WASHINGTON, D.C. – A multi-jurisdictional operation involving the Federal Bureau of Investigation (FBI) and several other law enforcement agencies has resulted in several well-known internet domains being seized that were a part of a major cybercrime ring responsible for hacking and stealing credentials from digital marketplaces. As of Wednesday, the Cracked.io and Nulled.to internet forums – long known as havens for threat actors who engaged in password theft, software … [Read more...]
50 Million Potentially Compromised In PowerSchool Data Breach
SACRAMENTO, CA - On December 28, 2024, PowerSchool, a prominent provider of educational technology services to over 60 million K-12 students worldwide, identified a cybersecurity incident involving unauthorized access to its Student Information System (SIS) through the PowerSource customer support portal. The breach, which occurred between December 19 and December 24, 2024, allowed threat actors to exfiltrate sensitive data, including names, addresses, dates of birth, … [Read more...]
Expired Domains Used by Security Experts to Neutralize Abandoned Web Backdoors
BATH, UK - More than 4,000 web backdoors that had been abandoned but were still active with live malware were hijacked and their communication infrastructure sinkholed – a term used to describe the process of redirecting malicious traffic to a DNS sinkhole – after web security researchers registered numerous expired domains, preventing them from being used by hackers and cybercriminals. A backdoor is a covert method of bypassing normal authentication or encryption in a … [Read more...]
AT&T Discloses Major Data Breach Affecting Approximately 70+ Million Accounts
DALLAS, TX - AT&T recently revealed a cybersecurity incident that exposed call and text message records for a significant portion of its customer base. The breach impacted nearly all of AT&T's cellular customers, along with customers of mobile virtual network operators (MVNOs) that utilize AT&T's network. Even some landline customers who interacted with AT&T cellular users during the timeframe are included. While the compromised data doesn't contain the … [Read more...]
Data Leak Impacts Snowflake Customers, Including Advanced Auto Parts, LendingTree
BOZEMAN, MT - In a significant data breach, several major companies have been impacted due to vulnerabilities in their Snowflake cloud storage accounts. The breach, which came to light in early June 2024, has affected companies like Advanced Auto Parts and LendingTree, among others. Details of the Breach: The breach involved unauthorized access to Snowflake's cloud storage, leading to the theft of vast amounts of data. The hacker, known by the alias "Sp1d3r," has … [Read more...]
Omni Hotels & Resorts Suffers Breach, Potentially Impacting Millions
DALLAS, TX - Last month, Omni Hotels & Resorts, a prominent hotel chain, experienced a cybersecurity breach that resulted in the theft of customer information. In an update on their website, Omni confirmed that the stolen data includes customer names, email addresses, postal addresses, and guest loyalty program information. However, financial information and Social Security numbers were not compromised. The breach was detected on March 29, prompting Omni to shut down … [Read more...]
Thousands of Domain Names Owned by Legitimate Brands Hijacked to Send Spam
TEL AVIV - As part of a sophisticated scheme involving spam proliferation and click monetization, over 8,000 domains and 13,000 sub-domains once owned by major, legitimate brands and institutions have been hijacked to allow millions of spam emails to bypass standard security blocks for nefarious gain. This coordinated malicious activity – dubbed “SubdoMailing” – has been going on since at least September 2022, according to Guardio Labs, the Israeli security … [Read more...]
Scammers Sending Emails from Spoofed Authoritative Domains Via Forwarding Flaws
LA JOLLA, CA - According to research conducted by the University of California San Diego, due to flaws inherent in the process of forwarding emails, the ability for scammers and attackers to send unsuspecting victims e-mails from the spoofed addresses of top-level government or corporate domains is actually much easier than many experts were initially suspecting, opening up disturbingly new and effective avenues for online fraud. The integrity of emails sent from … [Read more...]
It’s Only A Matter of Time Until You Need to Be Licensed to Operate A Web Server
PALM BEACH, FL – I have been thinking about this off and on for a few years now, but I have never really posted or written about it. That is because it is an awful prediction that I hate the idea of, but I think it is going to eventually happen. Here it goes…. I predict that to operate a web server sometime in the near future, you will be required to have a license, or have passed a basic course in IT security or Cybersecurity intrusion mitigation. Not at the single site … [Read more...]
This AMEX Email Phishing Scam Wants You Homeless & Poor, With A Zero FICO Score
PALM BEACH, FL - Nothing could better destroy your holiday spirit than a compromise of your most secure personal information in the form of a phishing expedition. Here is one of the latest email scams circulating what is probably hundreds of thousands of inboxes, just in time for Christmas. Here is how it all plays out: You receive an email which appears to be from American Express, but it isn't, it's from some scrupulous hacker hiding somewhere behind a computer who is … [Read more...]
The Question Is Not “If” You’ve Been Compromised; It’s How Many Times?
NEW YORK - If you haven't done business with one of the companies in this extensive list, you probably do not live on planet Earth with the rest of us. In other words, if you are reading this article, more than likely, despite all of the precautions you might take, your personal information has already been compromised. Below is a list of 245 instances of data breaches all over the world; those that have been reported. Keep in mind that many data breaches are never … [Read more...]
Orbitz, AmexTravel; Victims of Latest Data Breach Effecting 880,000 Customers
NEW YORK - If you travel and like to use third party travel sites to find discounts you may be one of the latest co-victims of a data breach by hackers which compromised near a million customers who use online booking services. According to Norton Internet Security, Orbitz, which has been owned by Expedia since 2015, released information regarding two separate data breaches tied to an older web site platform that effected partner bookings including AmexTravel.com; the … [Read more...]
How to Become a ‘Rockstar Domainer’ by Developing Your Own Domain Assets
NEW YORK – Unless you have been living in a cave for the last few years, you’ve caught wind that parking your domain names is potentially the worst thing you can do to monetize them. Today, you need to DEVELOP your domain names into real web services to earn realistic profits from them, but development is not always easy, especially if you do not know how to do any of it yourself, as it can be VERY EXPENSIVE. Development involves an ‘idea’, planning, design, development, … [Read more...]
Big Deal: Another Popular WordPress Plugin Purchased by Nefarious User
NEW YORK - A few months ago in September, I wrote about a plugin (Display Widgets Plugin) which was sold to someone who used it to compromise over 200,000 websites as that’s about how many installs it had and sites it targeted with compromising intentions. Well, it was a big deal then and it’s an even bigger deal now because it has come to light that this same tactic of acquisition has been used yet again, with (Captcha Plugin) to compromise 300,000 sites. According to … [Read more...]