Author Archives: Daniel Quinn Flint

Several domain names tied to Genesis Market, a bustling cybercrime store that sold access to passwords and other data stolen from millions of computers infected with malicious software, were seized by the Federal Bureau of Investigation (FBI) today. Sources tell KrebsOnsecurity the domain seizures coincided with “dozens” of arrests in the United States and abroadContinue reading “FBI Seizes Bot Shop ‘Genesis Market’ Amid Arrests Targeting Operators, Suppliers”

John Clifton Davies, a 60-year-old con man from the United Kingdom who fled the country in 2015 before being sentenced to 12 years in prison for fraud, has enjoyed a successful life abroad swindling technology startups by pretending to be a billionaire investor. Davies’ newest invention appears to be “CodesToYou,” which purports to be aContinue reading “A Serial Tech Investment Scammer Takes Up Coding?”

Authorities in Germany this week seized Internet servers that powered FlyHosting, a dark web offering that catered to cybercriminals operating DDoS-for-hire services, KrebsOnSecurity has learned. FlyHosting first advertised on cybercrime forums in November 2022, saying it was a Germany-based hosting firm that was open for business to anyone looking for a reliable place to hostContinue reading “German Police Raid DDoS-Friendly Host ‘FlyHosting’”

The United Kingdom’s National Crime Agency (NCA) has been busy setting up phony DDoS-for-hire websites that seek to collect information on users, remind them that launching DDoS attacks is illegal, and generally increase the level of paranoia for people looking to hire such services. The warning displayed to users on one of the NCA’s fakeContinue reading “UK Sets Up Fake Booter Sites To Muddy DDoS Market”

Google says it has suspended the app for the Chinese e-commerce giant Pinduoduo after malware was found in versions of the app. The move comes just weeks after Chinese security researchers published an analysis suggesting the popular e-commerce app sought to seize total control over affected devices by exploiting multiple security vulnerabilities in a varietyContinue reading “Google Suspends Chinese E-Commerce App Pinduoduo Over Malware”

A new breach involving data from nine million AT&T customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with your mobile device — unless and until you affirmatively opt out of this data collection. Here’s a primer onContinue reading “Why You Should Opt Out of Sharing Data With Your Mobile Provider”

The U.S. Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of running BreachForums, a popular English-language cybercrime forum where some of the world biggest hacked databases routinely first show up for sale. The forum’s administrator “Pompompurin” has been a thorn in the side of the FBI for years, andContinue reading “Feds Charge NY Man as BreachForums Boss “Pompompurin””

With all the recent hubub about ChatGPT and similar publicly available Artificial Intelligence apps being used to make everyone’s life “better” (SouthPark even did an episode of the kids using it to craft poetic responses to their girlfriends texts, compose scholarly papers for school assignments, etc.), there is a cautionary tale in the article belowContinue reading “AI can fool other AI”

Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already being actively attacked, including an especially severe weakness in Microsoft Outlook that can be exploited without any user interaction. The Outlook vulnerability (CVE-2023-23397) affects all versions of Microsoft Outlook fromContinue reading “Microsoft Patch Tuesday, March 2023 Edition”

Two U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threatenContinue reading “Two U.S. Men Charged in 2022 Hacking of DEA Portal”