SAN FRANCISCO, CA - According to recent reports, a new data security incident has surfaced. DoorDash, a popular food delivery app, detected suspicious activity from the computer network of a third-party vendor, and determined the vendor was compromised by a sophisticated phishing attack. According to the report, certain personal information maintained by DoorDash like names, emails, addresses, phone numbers, and even partial payment card info have been affected. If … [Read more...]
Reported Twitter Data Breach Potentially Affects 5.4 Million Accounts
WEST PALM BEACH, FL – Stolen personal information from 5.4 million Twitter users has been discovered for sale on a hacker forum. With this information, including emails and phone numbers, cybercriminals can create profiles to target victims with spam or phishing attempts which could lead to identity theft. Twitter is currently investigating claims that a near-seven-month-old vulnerability in its software has been exploited and the hacker is asking for $30,000 for the … [Read more...]
Massive Data Breach of Neopets Website Affects 69 Million Users
WEST PALM BEACH, FL - Neopets, a virtual pet and gaming community, has reported a data breach exposing personal information like usernames, passwords, IP addresses, and more of 69 million user accounts. By combining this information, cybercriminals could target users with spam or phishing attempts to access additional personal information which could lead to identity theft. Neopets representatives have published a statement on Twitter addressing the breach. If … [Read more...]
LifeLock Confirms My Data Was Revealed on “The Dark Web” After 2021 “Epik” Data Leak
WEST PALM BEACH, FL – This morning I received an email notification that information or data which is presumed to be connected to my identity has been found on “The Dark Web” after the domain name and hosting company, Epik.com was hacked last year. The service is part of LifeLock by Norton. The following message arrived: Logging into my account a more detailed explanation explains that my personal information associated with the epik.com leak was located on the Dark … [Read more...]
Privacy Scandal: Has Your Data Been Stolen by These 10 “Known Tracking Domains?”
WEST PALM BEACH, FL - A new study has revealed that consumer email addresses are being collected by online login, registration, and newsletter subscriptions even before the user has manually submitted the form or even given their consent to have their personal information collected, igniting controversy over privacy rights – or lack thereof – on the internet. The goal of the study was to spot sites that pulled email and password information before users could … [Read more...]
Data Security Breach At Robinhood Exposes Personal Info Of Customers
PALM BEACH, FL - The Robinhood financial service company has confirmed a data security incident that has exposed full names or email addresses for approximately seven million customers, with a smaller subset having additional personal information revealed. These customers could be targeted with spam, phishing attempts, identity theft and more. No Social Security numbers, bank account numbers or debit card numbers were exposed according to the company. Robinhood … [Read more...]
Massive Data Breach of Twitch Live Streaming Service Confirmed
PALM BEACH, FL - According to The Verge the Twitch streaming service has confirmed a data breach, which reportedly includes their source code, creator payouts, and possible leak of users’ passwords. The leak includes the following: 3 years worth of details regarding creator payouts on Twitch.The entirety of twitch.tv, “with commit history going back to its early beginnings.”Source code for the mobile, desktop, and video game console Twitch clients.Code related to … [Read more...]
PII Of Up To 4.6 Million Neiman Marcus Customers Potentially Exposed In Breach
PALM BEACH, FL - On Thursday, September 30, 2021, luxury department store Neiman Marcus announced that about 4.6 million of its customers may have had their personally identifiable information or PII compromised in a data breach that occurred in May 2020. The personal information stolen in the breach varied and may have included names and contact information, payment card numbers and expiration dates including virtual gift card numbers. Worse, the cyber-thieves may have … [Read more...]
Amazingly Convincing Facebook Phishing Scam Takes Place on Facebook.com Itself
PALM BEACH, FL – I have been reviewing and writing about email phishing scams for years and I have seen a ton of them, from outright laughable in their easy discoverability to incredibly convincing, but this latest one I must write about because its one of the most convincing I have ever seen, and it has been happening for over a year now. I know it well as I once fell for it. The reason this is one of the most convincing I’ve ever seen is because unlike most phishing … [Read more...]
Vulnerability In Official Facebook Chat Plugin Allowed Attackers to Chat With Site Visitors
WEST PALM BEACH, FL – At 3:47 PM today, the Threat Intelligence Team from WordFence, posted research detailing a vulnerability in The Official Facebook Chat Plugin, currently installed on over 80,000 WordPress websites. This vulnerability allowed authenticated attackers to connect their own Facebook Messenger account to any site running the vulnerable plugin and engage in chats with site visitors on affected sites. We initially reached out to Facebook on June 26, 2020 … [Read more...]
Critical Vulnerability Exposes over 700,000 Sites Using WP Divi, Extra, and Divi Builder
WEST PALM BEACH, FL - This morning, the Wordfence Threat Intelligence Team published details about a critical vulnerability discovered in two themes by Elegant Themes, Divi and Extra, as well as the Divi Builder plugin. Combined, these products are installed on an estimated 700,000 sites. Elegant Themes provides some of the most popular WordPress themes in the world and includes a visual page builder. We initially reached out to Elegant Themes on July 23, 2020 and, … [Read more...]
How Expired Domain Names Have Been Used to Redirect to Malicious Websites
WEST PALM BEACH, FL - Expired domains or domain names which have not been renewed by their previous owner are encountered by all of us often – most times we just don’t notice it. When we do, we open a website only to find out it no longer exists. We are redirected to a site with links on it, or it showcases a sales page for auction of the domain name. These types of websites are generally considered harmless, but recent research proves otherwise. In a report released by … [Read more...]
Highly Coordinated Attack Impacts Twitter Accounts of World’s Most Famous People
WEST PALM BEACH, FL - On July 15, 2020, several verified Twitter accounts of famous people and companies were taken over in a security breach, including Apple, Elon Musk, Bill Gates, Jeff Bezos, Barack Obama and others. Hackers then published tweets from these accounts soliciting donations via Bitcoin. For example, one tweet read: “We are giving back to our community. We support Bitcoin and we believe you should too. All Bitcoin sent to our address below will be sent … [Read more...]
It’s Only A Matter of Time Until You Need to Be Licensed to Operate A Web Server
PALM BEACH, FL – I have been thinking about this off and on for a few years now, but I have never really posted or written about it. That is because it is an awful prediction that I hate the idea of, but I think it is going to eventually happen. Here it goes…. I predict that to operate a web server sometime in the near future, you will be required to have a license, or have passed a basic course in IT security or Cybersecurity intrusion mitigation. Not at the single site … [Read more...]
10 Simple Yet Effective Security Tips To Keep You Cyber Safe and Worry Less in 2020
PALM BEACH, FL - There is no shortage of security breaches and data leaks reported in the news this past year. As we all move into 2020, here are some simple tips to help keep you stay cyber safe, so you can worry less and have more to look forward to this year. Don't Shorten 2020 in Dates You shouldn’t shorten the year 2020 when signing things. Scammers can easily change the abbreviated date, for example from “3/30/20” to “3/30/2018”. Make sure to write out the full … [Read more...]