Tag: international
-
Iranian Hacker Pleads Guilty in $19 Million Robbinhood Ransomware Attack on Baltimore
An Iranian national has pleaded guilty in the U.S. over his involvement in an international ransomware and extortion scheme involving the Robbinhood ransomware.Sina Gholinejad (aka Sina Ghaaf), 37, and his co-conspirators are said to have breached the computer networks of various organizations in the United States and encrypted files with Robbinhood ransomware to demand Bitcoin…
-
Worldwide Operation Shuts Down Hundreds of Ransomware Servers and Domains, Ending Key Attack Infrastructure
Law enforcement and judicial officials, working together with Europol and Eurojust, have dealt a devastating blow to the worldwide ransomware ecosystem in a historic international operation. From May 19 to 22, 2025, Operation Endgame targeted the critical infrastructure behind ransomware attacks, dismantling approximately 300 servers and neutralizing 650 malicious domains worldwide. This operation not only…
-
Robinhood Ransomware Operator Arrested for Attacks on Government and Private Networks
Tags: attack, computer, cyber, fraud, government, healthcare, international, iran, network, ransomwareOn May 27, 2025, Iranian national Sina Gholinejad, 37, pleaded guilty in a North Carolina federal court to charges of computer fraud and conspiracy to commit wire fraud, admitting his central role in the international Robbinhood ransomware campaign that targeted U.S. cities, corporations, and healthcare organizations. The attacks, spanning from January 2019 to March 2024,…
-
Government Calls on Organizations to Adopt SIEM and SOAR Solutions
In a landmark initiative, international cybersecurity agencies have released a comprehensive series of publications to guide organizations through the implementation and prioritization of Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms. These resources aim to help both executives and practitioners navigate the complexities of modern cyber defense, from procurement…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 46
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang RVTools Bumblebee Malware Attack How a Trusted IT Tool Became a Malware Delivery Vector Malicious ‘Checker’ Packages on PyPI Probe TikTok and Instagram for Valid Accounts […]…
-
Security Affairs newsletter Round 525 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Securitythe weekly Security Affairs newsletterAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Silent Ransom Group targeting law firms, the FBI warns Leader of Qakbot cybercrime network…
-
Operation ENDGAME disrupted global ransomware infrastructure
Operation ENDGAME dismantled key ransomware infrastructure, taking down 300 servers, 650 domains, and seizing Euro21.2M in crypto. From May 19 to 22, 2025, Operation ENDGAME, coordinated by Europol and Eurojust, disrupted global ransomware infrastructure. Law enforcement took down down 300 servers and 650 domains, and issuing 20 international arrest warrants. >>A Command Post was set…
-
How Hunters International Used the Browser to Breach Enterprises”Š”, “ŠAnd Why They Didn’t See It”¦
How Hunters International Used the Browser to Breach Enterprises”Š”, “ŠAnd Why They Didn’t See It Coming At RSAC 2025, Cato Networks delivered a presentation that SOC teams and CISOs will want to pay attention to: “Suspicious Minds”Š”, “ŠHunting Threats That Don’t Trigger Security Alerts.” The session showcased ransomware campaigns that bypassed traditional detection. In some cases,…
-
International dark web crackdown leads to arrests
First seen on scworld.com Jump to article: www.scworld.com/brief/international-dark-web-crackdown-leads-to-arrests
-
Ransomware hackers charged, infrastructure dismantled in international law enforcement operation
Europol said 300 servers and 650 domains were taken down worldwide, while about $3.5 million was seized during raids throughout the week as part of Operation Endgame. First seen on therecord.media Jump to article: therecord.media/hackers-charged-infrastructure-dismantled-operation-endgame
-
Operation Endgame Takes Down DanaBot Malware, Neutralizes 300 Servers
Operation Endgame takes down DanaBot malware network; 300 servers neutralized, Euro21.2M in crypto seized, 16 charged, 20 international warrants. First seen on hackread.com Jump to article: hackread.com/operation-endgame-danabot-malware-neutralizes-servers/
-
US, Europol arrest 270 dark web drug traffickers in Operation RapTor
U.S. and EU law enforcement seized more than $200 million and 144 kilograms of fentanyl or fentanyl-laced narcotics alongside 180 firearms as part of the international effort. First seen on therecord.media Jump to article: therecord.media/global-law-enforcement-arrest-270-tied-to-dark-web-drug-sales
-
Botnets disrupted worldwide…Operation Endgame is BACK!
