AUSTRALIA - A South Australian woman narrowly avoided a complete financial disaster after falling victim to a sophisticated business email compromise (BEC) scam that led to the loss of over $800,000. Authorities have since managed to recover a significant portion of the stolen funds, shedding light on the growing threat of cyber fraud in real estate transactions. The victim, who had been in the process of purchasing a property, received what appeared to be a legitimate … [Read more...]
FBI Seizes Internet Domains Associated with Major Cybercrime Ring; 17M Victims
WASHINGTON, D.C. – A multi-jurisdictional operation involving the Federal Bureau of Investigation (FBI) and several other law enforcement agencies has resulted in several well-known internet domains being seized that were a part of a major cybercrime ring responsible for hacking and stealing credentials from digital marketplaces. As of Wednesday, the Cracked.io and Nulled.to internet forums – long known as havens for threat actors who engaged in password theft, software … [Read more...]
50 Million Potentially Compromised In PowerSchool Data Breach
SACRAMENTO, CA - On December 28, 2024, PowerSchool, a prominent provider of educational technology services to over 60 million K-12 students worldwide, identified a cybersecurity incident involving unauthorized access to its Student Information System (SIS) through the PowerSource customer support portal. The breach, which occurred between December 19 and December 24, 2024, allowed threat actors to exfiltrate sensitive data, including names, addresses, dates of birth, … [Read more...]
Senator Demands Domain Registrars Address Russian Influence Operations During 2024 Election
WASHINGTON, D.C. - Senator Mark Warner (D-Va.), Chair of the Senate Intelligence Committee, has issued a demand to several of the top American internet domain registrars to clamp down on the abuse of their services by Russian disinformation actors who he alleged are attempting to interfere with and influence the outcome of the 2024 presidential election. Warner sent a letter earlier in October to several well-known companies in the web domain registering and hosting … [Read more...]
Thousands of “Sitting Duck” Domain Names Highjacked by Russian Cybercriminals
PALM BEACH, FL - A critical vulnerability within the Domain Name System (DNS) has been unearthed and exploited by dozens of cybercriminals and hackers originating from Russia to take over thousands of domain names, according to cybersecurity researchers from Infoblox and Eclypsium. An estimated 30,000 legitimate domains have been hijacked by the digital thieves since 2019, experts say, utilizing a technique known as “Sitting Ducks” that exploits weak DNS services. The … [Read more...]
AT&T Discloses Major Data Breach Affecting Approximately 70+ Million Accounts
DALLAS, TX - AT&T recently revealed a cybersecurity incident that exposed call and text message records for a significant portion of its customer base. The breach impacted nearly all of AT&T's cellular customers, along with customers of mobile virtual network operators (MVNOs) that utilize AT&T's network. Even some landline customers who interacted with AT&T cellular users during the timeframe are included. While the compromised data doesn't contain the … [Read more...]
Investigation Uncovers 40,000 Phishing Domains Linked To LabHost Scam Operation
UNITED KINGDOM - The LabHost phishing-as-a-service (PhaaS) platform, which had tens of thousands of phishing domains linked to it and thousands of users worldwide, has had its infrastructure completely disrupted and 37 suspects have been arrested – including the original developer – following a year-long global law enforcement operation. Originally launched in 2021, LabHost was a resource for cybercriminals that – for a monthly subscription fee – provided them … [Read more...]
World’s Biggest Ransomware Group Shut Down, Domains Seized in Global Operation
WASHINGTON, D.C. - The operations of infamous ransomware group LockBit have been shut down, their domains seized, and several high-ranking members placed under arrest as the result of a recent digital takedown carried out by an international law enforcement operation. Operation Cronos, the code name of a joint effort made up by agencies representing 11 countries – Australia, Canada, Finland, France, Germany, Japan, the Netherlands, Sweden, Switzerland, the United … [Read more...]
New Service to Assist with WHOIS Lookups Launched by ICANN for Authorized Users
LOS ANGELES, CA - The Internet Corporation for Assigned Names and Numbers (ICANN) – the nonprofit organization that oversees the domain industry – has launched a new centralized online service to assist researchers, law enforcement, and others to request personal data from all public domain registration records. This new service comes after ICANN had instructed all registrars in May 2018 to redact personal data – such as a customer’s name, address, phone number … [Read more...]
Personal Info of 500 Million Guests Exposed in Marriott’s Starwood Reservation System
NEW YORK, NY - One of the world's leading global hotel groups disclosed that a guest reservation database, which covers a number of major hotel brands, suffered a large data breach. An internal investigation showed that unauthorized access had been occuring since 2014. The intrusion went unnoticed for four years by Starwood, which was acquired by Marriott in 2016 for $13.6 billion. It was uncovered in early September, when a security tool alerted Marriott officials to an … [Read more...]
New Facebook Data Breach Effecting 50 Million Accounts; Doubling Security Staff
NEW YORK, NY - On Friday, September 28, 2018 Facebook said that an attack on its computer network had affected the personal information of nearly 50 million users. The attackers exploited the "View As" feature that allows users to see their Facebook page the way someone else would. This could allow the attackers to take over Facebook accounts. Facebook has fixed this issue and informed law enforcement. They also do not know if the affected accounts were misused or if user … [Read more...]
Battle to Take-down Backpage.com Ends in Seizure, Criminal Indictments of Ownership
NEW YORK – A long-time battle to remove Backpage.com from the Internet has ended with the indictments of ownership and government seizure of its domain Backpage.com, which hosted a popular online classifieds site similar to Craigslist which allegedly was used heavily by escorts and massage providers far-bending the envelope between casual encounters, prostitution and human trafficking, according to investigators. Since 2010, Backpage.com has come under fire for its alleged … [Read more...]
Removing WhoIs Data from Public View Only Removes Transparency from the Net
NEW YORK – There has been no shortage of Data Privacy Leaks in the world; it almost seems like there is a new one every day. However, removing the public registration data behind all domain name registrations makes no-one any safer, and only adds more obscurity and complications to the business for those who buy, sell and trade online, and not just in domains. It’s more a solution that’s looking far-and-wide for its problem. For instance, when someone registers a domain … [Read more...]
Comment Period Closing on .US Premium Domain Name and Privacy Plan Proposals
Now could be a very good time to pick up a few solid .US domain names just in case, or in preparation for, what could become a landslide increase in the use and demand for the domain extension ending in “.us” for the United States. NEW YORK, NY – Neustar, the registry which manages the .us domain name extension, is seeking public comment on a recommendation that it should release one and two character domain names (previously held) as well as consider certain domains as … [Read more...]