Category Archives: Cybersecurity
Disney+ Accounts Hacked And Ready For Sale
During the first week Disney+ Accounts have been Hacked and now ready for sale on the dark web. Users were complaining and reporting losing access to their accounts and unable to stream on twitter when the flags were raised. It was reported that the hackers were logging them out of all devices, and then changing the account’s email and password, effectively taking over the account and locking the previous owner out.
As is turns out many of these hackers gained access to accounts by using email and password combos leaked at other sites, while in other cases the Disney+ credentials might have been obtained from users infected with keylogging or info-stealing malware.
Check Here For Compromised Passwords From Other Sites
Disney+ Accounts Are Up for sale!
I cannot belive how quick Disney+ Accounts were compromised and hacked, they definitaly mobilized quickly to monetize on vulnerable Disney+ Accounts. These accounts were … Read the rest
Webcam Blackmail or Sextortion Emails
It’s unbelievable how frequent people fall for the Webcam Blackmail or Sextortion emails. I have received a few and it’s quite hilarious and also rude on how they go about writing these emails. I’ll show you how fake Webcam Blackmail or Sextortion emails are. But first did you know hundreds of Millions of similar emails have been sent over and over all these years, but there seems to have been a flood of them over the past few months because more people and companies are succumbing to Data Breaches.
Do I Have To Be Worried?
These Scammers understand that we are all human and do human acts, simple as that. However because of these Data Breaches these hackers can obtain your email address and a password that you have used recently or in the past and this can make these Webcam Blackmail or Sextortion emails very believable for people and … Read the rest
Web.com Breach Exposed Account Information
Web.com suffered a breach and exposed account information. The recent data breach impacts user account information and customers within Network Solutions and register.com the company explained in an online notification.
What Happened?
The web.com breach occurred in August 2019, the hacker illegally accessed some data.
“On October 16, 2019, Web.com determined that a third-party gained unauthorized access to a limited number of our computer systems in late August 2019, and as a result, account information may have been accessed. No credit card data was compromised as a result of this incident.”
What Was Exposed?
Customer names, addresses, phone numbers, email addresses and information regarding services offered to a given account holder. “We encrypt credit card numbers and no credit card data was compromised as a result of this incident”.
Other Details
Web.com notification does not explicitly reference Network Solutions or Register.com, however the security expert Brian Krebs reported on … Read the rest
Amazon Survey Phishing Emails Ramping Up
It’s time to be careful during the holidays, Amazon Survey Phishing Emails Ramping Up. If they are hard to belive stay away. Most of these survey phishing, emails are trying to scam you from your Personal Identifiable Information or Amazon Logins.
Some common tip-offs that an email is phony are typos, grammatical mistakes, awkward language, missing words, extra spaces, and other signs that the email was written unprofessionally. Such emails might also ask you to look at an attachment or click a link and then give your personal information on a Web page or in a form. Or the sender’s email address might look suspicious. If you hover over the links you can even see that it would not direct you to legit URL. Here Are A Few Email TIPS
- Automating System Updates with Unattended-Upgrades on Ubuntu
- How to Add a Large Disk Partition as Storage in Proxmox VE
- How
Morons Use Public Wifi!
Well as the title implies, Morons Use Public WiFi! Sorry, not Sorry. I am getting straight to the point and ripping off the band-aid. You are a moron if you use public WiFi and its probably not your fault but this day in age there is no excuse and these 7 reasons below will tell you why you should stay off Public WiFi.
1. The Man-in-the-middle Attack
One of the most common types of Wi-Fi security threats is the man-in-the-middle attack. This is where hackers intercepts data through techniques to eavesdrop on you. The hackers will intercept and relay messages between two different points which makes it appear everything is normal, but in reality, the attacker is controlling the entire communication.
