AUSTRALIA - A South Australian woman narrowly avoided a complete financial disaster after falling victim to a sophisticated business email compromise (BEC) scam that led to the loss of over $800,000. Authorities have since managed to recover a significant portion of the stolen funds, shedding light on the growing threat of cyber fraud in real estate transactions. The victim, who had been in the process of purchasing a property, received what appeared to be a legitimate … [Read more...]
FBI Seizes Internet Domains Associated with Major Cybercrime Ring; 17M Victims
WASHINGTON, D.C. – A multi-jurisdictional operation involving the Federal Bureau of Investigation (FBI) and several other law enforcement agencies has resulted in several well-known internet domains being seized that were a part of a major cybercrime ring responsible for hacking and stealing credentials from digital marketplaces. As of Wednesday, the Cracked.io and Nulled.to internet forums – long known as havens for threat actors who engaged in password theft, software … [Read more...]
Expired Domains Used by Security Experts to Neutralize Abandoned Web Backdoors
BATH, UK - More than 4,000 web backdoors that had been abandoned but were still active with live malware were hijacked and their communication infrastructure sinkholed – a term used to describe the process of redirecting malicious traffic to a DNS sinkhole – after web security researchers registered numerous expired domains, preventing them from being used by hackers and cybercriminals. A backdoor is a covert method of bypassing normal authentication or encryption in a … [Read more...]
Hackers Utilizing Russian Domains for Rising Number of Complex Phishing Attacks
REDMOND, WA - Cybersecurity experts have noted a large increase in the number of phishing attacks recently as hackers have been altering their attack avenues in order to work their way around increasingly complex email security systems designed to circumvent their efforts. Both the volume and complexity of malicious emails have been on the rise and are proving to be increasingly able to bypass Secure Email Gateways (SEGs) such as Microsoft and Proofpoint, according … [Read more...]
Scammers & Cybercriminals Using Cheap New Domains To Host Fake Websites
BOSTON, MA - A new report is pointing to new generic top-level domains (gTLDs) launched within the past few years, such as .Top, and .Shop as contributing to an increase in use by scammers and cybercriminals due to the fact that – given their relatively new status on the market – they are cheaper to register compared to more established domains. According to Interisle Consulting Group’s newly-published Cybercrime Supply Chain 2024 report, 16 million cybercrime events … [Read more...]
Thousands of “Sitting Duck” Domain Names Highjacked by Russian Cybercriminals
PALM BEACH, FL - A critical vulnerability within the Domain Name System (DNS) has been unearthed and exploited by dozens of cybercriminals and hackers originating from Russia to take over thousands of domain names, according to cybersecurity researchers from Infoblox and Eclypsium. An estimated 30,000 legitimate domains have been hijacked by the digital thieves since 2019, experts say, utilizing a technique known as “Sitting Ducks” that exploits weak DNS services. The … [Read more...]
49 Million Customers Data Affected After Dell Technologies Data Breach
ROUND ROCK, TX - A security incident has come to light, prompting concerns among users. Dell Technologies, a prominent player in the tech industry, disclosed a data breach affecting a substantial number of customers, totaling 49 million. While the breach does not involve sensitive financial or payment data, it nonetheless exposes personal information, including full names, cities, postal codes, and purchase details. Despite seeming innocuous, this data can be exploited by … [Read more...]
Investigation Uncovers 40,000 Phishing Domains Linked To LabHost Scam Operation
UNITED KINGDOM - The LabHost phishing-as-a-service (PhaaS) platform, which had tens of thousands of phishing domains linked to it and thousands of users worldwide, has had its infrastructure completely disrupted and 37 suspects have been arrested – including the original developer – following a year-long global law enforcement operation. Originally launched in 2021, LabHost was a resource for cybercriminals that – for a monthly subscription fee – provided them … [Read more...]
Omni Hotels & Resorts Suffers Breach, Potentially Impacting Millions
DALLAS, TX - Last month, Omni Hotels & Resorts, a prominent hotel chain, experienced a cybersecurity breach that resulted in the theft of customer information. In an update on their website, Omni confirmed that the stolen data includes customer names, email addresses, postal addresses, and guest loyalty program information. However, financial information and Social Security numbers were not compromised. The breach was detected on March 29, prompting Omni to shut down … [Read more...]
Multiple Domains Used by Vietnamese Cybercrime Group Seized by Microsoft
REDMOND, WA - Multiple domains utilized by a Vietnamese cybercrime group known as “Storm-1152” to sell fraudulent Outlook email accounts have been seized by Microsoft’s Digital Crimes Unit. The domains have been used to cause millions of dollars in damage. Storm-1152 had reportedly used these domains to register over 750 million fake Outlook accounts that they then would sell online to cybercriminals. In addition, the outlaw group also provided numerous other illegal … [Read more...]
Managed Care Confirms Serious Breach of Nearly 9 Million Patients’ Critical Info
ATLANTA, GA - Managed Care of North America, Inc. (MCNA), a major insurance company, suffered a data breach that exposed the personal information of nearly 9 million patients. The Atlanta-based company claims to be the largest dental insurer in the nation. According to reports, Hackers had access to MCNA systems from February 26 to March 7, 2023, compromising confidential patient information such as full names, addresses, birthdates, driver’s license numbers, phone … [Read more...]
PharMerica Discloses Data Breach That Exposes Info of Nearly 6 Million People
LOUISVILLE, KY - PharMerica, a national pharmacy network owned by BrightSpring Health, has informed nearly 6 million of their members that Social Security numbers, names, birthdates, medical information, and more was exposed in a data breach. The information was stolen between March 12 and March 13. If exploited, cybercriminals can use this information to commit identity theft. On March 14, 2023, we learned of suspicious activity on our computer network. Upon discovering … [Read more...]
NextGen Healthcare Confirms Breach Of Over 1 Million Individuals’ Personal Info
ATLANTA, GA - A security incident has surfaced and you may or may not have been affected. NextGen Healthcare, a healthcare solutions provider, suffered a data breach that exposed the personal information of over 1 million individuals. According to the company, Hackers had access to NextGen systems from March 29 to April 14, 2023, compromising personal information such as full names, addresses, birthdates, and social security numbers. If exploited, cybercriminals can use … [Read more...]
Reported Twitter Data Breach Potentially Affects 5.4 Million Accounts
WEST PALM BEACH, FL – Stolen personal information from 5.4 million Twitter users has been discovered for sale on a hacker forum. With this information, including emails and phone numbers, cybercriminals can create profiles to target victims with spam or phishing attempts which could lead to identity theft. Twitter is currently investigating claims that a near-seven-month-old vulnerability in its software has been exploited and the hacker is asking for $30,000 for the … [Read more...]
Massive Data Breach of Neopets Website Affects 69 Million Users
WEST PALM BEACH, FL - Neopets, a virtual pet and gaming community, has reported a data breach exposing personal information like usernames, passwords, IP addresses, and more of 69 million user accounts. By combining this information, cybercriminals could target users with spam or phishing attempts to access additional personal information which could lead to identity theft. Neopets representatives have published a statement on Twitter addressing the breach. If … [Read more...]