SACRAMENTO, CA - On December 28, 2024, PowerSchool, a prominent provider of educational technology services to over 60 million K-12 students worldwide, identified a cybersecurity incident involving unauthorized access to its Student Information System (SIS) through the PowerSource customer support portal. The breach, which occurred between December 19 and December 24, 2024, allowed threat actors to exfiltrate sensitive data, including names, addresses, dates of birth, … [Read more...]
Thousands of Domain Names Owned by Legitimate Brands Hijacked to Send Spam
TEL AVIV - As part of a sophisticated scheme involving spam proliferation and click monetization, over 8,000 domains and 13,000 sub-domains once owned by major, legitimate brands and institutions have been hijacked to allow millions of spam emails to bypass standard security blocks for nefarious gain. This coordinated malicious activity – dubbed “SubdoMailing” – has been going on since at least September 2022, according to Guardio Labs, the Israeli security … [Read more...]