domain hacking | Breaking Cybersecurity News | The Hacker News

Another day, another massive data breach—this time affecting a leading web technology company, as well as both of its subsidiaries, from where millions of customers around the world have purchased domain names for their websites. The world's top domain registrars Web.com, Network Solutions, and Register.com disclosed a security breach that may have resulted in the theft of customers' account information. Founded in 1999 and headquartered in Jacksonville, Florida, Web.com is a leading web technology company that owns both Network Solutions and Register.com. The companies offer web services like web hosting, website design, and online marketing to help people build their own websites. What happened? — In late August 2019, a third-party gained unauthorized access to a "limited number" of the company's computer systems and reportedly accessed millions of records for accounts of current and former customers with Web.com, Network Solutions, and Register.com. ...

Difficult to believe this, as we hardly come across such news. But trust me, a person managed to buy no ordinary .com domain, but — Google.com and that too for one whole minute. Sanmay Ved , an ex-Google employee and current-Amazon employee, experienced something of a shock when he found that the world's largest search engine website, Google.com , was " available " for purchase. What's Even More Shocking? It's the cost of the most-trafficked domain in the world — Only $12 . Expecting to get an error message, Ved added the domain to his shopping cart and made payment. The entire purchasing process went through without any difficulty. Within moments, his inbox and Google Webmaster Tools were flooded with webmaster related messages confirming his ownership for Google.com . "The scary part was I had access to the webmaster controls for a minute," Ved said. However, soon he received an order cancellation email and refund fro...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

Media companies including the New York Times, Twitter and the Huffington Post has been unavailable since Tuesday after the external malicious attack by a group of hackers supporting Syrian President Bashar Assad. For the second time this month, the New York Times' website has gone down. " The New York Times website was unavailable to readers on Tuesday afternoon following an attack on the company's domain name registrar, Melbourne IT ," the Times wrote. In its most recent alleged attack, SEA was apparently able to use what's called a spear phishing attack to gain access to the Australia-based domain registrar for The New York Times website and read: " Hacked by SEA, Your server security is very weak ." It appears the domain name system (DNS) for NYTimes.com was rerouted, but can be found using its numerical Internet Protocol addresses, which is 170.149.168.130. The New York Times website has been restored just now, at least temporarily a ...

From Yesterday CloudFlare Security team receiving various reports of a Phishing Scam, which is targeting customers by saying that " you have exceeded bandwidth ". In a blog post , CloudFlare said, " Some CloudFlare customers are currently being targeted with a phishing email that was not sent by CloudFlare. Please do not click on the links in the email. " Scammer asking users to visit a phishing link (removed from sample for readers security). In case you open the URL, we request you to do not enter your username and password in the URL. Please choose a strong password for CloudFlare to save your Domains.