GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the world’s largest domain name registrar, KrebsOnSecurity has learned. Continue reading GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Bad .Men at .Work. Please Don’t .Click

Web site names ending in new top-level domains (TLDs) like .men, .work and .click are some of the riskiest and spammy-est on the Internet, according to experts who track such concentrations of badness online. Not that there still aren’t a whole mess of nasty .com, .net and .biz domains out there, but relative to their size (i.e. overall number of domains) these newer TLDs are far dicier to visit than most online destinations. Continue reading Bad .Men at .Work. Please Don’t .Click

Smashing Security #064: So just a ‘teeny tiny’ security issue then?

A Namecheap vulnerability allows strangers to make subdomains for your website, Troy Hunt examines password length, and ex-Google and Facebook employees are fighting to protect kids from social media addiction.
All this and much much more is discussed … Continue reading Smashing Security #064: So just a ‘teeny tiny’ security issue then?

NameCheap to Notify Customers of Misconfiguration Issue that Allowed Subdomain Creation on Any Hosted Account

NameCheap has said it intends to notify customers of a misconfiguration issue that allowed customers to create subdomains for any hosted account. Richard Kirkendall, CEO for the ICANN-accredited registrar, said on Twitter that the company is currently … Continue reading NameCheap to Notify Customers of Misconfiguration Issue that Allowed Subdomain Creation on Any Hosted Account

Problems reporting abuse to registrars and hosting companies

We all complain about malware and phishing sites and wonder why it takes so long to take them down / remove the content. Many independent researchers have extreme problems reporting abuse to many registrars and hosting companies. In the same … Continue reading →

Source

Continue reading Problems reporting abuse to registrars and hosting companies

Carders Park Piles of Cash at Joker’s Stash

A steady stream of card breaches at retailers, restaurants and hotels has flooded underground markets with a historic glut of stolen debit and credit card data. Today there are at least hundreds of sites online selling stolen account data, yet only a handful of them actively court bulk buyers and organized crime rings. Faced with a buyer’s market, these elite shops set themselves apart by focusing on loyalty programs, frequent-buyer discounts, money-back guarantees and just plain old good customer service. Continue reading Carders Park Piles of Cash at Joker’s Stash