LOUISVILLE, KY - PharMerica, a national pharmacy network owned by BrightSpring Health, has informed nearly 6 million of their members that Social Security numbers, names, birthdates, medical information, and more was exposed in a data breach. The information was stolen between March 12 and March 13. If exploited, cybercriminals can use this information to commit identity theft. On March 14, 2023, we learned of suspicious activity on our computer network. Upon discovering … [Read more...]
NextGen Healthcare Confirms Breach Of Over 1 Million Individuals’ Personal Info
ATLANTA, GA - A security incident has surfaced and you may or may not have been affected. NextGen Healthcare, a healthcare solutions provider, suffered a data breach that exposed the personal information of over 1 million individuals. According to the company, Hackers had access to NextGen systems from March 29 to April 14, 2023, compromising personal information such as full names, addresses, birthdates, and social security numbers. If exploited, cybercriminals can use … [Read more...]
Critical Vulnerability Exposes over 700,000 Sites Using WP Divi, Extra, and Divi Builder
WEST PALM BEACH, FL - This morning, the Wordfence Threat Intelligence Team published details about a critical vulnerability discovered in two themes by Elegant Themes, Divi and Extra, as well as the Divi Builder plugin. Combined, these products are installed on an estimated 700,000 sites. Elegant Themes provides some of the most popular WordPress themes in the world and includes a visual page builder. We initially reached out to Elegant Themes on July 23, 2020 and, … [Read more...]
How Expired Domain Names Have Been Used to Redirect to Malicious Websites
WEST PALM BEACH, FL - Expired domains or domain names which have not been renewed by their previous owner are encountered by all of us often – most times we just don’t notice it. When we do, we open a website only to find out it no longer exists. We are redirected to a site with links on it, or it showcases a sales page for auction of the domain name. These types of websites are generally considered harmless, but recent research proves otherwise. In a report released by … [Read more...]
It’s Only A Matter of Time Until You Need to Be Licensed to Operate A Web Server
PALM BEACH, FL – I have been thinking about this off and on for a few years now, but I have never really posted or written about it. That is because it is an awful prediction that I hate the idea of, but I think it is going to eventually happen. Here it goes…. I predict that to operate a web server sometime in the near future, you will be required to have a license, or have passed a basic course in IT security or Cybersecurity intrusion mitigation. Not at the single site … [Read more...]
10 Simple Yet Effective Security Tips To Keep You Cyber Safe and Worry Less in 2020
PALM BEACH, FL - There is no shortage of security breaches and data leaks reported in the news this past year. As we all move into 2020, here are some simple tips to help keep you stay cyber safe, so you can worry less and have more to look forward to this year. Don't Shorten 2020 in Dates You shouldn’t shorten the year 2020 when signing things. Scammers can easily change the abbreviated date, for example from “3/30/20” to “3/30/2018”. Make sure to write out the full … [Read more...]
Data of 267 Million Facebook Users Exposed in Online Database; Found on Hacker Forum
PALM BEACH, FL - Data security researchers discovered an online database containing the names, phone numbers, and Facebook IDs of 267 million Facebook users available for download on a hacker forum. The database was not password protected and had been posted on December 12th. On December 14th, the researchers contacted the internet service provider that was hosting the database and the database was removed on December 19th. According to the Associated Press, a … [Read more...]
Malicious Web Code Added To Macy’s Website Leads to Critical Data Breach
PALM BEACH, FL - Right at the start of the year's busiest shopping season, retailer Macy's notified impacted customers (by letter) that an unauthorized third party was able to access sensitive customer payment information from the Macys.com checkout and wallet pages. The following information may have been accessed if it was typed into the affected web-pages by a customer: Payment card numbersPayment card security codesPayment card expiration datesFull … [Read more...]
What Are the Key Benefits for “Dot Brand” nGTLD Owners; What’s In It for Them?
PALM BEACH, FL – Although I am not a huge fan of new gTLDs or even “Dot Brands”, today I watched a video by the Chief Marketing Officer of Afilias domain registry, Roland LaPlante, who explained ‘in detail’ the value of owning your own “dot BRAND.” LaPlante discusses the benefits in marketing, user security and what is likely one of the most desirable aspects achieved for the owning brand; “full control” of their own corporate space. I believe it is the best explanation … [Read more...]
Wild West Domains Must Still Be on List of Registrars Which Facilitate Email Spam
PALM BEACH, FL – Way, way, way back in 2009, Brian Krebs from Krebs on Security, a popular security website came up with a list of the top ten domain registrars (highlighted in a Washington Post article) which facilitate the majority of spam via email, and Wild West Domains, owned by GoDaddy held a spot on that list. Out of roughly 900 accredited domain name registrars at the time, spammers registered Web sites advertised in junk e-mail mostly through the following top … [Read more...]
It’s National Cybersecurity Awareness Month; Stay Safe With Simple Online Tips
PALM BEACH, FL –The Attorney General of the State of Florida, Ashley Moody has issued a Consumer Alert in recognition of National Cyber-security Awareness Month. The video details some simple steps consumers can take to help avoid becoming a victim of various security threats and online scams such as those which target Internet users with tech support, malware, phishing and ransomware. Today more than ever, our daily lives are dependent on the internet. While advances … [Read more...]
Email Phishing Campaign Using Legitimate Top-Level Domain to Evade Spam Filters
PALM BEACH, FL – A sophisticated email phishing campaign is making the rounds while evading email filters by using a Google domain redirect. According to ThreatPost.com, a leading source of information about IT and business security, the campaign uses percentage-based URL encoding to deceive users. The campaign makes use of what’s called percentage-based URL encoding – a basic URL-encoding technique in which normal ASCII characters (i.e., “abc” and “123”) are converted … [Read more...]
Google Chrome, Once Again, Messing with Domain Names In Browser Address Bar
PALM BEACH – Sometimes I just hate Google, and I must admit, those times come a heck of a lot more often these days than they did in the past. I personally used to consider Google an ambiguous friend; always quietly working for me in the background, creating all new interesting ways for me to beat-out the competition. Assigning me that "competitive edge" through working smart and not hard. Allowing experienced know-how to tear through competitors and level the playing field … [Read more...]
885 Million Customer Records Exposed by Country’s Largest Title Company, FAF
PALM BEACH - Earlier this week, it was reported that one of the country's largest titles companies, First American Financial Corp (NYSE: FAF), unknowingly exposed up to 885 million files related to real estate title insurance records dating from 2003 to 2019. Anyone with a URL for a valid document could view other documents by modifying a single digit in the URL. The records exposed by the website included critical financial information and documents such … [Read more...]
Personal Info of 500 Million Guests Exposed in Marriott’s Starwood Reservation System
NEW YORK, NY - One of the world's leading global hotel groups disclosed that a guest reservation database, which covers a number of major hotel brands, suffered a large data breach. An internal investigation showed that unauthorized access had been occuring since 2014. The intrusion went unnoticed for four years by Starwood, which was acquired by Marriott in 2016 for $13.6 billion. It was uncovered in early September, when a security tool alerted Marriott officials to an … [Read more...]