SUNNYVALE, CA - FortiGuard Labs reports that they have discovered many .ZIP domains are responsible for phishing attacks on users by automatically downloading a malicious executable titled “file.exe” to their computers. Phishing attacks have been a thorn in the side of computer users for years due to the fact that they often are able to camouflage themselves as innocuous programs or prompts that seemingly pose no threat, but in reality can cause a great deal of … [Read more...]
Popular Domain Name Software BIND Patched to Correct Severe Vulnerabilities
NEWMARKET, NH - In an effort to address what has been referred to as “severe security vulnerabilities,” the nonprofit Internet Systems Consortium (ISC) has released a series of patches for multiple versions of BIND 9, a popular suite of software utilized for interacting with the Domain Name System (DNS). The issues with BIND – which stands for Berkeley Internet Name Domain – were uncovered by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), and … [Read more...]
How Expired Domain Names Have Been Used to Redirect to Malicious Websites
WEST PALM BEACH, FL - Expired domains or domain names which have not been renewed by their previous owner are encountered by all of us often – most times we just don’t notice it. When we do, we open a website only to find out it no longer exists. We are redirected to a site with links on it, or it showcases a sales page for auction of the domain name. These types of websites are generally considered harmless, but recent research proves otherwise. In a report released by … [Read more...]
It’s Only A Matter of Time Until You Need to Be Licensed to Operate A Web Server
PALM BEACH, FL – I have been thinking about this off and on for a few years now, but I have never really posted or written about it. That is because it is an awful prediction that I hate the idea of, but I think it is going to eventually happen. Here it goes…. I predict that to operate a web server sometime in the near future, you will be required to have a license, or have passed a basic course in IT security or Cybersecurity intrusion mitigation. Not at the single site … [Read more...]
Malicious Web Code Added To Macy’s Website Leads to Critical Data Breach
PALM BEACH, FL - Right at the start of the year's busiest shopping season, retailer Macy's notified impacted customers (by letter) that an unauthorized third party was able to access sensitive customer payment information from the Macys.com checkout and wallet pages. The following information may have been accessed if it was typed into the affected web-pages by a customer: Payment card numbersPayment card security codesPayment card expiration datesFull … [Read more...]