09 Dec 2015

Scam Alert: KLFA 98 Hits & Holiday Cruise Line

First of all, I want to make it very clear that Stream101 in NO WAY supports, hosts, or is affiliated with either “KLFA98hits.com” or “Holiday Cruise Line”.

klfa98hits.com WHOIS Capture 12/9/2015

klfa98hits.com WHOIS Capture 12/9/2015

On December 7th, 2015 at approximately 6:00PM Eastern Time, Stream101 began receiving phone calls from individuals inquiring about how to redeem tickets that they had supposedly won by being caller number 15 to an internet radio station contest. Throughout the next 36 hours, we have received more than 20 calls from individuals inquiring about the same thing. We launched an investigation to find out some more information on where these calls were originating from. Below is some information we have obtained.

Phone calls came in stating the caller had won and they have paid their “Boarding Fees and Government taxes” but have not gotten their tickets. When asked about how they got our number, they all gave different numbers and all indicated they were not given any prompts to press, they just simply were connected with a billing operator.

KLFA98HITS.COM – We accessed public records (WHOIS) to find out contact information regarding this domain.

The WHOIS data indicates that the domain was first created on November 15th, 2015

The contact information of the domain indicates the website owner is in the country of The Czech Republic

The domain appears to be registered to an individual by the name of Havel Danko with a phone number listed of +420.776506650

Where a lot of this information doesnt make sense is the contact information that is being displayed in an obvious manner on their website. They provide contact information for a physical address as well as a phone number in California. Calling this number does get you talking to an English speaking person named Rob Rollins. The photo used in the chat window is, of course, a generic stock photo used on several website which we confirmed with a google image results search.

The radio stream that is used is a loop on a Live365 station using the account called tedsradiomix. This incident has also been reported to Live365.

goholidaycruiseline.com WHOIS Capture 12/9/2015

goholidaycruiseline.com WHOIS Capture 12/9/2015

After checking further into the listed Holiday Cruise Line (website listed as goholidaycruiseline.com), we can see that the supposed Cruise Line is registered to the same Czech Republic address but a different person, Denis Jelinek.

We pride ourselves in customer service and would never facilitate or endorse any scam like this at all. We are simply publishing this message to inform potential scam victims to hopefully save their money. Take this information for what you want from it – however I personally smell a scam.

Compiled below is a variety of screenshots of information we have obtained about this whole situation. In addition to us, I have been informed by another website that we work with (Broadcasting World) that they have received an email requesting similar information. I have included that email below as well. Feel free to put in a ticket to our Sales department if you have any questions regarding this scam.

KLFA Contact Information Accessed 12/9/2015

KLFA Contact Information Accessed 12/9/2015

 

KLFA Website Chat Accessed on 12/9/2015

KLFA Website Chat Accessed on 12/9/2015

 

Google Image search accessed on 12/9/2015

Google Image search accessed on 12/9/2015

Broadcasting World Email - received 12/8/2015

Broadcasting World Email – received 12/8/2015

This alert has been published and endorsed by me, Marcus Allen – President & CEO of Stream101.

Share this
03 May 2015

Widespread WordPress Vulnerability

Wordpress Logo

WordPress Logo

This is a general announcement for all users of WordPress to bring your attention to an XSS vulnerability affecting multiple WordPress plugins and themes. The vulnerability is caused by a common code pattern used in WordPress plugins and themes. Anyone using a WordPress website, regardless of where the theme or plugin was sourced, needs to be aware of this and take immediate action to ensure it is secure.

Please note that this has nothing to do with our hosting in any way. In fact, it has nothing to do with hosting from any company. The vulnerability is with WordPress, WordPress Themes, and WordPress Plugins.

What should I do?

There is no easy way of knowing exactly which plugins or themes are affected so our best advice is to periodically check for updates to any WordPress themes or plugins you are using and apply those available as soon as possible.

For updates to items obtained from other sources, please check the Plugins and Themes pages in the WordPress Admin area or contact the source of the product.

We strongly recommend continuing to check for updates, especially over the next few weeks, but also on an ongoing basis. It is important to always keep your WordPress installation and associated plugins and themes up to date. If you still have concerns, we suggest engaging an experienced WordPress developer to check whether your site is affected.

More details are available via the following links:

https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html
http://wptavern.com/xss-vulnerability-affects-more-than-a-dozen-popular-wordpress-plugins
https://poststatus.com/coordinated-plugin-updates-to-address-security-vulnerability-in-many-popular-wordpress-plugins/

Share this
08 Apr 2014

OpenSSL Heartbleed Bug (CVE-2014-0160)

Early this morning, Stream101 was made aware of an issue concerning the OpenSSL Bug that is allowing data to be intercepted.

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet.

This bug was discovered sometime yesterday and published late last night. More information regarding this bug can be found on the National Vulnerability Database found here: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160

For further confirmation that your website is secure, please see this third-party testing tool, found here: http://filippo.io/Heartbleed/

Please note, at this time no information was mishandled or taken from transactions or data exchanged wtih our website, Stream101.com during this vulnerability. We encourage any customers who utilize Credit Card Processing to keep an eye for suspicious charges or transactions that may have occurred.

For more information regarding this bug, you can view: http://heartbleed.com/

Share this
03 Dec 2013

Emergency Maintenance Notification

You are receiving this message regarding an important maintenance window, 2013-12-04 (all times US eastern).

Event Type: Network Upgrade
Event Type: Network Upgrade
Start Time: 2013-12-04 02:00
End Time: 2013-12-04 02:45
Device(s): br1 stream101.core
Client Affecting: Possible

Event Summary: We have worked with our vendor to isolate the root cause of a brief outage on Monday 2 December, 2013 which impacted some customers. The root cause is a recently discovered memory leak in the current software version of a core router. To resolve this condition, the OS level must be upgraded immediately and will require a router reload. The other core routers are not experiencing the defect but will be scheduled for upgrade shortly in non-emergency maintenance windows.

The purpose of this maintenance window is to apply an OS version upgrade to one of our core routers in the location that you have services with us. This upgrade will require a reload which may impact customer traffic for up to 15 minutes. Our servers are dedicated and multi-homed, so most clients will not notice an issue, but in the event of disruption, we are providing you with this notice.

Share this
29 Oct 2012

Inclement Weather Notification

Please be advised that we are actively monitoring the arrival of Hurricane Sandy. We have initiated our “inclement weather procedures” which include verifying site coverage teams, emergency contact numbers, adequacy of onsite fuel supplies, as well as, emergency tools & materials. We do not anticipate any interruption in service within our datacenter. However, the unprecedented size and strength of this storm will put many engineering models to the test. Our team is standing by to offer full support services throughout the storm

If you have any questions regarding this item, please do not hesitate to contact us for assistance via a support ticket (support@stream101.com)

Thank-You

Share this

© 2007-2016 Stream101, LLC. All rights reserved.

Click Me