Here's an interesting, if not outright comical, story for those of you just coming back to work after a long Labor Day weekend. Scammers are pretending to be a well-known CNN anchor and offering serious cash to anyone looking to be a security commentator on air.
Earlier this afternoon, Salted Hash was contacted by a trusted source who shared a screenshot of a recent text conversation a friend and fellow security professional had.
The potential victim in this story did not want their name or organization referenced on the record.
The person responsible for the text messages pretends to be CNN's Wolf Blitzer, and offers security professionals $300,000 yearly to come on to "The Situation Room with Wolf Blitzer" and act as security commentators. All the victim needs to do is pay $3,000 via Western Union to get security clearance and approval.
On Monday, the Energy and Commerce Committee sent letters to MITRE Corporation and the Department of Homeland Security (DHS), recommending some needed changes to the troubled CVE program.Bottlenecks, coverage gaps, and frustration:
In 1999, MITRE created the CVE database as a means of standardizing the naming convention of disclosed vulnerabilities. However, as Salted Hash reported in 2016, the program has faced several problems, including coverage gaps and bottlenecks.
The Mirai botnet hasn't gone away, you don't hear about it much, but the code has been constantly updated and maintained. Recently, Symantec's Dinesh Venkatesan discovered a command and control (C&C) server hosting various types of malware, each one targeted for a specific platform.
In October of 2016, the Mirai botnet was used in attacks against Dyn Inc., knocking out internet service to most of the east coast in the United States, but it was later determined to be a variant of Mirai in the Dyn Inc. attack, it wasn't the same set of Mirai bots used to target OVH and Brian Krebs the month prior.