Tag: law
-
Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure
High-value organizations located in South, Southeast, and East Asia have been targeted by a Chinese threat actor as part of a years-long campaign.The activity, which has targeted aviation, energy, government, law enforcement, pharmaceutical, technology, and telecommunications sectors, has been attributed by Palo Alto Networks Unit 42 to a previously undocumented threat activity group dubbed First…
-
US state laws push age checks into the operating system
Tags: lawBad legislation, but an especially big headache for FOSS First seen on theregister.com Jump to article: www.theregister.com/2026/03/06/os_age_verification/
-
US state laws push age checks into the operating system
Tags: lawBad legislation, but an especially big headache for FOSS First seen on theregister.com Jump to article: www.theregister.com/2026/03/06/os_age_verification/
-
How hackers bypassed MFA with a $120 phishing kit until a global takedown shut it down
In a co-ordinated public-private operation between law enforcement agencies and cybersecurity industry partners, Tycoon 2FA – one of the world’s most prolific phishing-as-a-service platforms – has been dismantled. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hackers-bypassed-mfa-120-phishing-kit-global-takedown-shut-down
-
How hackers bypassed MFA with a $120 phishing kit until a global takedown shut it down
In a co-ordinated public-private operation between law enforcement agencies and cybersecurity industry partners, Tycoon 2FA – one of the world’s most prolific phishing-as-a-service platforms – has been dismantled. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hackers-bypassed-mfa-120-phishing-kit-global-takedown-shut-down
-
FBI Detains U.S. Government Contractor in Massive $46 Million Fraud Scheme
In a major law enforcement operation, authorities have arrested a U.S. government contractor accused of executing a massive cryptocurrency theft. John Daghita allegedly stole over $46 million in digital assets from the United States Marshals Service (USMS). This successful apprehension highlights the growing intersection of insider threat management, cryptocurrency tracing, and international law enforcement collaboration.…
-
LeakBase marketplace unplugged by cops in 14 countries
Tags: banking, breach, credentials, cybercrime, data, germany, infrastructure, international, Internet, law, marketplace, phishing, service, theftGlobal effort: Thanks to international co-operation, a number of criminal marketplaces have been seized in recent years, including BreachForums and RaidForums.Law enforcement agencies involved in various ways in this week’s takedown came from Australia, Belgium, Canada, Germany, Greece, Kosovo, Malaysia, Netherlands, Poland, Portugal, Romania, Spain, the United Kingdom and the US.News of the seizure comes…
-
Police dismantle major phishing platform blamed for attacks on hospitals and schools
International law enforcement agencies have dismantled a major phishing-as-a-service platform used to target hundreds of thousands of accounts worldwide, including those tied to hospitals and schools, Europol said Wednesday. First seen on therecord.media Jump to article: therecord.media/police-dismantle-tycoon-2fa-phishing-platform
-
Police dismantles online gambling ring exploiting Ukrainian women
Spanish and Ukrainian law enforcement authorities dismantled a criminal ring that exploited war-displaced Ukrainian women to run an online gambling scheme that laundered nearly Euro4.75 million in illicit proceeds. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-dismantles-online-gambling-ring-exploiting-ukrainian-women/
-
LeakBase cybercrime forum with 142,000 users taken down in global operation
LeakBase, an open-web cybercrime forum facilitating the trade of leaked databases and “stealer logs” containing stolen credentials, has been taken down in an international law … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/05/europol-leakbase-forum-takedown/
-
Authorities pull plug on Tycoon 2FA phishing-as-a-service platform
Tycoon 2FA, a phishing-as-a-service platform that allowed cybercriminals to bypass MFA and break into online accounts, has been disrupted by law enforcement agencies and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/05/tycoon-2fa-phishing-platform-takedown-europol/
-
Europol-Led Operation Takes Down Tycoon 2FA Phishing-asService Linked to 64,000 Attacks
Tycoon 2FA, one of the prominent phishing-as-a-service (PhaaS) toolkits that allowed cybercriminals to stage adversary-in-the-middle (AitM) credential harvesting attacks at scale, was dismantled by a coalition of law enforcement agencies and security companies.The subscription-based phishing kit, which first emerged in August 2023, was described by Europol as one of the largest phishing First seen on…