2. Attack cloning
Here is a simple and one of my favorite tricks. The hackers would divert your internet traffic to a cloned site. The technical term for this … Read the rest
Adobe Users Compromised Due To Public Accessible Database
Around 7.5 million Adobe Creative Cloud users details are now available on the dark web. Researcher Bob Diachenko uncovered the compromised database which could be tapped without a password or any other authentication; offering an attacker access to email addresses, account information and which Adobe products that users purchased. They were quickly made aware but information was already out on the web. Which now leaves you open to even more phishing campaigns, as spear phishing wasn’t bad enough.
Thankfully, users’ passwords and payment details were not among the data that was exposed. However, a laundry list of personal information belonging to nearly 7.5 million Adobe Creative Cloud users was accessible via the database. This included:
- Email addresses
- Account creation date
- Which Adobe products they use
- Subscription status
- Whether the user is an Adobe employee
- Member IDs
- Country
- Time since last login
- Payment status
Please be vigilant towards any emails you … Read the rest
Hackers Using Discord to Steal Your Information With Malware
Researchers found that Hackers are injecting malware into Discord to steal your information. The Windows Discord application functionality is based on HTML, CSS, and JavaScript. This allows malware to modify its core files so that the client executes malicious behavior on startup.
This Discord malware is targeting data that can be obtained from the chatting platform itself:
- details about the Discord version used;
- the browser user agent;
- first 50 characters out of the victims’ Windows clipboard;
- zoom factor;
- stored payment information;
- username;
- email address;
- phone number;
- a public IP address;
- a local IP address;
- screen resolution;
- timezone;
- Discord user token.
How to check if you are infected
Checking if your Discord client has been modified is very easy as the targeted files normally have only one line of code in them.
To check the %AppData%\Discord\[version]\modules\discord_modules\index.js simply open it in Notepad and it should only contain the single line of “module.exports … Read the rest
Top Email Phishing Scams
Email phishing scams have evolved to a point that makes it very difficult to tell which are real and which are fake. These days phishing emails are imitating legitimate brands and people to trick victims into providing money or providing credentials over an email or a fake landing page.
Roughly one in four Americans in constantly online. According to Research, Email Phishing scams this is now the most likely place for identity theft to occur. Often, ID fraud can begin with the wrong click on a scam email.
Now you have been a victim or you want to know the best way to avoid online scams? Rule of thumb is question everything. Even emails from known peers. They may have been hacked and the hacker is sending scam emails in their behalf. We have reviewed the latest email scan types used to date that that just might fool even the … Read the rest
Is Microsoft Teams HIPAA Compliant?
Many still seem to wonder and ask what is Microsoft Teams and is this software questionable for use? This includes compliance and security officers in the Healthcare industry leading them to ask is this HIPAA Compliant? However lets go back to the basics, Microsoft Teams is a cloud platform that combines workplace chat, meetings, notes, and attachments. Microsoft Teams is Microsoft’s was created to be the competitor to Slack and Google Hangouts Chat.
Microsoft Teams and the Business Associate Agreement
I have previously mentioned that their is a office365 Business Associate Agreement which is the written contract between a Covered Entity and a Business Associate. It is required by law for HIPAA compliance.
I have checked Microsoft’s site and found a page called:
Microsoft Teams Security Features
Certification and Compliance
Microsoft created Teams to be fully Office 365 Tier-C compliant, … Read the rest
Achieving Security with IoT (Internet of Things)
Our lives have been taken over with many many WiFi enabled capable devices. The internet of things (IoT) has quite a flaw which is security. Many vendors lax on providing security updates to their software that are used in smartphones, tablets, PC’s , Game Consoles , TV’s , your Fridge and many other devices. This day in age we have to maintain a due-care and due-diligence approach on security for all these IoT devices.
With this in mind, here are seven best practices on security for IoT:
- Use security gateways: They have the ability to inspect and audit the communications of your network.
- Use VLans: Put all IoT devices in a separate Vlan outside primary business network.
- Use strong authentication: Change those consumer devices default passwords!
- Disable services: Many devices use telnet, FTP and other risky services that may be exposed to the internet.
- Use secure protocols:
Loading ...