Operation Endgame, “Season 2”, is officially announced as of Friday, May 23rd, 2025. International law enforcement agencies and their partners have once again joined forces to disrupt and dismantle botnet infrastructure and their operators. In this post, get details of the take-down itself and Spamhaus’ role in victim account remediation. First seen on securityboulevard.com Jump…
-
Operation RapTor led to the arrest of 270 dark web vendors and buyers
Law enforcement operation codenamed ‘Operation RapTor’ led to the arrest of 270 dark web vendors and buyers across 10 countries. Police arrested 270 suspects following an international law enforcement action codenamed ‘Operation RapTor’ that targeted dark web vendors and customers from ten countries. The Operation RapTor has dismantled networks trafficking in drugs, weapons, and counterfeit…
-
Operation Endgame 2.0: DanaBusted
Tags: access, attack, backup, banking, breach, business, cloud, communications, control, crypto, cybercrime, data, defense, detection, email, espionage, firewall, fraud, government, group, Hardware, infection, intelligence, international, law, malicious, malware, middle-east, network, programming, ransomware, russia, service, supply-chain, switch, threat, tool, ukraine, update, windowsIntroductionOn May 22, 2025, international law enforcement agencies released information about additional actions that were taken in conjunction with Operation Endgame, an ongoing, coordinated effort to dismantle and prosecute cybercriminal organizations, including those behind DanaBot. This action mirrors the original Operation Endgame, launched in May 2024, which disrupted SmokeLoader, IcedID, SystemBC, Pikabot, and Bumblebee. Zscaler…
-
BKA gelingt Schlag gegen Cyberkriminelle
Im Rahen der “Operation Endgame” wurden die derzeit einflussreichsten Schadsoftware-Varianten vom Netz genommen. BKASicherheitsbehörden ist ein Schlag gegen die weltweite Cyberkriminalität gelungen. Im Laufe dieser Woche seien dank der “Operation Endgame” die derzeit einflussreichsten Schadsoftware-Varianten vom Netz genommen und die dahinterstehenden Täter identifiziert worden, teilte das Bundeskriminalamt (BKA) mit.Von den insgesamt 37 identifizierten Akteuren werden…
-
Police takes down 300 servers in ransomware supply-chain crackdown
In the latest phase of Operation Endgame, an international law enforcement operation, national authorities from seven countries seized 300 servers and 650 domains used to launch ransomware attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-takes-down-300-servers-in-ransomware-supply-chain-crackdown/
-
Global Crackdown Nets 270 Dark Web Vendors in Major Arrests
A sweeping international crackdown, codenamed Operation RapTor, has dealt a significant blow to the criminal underworld operating on the dark web. Coordinated by Europol and involving agencies across four continents, the operation resulted in the arrest of 270 individuals involved in trafficking drugs, weapons, counterfeit goods, and illicit services. This marks one of the largest…
-
Police arrests 270 dark web vendors, buyers in global crackdown
Police arrested 270 suspects following an international law enforcement action codenamed ‘Operation RapTor’ that targeted dark web vendors and customers from ten countries. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-arrests-270-dark-web-vendors-buyers-in-global-crackdown/
-
Law Enforcement, Microsoft Disrupt Operations of Popular Lumma Stealer
International law enforcement agencies and cybersecurity vendors seized thousands of domains used to run the MaaS operations of the widely popular Lumma Stealer malware, which was used to facilitate ransomware, malvertising, and phishing attacks around the globa. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/law-enforcement-microsoft-disrupt-operations-of-popular-lumma-stealer/
-
ThreatBook Recognized as a Notable Vendor in Global Network Analysis and Visibility (NAV) Report
ThreatBook, a global leader cyber threat and response solutions backed by threat intelligence and AI, has been recognized as a notable vendor in Forrester’s Network Analysis And Visibility Solutions Landscape, Q2 2025 report. This marks a major milestone in ThreatBook’s growing international presence and continued innovation in the NAV (Network Analysis and Visibility) space. For…
-
Russian hackers breach orgs to track aid routes to Ukraine
A Russian state-sponsored cyberespionage campaign attributed to APT28 (Fancy Bear/Forest Blizzard) hackers has been targeting and compromising international organizations since 2022 to disrupt aid efforts to Ukraine. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-hackers-breach-orgs-to-track-aid-routes-to-ukraine/
-
FBI, Microsoft, international cops bust Lumma infostealer service
Credit card theft losses in 2023 alone totaled $36.5M First seen on theregister.com Jump to article: www.theregister.com/2025/05/21/lumma_infostealer_service_busted/
-
Microsoft leads international takedown of Lumma Stealer
The Lumma infostealer malware is a popular way for hackers to steal passwords, credit cards and cryptocurrency wallets. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/microsoft-takedown-lumma-stealer/748727/
-
Accenture Files Leak New Research Reveals Projects Controlling Billions of User Data
A new research report released today by Progressive International, Expose Accenture, and the Movement Research Unit uncovers the sprawling influence of Accenture, the world’s largest consultancy firm, in driving a global wave of surveillance, exclusion, and authoritarianism. The investigation reveals how Accenture has become essential to security states worldwide, channeling public resources into private ownership…
-
China-linked UnsolicitedBooker APT used new backdoor MarsSnake in recent attacks
China-linked UnsolicitedBooker used a new backdoor, MarsSnake, to target an international organization in Saudi Arabia. ESET researchers revealed that a China-linked APT, tracked as UnsolicitedBooker, targeted an international organization in Saudi Arabia using a new backdoor called MarsSnake. The experts uncovered the attacks in March 2023 and again in 2024, noting that the group used…
-
Your Data, Your Responsibility: Securing Your Organization’s Future in the Cloud
Tags: access, ai, application-security, attack, best-practice, breach, business, cloud, compliance, control, cyberattack, data, data-breach, dora, encryption, finance, framework, gartner, GDPR, google, ibm, infrastructure, international, mfa, network, PCI, phishing, privacy, regulation, risk, saas, service, strategy, threatYour Data, Your Responsibility: Securing Your Organization’s Future in the Cloud madhav Tue, 05/20/2025 – 04:37 Cloud adoption has fundamentally changed the way businesses operate, offering scalability, agility, and cost efficiencies that were unimaginable just a decade ago. But with this shift comes a necessary conversation: the cloud can also introduce complex security risks without…
-
Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization
Tags: attack, backdoor, china, data-breach, email, group, hacker, hacking, international, phishing, spear-phishing, tactics, threatThreat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake.ESET, which first discovered the hacking group’s intrusions targeting the entity in March 2023 and again a year later, said the activity leverages spear-phishing emails using First…