PALM BEACH, FL – BitMex, a peer-to-peer cryptocurrency exchange founded in 2014 has accidentally emailed its users with the CC (carbon copy) field rather than the “private” BCC (blind carbon copy) field leading to outrage by many of its users. In a tweet posted on Nov. 1, crypto-currency attorney Jake Chervinsky said the leak was done in the most “outrageously incompetent way imaginable.” https://twitter.com/jchervinsky/status/1190171229031936000 BitMEX … [Read more...]
Think Your Domains Are Safe by Using Two Factor Authentication? Think Again
PALM BEACH, FL – Sometimes I read stories that really make me think (and worry). For those who have great domains under management, you might feel super-safe by using “two factor authentications”, where your mobile device is used to verify each login you make to your registry account by sending you a text message for confirmation. Two Factor Authentication (2FA) What is two factor authentication (2FA)? I’ve often thought how horrible it might be if someone got … [Read more...]
U.S. GDPR: The California Consumer Privacy Act (CCPA) Goes Into Effect January 2020
PALM BEACH, FL - The US's answer to European Union’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), enacted in 2018, will create new consumer rights relating to the access to, deletion of, and sharing of personal information that is collected by businesses. It also requires California's Attorney General to solicit broad public participation and adopt regulations to further the CCPA's purposes. The proposed regulations will establish … [Read more...]
New “Mind Your Own Business Act” Allows for Fines, Jail Time for Privacy Violations
WASHINGTON - Senator Ron Wyden, an Oregon Democrat, has introducedlegislation, called the Mind Your Own Business Act, that would make it more difficult for online platforms to collect and use customer data. The bill is in some ways similar to the European Union’s General Data Protection Regulation (GDPR). Among other things, the bill would: Give the Federal Trade Commission the authority to establish minimum privacy and cyber-security standards. Allow the FTC to … [Read more...]
FTC Warns Consumers of Fake Equifax Data Breach Websites for Settlement Claims
PALM BEACH, FL – The Federal Trade Commission is warning Internet users, all 147 million people who were affected by the Equifax Data Breach in 2017, to beware of fake Equifax settlement websites which have been setup by thieves trying to steal consumers information when they attempt to file a claim online. Typically, users are sent an email that a class action lawsuit has resulted in a settlement making them eligible for credit monitoring services and/or a cash claim … [Read more...]
It’s National Cybersecurity Awareness Month; Stay Safe With Simple Online Tips
PALM BEACH, FL –The Attorney General of the State of Florida, Ashley Moody has issued a Consumer Alert in recognition of National Cyber-security Awareness Month. The video details some simple steps consumers can take to help avoid becoming a victim of various security threats and online scams such as those which target Internet users with tech support, malware, phishing and ransomware. Today more than ever, our daily lives are dependent on the internet. While advances … [Read more...]
Edmonton Police Seize Three Canadian Domain Names from Fake Job Scam
PALM BEACH, FL – Three more domain names have vanished from the Internet due to a fake job scam; something frequently being used to steal money from unsuspecting victims. According to Canadian Yahoo News, Edmonton police have seized three Internet domains as part of an investigation involving fake job ads posted on the employment site Indeed.com. Police say the scam has cost victims over $240k. Visitors of the Canadian sites (which were not disclosed) are now … [Read more...]
Email Phishing Campaign Using Legitimate Top-Level Domain to Evade Spam Filters
PALM BEACH, FL – A sophisticated email phishing campaign is making the rounds while evading email filters by using a Google domain redirect. According to ThreatPost.com, a leading source of information about IT and business security, the campaign uses percentage-based URL encoding to deceive users. The campaign makes use of what’s called percentage-based URL encoding – a basic URL-encoding technique in which normal ASCII characters (i.e., “abc” and “123”) are converted … [Read more...]
885 Million Customer Records Exposed by Country’s Largest Title Company, FAF
PALM BEACH - Earlier this week, it was reported that one of the country's largest titles companies, First American Financial Corp (NYSE: FAF), unknowingly exposed up to 885 million files related to real estate title insurance records dating from 2003 to 2019. Anyone with a URL for a valid document could view other documents by modifying a single digit in the URL. The records exposed by the website included critical financial information and documents such … [Read more...]
Half of All U.S. Households Likely Victims of New Data Leak; 80 Million Records Exposed
PALM BEACH – A new data leak will likely make victims out of what has been estimated at approximately half of all adults in the United States; 80 million records of those over age 40. This new leak is the cause of an undisclosed company which hosts its database with Microsoft services and the information was freely available on the Internet for those who knew the location of the data, until this week according to Forbes.com's Kate O'Flaherty who contributes as a … [Read more...]
Robo Callers, Phone Spoofing, Auto Dialers; It’s No Longer Annoying, It’s Disruptive
NEW YORK, NY – Everyone gets them - and it’s starting to go from nuisance, to disruptive. Robocalls, Spammers and other automated dialers; it’s beginning to actually go from annoying to interfering with my day to day operations. They come in on both my telephones and mobile device. Constantly, all day and it is becoming far more than a nuisance to the point where the FCC is going to have to start getting more aggressive on this practice. Isn’t that what they do? I … [Read more...]
FedEx Email Phishing Scam Attempt: Not That Clear What Actual Motive Is
NEW YORK, NY – From time to time I like to point out some phishing scams that are out there in hopes to help some people not fall for these email-traps; today is one of those day. This email stuck out not for its sophistication but for more of its non-sophistication, and recurring delivery. For instance, I’ve received these at least 4 times in the last couple of days. This scam pictured below is trying to capture FedEx users regarding the non-delivery of their package; a … [Read more...]
Personal Info of 500 Million Guests Exposed in Marriott’s Starwood Reservation System
NEW YORK, NY - One of the world's leading global hotel groups disclosed that a guest reservation database, which covers a number of major hotel brands, suffered a large data breach. An internal investigation showed that unauthorized access had been occuring since 2014. The intrusion went unnoticed for four years by Starwood, which was acquired by Marriott in 2016 for $13.6 billion. It was uncovered in early September, when a security tool alerted Marriott officials to an … [Read more...]
WordPress Vulnerability for Sites Running WooCommerce with “Shop Manager” Role
NEW YORK, NY – If you're running a WordPress website and are utilizing the popular WooCommerce plugin, a shopping cart used by roughly four-million sites, there is a new vulnerability which requires that your WooCommerce plugin be up to date, or users marked as “Shop Managers” could hijack your site and virtually wipe out all data by compromising your administrator account. This new vulnerability was first reported to WordPress and WooCommerce in August when it was … [Read more...]
“Global Internet Crash” Diverted As ICANN Implements DNS Security Enhancements
NEW YORK, NY – Early last month, The Internet Corporation of Assigned Names and Numbers (ICANN), which is responsible for maintaining the registry of domain names and IP addresses, was preparing to implement the very first change to the “cryptographic keys” which help protect the Domain Name System (DNS) - the Internet's address book. The change had been delayed for over a year as ICANN reviewed last-minute data about the change and accessed any potential risk to the … [Read more...]