Jump to content

Audio Masterclass has been hacked!


cclarry

Recommended Posts

IMPORTANT

Audio Masterclass's websites have been hacked.

This includes audiomasterclass.com, login.audiomasterclass.net, edu002.audiomasterclass.net, and adventures-in-audio.com

We recommend you do not visit any of these sites until further notice.

We do not store credit card numbers, so your cards are safe.

All of our card processing is done via PayPal. PayPal does not disclose card numbers.

We apologise for this outage. We will have things corrected as soon as possible.

Please be aware that while we will try to answer any questions as promptly as possible, our efforts will be applied fully toward securing our sites.

Enrollments Office
Audio Masterclass

  • Sad 7
Link to comment
Share on other sites

That sucks. I own a small dot com and can't even tell you how many attacks we have on our site per day. It's become insane over the past decade.  Security is so important, but it's pretty clear that a lot of small business -- including small music developers and retailers that we use -- don't have great security practices or even very thorough web  processes at all (it seems a lot of them just use WordPress templates and go). 

Be careful where you store your data folks. It's the reason I never store credit card data on small sites; I use PayPal or other third-party online payment services.  

Edited by PavlovsCat
  • Like 1
  • Thanks 1
Link to comment
Share on other sites

13 hours ago, PavlovsCat said:

I own a small dot com and can't even tell you how many attacks we have on our site per day. It's become insane over the past decade. 

That creeps me out.  I always (apparently very naively) assumed the attacks were always aimed at the big boys.

13 hours ago, PavlovsCat said:

Be careful where you store your data folks. It's the reason I never store credit card data on small sites; I use PayPal or other third-party online payment services.  

That's really good advice. 

 

Link to comment
Share on other sites

13 hours ago, PavlovsCat said:

 Security is so important, but it's pretty clear that a lot of small business -- including small music developers and retailers that we use -- don't have great security practices or even very thorough web  processes at all 

<Cough> JRRShop <Cough>

  • Haha 1
Link to comment
Share on other sites

15 minutes ago, jude77 said:

That creeps me out.  I always (apparently very naively) assumed the attacks were always aimed at the big boys.

That's really good advice. 

 

Pavlov is 100% correct.  I've a 25 year career in IT, and it has become insane over the past few years.

I recently did a site visit to one of our small sales offices - my IT team has been implementing new Layer 7 firewalls across our enterprise.  I went to observe this specific implementation, and within minutes of standing this new office (minutes, not hours), we were seeing nonstop attacks from China, Turkey, Russia, the US, and Romania. In an office of 8 people.  Its not just the big boys - it's everyone.

It was insane.  My group told me they see the same thing, time after time.

  • Like 1
Link to comment
Share on other sites

17 minutes ago, husker said:

Pavlov is 100% correct.  I've a 25 year career in IT, and it has become insane over the past few years.

I recently did a site visit to one of our small sales offices - my IT team has been implementing new Layer 7 firewalls across our enterprise.  I went to observe this specific implementation, and within minutes of standing this new office (minutes, not hours), we were seeing nonstop attacks from China, Turkey, Russia, the US, and Romania. In an office of 8 people.  Its not just the big boys - it's everyone.

It was insane.  My group told me they see the same thing, time after time.

Something I think is super-powering hacking is automation (so-called AI), just probing vulnerabilities everywhere. 

  • Like 1
Link to comment
Share on other sites

8 minutes ago, Monomox said:

Something I think is super-powering hacking is automation (so-called AI), just probing vulnerabilities everywhere. 

I set up a WordPress website for my kids' school  organization and ran it for a few years.  I installed a free version of WordFence, a security plugin. I was always astounded by the number of IP addresses that plugin blocked from all over the world.  It seems like Russia, China, Ukraine, France and the U.S. were the most common culprits.  And they were tons of attempted "Admin" logins with the usual iterations of passwords...   

It does make you paranoid.  But is it paranoia if they really are out to get you?   🤔

  • Like 1
Link to comment
Share on other sites

13 hours ago, PavlovsCat said:

it's pretty clear that a lot of small business -- including small music developers and retailers that we use -- don't have great security practices or even very thorough web  processes at all (it seems a lot of them just use WordPress templates and go)

Been saying this for a long time: have separate email addresses for software purchases/downloading and for security-critical sites such as financial institutions, insurance, etc. They're still free at yahoo.com, and they even let you create multiple addresses for the same Yahoo account, so you don't have to hassle with different logins (or messina for that matter).

This isn't because small plug-in houses are likely to swipe your info, it's because (as you say) their security is softer. One of the reasons that it seems like large institutions are the only targets is that hacks against credit reporting agencies and so forth get reported and hacks on Audio Masterclass don't.

Another thing: if you can, use a unique password at every site. There are various ways of accomplishing this without the need to memorize dozens of passwords. Even if you just use the form mypassword*plug-ins or mypassword&banking or whatever, mix it up. This will go a long way toward thwarting dictionary attacks and social engineering attacks (fans of Mr. Robot have seen Elliot successfully use social engineering hacks to pwn everyone).

  • Like 1
Link to comment
Share on other sites

A password manager keeps everything sorted out and even generates truly random passwords for you.

I like Lastpass because it is cloud based and zero-knowledge.

Cloud based means that you can log in on any device you have registered with your account and any changes you make don't have to be synced among them.

Zero-knowledge means they have no access to your passwords. Even if they got hacked, all anyone could get is a bunch of garbled nonsense because it is end-to-end encrypted as well.

I don't even know any of my passwords any more, except the master passphrase to get into my password vault.

  • Like 1
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...