A cyber threat actor dubbed Prolific Puma has been operating an underground link-shortening service for at least four years. It creates domain names using a registered domain generation algorithm and offers the link shortening service to other threat actors, enabling them to avoid detection while distributing phishing scams and malware. The actor has ostensibly registered between 35k-75k domain names since April 2022, often using US-based registrar and hosting company NameSilo due to its low cost and API facilitating bulk registration. It has also been observed to park registered domains for weeks before hosting their service with anonymous providers. The actor’s identity and origin remain unknown.
T-Mobile pays $16 million fine for three years’ worth of data breaches
T-Mobile has agreed to pay a $15.75 million fine and improve its security in a settlement over a series of data breaches over three years