SEATTLE, WA - Online shopping retail giant Amazon this week seized multiple internet domains that have been utilized by Russian hackers to launch phishing attacks that targeted users of Microsoft’s Windows operating system. Chief Information Security Officer at Amazon, CJ Moses, announced in a blog post that Midnight Blizzard, otherwise known as APT29 – a threat actor directly sponsored by the Russian government – had been targeting government agencies, empires, … [Read more...]
Senator Demands Domain Registrars Address Russian Influence Operations During 2024 Election
WASHINGTON, D.C. - Senator Mark Warner (D-Va.), Chair of the Senate Intelligence Committee, has issued a demand to several of the top American internet domain registrars to clamp down on the abuse of their services by Russian disinformation actors who he alleged are attempting to interfere with and influence the outcome of the 2024 presidential election. Warner sent a letter earlier in October to several well-known companies in the web domain registering and hosting … [Read more...]
56% Increase In Disaster Recovery Events Related To Microsoft 365 Domains
REDMOND, WA - According to new data released by IT services data protection and security company N-able, 2024 so far has seen a huge uptick in hacking and cyberattacks targeting Microsoft 365 domains, with a 56 percent increase in the number of disaster recovery events among the service’s clients and a large uptick in the number of backups among its partners. Critical Start’s Cyber Research Unit (CRU) issued a report that states the number of cyber alerts in the first … [Read more...]
FBI Shutdown Prolific Ransomware Group “Radar/Dispossessor,” Domains Seized
WASHINGTON, D.C. - The FBI has announced they have shut down a prolific ransomware group known as “Radar/Dispossessor” and seized multiple internet domains and servers utilized by the cyber threat actors, reportedly headed up by an individual known by the code-name “Brain.” As part of the FBI’s enforcement actions, they have dismantled a plethora of servers utilized by Radar/Dispossessor to carry out their ransomware attacks, including three in the United States, … [Read more...]
Thousands of “Sitting Duck” Domain Names Highjacked by Russian Cybercriminals
PALM BEACH, FL - A critical vulnerability within the Domain Name System (DNS) has been unearthed and exploited by dozens of cybercriminals and hackers originating from Russia to take over thousands of domain names, according to cybersecurity researchers from Infoblox and Eclypsium. An estimated 30,000 legitimate domains have been hijacked by the digital thieves since 2019, experts say, utilizing a technique known as “Sitting Ducks” that exploits weak DNS services. The … [Read more...]
Experts: Hackers Registered Over 500,000 Domains for Massive Cyber-Attack
SANTA CLARA, CA - Hackers have been around since the debut of the Internet, and over the years they’ve learned a number of underhanded tricks to use on unsuspecting victims; one of the most prolific is registering new domains to use to disseminate malware and conduct fishing attacks – while posing as innocent and trustworthy websites – in order to get the unwary to share sensitive information or download malicious software. That being said, according to cybersecurity … [Read more...]
FIASCO: Multiple Squarespace Domains Hijacked After Security Loophole Exploited
NEW YORK, NY - Last week, multiple organizations with domains registered with Squarespace had their websites hijacked by hackers, with most of the instances primarily targeting cryptocurrency-based businesses, such as Celer Network, Compound Finance, Pendle Finance, and Unstoppable Domains. The hijacks took place between July 9 and July 12, and involved Google Domains assets; Squarespace had purchased the Google Domains service in June 2023 – along with approximately 10 … [Read more...]
AT&T Discloses Major Data Breach Affecting Approximately 70+ Million Accounts
DALLAS, TX - AT&T recently revealed a cybersecurity incident that exposed call and text message records for a significant portion of its customer base. The breach impacted nearly all of AT&T's cellular customers, along with customers of mobile virtual network operators (MVNOs) that utilize AT&T's network. Even some landline customers who interacted with AT&T cellular users during the timeframe are included. While the compromised data doesn't contain the … [Read more...]
Large-Scale Fraud Campaign Utilizes Over 700 Domains to Sell Fraudulent Tickets
CHANDLER, AR - Authorities have discovered that a group behind a widespread internet scam – dubbed “Ticket Heist” – has been utilizing over 700 domain names, registered over the course of over two years, in order to sell fraudulent tickets and hotel accommodations to the Summer Olympic Games in Paris. The operation, which researchers at threat intelligence company QuoIntelligence say seems to primarily target Russian-speaking individuals, has not only offered … [Read more...]
Data Leak Impacts Snowflake Customers, Including Advanced Auto Parts, LendingTree
BOZEMAN, MT - In a significant data breach, several major companies have been impacted due to vulnerabilities in their Snowflake cloud storage accounts. The breach, which came to light in early June 2024, has affected companies like Advanced Auto Parts and LendingTree, among others. Details of the Breach: The breach involved unauthorized access to Snowflake's cloud storage, leading to the theft of vast amounts of data. The hacker, known by the alias "Sp1d3r," has … [Read more...]
Ticketmaster Faces Massive Data Breach, Affecting Millions of Users
WEST HOLLYWOOD, CA - Ticketmaster, the ticketing giant, is reeling from a major data breach that may have exposed the personal information of over half a billion users. The notorious hacking group ShinyHunters is claiming responsibility for the attack and is demanding a ransom of $500,000 to prevent the data from being sold. While Ticketmaster has yet to confirm the breach officially, security experts are taking the claims seriously. According to reports, the stolen data … [Read more...]
Unstoppable Domains & Secret Network Launch “.Secret” Top-Level Domain (TLD)
SAN FRANCISCO, CA - Digital identity provider Unstoppable Domains (UD) and Secret Network, the confidential computing layer of Web3, officially announced on Thursday, May 30 that they have launched the ".Secret" Web3 top-level domain (TLD), which will offer enhanced digital privacy and communication for users within the blockchain community. The .Secret TLD – which will function as both a web address and digital identifier – represents a huge leap in terms of privacy for … [Read more...]
49 Million Customers Data Affected After Dell Technologies Data Breach
ROUND ROCK, TX - A security incident has come to light, prompting concerns among users. Dell Technologies, a prominent player in the tech industry, disclosed a data breach affecting a substantial number of customers, totaling 49 million. While the breach does not involve sensitive financial or payment data, it nonetheless exposes personal information, including full names, cities, postal codes, and purchase details. Despite seeming innocuous, this data can be exploited by … [Read more...]
Fake TD Bank Website Email Scam Steals Username, Password, Text-Message Code
WEST PALM BEACH, FL - I've been writing about scam emails and phishing attempts for a number of years now and although I don't have as much time at my disposal as I used to, I still like to detail their processes when I can so people can learn how to avoid these scams while seeing and understanding how clever these little sneaks are when plotting to steal your information (and money). Past features have includes similar scams targeting customers of Facebook, GoDaddy, FedEx, … [Read more...]
Investigation Uncovers 40,000 Phishing Domains Linked To LabHost Scam Operation
UNITED KINGDOM - The LabHost phishing-as-a-service (PhaaS) platform, which had tens of thousands of phishing domains linked to it and thousands of users worldwide, has had its infrastructure completely disrupted and 37 suspects have been arrested – including the original developer – following a year-long global law enforcement operation. Originally launched in 2021, LabHost was a resource for cybercriminals that – for a monthly subscription fee – provided them … [Read more...]