WEST PALM BEACH, FL - A significant data breach has compromised over 184 million login credentials, affecting users of major platforms including Google, Apple, Meta (Facebook, Instagram), Microsoft, Snapchat, and others. The exposed information includes email addresses, usernames, plaintext passwords, and login URLs, posing a substantial risk of identity theft and unauthorized account access. Cybersecurity researcher Jeremiah Fowler discovered the unprotected database, … [Read more...]
FBI Seizes Internet Domains Associated with Major Cybercrime Ring; 17M Victims
WASHINGTON, D.C. – A multi-jurisdictional operation involving the Federal Bureau of Investigation (FBI) and several other law enforcement agencies has resulted in several well-known internet domains being seized that were a part of a major cybercrime ring responsible for hacking and stealing credentials from digital marketplaces. As of Wednesday, the Cracked.io and Nulled.to internet forums – long known as havens for threat actors who engaged in password theft, software … [Read more...]
50 Million Potentially Compromised In PowerSchool Data Breach
SACRAMENTO, CA - On December 28, 2024, PowerSchool, a prominent provider of educational technology services to over 60 million K-12 students worldwide, identified a cybersecurity incident involving unauthorized access to its Student Information System (SIS) through the PowerSource customer support portal. The breach, which occurred between December 19 and December 24, 2024, allowed threat actors to exfiltrate sensitive data, including names, addresses, dates of birth, … [Read more...]
Expired Domains Used by Security Experts to Neutralize Abandoned Web Backdoors
BATH, UK - More than 4,000 web backdoors that had been abandoned but were still active with live malware were hijacked and their communication infrastructure sinkholed – a term used to describe the process of redirecting malicious traffic to a DNS sinkhole – after web security researchers registered numerous expired domains, preventing them from being used by hackers and cybercriminals. A backdoor is a covert method of bypassing normal authentication or encryption in a … [Read more...]
Hackers Utilizing Russian Domains for Rising Number of Complex Phishing Attacks
REDMOND, WA - Cybersecurity experts have noted a large increase in the number of phishing attacks recently as hackers have been altering their attack avenues in order to work their way around increasingly complex email security systems designed to circumvent their efforts. Both the volume and complexity of malicious emails have been on the rise and are proving to be increasingly able to bypass Secure Email Gateways (SEGs) such as Microsoft and Proofpoint, according … [Read more...]
Amazon Seizes Domains Used by Russian Hackers Targeting Windows Users
SEATTLE, WA - Online shopping retail giant Amazon this week seized multiple internet domains that have been utilized by Russian hackers to launch phishing attacks that targeted users of Microsoft’s Windows operating system. Chief Information Security Officer at Amazon, CJ Moses, announced in a blog post that Midnight Blizzard, otherwise known as APT29 – a threat actor directly sponsored by the Russian government – had been targeting government agencies, empires, … [Read more...]
Thousands of “Sitting Duck” Domain Names Highjacked by Russian Cybercriminals
PALM BEACH, FL - A critical vulnerability within the Domain Name System (DNS) has been unearthed and exploited by dozens of cybercriminals and hackers originating from Russia to take over thousands of domain names, according to cybersecurity researchers from Infoblox and Eclypsium. An estimated 30,000 legitimate domains have been hijacked by the digital thieves since 2019, experts say, utilizing a technique known as “Sitting Ducks” that exploits weak DNS services. The … [Read more...]
Experts: Hackers Registered Over 500,000 Domains for Massive Cyber-Attack
SANTA CLARA, CA - Hackers have been around since the debut of the Internet, and over the years they’ve learned a number of underhanded tricks to use on unsuspecting victims; one of the most prolific is registering new domains to use to disseminate malware and conduct fishing attacks – while posing as innocent and trustworthy websites – in order to get the unwary to share sensitive information or download malicious software. That being said, according to cybersecurity … [Read more...]
FIASCO: Multiple Squarespace Domains Hijacked After Security Loophole Exploited
NEW YORK, NY - Last week, multiple organizations with domains registered with Squarespace had their websites hijacked by hackers, with most of the instances primarily targeting cryptocurrency-based businesses, such as Celer Network, Compound Finance, Pendle Finance, and Unstoppable Domains. The hijacks took place between July 9 and July 12, and involved Google Domains assets; Squarespace had purchased the Google Domains service in June 2023 – along with approximately 10 … [Read more...]
AT&T Discloses Major Data Breach Affecting Approximately 70+ Million Accounts
DALLAS, TX - AT&T recently revealed a cybersecurity incident that exposed call and text message records for a significant portion of its customer base. The breach impacted nearly all of AT&T's cellular customers, along with customers of mobile virtual network operators (MVNOs) that utilize AT&T's network. Even some landline customers who interacted with AT&T cellular users during the timeframe are included. While the compromised data doesn't contain the … [Read more...]
Managed Care Confirms Serious Breach of Nearly 9 Million Patients’ Critical Info
ATLANTA, GA - Managed Care of North America, Inc. (MCNA), a major insurance company, suffered a data breach that exposed the personal information of nearly 9 million patients. The Atlanta-based company claims to be the largest dental insurer in the nation. According to reports, Hackers had access to MCNA systems from February 26 to March 7, 2023, compromising confidential patient information such as full names, addresses, birthdates, driver’s license numbers, phone … [Read more...]
Highly Coordinated Attack Impacts Twitter Accounts of World’s Most Famous People
WEST PALM BEACH, FL - On July 15, 2020, several verified Twitter accounts of famous people and companies were taken over in a security breach, including Apple, Elon Musk, Bill Gates, Jeff Bezos, Barack Obama and others. Hackers then published tweets from these accounts soliciting donations via Bitcoin. For example, one tweet read: “We are giving back to our community. We support Bitcoin and we believe you should too. All Bitcoin sent to our address below will be sent … [Read more...]
10 Simple Yet Effective Security Tips To Keep You Cyber Safe and Worry Less in 2020
PALM BEACH, FL - There is no shortage of security breaches and data leaks reported in the news this past year. As we all move into 2020, here are some simple tips to help keep you stay cyber safe, so you can worry less and have more to look forward to this year. Don't Shorten 2020 in Dates You shouldn’t shorten the year 2020 when signing things. Scammers can easily change the abbreviated date, for example from “3/30/20” to “3/30/2018”. Make sure to write out the full … [Read more...]
Data of 267 Million Facebook Users Exposed in Online Database; Found on Hacker Forum
PALM BEACH, FL - Data security researchers discovered an online database containing the names, phone numbers, and Facebook IDs of 267 million Facebook users available for download on a hacker forum. The database was not password protected and had been posted on December 12th. On December 14th, the researchers contacted the internet service provider that was hosting the database and the database was removed on December 19th. According to the Associated Press, a … [Read more...]
Cryptocurrency Exchange BitMEX Called “Outrageously Incompetent” for Using “CC”
PALM BEACH, FL – BitMex, a peer-to-peer cryptocurrency exchange founded in 2014 has accidentally emailed its users with the CC (carbon copy) field rather than the “private” BCC (blind carbon copy) field leading to outrage by many of its users. In a tweet posted on Nov. 1, crypto-currency attorney Jake Chervinsky said the leak was done in the most “outrageously incompetent way imaginable.” BitMEX released an official statement on the issue, emphasizing that no … [Read more...]