Tag: websites | Page 3

Tag Archive for: websites

Criminals publish ads for hacking services on US government websites

June 11, 2023/in Computer Security

Cybersecurity researchers from Citizen Lab recently spotted PDF files advertising hacking services, on websites belonging to numerous U.S. government agencies and educational institutions.

As reported by TechCrunch late last week, the PDFs were found on .gov websites belonging to California, North Carolina, New Hampshire, and at least three more states, as well as at least five counties and administrative centers.

Universities such as UC Berkeley, Stanford, Yale, UC San Diego, and countless others, are also said to have had their websites compromised. Spain’s Red Cross, defense contractor Rockwell Collins, as well as an unnamed Irish tourism company, were also affected.

SEO poisoning

In the PDFs, the threat actors advertise various services, including the ability to hack into social media accounts such as Instagram, Facebook, or Snapchat. They also advertise computer game cheats and fake follower generation. Interested parties are invited to open websites listed in the PDFs.

Discussing his findings, researcher John Scott-Railton suggested that these are not the result of a hack, but rather of a threat actor abusing misconfigured servers and content management systems (CMS): “SEO PDF uploads are like opportunistic infections that flourish when your immune system is suppressed. They show up when you have misconfigured services, unpatched CMS bugs, and other security problems,” said Scott-Railton.

> US government wants to learn more from recent major hacks

> Government bodies are at risk online

> US government legal firm Casepoint investigating data breach

TechCrunch visited some of the websites listed in the PDFs and claim that the hacks are most likely fake, and that the entire scheme is just to get people to visit the websites. These sites, the publication claims, come with a fake CAPTCHA which only buys time for the website to generate money in the background.

While the damage of this campaign seems to be almost non-existent, it begs the question of how it was possible for so many government and educational institutions to become compromised; the aftermath could have been much, much worse.

At press time, it is claimed that most of the PDF files have been…

Source…

https://spinsafe.com/wp-content/uploads/2023/06/4d32dd718c1f518f710b12e3eec169e7.jpeg 675 1200 SecureTech https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg SecureTech2023-06-11 18:31:132023-06-11 18:31:13Criminals publish ads for hacking services on US government websites

Several govt & college websites among those infected with online betting malware

June 3, 2023/in Computer Security

Several websites belonging to government departments, municipal corporations, educational institutions have been infected with malware creating redirect web pages landing on online betting and casino websites.

The infested websites include that of Mira Bhayandar municipal corporation which is on the outskirts of Mumbai, the water supply and sewerage board of Bengaluru BWSSB, research institute ICAR. BWSSB has removed these links now but the Google search results still reflects them.

In one instance a blog titled “Betting Exchange in India” is created on the domain Mizoram.gov.in redirecting to a betting portal. While the redirect is now disabled, the blog is still live at the time of going to press. The backward classes welfare department of West Bengal government is also in the list of impacted websites.

Government and education domains can easily be ranked on search engine result pages and the online betting mafia appears to have exploited this loophole.

Among the educational institutions infested with this malware are XLRI, XLRI (Delhi Campus), NIT Delhi, Flame University Pune, Zoram Medical College Mizoram, Himachal Dental College, University of Burdwan and the list goes on. XLRI and Flame have removed these links at the time of writing this.

Betting and gambling is banned in India and the Indian government has issued multiple advisories against promoting online casino portals. With advertisements on main stream media reducing considerably, betting mafia appears to have resorted to hacking and malware infestation to reach out to users.

As all the websites appear to have infested in same way, experts say this is possibly by exploiting a backdoor on the operating systems common to these websites.

Source…

https://spinsafe.com/wp-content/uploads/2023/06/Several-govt-college-websites-among-those-infected-with-online.jpg 1687 2560 SecureTech https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg SecureTech2023-06-03 22:30:082023-06-03 22:30:08Several govt & college websites among those infected with online betting malware

NZ websites down – Security update causes widespread internet outages

May 29, 2023/in Internet Security

Banks and other local websites and apps have been inaccessible for some users this morning. Photo / File

An internet glitch rendered banking apps and a number of .co.nz websites inaccessible for some users this morning.

