Tag Archive for: Website

Building a Safer Website with a New Name: ClarionCounty.Gov :: exploreClarion.com

/in


Clarion Co.CLARION, Pa. (EYT) – Improving security is a goal of a plan for Clarion County to change its Internet domain name to clarioncounty.gov from www.co.clarion.pa.us.

Along the way, some help is coming from the FBI and National Guard.

It may seem like a small change, but Clarion County Information Technology Director Chad Johnston (pictured above) told commissioners on Tuesday morning it is part of state and federal efforts to push everyone to change on a global level because they can provide a lot more security for the counties.

“We are working with partners and SISA (Forensic-driven Cybersecurity Experts & Solutions) and other collaborations to build more secure infrastructures for governments at the local and state level,” Johnston explained.

“The benefits of having a dot-gov domain is like brand awareness. It provides a piece of mind that if we send someone an e-mail that has a dot gov, they’re going to know it is coming through from a government agency.”

Johnston added that government domains often have phishing attacks and ransomware where a government or business information system can be held hostage if the IT system is locked down.

“The security of it gives us peace of mind plus anything attacking dot gov or anything that’s going to increase attacks on our current system. The FBI and all of the other governments are watching. They can watch over everybody and help improve cybersecurity and infrastructure security. We’ll get training and a lot more contacts through the FBI and National Guard.

“With all sorts of cyber-attacks, they are going to be able to send us video training and let us know what is actually out there hitting these domains, and it will help us to further understand what’s out there, as much as working with them to protect our domain and our e-mail addresses.”

The project is going to take a while and will start out small, probably first within the IT Department for the change to clarioncounty.gov, according to Johnston.

“We’re going to make it work, and then we will eventually migrate up through the county system. It’s probably going to be a six- or eight-month process because we also have to send in our registration forms for approval….

Source…

Data breach at Social Blade confirmed. Hacker offers to sell database on underground website

/in


Social media analytics service Social Blade has confirmed that it is investigating a security breach after a hacker offered its user database for sale on an underground criminal website.

In a notification sent to Social Blade users, the firm said that it had confirmed that its database was being offered for sale on a hacking forum after being notified of a potential breach on December 14th.

According to Bleeping Computer, Social Blade’s data was first put on sale on the underground forum on December 12, 2022.

The hacker, meanwhile, claims to have stolen the database of 5.6 million records in September.

Social Blade, which monitors the social media accounts of tens of millions of users, issued a reassurance that no credit card information had been leaked, but did say that the leaked data included email addresses, IP addresses, password hashes, client IDs and tokens for business API users, auth tokens for connected accounts, and “many other pieces of non-personal and internal data.”

In addition, the firm warned that “a very small subset of the data (about a tenth of a percent)”” also included the addresses of users.

Social Blade went on to say that although password hashes had been leaked, it did not believe they were at risk as the strong bcrypt encryption algorithm had been used. Nonetheless, it would be sensible for affected Social Blade users to change their passwords, ensuring that new passwords are hard-to-crack or guess, and are unique.

Business API tokens have meanwhile been reset to prevent exploitation by unauthorised third parties.

Social Blade believes that the individual who stole its data accessed it by exploiting a website vulnerability. It says it has closed the security hole and is conducting additional reviews of its systems to ensure that security is further hardened.

Anyone who has used Social Blade would be wise to not only change their password but also to be on the lookout for scams and phishing attacks which attempt to use the breached information to trick the unwary into handing over further details.

Source…

Scam website alert: Expert reveals 7 warning signs

/in


Share


Are you worried about falling victim to online scams and attacks? If so, you are not alone, as 81% of Brits fear fraudulent attacks, according to the NCSC.   

Scammers have utilised increasingly creative tactics to gain access to your personal information, making it harder to identify and protect yourself from phishing scams and fraudulent attacks. Recently in the UK, consumers have been exploited via fake texts inviting recipients to apply for the £400 energy bill discount, only to be met by a fake ‘Ofgem’ website asking for personal financial details. 

With this in mind, we have joined forces with Bespoke Software Development Company to share some lesser-known tips on how to protect yourself from fraudulent websites and popular scams. 

1. Examine the address bar

There are a few tell-tale signs as to whether a website is fraudulent or not, and these can be easily spotted by just looking at the address bar. Secure websites often have a padlock in the search bar, and will have ‘HTTPS’ at the start of the URL, signalling that the connection is encrypted.

If the website that you are visiting does not have these features, there is a risk it could be fraudulent. It is important that you only visit sites that have ‘HTTPS’, although this does not automatically mean that you can trust the website. 

Scammers often imitate the URLs of authoritative and trustworthy brands or websites by changing the URL slightly with misspellings or punctuation differences. If the URL has these features, it is likely that it could be a phishing site infected with malicious software. 

Expert tips: 

  • Never trust a HTTP website with your personal details. 

  • Do not ignore warnings from your web browser when you are entering dangerous or deceptive sites. 

  • Always check for spelling mistakes and other inconsistencies in the URL.

2. Check for legitimate details 

To avoid risking your money and data when purchasing online, you can check for the company’s existence in real life. You can do this by checking a company’s address and contact information, try using google maps to see if the company’s address exists or calling the listed phone number to see if…

Source…

He created a ‘RentaHitman’ website for class project as a joke. But then police got involved after the site got a slew of inquiries from people wanting to actually pay for a hitman

/in


Hands type on laptop

A stock image shows hands typing on a laptop.Getty Images

  • A California man, Bob Innes, said he accidentally created a hitman-for-hire website, per People Magazine.

  • Innes and his friends made the site to start a computer security business in 2005.

  • He later learned that people were reaching out inquiring about making a hit.

A California man said that at least 30 people have been arrested after inquiring about hiring a hitman on his parody website, according to PEOPLE. 

Bob Innes, along with his friends, created the website while participating in an IT program at a California business school in 2005, the outlet reported. They made the site with the intention of starting a computer security company — and chose the quippy domain “RentAHitman.com.”

“Rent as in hire us,” Innes told PEOPLE. “Hit as in network traffic, and men, because there were four of us. We thought it was funny.”

Although the website was live, the group did not officially start the company, according to the report. Three years later, Innes decided to log back in and discovered a slew of inquiries.

According to the report, some people were asking for the price, while others were seeking employment.

“There was even a female out of the UK who wanted to learn the business so that she could be a hitwoman,” the 54-year-old told the publication.

That’s when Innes realized that he had unintentionally set up a website for those seeking to hire a hitman, PEOPLE reported. Innes told the magazine that he decided up the humor by adding phony testimonials and awards.

When a potential customer reaches out for their “services,” he waits a day to reach back out to them. After they show interest in hiring a hitman, he connects them with an “operative,” which happens to be one of the thousands of police departments across the country, per the report.

The website has resulted in more than two dozen arrests and a number of convictions, including a woman who reached out in 2010 about murdering her family members, according to the outlet.

Read the original article on Insider

Source…