BATH, UK - More than 4,000 web backdoors that had been abandoned but were still active with live malware were hijacked and their communication infrastructure sinkholed – a term used to describe the process of redirecting malicious traffic to a DNS sinkhole – after web security researchers registered numerous expired domains, preventing them from being used by hackers and cybercriminals. A backdoor is a covert method of bypassing normal authentication or encryption in a … [Read more...]
Hackers Utilizing Russian Domains for Rising Number of Complex Phishing Attacks
REDMOND, WA - Cybersecurity experts have noted a large increase in the number of phishing attacks recently as hackers have been altering their attack avenues in order to work their way around increasingly complex email security systems designed to circumvent their efforts. Both the volume and complexity of malicious emails have been on the rise and are proving to be increasingly able to bypass Secure Email Gateways (SEGs) such as Microsoft and Proofpoint, according … [Read more...]
56% Increase In Disaster Recovery Events Related To Microsoft 365 Domains
REDMOND, WA - According to new data released by IT services data protection and security company N-able, 2024 so far has seen a huge uptick in hacking and cyberattacks targeting Microsoft 365 domains, with a 56 percent increase in the number of disaster recovery events among the service’s clients and a large uptick in the number of backups among its partners. Critical Start’s Cyber Research Unit (CRU) issued a report that states the number of cyber alerts in the first … [Read more...]
FBI Shutdown Prolific Ransomware Group “Radar/Dispossessor,” Domains Seized
WASHINGTON, D.C. - The FBI has announced they have shut down a prolific ransomware group known as “Radar/Dispossessor” and seized multiple internet domains and servers utilized by the cyber threat actors, reportedly headed up by an individual known by the code-name “Brain.” As part of the FBI’s enforcement actions, they have dismantled a plethora of servers utilized by Radar/Dispossessor to carry out their ransomware attacks, including three in the United States, … [Read more...]
Data Leak Impacts Snowflake Customers, Including Advanced Auto Parts, LendingTree
BOZEMAN, MT - In a significant data breach, several major companies have been impacted due to vulnerabilities in their Snowflake cloud storage accounts. The breach, which came to light in early June 2024, has affected companies like Advanced Auto Parts and LendingTree, among others. Details of the Breach: The breach involved unauthorized access to Snowflake's cloud storage, leading to the theft of vast amounts of data. The hacker, known by the alias "Sp1d3r," has … [Read more...]
49 Million Customers Data Affected After Dell Technologies Data Breach
ROUND ROCK, TX - A security incident has come to light, prompting concerns among users. Dell Technologies, a prominent player in the tech industry, disclosed a data breach affecting a substantial number of customers, totaling 49 million. While the breach does not involve sensitive financial or payment data, it nonetheless exposes personal information, including full names, cities, postal codes, and purchase details. Despite seeming innocuous, this data can be exploited by … [Read more...]
10 Billion Connections to Malicious Domains Blocked by NSA in 2023 via “PDNS”
WASHINGTON, D.C. - The National Security Agency (NSA) noted that 10 billion user connections to known malicious or suspicious domains were blocked over the course of the past year as part of the agency’s efforts, according to its 2023 Cybersecurity Year in Review report released on Tuesday. The NSA‘s annual report is a public account of the agency’s work with government partners, defense industrial base (DIB) entities, and foreign partners to help keep the nation secure, … [Read more...]
Threat Intelligence Firm Recommends Blocking All .ZIP Domains Due to Phishing
SUNNYVALE, CA - FortiGuard Labs reports that they have discovered many .ZIP domains are responsible for phishing attacks on users by automatically downloading a malicious executable titled “file.exe” to their computers. Phishing attacks have been a thorn in the side of computer users for years due to the fact that they often are able to camouflage themselves as innocuous programs or prompts that seemingly pose no threat, but in reality can cause a great deal of … [Read more...]
Popular Domain Name Software BIND Patched to Correct Severe Vulnerabilities
NEWMARKET, NH - In an effort to address what has been referred to as “severe security vulnerabilities,” the nonprofit Internet Systems Consortium (ISC) has released a series of patches for multiple versions of BIND 9, a popular suite of software utilized for interacting with the Domain Name System (DNS). The issues with BIND – which stands for Berkeley Internet Name Domain – were uncovered by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), and … [Read more...]
Data Security Breach At Robinhood Exposes Personal Info Of Customers
PALM BEACH, FL - The Robinhood financial service company has confirmed a data security incident that has exposed full names or email addresses for approximately seven million customers, with a smaller subset having additional personal information revealed. These customers could be targeted with spam, phishing attempts, identity theft and more. No Social Security numbers, bank account numbers or debit card numbers were exposed according to the company. Robinhood … [Read more...]
It’s Only A Matter of Time Until You Need to Be Licensed to Operate A Web Server
PALM BEACH, FL – I have been thinking about this off and on for a few years now, but I have never really posted or written about it. That is because it is an awful prediction that I hate the idea of, but I think it is going to eventually happen. Here it goes…. I predict that to operate a web server sometime in the near future, you will be required to have a license, or have passed a basic course in IT security or Cybersecurity intrusion mitigation. Not at the single site … [Read more...]
15 Minute Hot Seat with Mark Zuckerberg on Cambridge Analytica Data Privacy Breach
NEW YORK – Yesterday, March 21, 2018, Mark Zuckerberg, the CEO of Facebook, sat with CNN Money’s Laurie Segall in a candid, and what appeared to be a difficult interview to answer tough questions on Facebook’s position in regard not only to the recent leaks related to the user privacy breach caused by Cambridge Analytica, but also its position on whether or not it’s platform has been used to influence past elections and what the company is doing to avoid this type of … [Read more...]
Bad News: Beware and “Be Aware” of “Meltdown” and “Spectre” Vulnerabilities
NEW YORK, NY - As the title suggests, you should both Beware, and "Be Aware" of these new security vulnerabilities that effect pretty much every Intel processor since 1995. I say "Be Aware" because although their patches available, there is not much that can be done to fully mitigate this issue until all or most computer hardware is redesigned. This is bad news because everyone is effected, and all computers are going to need to be replaced, it seems. Meltdown and Spectre … [Read more...]