A Little Sunshine Archives

A Little Sunshine, All About Skimmers, Andy Chandler, apple, CSIS Security Group, Ford Merrill, ghost tap, Google, Grant Smith, imessage, Krebs, M3AAWG, News, RCS, Resecurity, SecAlliance, Security, smishing, The Coming Storm, ThreatFabric, Web Fraud 2.0, ZNFC

How Phished Data Turns into Apple & Google Wallets

Posted on February 18, 2025 by [email protected]

18
Feb

Carding — the underground business of stealing, selling and swiping stolen payment card data — has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from cybercrime groups in China is breathing new […]

Continue reading →

A Little Sunshine, Dimitiri Shelest, firefox, Krebs, Mozilla, Mozilla Monitor Plus, News, Nuwber, OneRep, Radaris, Security

Nearly a Year Later, Mozilla is Still Promoting OneRep

Posted on February 13, 2025 by [email protected]

13
Feb

In mid-March 2024, KrebsOnSecurity revealed that the founder of the personal data removal service Onerep also founded dozens of people-search companies. Shortly after that investigation was published, Mozilla said it would stop bundling Onerep with the Firefox browser and wind down its partnership with the company. But nearly a year later, Mozilla is still promoting it […]

Continue reading →

A Little Sunshine, AS400495, BackConnect Security LLC, Curtis Gervais, DiamondCDN, Director of National Intelligence, DOGE, Dstat, Edward Coristine, elon musk, Eric Taylor, Krebs, Marshal Webb, Ne'er-Do-Well News, Neuralink, News, Packetware, Path Networks, President Trump, Rivage, Security, Tesla Sexy LLC, The Com, The Coming Storm, Tucker Preston, wired

Teen on Musk’s DOGE Team Graduated from ‘The Com’

Posted on February 7, 2025 by [email protected]

07
Feb

Wired reported this week that a 19-year-old working for Elon Musk‘s so-called Department of Government Efficiency (DOGE) was given access to sensitive US government systems even though his past association with cybercrime communities should have precluded him from gaining the necessary security clearances to do so. As today’s story explores, the DOGE teen is a […]

Continue reading →

A Little Sunshine, Andrew Hoog, app transport security, apple, Artificial Intelligence, ByteDance, China, Deepseek, Deepseek AI, iOs, Krebs, Latest Warnings, News, NowSecure, Security, The Coming Storm, Volcengine

Experts Flag Security, Privacy Risks in DeepSeek AI App

Posted on February 6, 2025 by [email protected]

06
Feb

New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three “free” downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek’s design choices — such as using hard-coded encryption keys, and sending unencrypted user and device data to […]

Continue reading →

1337 Services Gmbh, A Little Sunshine, AS210558, Breadcrumbs, Constella Intelligence, Cracked, domaintools, DreamDrive GmbH, Finn Alexander Grimpe, [email protected], finndev, floriaN, Florian Marzahl, HRB 164175, Intel 471, Krebs, Lucas Sohn, News, Northdata.com, Nulled, [email protected], Operation Talent, Security, Sellix, Shoppy Ecommerce Ltd, StarkRDP

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Posted on February 4, 2025 by [email protected]

04
Feb

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled, English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. An investigation into the history of these communities shows their apparent co-founders quite openly operate an Internet service provider and a pair of […]

Continue reading →

A Little Sunshine, BEC fraud, Breadcrumbs, business email compromise, Cracked, domaintools, Dutch National Police, fbi, FudCo, Fudpage, Fudtools, HeartSender, Krebs, Ne'er-Do-Well News, News, Operation Talent, Saim Raza, Security, Sellix, The Manipulaters, U.S. Department of Justice, WeCodeSolutions

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Posted on January 31, 2025 by [email protected]

31
Jan

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname “The Manipulaters,” have been the subject of three stories published here since 2015. The FBI said the […]

Continue reading →

A Little Sunshine, ACB Group, Amazon AWS, Anjie CDN, Crowell & Moring LLP, Fangneng CDN, Funnull, infrastructure laundering, Krebs, Microsoft Azure, Ne'er-Do-Well News, NETSCOUT, News, NoName057(16), polyfill, Richard Hummel, Security, Silent Push, Suncity Group, Time to Patch, U.S. Department of Commerce, Web Fraud 2.0, Zach Edwards

Infrastructure Laundering: Blending in with the Cloud

Posted on January 30, 2025 by [email protected]

30
Jan

Image: Shutterstock, ArtHead. In an effort to blend in and make their malicious traffic tougher to block, hosting firms catering to cybercriminals in China and Russia increasingly are funneling their operations through major U.S. cloud providers. Research published this week on one such outfit — a sprawling network tied to Chinese organized crime gangs and […]

Continue reading →

A Little Sunshine, Alfa Bank, David Sacks, House Judiciary Committee's Select Subcommittee on the Weaponization of the Federal Government, Jack Goldsmith, Joe Hall, John Durham, Krebs, Lawfare, Melania Trump, Michael Sussman, News, President Trump, Quinta Jurecic, Rep. Jim Jordan, Security, The Coming Storm, United States Council on Transnational Organized Crime, World Liberty Financial

A Tumultuous Week for Federal Cybersecurity Efforts

Posted on January 27, 2025 by [email protected]

27
Jan

Image: Shutterstock. Greg Meland. President Trump last week issued a flurry of executive orders that upended a number of government initiatives focused on improving the nation’s cybersecurity posture. The president fired all advisors from the Department of Homeland Security’s Cyber Safety Review Board, called for the creation of a strategic cryptocurrency reserve, and voided a […]

Continue reading →

A Little Sunshine, akam.ne, akam.net, Akamai, awsdns-06.ne, az.mastercard.com, Azure, Bugcrowd, CloudFlare, Google, How to Break Into Security, Krebs, mastercard, News, Philippe Caturegli, Security, Seralys

MasterCard DNS Error Went Unnoticed for Years

Posted on January 22, 2025 by [email protected]

22
Jan

The payment card giant MasterCard just fixed a glaring error in its domain name server settings that could have allowed anyone to intercept or divert Internet traffic for the company by registering an unused domain name. The misconfiguration persisted for nearly five years until a security researcher spent $300 to register the domain and prevent […]

Continue reading →

@chenlun, A Little Sunshine, CSIS Security Group, EZDriveMA, fbi, Ford Merrill, ic3, imessage, Krebs, Latest Warnings, Lighthouse, MassDOT, News, North Texas Toll Authority, RCS, SecAlliance, Security, smishing, SMS phishing, Sunpass, The Toll Roads, Web Fraud 2.0

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

Posted on January 16, 2025 by [email protected]

16
Jan

Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass, warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes […]

Continue reading →

Login