Zendesk were hacked

Most people had no idea who or what Zendesk are, but they should. Zendesk provides customer service portals to companies such as Pinterest, Tumblr and Twitter. Zendesk revealed in their blog that they’ve been hacked.

Pinterest, Tumblr and Twitter have been sending notices to their affected users regarding the security breach.

From Tumblr support:

Important information regarding your security and privacy

For the last 2.5 years, we’ve used a popular service called Zendesk to store, organize, and answer emails to Tumblr Support. We’ve learned that a security breach at Zendesk has affected Tumblr and two other companies. We are sending this notification to all email addresses that we believe may have been affected by this breach.

This has potentially exposed records of subject lines and, in some cases, email addresses of messages sent to Tumblr Support. While much of this information is innocuous, please take some time today to consider the following:

  • The subject lines of your emails to Tumblr Support may have included the address of your blog which could potentially allow your blog to be unwillingly associated with your email address.
  • Any other information included in the subject lines of emails you’ve sent to Tumblr Support may be exposed. We recommend you review any correspondence you’ve addressed to support@tumblr.com, abuse@tumblr.com, dmca@tumblr.com, legal@tumblr.com, enquiries@tumblr.com, or lawenforcement@tumblr.com.
  • Tumblr will never ask you for your password by email. Emails are easy to fake, and you should be suspicious of unexpected emails you receive.

Your safety is our highest priority. We’re working with law enforcement and Zendesk to better understand this attack. Please monitor your email and Tumblr accounts for suspicious behavior, and notify us immediately if you have any concerns.

Tumblr Zendesk Security Breach

Reporting malicious links to bitly

Recent round of spams propagated using hacked Twitter accounts and bitly URL shortener became the topic of discussion. Just a few days ago Twitter account of Greg Hetson (Bad Religion, Circle Jerks) was hacked and a link using bitly URL shortener to a spam site was posted.

If you encountered any malicious or spam using bit.ly, please report it to bitly immediately.

You can report spam links to support@bitly.com to be blocked. Include the word ‘spam’ in the message and include the link and information about how you received it.

From time to time you’d see that bitly would warn visitors off the malicious URL they about to visit.

bitly-warning

Greg Hetson’s Twitter account got hacked

UPDATE:
Greg Hetson confirmed that his Twitter account was hacked. Yet he did not even bother to delete the spam tweet. Probably Hetson doesn’t know how to delete a tweet.

Greg-Hetson-Twitter-was-indeed-hacked

It seems that Greg Hetson’s Twitter account got hacked on Sunday morning February 17, 2013. It is yet known how Hetson’s Twitter account got hacked. Hetson often posts tweets using his HTC Android phone.

For those who know who Greg Hetson is, he never needed to lose any body fat; in fact he needed to gain some.
For those who don’t know who Greg Hetson is, go look up Bad Religion and Circle Jerks.

Speaking of Bad Religion, go get their latest release: True North

Greg-Hetson-Twitter-Hacked

Malicious Facebook App

Someone sent me a direct Twitter message with a link to a Facebook App. I don’t have Facebook account. Apparently Facebook do not want a cat to open an account. Anyway, as a Tech-savvy cat I investigated the link and it tried to redirect to some site.

Phishing-FB

Fake-Facebook

 

meow-os-x:~ meatloaftcat$ whois factoryonlinegall.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

Domain Name: FACTORYONLINEGALL.COM
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Name Server: NS1.2X4HOSTING.RU
Name Server: NS2.2X4HOSTING.RU
Status: clientTransferProhibited
Updated Date: 26-dec-2012
Creation Date: 26-dec-2012
Expiration Date: 26-dec-2013

>>> Last update of whois database: Fri, 28 Dec 2012 23:01:18 UTC <<<

NOTICE: The expiration date displayed in this record is the date the
registrar’s sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant’s agreement with the sponsoring
registrar.  Users may consult the sponsoring registrar’s Whois database to
view the registrar’s reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services’ (“VeriSign”) Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability.  VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
=-=-=-=

Registration Service Provided By: Namecheap.com
Contact: support@namecheap.com
Visit: http://namecheap.com

Domain name: factoryonlinegall.com

Registrant Contact:
WhoisGuard
WhoisGuard Protected ()

Fax:
11400 W. Olympic Blvd. Suite 200
Los Angeles, CA 90064
US

Administrative Contact:
WhoisGuard
WhoisGuard Protected (14172c57a5704e38b81372f4c155b466.protect@whoisguard.com)
+1.6613102107
Fax: +1.6613102107
11400 W. Olympic Blvd. Suite 200
Los Angeles, CA 90064
US

Technical Contact:
WhoisGuard
WhoisGuard Protected (14172c57a5704e38b81372f4c155b466.protect@whoisguard.com)
+1.6613102107
Fax: +1.6613102107
11400 W. Olympic Blvd. Suite 200
Los Angeles, CA 90064
US

Status: Locked

Name Servers:
ns1.2x4hosting.ru
ns2.2x4hosting.ru

Creation date: 27 Dec 2012 01:19:00
Expiration date: 26 Dec 2013 17:19:00

The Lighter Side of Insomnia: “Sneak Peak” @StealthMountain

Creddit where credit is due.

“Sneak Peek” is also known as “teaser” and ” special preview”; yet it is often misspelled as “Sneak Peak”. Those who use Twitter be forewarned, @StealthMountain will sneak on you and correct you. So I purposely tweeted:

I just want to say: “Sneak Peak”

Then @StealthMountain replied:

@iVeryAm I think you mean “sneak peek”

Nothing much said on http://stealth-mountain.blogspot.com/.

p.s. This post will be automatically tweeted, and we’ll see if Stealth Mountain would reply.