SEATTLE, WA - Online shopping retail giant Amazon this week seized multiple internet domains that have been utilized by Russian hackers to launch phishing attacks that targeted users of Microsoft’s Windows operating system. Chief Information Security Officer at Amazon, CJ Moses, announced in a blog post that Midnight Blizzard, otherwise known as APT29 – a threat actor directly sponsored by the Russian government – had been targeting government agencies, empires, … [Read more...]
Thousands of “Sitting Duck” Domain Names Highjacked by Russian Cybercriminals
PALM BEACH, FL - A critical vulnerability within the Domain Name System (DNS) has been unearthed and exploited by dozens of cybercriminals and hackers originating from Russia to take over thousands of domain names, according to cybersecurity researchers from Infoblox and Eclypsium. An estimated 30,000 legitimate domains have been hijacked by the digital thieves since 2019, experts say, utilizing a technique known as “Sitting Ducks” that exploits weak DNS services. The … [Read more...]
Experts: Hackers Registered Over 500,000 Domains for Massive Cyber-Attack
SANTA CLARA, CA - Hackers have been around since the debut of the Internet, and over the years they’ve learned a number of underhanded tricks to use on unsuspecting victims; one of the most prolific is registering new domains to use to disseminate malware and conduct fishing attacks – while posing as innocent and trustworthy websites – in order to get the unwary to share sensitive information or download malicious software. That being said, according to cybersecurity … [Read more...]
FIASCO: Multiple Squarespace Domains Hijacked After Security Loophole Exploited
NEW YORK, NY - Last week, multiple organizations with domains registered with Squarespace had their websites hijacked by hackers, with most of the instances primarily targeting cryptocurrency-based businesses, such as Celer Network, Compound Finance, Pendle Finance, and Unstoppable Domains. The hijacks took place between July 9 and July 12, and involved Google Domains assets; Squarespace had purchased the Google Domains service in June 2023 – along with approximately 10 … [Read more...]
AT&T Discloses Major Data Breach Affecting Approximately 70+ Million Accounts
DALLAS, TX - AT&T recently revealed a cybersecurity incident that exposed call and text message records for a significant portion of its customer base. The breach impacted nearly all of AT&T's cellular customers, along with customers of mobile virtual network operators (MVNOs) that utilize AT&T's network. Even some landline customers who interacted with AT&T cellular users during the timeframe are included. While the compromised data doesn't contain the … [Read more...]
Managed Care Confirms Serious Breach of Nearly 9 Million Patients’ Critical Info
ATLANTA, GA - Managed Care of North America, Inc. (MCNA), a major insurance company, suffered a data breach that exposed the personal information of nearly 9 million patients. The Atlanta-based company claims to be the largest dental insurer in the nation. According to reports, Hackers had access to MCNA systems from February 26 to March 7, 2023, compromising confidential patient information such as full names, addresses, birthdates, driver’s license numbers, phone … [Read more...]
Highly Coordinated Attack Impacts Twitter Accounts of World’s Most Famous People
WEST PALM BEACH, FL - On July 15, 2020, several verified Twitter accounts of famous people and companies were taken over in a security breach, including Apple, Elon Musk, Bill Gates, Jeff Bezos, Barack Obama and others. Hackers then published tweets from these accounts soliciting donations via Bitcoin. For example, one tweet read: “We are giving back to our community. We support Bitcoin and we believe you should too. All Bitcoin sent to our address below will be sent … [Read more...]
10 Simple Yet Effective Security Tips To Keep You Cyber Safe and Worry Less in 2020
PALM BEACH, FL - There is no shortage of security breaches and data leaks reported in the news this past year. As we all move into 2020, here are some simple tips to help keep you stay cyber safe, so you can worry less and have more to look forward to this year. Don't Shorten 2020 in Dates You shouldn’t shorten the year 2020 when signing things. Scammers can easily change the abbreviated date, for example from “3/30/20” to “3/30/2018”. Make sure to write out the full … [Read more...]
Data of 267 Million Facebook Users Exposed in Online Database; Found on Hacker Forum
PALM BEACH, FL - Data security researchers discovered an online database containing the names, phone numbers, and Facebook IDs of 267 million Facebook users available for download on a hacker forum. The database was not password protected and had been posted on December 12th. On December 14th, the researchers contacted the internet service provider that was hosting the database and the database was removed on December 19th. According to the Associated Press, a … [Read more...]
Cryptocurrency Exchange BitMEX Called “Outrageously Incompetent” for Using “CC”
PALM BEACH, FL – BitMex, a peer-to-peer cryptocurrency exchange founded in 2014 has accidentally emailed its users with the CC (carbon copy) field rather than the “private” BCC (blind carbon copy) field leading to outrage by many of its users. In a tweet posted on Nov. 1, crypto-currency attorney Jake Chervinsky said the leak was done in the most “outrageously incompetent way imaginable.” BitMEX released an official statement on the issue, emphasizing that no … [Read more...]
Personal Info of 500 Million Guests Exposed in Marriott’s Starwood Reservation System
NEW YORK, NY - One of the world's leading global hotel groups disclosed that a guest reservation database, which covers a number of major hotel brands, suffered a large data breach. An internal investigation showed that unauthorized access had been occuring since 2014. The intrusion went unnoticed for four years by Starwood, which was acquired by Marriott in 2016 for $13.6 billion. It was uncovered in early September, when a security tool alerted Marriott officials to an … [Read more...]
WordPress Vulnerability for Sites Running WooCommerce with “Shop Manager” Role
NEW YORK, NY – If you're running a WordPress website and are utilizing the popular WooCommerce plugin, a shopping cart used by roughly four-million sites, there is a new vulnerability which requires that your WooCommerce plugin be up to date, or users marked as “Shop Managers” could hijack your site and virtually wipe out all data by compromising your administrator account. This new vulnerability was first reported to WordPress and WooCommerce in August when it was … [Read more...]
Orbitz, AmexTravel; Victims of Latest Data Breach Effecting 880,000 Customers
NEW YORK - If you travel and like to use third party travel sites to find discounts you may be one of the latest co-victims of a data breach by hackers which compromised near a million customers who use online booking services. According to Norton Internet Security, Orbitz, which has been owned by Expedia since 2015, released information regarding two separate data breaches tied to an older web site platform that effected partner bookings including AmexTravel.com; the … [Read more...]
New Threat to WordPress Sites Designed to Bypass All Ordinary Security Measures
NEW YORK, NY - It seems like a new security threat is born each day; maybe that is because there is. For those who operate WordPress sites, including myself, there is a new threat to consider that is designed to bypass ordinary security measures; a simple back door, you have already left wide-open, by choice. WordPress Plugins are great additions to any WordPress site as they create all sorts of easy plug-and-play options and make often complicated features simple to … [Read more...]
Phishing: Watch-out for New Dangerous Godaddy Email Phishing Attempt
NEW YORK, NY - This is just a quick reminder to remain vigilant of all sorts of threats from hackers, email-spoofers, phishers and scammers; you can never let your guard down these days when it comes to your accounts, financial information and especially your domain accounts, because loss of your domain name can be loss of your business and will likely be permanent. Just this week news broke about an Equifax hack that hit credit histories of up to 143 million … [Read more...]