It appears to be related to an attempt by InternetNZ – the non-profit that administers local web domains – to rollout a better system for protecting users from fake versions of websites.

“Our apologies, we’re aware that certain Internet Service providers are encountering issues this morning. This means some of our customers will have issues accessing FastNet Classic and ASB mobile,” ASB posted this morning on its Facebook page.

And after Sheri Ngaha complained on Kiwibank’s Facebook page “Why can’t we get into the app or ring this morning. This is so annoying, I’m needing to transfer money but can’t,” the bank replied: “We’re currently experiencing an issue for some customers when trying to access our App or Internet Banking. Our teams are looking into this at the moment and we hope to have this resolved soon.”

Advertisement

Advertise with NZME.

On Twitter, Hamish Mack posted: “NZ sites RNZ, New World shopping online and Kiwibank sites are not working? What the heck??”

And Rebecca McMillan said the outage did not seem to have affected Govt.nz but all NZ apps and websites she used were down.

“Can’t even listen to @radionz because the mobile app is down. Yikes. Time to get a transistor radio.”

A service bulletin from InternetNZ late yesterday noted technical problems that hit .ac.nz (education) addresses yesterday then spread to other local domains from 10.45pm last night. InternetNZ today said all times of local internet addresses were affected. An update at 9.21am this morning said, “The issue will resolve over time”.

Advertisement

Advertise with NZME.

Responding to a Herald query on Twitter, cloud computing engineer Simon Lyall said, “InternetNZ was changing the key they use to sign .nz and made a mistake. So DNS [domain name server] queries are getting a certificate error.” In other words, it seems a change designed to boost security went haywire, rendering some sites inaccessible. It seems the change related to a measure to prevent…

Source…

https://spinsafe.com/wp-content/uploads/2023/05/OYGIUHNILZGRFKNOPLO2USV4IA.jpg 675 1200 SecureTech https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg SecureTech2023-05-29 19:30:082023-05-29 19:30:08NZ websites down – Security update causes widespread internet outages

How successful are the most expensive websites of all time?

February 20, 2023/in Internet Security

The widespread outages around 1000 GMT also hit the UK government website, CNN and the BBC – Copyright POOL/AFP PHILIPPE DESMAZES

A new study reveals website traffic of the costliest domain names in history. This review finds the most expensive domain name ever currently receives 88,000 visitors per month. Remarkably, the third costliest domain name has no registered monthly traffic.

How much is a good website name worth? People and companies have paid hundreds of millions of dollars for specific domain names. Is this always worth the return on investment? Maybe not is the answer.

A new study by web hosting provider Hostinger has investigated the top seven most expensive domain names ever, to see how the sites are doing now. The data, provided to Digital Journal for review, assesses what traffic these sites receive and whether the outlay was worth it.

As to the most expensive websites:

Voice.com

Cost: $30 million in 2019

Current monthly traffic: 88.8k

The voice.com website describes Voice as “a team of technologists, artists and curators using the transformative power of NFTs to make digital art collectable.” The company bought the domain name in June 2019 from enterprise analytics and software company MicroStrategy.

360.com

Cost: $17 million in 2015

Current monthly traffic: 23.9 million

360.com belongs to the Chinese Internet security company 360 Security Technology Inc, and currently receives 23.9million monthly visitors, which ranks it as the 154th biggest website in China. The domain name was bought from Vodafone in February 2015 for $17 million

NFTs.com

Cost: $15 million in 2022

Current monthly traffic: data not available

NFTs.com is one of the most recent sales in the top ten, after it was purchased in August 2022 for $15 million. The site currently contains very little information, but says it is “powered by DigitalArtists.com Marketplace”.

Sex.com

Cost: $13million in 2010

Current monthly traffic: 64 million

This domain name was sold in November 2010 from Escom to Clover Holdings after it won an auction. The provocative name receives more traffic than the rest of the top five sites combined, with 64 million visitors each month, and it was recently announced that the name…

Source…

https://spinsafe.com/wp-content/uploads/2023/02/b5c0861d6462073ab1c97809d909e40c7bf96fa0.jpg 511 768 SecureTech https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg SecureTech2023-02-20 17:00:062023-02-20 17:00:06How successful are the most expensive websites of all time?