security

Operation Endgame – 300 Widomaker.com Email Accounts Found Among 16.5M Compromised Accounts

Published May 30, 2024 | By Widomaker

What Happened?

Between May 27 and May 29, 2024, an international law enforcement operation, Operation Endgame, seized over 100 cybercrime servers worldwide. It’s being called the largest ever operation against botnets.

Approximately 300 (active and inactive) @widomaker.com email accounts, and passwords, were identified as having been potentially compromised for use by the Endgame cybercrime groups, sometime during the time period the groups were active. This means the affected users’ passwords were potentially compromised via remote access trojans (RATs) or info-stealers (malware installed on the users’ computers). To find out more, review the article and video, from Microsoft, about How malware can infect your PC…

According to Spamhaus, “The botnet operators in question relied on compromised accounts to target victims and spread malicious emails. If a receiver interacted with one of these emails, it is highly likely that their device was infected. As a result, they probably became part of the targeted botnets.”

More details on Operation Endgame may be found at the links below…

What Should I Do?

The easiest way to tell if your email address is in the Operation Endgame data, or other data breaches, is to sign up, for free, to be notified when your email address appears in known data breaches, or is found, via law enforcement action, to be compromised, like in the case of Operation Endgame. The Have I Been Pwned notification service is free to individuals. Visit the HIBP website, via the link below, then click “Notify me” to sign up for notifications.

';–have i been pwned?

Most importantly, if you find that your email address(es) is/are in the Operation Endgame data, or other data breaches, you should scan your computers (or other devices) for malware, and reset the passwords of the affected email accounts to prevent further abuse. You may Contact our office for assistance.

Posted in Announcements, Online Safety | Tagged botnets, Email, HIBP, malware, Operation Endgame, scams, security

Check if you are a victim of the Qakbot Malware!

Published August 29, 2023 | By Widomaker

The Justice Department today announced a multinational operation involving actions in the United States, France, Germany, the Netherlands, the United Kingdom, Romania, and Latvia to disrupt the botnet and malware known as Qakbot and take down its infrastructure. [1]

On August 29th, 2023, the FBI provided Have I Been Pwned (HIBP) with 6.43M email addresses to help notify impacted victims of their exposure to the Qakbot malware. Anyone may check to see if their email address is included in the list of victims of the Qakbot malware via the HIBP notification service.

We recommend that everyone subscribes to the free notification service provided by Have I Been Pwned (HIBP) which can notify you if your email address is found in certain data breaches, including being in the Qakbot data.

Qakbot relied on compromised accounts to spread its malicious emails. If a receiver interacted with one of these emails, it is highly likely that their device became infected. As a result, they would have become part of the Qakbot botnet. [2]

If you find that your email address is in the Qakbot data, meaning your computer was probably infected with the malware, you should take several actions, including resetting your email password, and resetting any other passwords that were used on the infected computer (banking, shopping, etc.). Also, it’s possible your computer is infected with other additional malware, it should be scanned by a reputable antivirus/anti-malware product such as Malwarebytes or Windows Defender. Since Qakbot targets, among other things, banking/financial details, you should carefully review bank statements for unauthorized transactions and report any you find to your financial institution.

Continue reading →

Posted in Security Vulnerability, Tips | Tagged FBI, HIBP, Qakbot, security

TP-Link Archer WiFi router flaw exploited by Mirai malware

Published May 2, 2023 | By Widomaker

The Mirai malware botnet is actively exploiting a TP-Link Archer A21 (AX1800) WiFi router vulnerability tracked as CVE-2023-1389 to incorporate devices into DDoS (distributed denial of service) swarms.

Source: TP-Link Archer WiFi router flaw exploited by Mirai malware

Posted in Security Vulnerability | Tagged security, TP-Link, vulnerability

How to Recover from a Phishing Password Compromise

Published March 28, 2023 | By Widomaker

What is a Phishing Password Compromise?

A phishing password compromise occurs when an attacker tricks you into revealing your login credentials, such as your username and password, through a phishing attack. Once the attacker has your login credentials, they can access your account and steal sensitive information or use your account for malicious purposes.

Continue reading →

Posted in Online Safety, Tips | Tagged ChatGPT, phishing, scams, security

Ways to Avoid Email Phishing Scams

Published March 22, 2023 | By Widomaker

What is Email Phishing?

Email phishing is a type of cyber attack where the attacker sends a fraudulent email to trick the recipient into revealing sensitive information, such as login credentials or financial information. Phishing emails can be very convincing and may appear to come from a legitimate source, such as a bank or a popular online service.

Continue reading →

Posted in Online Safety, Tips | Tagged ChatGPT, phishing, scams, security

NSA Releases Best Practices For Securing Your Home Network > National Security Agency/Central Security Service > Article

Published February 23, 2023 | By Widomaker

FORT MEADE, Md. — The National Security Agency (NSA) released the “Best Practices for Securing Your Home Network” Cybersecurity Information Sheet (CSI) today to help teleworkers protect their home

Source: NSA Releases Best Practices For Securing Your Home Network > National Security Agency/Central Security Service > Article

Posted in Announcements, Online Safety | Tagged security

Security Bulletin: NVIDIA GPU Display Driver – November 2022 | NVIDIA

Published December 2, 2022 | By Widomaker

Source: Security Bulletin: NVIDIA GPU Display Driver – November 2022 | NVIDIA

Posted in Security Vulnerability | Tagged NVIDIA, security

Horde Webmail Changed to RoundCube Webmail on Plesk Hosting Servers

Published June 6, 2022 | By Widomaker

This post is only applicable to customers who have their domain’s email hosted on our Plesk hosting servers _AND_ (at least sometimes) access their email using the Horde webmail application. Note that most hosting customers use Outlook or Thunderbird to access their email, and do not regularly use webmail.

Continue reading →

Posted in Announcements, E-mail, Hosting, Security Vulnerability | Tagged Email, Horde, Plesk, RoundCube, security, Web Hosting, webmail

Two Factor Authentication is Available for Email

Published September 10, 2020 | By Widomaker

This is just a reminder that Two Factor Authentication (2FA) is available to protect widomaker.com personal email accounts, and Hosted Email Pro Enhanced Email accounts. Contact us if you need help enabling 2FA.

Posted in E-mail, Tips | Tagged 2FA, Email, security

Netgear Router Vulnerabilities

Published June 29, 2020 | By Widomaker

Multiple Netgear router models contain vulnerabilities that a remote attacker can exploit to take control of an affected device. Widomaker does not provide Netgear routers with our service, however, many of our customers may have purchased one, themselves, to use with their Internet service. If you are using one of the affected Netgear models, you should update or replace the device, immediately. Please continue reading to determine if your Netgear router model is affected…

Continue reading →

Posted in Announcements, Online Safety, Security Vulnerability, Tips | Tagged Netgear, security, vulnerability