WEST PALM BEACH, FL - A significant data breach has compromised over 184 million login credentials, affecting users of major platforms including Google, Apple, Meta (Facebook, Instagram), Microsoft, Snapchat, and others. The exposed information includes email addresses, usernames, plaintext passwords, and login URLs, posing a substantial risk of identity theft and unauthorized account access. Cybersecurity researcher Jeremiah Fowler discovered the unprotected database, … [Read more...]
50 Million Potentially Compromised In PowerSchool Data Breach
SACRAMENTO, CA - On December 28, 2024, PowerSchool, a prominent provider of educational technology services to over 60 million K-12 students worldwide, identified a cybersecurity incident involving unauthorized access to its Student Information System (SIS) through the PowerSource customer support portal. The breach, which occurred between December 19 and December 24, 2024, allowed threat actors to exfiltrate sensitive data, including names, addresses, dates of birth, … [Read more...]
Expired Domains Used by Security Experts to Neutralize Abandoned Web Backdoors
BATH, UK - More than 4,000 web backdoors that had been abandoned but were still active with live malware were hijacked and their communication infrastructure sinkholed – a term used to describe the process of redirecting malicious traffic to a DNS sinkhole – after web security researchers registered numerous expired domains, preventing them from being used by hackers and cybercriminals. A backdoor is a covert method of bypassing normal authentication or encryption in a … [Read more...]
Hackers Utilizing Russian Domains for Rising Number of Complex Phishing Attacks
REDMOND, WA - Cybersecurity experts have noted a large increase in the number of phishing attacks recently as hackers have been altering their attack avenues in order to work their way around increasingly complex email security systems designed to circumvent their efforts. Both the volume and complexity of malicious emails have been on the rise and are proving to be increasingly able to bypass Secure Email Gateways (SEGs) such as Microsoft and Proofpoint, according … [Read more...]
Thousands of “Sitting Duck” Domain Names Highjacked by Russian Cybercriminals
PALM BEACH, FL - A critical vulnerability within the Domain Name System (DNS) has been unearthed and exploited by dozens of cybercriminals and hackers originating from Russia to take over thousands of domain names, according to cybersecurity researchers from Infoblox and Eclypsium. An estimated 30,000 legitimate domains have been hijacked by the digital thieves since 2019, experts say, utilizing a technique known as “Sitting Ducks” that exploits weak DNS services. The … [Read more...]
Experts: Hackers Registered Over 500,000 Domains for Massive Cyber-Attack
SANTA CLARA, CA - Hackers have been around since the debut of the Internet, and over the years they’ve learned a number of underhanded tricks to use on unsuspecting victims; one of the most prolific is registering new domains to use to disseminate malware and conduct fishing attacks – while posing as innocent and trustworthy websites – in order to get the unwary to share sensitive information or download malicious software. That being said, according to cybersecurity … [Read more...]
Thousands of Domain Names Owned by Legitimate Brands Hijacked to Send Spam
TEL AVIV - As part of a sophisticated scheme involving spam proliferation and click monetization, over 8,000 domains and 13,000 sub-domains once owned by major, legitimate brands and institutions have been hijacked to allow millions of spam emails to bypass standard security blocks for nefarious gain. This coordinated malicious activity – dubbed “SubdoMailing” – has been going on since at least September 2022, according to Guardio Labs, the Israeli security … [Read more...]
Hackers Take Control of Computer Network At Missouri Hospital; Demand Ransom
KANSAS CITY, MO - Liberty Hospital in Missouri fell victim to a grim cyber assault Tuesday when a menacing blackmail message from a hacker resulted in a disruption of its computer systems. A message from an anonymous source targeting the hospital warned, “We have hacked you and downloaded all confidential data of your company. Your reputation will be ruined. Save your business. Contact us within 72 hours.” This message itself was uncovered exclusively by KMBC-TV, an ABC … [Read more...]
“Prolific Puma” Created 75k Unique Domain Names Since April 2022 Used for Scams
SANTA CLARA, CA - Researchers from security vendor Infoblox have uncovered an actor known as “Prolific Puma” that has been revealed as having provided link shortening services for countless cyber criminals for a span of time of at least four years or longer, an act that has likely been responsible for an immense number of scams targeting innocent people. As an example of how Prolific Puma lives up to the "prolific” part of their name, the actor reportedly … [Read more...]
Scammers Sending Emails from Spoofed Authoritative Domains Via Forwarding Flaws
LA JOLLA, CA - According to research conducted by the University of California San Diego, due to flaws inherent in the process of forwarding emails, the ability for scammers and attackers to send unsuspecting victims e-mails from the spoofed addresses of top-level government or corporate domains is actually much easier than many experts were initially suspecting, opening up disturbingly new and effective avenues for online fraud. The integrity of emails sent from … [Read more...]
It’s National Cybersecurity Awareness Month; Stay Safe With Simple Online Tips
PALM BEACH, FL –The Attorney General of the State of Florida, Ashley Moody has issued a Consumer Alert in recognition of National Cyber-security Awareness Month. The video details some simple steps consumers can take to help avoid becoming a victim of various security threats and online scams such as those which target Internet users with tech support, malware, phishing and ransomware. Today more than ever, our daily lives are dependent on the internet. While advances … [Read more...]
Personal Info of 500 Million Guests Exposed in Marriott’s Starwood Reservation System
NEW YORK, NY - One of the world's leading global hotel groups disclosed that a guest reservation database, which covers a number of major hotel brands, suffered a large data breach. An internal investigation showed that unauthorized access had been occuring since 2014. The intrusion went unnoticed for four years by Starwood, which was acquired by Marriott in 2016 for $13.6 billion. It was uncovered in early September, when a security tool alerted Marriott officials to an … [Read more...]