Reading Time: ~2 min.

Popular Photography Site Breached

A major photography site, 500px,
recently discovered they had suffered a data breach in July of last year. Data
ranging from name and email addresses, to birthdates and user locations, were
comprised. While the company did confirm no customer payment data is stored on
their servers, all 15+ million users are receiving a forced password reset to
ensure no further accounts can be compromised.

Nigerian Scammers Target ‘Lonely’ Victims

 A recent email
campaign by a criminal organization known as Scarlet
has been focusing on matchmaking sites for people they consider to be
lonelier, elderly, or divorced. By creating fake profiles and gaining the trust
of these individuals, the scammers are not only attempting to profit
financially, but also causing emotional harm to already vulnerable people.  In some cases these victims have been tricked
into sending thousands of dollars in response to false claims of needing
financial assistance, with one victim sending over $500,000 in a single year.

VFEmail Taken Down by Hackers

The founder of VFEmail
watched as nearly 20 years-worth of data was destroyed by hackers in an attack
that began Monday morning. Just a few hours after servers initially went down,
a Tweet from a company account announced that all of the servers and backups
had been formatted by a hacker traced back to Bulgarian hosting services. The
motivation for the attack is still unclear, though given the numerous security
measures the hacker successfully bypassed, it appears to have been a
significant effort.

Urban Electric Scooters Vulnerable to Attacks

With the introduction of electric
to many major cities, some are curious about the security measures
keeping customers safe. One researcher was able to wirelessly hack into a
scooter from up to 100 yards and use his control to brake or accelerate the
scooter at will, leaving the victim in a potentially dangerous situation.
Without a proper password authentication system for both the scooter and the
corresponding application, anyone can take control of the scooter without
needing a password.

Phishing Campaign Stuffs URL Links with Excessive Characters

The latest phishing campaign to gain popularity has brought with it a warning about accounts being blacklisted and a confirmation link containing anywhere from 400 to 1,000 characters. Fortunately for observant recipients, the link should immediately look suspicious and serve as an example of the importance of checking a URL before clicking on any links.

The post Cyber News Rundown: Photography Site Breached appeared first on Webroot Blog.