Popular Photography Site Breached
A major photography site, 500px, recently discovered they had suffered a data breach in July of last year. Data ranging from name and email addresses, to birthdates and user locations, were comprised. While the company did confirm no customer payment data is stored on their servers, all 15+ million users are receiving a forced password reset to ensure no further accounts can be compromised.
Nigerian Scammers Target ‘Lonely’ Victims
A recent email campaign by a criminal organization known as Scarlet Widow has been focusing on matchmaking sites for people they consider to be lonelier, elderly, or divorced. By creating fake profiles and gaining the trust of these individuals, the scammers are not only attempting to profit financially, but also causing emotional harm to already vulnerable people. In some cases these victims have been tricked into sending thousands of dollars in response to false claims of needing financial assistance, with one victim sending over $500,000 in a single year.
VFEmail Taken Down by Hackers
The founder of VFEmail watched as nearly 20 years-worth of data was destroyed by hackers in an attack that began Monday morning. Just a few hours after servers initially went down, a Tweet from a company account announced that all of the servers and backups had been formatted by a hacker traced back to Bulgarian hosting services. The motivation for the attack is still unclear, though given the numerous security measures the hacker successfully bypassed, it appears to have been a significant effort.
Urban Electric Scooters Vulnerable to Attacks
With the introduction of electric scooters to many major cities, some are curious about the security measures keeping customers safe. One researcher was able to wirelessly hack into a scooter from up to 100 yards and use his control to brake or accelerate the scooter at will, leaving the victim in a potentially dangerous situation. Without a proper password authentication system for both the scooter and the corresponding application, anyone can take control of the scooter without needing a password.
Phishing Campaign Stuffs URL Links with Excessive Characters
The latest phishing campaign to gain popularity has brought with it a warning about accounts being blacklisted and a confirmation link containing anywhere from 400 to 1,000 characters. Fortunately for observant recipients, the link should immediately look suspicious and serve as an example of the importance of checking a URL before clicking on any links.