| Message-ID: <tta9dt$26j4g$1@dont-email.me>
Date: 24 Feb 2023 07:09:33 -0500
From: Bill Horne <malQRMassimilation@gmail.com>
Subject: GoDaddy blasted for breach response
By Steve Zuier
After web hosting firm GoDaddy revealed a multi-year breach resulting in
stolen source code and malware that triggered some customers’ websites
to redirect visitors to malicious URLs, questions are being raised about
the lasting impact of the breach and the slow rollout of details to
customers.
Specific revelations of the attack were made public on Thursday via a
GoDaddy 10-K filing with the U.S. Security and Exchange Commission
(SEC). The SEC filings were in response to Federal Trade Commission
subpoenas tied to the incidents, first made public May 2020. At the
time, GoDaddy did not detail the extent of the breach.
https://www.scmagazine.com/news/breach/godaddy-blasted-breach
--
(Please remove QRM for direct replies)
|
| Message-ID: <D405B779-E3AD-4568-821A-30720E4E103F@roscom.com>
Date: 16 Feb 2023 19:44:58 -0500
From: "Monty Solomon" <monty@roscom.com>
Subject: 'Aims': the software for hire that can control 30,000 fake
online profiles
Exclusive: Team Jorge disinformation unit controls vast army of
avatars with fake profiles on Twitter, Facebook, Gmail, Instagram,
Amazon and Airbnb.
At first glance, the Twitter user “Canaelan” looks ordinary enough. He
has tweeted on everything from basketball to Taylor Swift, Tottenham
Hotspur football club to the price of a KitKat. The profile shows a
friendly-looking blond man with a stubbly beard and glasses who, it
indicates, lives in Sheffield. The background: a winking owl.
Canaelan is, in fact, a non-human bot linked to a vast army of fake
social media profiles controlled by a software designed to spread
“propaganda”.
https://www.theguardian.com/world/2023/feb/15/aims-software-avatars-team-jorge-disinformation-fake-profiles
|
Message-ID: <A8D433B8-9F56-426A-932B-01B6E6CA15DC@roscom.com>
Date: 18 Feb 2023 17:20:09 -0500
From: "Monty Solomon" <monty@roscom.com>
Subject: GoDaddy says a multi-year breach hijacked customer websites
and accounts
Three breaches over as many years all carried out by the same threat actor.
Dan Goodin
GoDaddy said on Friday that its network suffered a multi-year security
compromise that allowed unknown attackers to steal company source code,
customer and employee login credentials, and install malware that redirected
customer websites to malicious sites.
GoDaddy is one of the world’s largest domain registrars, with nearly 21
million customers and revenue in 2022 of almost $4 billion. In a filing
Thursday with the Securities and Exchange Commission, the company said that
three serious security events starting in 2020 and lasting through 2022 were
carried out by the same intruder.
https://arstechnica.com/information-technology/2023/02/godaddy-says-a-multi-year-breach-hijacked-customer-websites-and-accounts/
| Moderator's Note |
|---|
|
I try to avoid "Monty" posts, but this one meets the criteria
for inclusion: I have an account at GoDaddy, and domains
registered there. 🙁
| | - Bill Horne |
|---|
|
