety and immigration ministers and attorneys-general in attendance.

As we near the beginning of the school year, a new report was released by SecureWorks and it details troubling news: How universities are victims of a spoofing attack by the Cobalt Dickens group in Iran.

The Cobalt Dickens group is infamous for stealing intellectual property from various universities between 2013 and 2017 until being discovered and indicted by the US Department of Justice.