Monday, March 16, 2015
A Google software problem inadvertently exposed the names, addresses, email addresses and phone numbers used to register websites after people had chosen to keep the information private.
The privacy breach involves whois, a database that contains contact information for people who’ve bought domain names. For privacy reasons, people can elect to make information private, often by paying an extra fee.
Craig Williams, senior technical leader for Cisco’s Talos research group who discovered the issue, said the data will make it easier for cybercriminals to draft phishing emails that try to trick victims into divulging information or clicking on malicious links.
he cybercriminals are “going to have the right website name, the right name, the right address, the right phone number, the right email,” he said.
Cisco said in a blog post that some 282,867 domains were affected. Williams stumbled across the problem last month while doing research on domains associated with malware.
The privacy settings for domain names registered through the company eNom were being turned off right at the time when the domains were up for renewal, starting around mid-2013.
Read more: Click here
"Indusface has proved to be a valuable security partner with its Total Application Security solution. Their 'detect-protect-monitor' package handles security worries so we can focus on improving services for our customers. Vulnerability detection, attack blocking and near real-time reports are some of the key differentiators that we enjoy with them. The web application scanning and web protection combination ..."
"As one of the leading banks in India, securing application infrastructure is critical for us. Indusface’s Total Application Security package allows us to scan vulnerabilities continuously and prevent attacks. Indusface also provides the unique benefits of expert handling and tuning on custom rules with round-the-clock traffic monitoring and protection through on-premise appliances ..."
"Our complete ecommerce infrastructure is hosted on the cloud and we are glad to have Indusface as partner for web security. Due to their association with cloud service providers and prompt deployment options, Indusface was the preferred security choice. The on-demand and scheduled scanning helps us keep track of vulnerabilities that may otherwise damage our website or put customers at risk ..."