Survey Says…It’s a Scam!
Recently, I shared the first blog in a series recounting a user’s experience with malicious adtech. In that blog, I described how I had visited a compromised website, allowed notifications and found myself inundated with a seemingly endless stream of malicious content. For over three months, I had recorded every interaction and analyzed how the different companies in the adtech world affiliate with each other and with the advertisers they serve. In that initial blog, I shared my experience with how actors use malicious adtech to deliver scareware; in this one, I’m going to show how malicious adtech delivers gift card, sweepstakes and survey scams.
Developer sabotaged ex-employer with kill switch activated when he was let go
A federal jury in Cleveland has found a senior software developer guilty of sabotaging his employer’s systems – and he’s now facing a potential ten years behind bars. Davis Lu, 55, of Houston, Texas, was a seasoned coder employed by power-management biz Eaton Corporation between November 2007 to October 2019. In his last year with the outfit, there was a corporate restructuring and he was demoted, both in terms of job responsibilities and server access.
Japanese telco giant NTT Com says hackers accessed details of almost 18,000 organizations
Japanese telecom giant NTT Communications (NTT Com) has confirmed that hackers accessed the data of almost 18,000 corporate customers during a February cyberattack, affecting an as-yet-unknown number of individuals. The Tokyo-based NTT Com, which provides phone and network tech to enterprises, said it discovered the data breach on February 5 after determining that the hackers had gained “unauthorized access” to an internal system used for managing service orders.
When Seconds Count: How to Survive Fast-and-Furious DDoS Microbursts
Picture this: You’re on a critical Monday morning video call with your team, delving into crucial project milestones. Suddenly, the call drops, everyone is disconnected, and your voice-over-IP (VoIP) system goes haywire. By the time you scramble to check the firewall logs, everything appears normal again. No red flags, no massive traffic anomalies — just a brief but devastating interruption. In reality, you might have fallen victim to a short-lived, high-intensity DDoS attack aimed at overwhelming your communications service, whether that’s Zoom, Microsoft Teams, or another VoIP platform. With attacks that last a mere two minutes, cybercriminals can quickly cripple user sessions, create chaos, and then slip away before traditional defense mechanisms can even blink.
New York AG Sues National General and Allstate Over Data Breach
New York’s Attorney General filed a lawsuit against National General and Allstate Insurance Co. for failing to protect New Yorkers’ personal information from cyberattacks. Letitia James’ office today filed the suit from incidents in 2020 and 2021, when National General suffered a pair of back-to-back data breaches that exposed the driver’s license numbers of more than 165,000 New Yorkers. The Office of the Attorney General alleges that following the first breach, National General failed to notify impacted consumers and neglected to determine whether sensitive information was exposed elsewhere in its system, which enabled a second, larger breach months later.
