SACRAMENTO, CA - On December 28, 2024, PowerSchool, a prominent provider of educational technology services to over 60 million K-12 students worldwide, identified a cybersecurity incident involving unauthorized access to its Student Information System (SIS) through the PowerSource customer support portal. The breach, which occurred between December 19 and December 24, 2024, allowed threat actors to exfiltrate sensitive data, including names, addresses, dates of birth, … [Read more...]
Expired Domains Used by Security Experts to Neutralize Abandoned Web Backdoors
BATH, UK - More than 4,000 web backdoors that had been abandoned but were still active with live malware were hijacked and their communication infrastructure sinkholed – a term used to describe the process of redirecting malicious traffic to a DNS sinkhole – after web security researchers registered numerous expired domains, preventing them from being used by hackers and cybercriminals. A backdoor is a covert method of bypassing normal authentication or encryption in a … [Read more...]
AT&T Discloses Major Data Breach Affecting Approximately 70+ Million Accounts
DALLAS, TX - AT&T recently revealed a cybersecurity incident that exposed call and text message records for a significant portion of its customer base. The breach impacted nearly all of AT&T's cellular customers, along with customers of mobile virtual network operators (MVNOs) that utilize AT&T's network. Even some landline customers who interacted with AT&T cellular users during the timeframe are included. While the compromised data doesn't contain the … [Read more...]
Data Leak Impacts Snowflake Customers, Including Advanced Auto Parts, LendingTree
BOZEMAN, MT - In a significant data breach, several major companies have been impacted due to vulnerabilities in their Snowflake cloud storage accounts. The breach, which came to light in early June 2024, has affected companies like Advanced Auto Parts and LendingTree, among others. Details of the Breach: The breach involved unauthorized access to Snowflake's cloud storage, leading to the theft of vast amounts of data. The hacker, known by the alias "Sp1d3r," has … [Read more...]
What Is Geofencing And How Does It Work?
FLORIDA - Geofencing is a location-based technology that creates virtual boundaries around a specific geographic area. These boundaries are defined by GPS, RFID, Wi-Fi, or cellular data. When a device, typically a smartphone or GPS-enabled device, enters or exits the predefined geographic area, it triggers a response or action. Here's how geofencing typically works: Imagine a virtual fence you can draw around any area, like your competitor's dealership or even … [Read more...]
Recently Discovered October 2023 Xfinity Hack Affects Nearly 36 Million Customers
PHILADELPHIA, PA - Leading internet service provider, Xfinity, recently released information regarding a major data breach that is expected to have affected millions of customers. The offenders exploited a vulnerability left by a patch, causing unauthorized access to software provider Citrix, a system used by Xfinity. It is important for Xfinity users to amend their usernames and passwords in response to this breach, even if their data has not been directly exposed. While … [Read more...]
Data Breach: Unauthorized Party Accessed DoorDash Customer Information
SAN FRANCISCO, CA - According to recent reports, a new data security incident has surfaced. DoorDash, a popular food delivery app, detected suspicious activity from the computer network of a third-party vendor, and determined the vendor was compromised by a sophisticated phishing attack. According to the report, certain personal information maintained by DoorDash like names, emails, addresses, phone numbers, and even partial payment card info have been affected. If … [Read more...]
Malicious Web Code Added To Macy’s Website Leads to Critical Data Breach
PALM BEACH, FL - Right at the start of the year's busiest shopping season, retailer Macy's notified impacted customers (by letter) that an unauthorized third party was able to access sensitive customer payment information from the Macys.com checkout and wallet pages. The following information may have been accessed if it was typed into the affected web-pages by a customer: Payment card numbersPayment card security codesPayment card expiration datesFull … [Read more...]
Two Year Investigation Leads to Take Down of File Hosting Site “Share-Online.biz”
PALM BEACH, FL – An investigation which began in 2017 has eventually led to the take-down and removal of a content hosting network using the domain name “Share-Online.biz”, which was particularly popular in Germany according to SimilarWeb. The site served up to 10 million visitors a month with millions of files stored across unknown number of servers which is expected to be in the hundreds Those 10 million visitors are now met with the following take-down notice: This … [Read more...]
Think Your Domains Are Safe by Using Two Factor Authentication? Think Again
PALM BEACH, FL – Sometimes I read stories that really make me think (and worry). For those who have great domains under management, you might feel super-safe by using “two factor authentications”, where your mobile device is used to verify each login you make to your registry account by sending you a text message for confirmation. I’ve often thought how horrible it might be if someone got control of my mobile device and was able to use it to verify an account change … [Read more...]
Robo Callers, Phone Spoofing, Auto Dialers; It’s No Longer Annoying, It’s Disruptive
NEW YORK, NY – Everyone gets them - and it’s starting to go from nuisance, to disruptive. Robocalls, Spammers and other automated dialers; it’s beginning to actually go from annoying to interfering with my day to day operations. They come in on both my telephones and mobile device. Constantly, all day and it is becoming far more than a nuisance to the point where the FCC is going to have to start getting more aggressive on this practice. Isn’t that what they do? I mean, … [Read more...]
Personal Info of 500 Million Guests Exposed in Marriott’s Starwood Reservation System
NEW YORK, NY - One of the world's leading global hotel groups disclosed that a guest reservation database, which covers a number of major hotel brands, suffered a large data breach. An internal investigation showed that unauthorized access had been occuring since 2014. The intrusion went unnoticed for four years by Starwood, which was acquired by Marriott in 2016 for $13.6 billion. It was uncovered in early September, when a security tool alerted Marriott officials to an … [Read more...]