-
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
A joint law enforcement operation has dismantled LeakBase, one of the world’s largest online forums for cybercriminals to buy and sell stolen data and cybercrime tools.The LeakBase forum, per the U.S. Department of Justice (DoJ), had over 142,000 members and more than 215,000 messages between members as of December 2025. Those attempting to access the…
-
Operation Leak: Authorities Dismantle LeakBase Forum, Secure User Data and IP Logs
The FBI, working alongside international law enforcement agencies, has successfully dismantled the notorious cybercriminal forum LeakBase. Dubbed >>Operation Leak,<< this coordinated global effort resulted in the seizure of the platform's domains and its underlying infrastructure. LeakBase was a prominent online destination where cybercriminals gathered to buy, sell, and trade stolen databases, corporate data, and personal…
-
Europol-coordinated action disrupts Tycoon2FA phishing platform
An international law enforcement operation coordinated by Europol has disrupted Tycoon2FA, a major phishing-as-a-service (PhaaS) platform linked to tens of millions of phishing messages each month. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/europol-coordinated-action-disrupts-tycoon2fa-phishing-platform/
-
Sprawling FBI, European operation takes down Leakbase cybercriminal forum
The FBI and European law enforcement agencies carried out a global crackdown on a cybercrime forum where criminals bought and sold stolen credentials and exploits of software vulnerabilities. First seen on therecord.media Jump to article: therecord.media/leakbase-cybercrime-fbi-europe-takedown
-
Global Takedown Neutralizes Tycoon2FA Phishing Service
Law enforcers and industry partners have taken down notorious phishing-as-a-service platform Tycoon2FA First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/global-takedown-tycoon2fa-phishing/
-
Shadow AI vs Managed AI: What’s the Difference? FireTail Blog
Tags: access, ai, api, attack, breach, chatgpt, ciso, cloud, computer, control, credentials, credit-card, data, data-breach, framework, google, injection, intelligence, Internet, law, LLM, malicious, mitre, monitoring, network, password, phishing, phone, risk, software, switch, threat, tool, training, vulnerabilityMar 04, 2026 – – Quick Facts: Shadow AI vs. Managed AIShadow AI is a visibility gap: It refers to any AI tool used by employees that the IT department doesn’t know about. Most companies have 10x more AI tools in use than they realize.Managed AI is a “Paved Path”: It uses approved, secure versions…
-
The DocuSign Email That Wasn’t A Three-Redirect Credential Harvest
<div cla TL;DR Attackers sent a convincing DocuSign notification with a “Review & Sign” button that chained through Google Maps redirects to an Amazon S3-hosted credential harvesting page. The redirect chain defeated URL scanners, and real law-firm footers added legitimacy. IRONSCALES Adaptive AI flagged the behavioral mismatch between sender infrastructure and brand identity before the first…
-
The DocuSign Email That Wasn’t A Three-Redirect Credential Harvest
<div cla TL;DR Attackers sent a convincing DocuSign notification with a “Review & Sign” button that chained through Google Maps redirects to an Amazon S3-hosted credential harvesting page. The redirect chain defeated URL scanners, and real law-firm footers added legitimacy. IRONSCALES Adaptive AI flagged the behavioral mismatch between sender infrastructure and brand identity before the first…
-
Turns out most cybercriminals are old enough to know better
Law enforcement data shows profit-driven cybercrime is dominated by 35- to 44-year-olds, not script kiddies First seen on theregister.com Jump to article: www.theregister.com/2026/03/03/turns_out_most_cybercriminals_are/
-
30 Alleged Members of ‘The Com’ Arrested in Project Compass
The global law enforcement crackdown, which began in January 2025, also identified nearly 180 members of the notorious cybercriminal collective. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/30-alleged-members-the-com-arrested-project-compass
-
Project Compass Operation Cracks Down on “The Com” Cybercrime Collective 30 Arrested, 179 Suspects Identified
An international law enforcement operation named Project Compass has launched a major offensive against >>The Com,<< a dangerous transnational virtual network (TVN). The operation, which began in January 2025, has successfully led to the arrest of 30 suspects and the identification of 179 potential perpetrators connected to the sprawling cybercrime collective. Led by the European…
-
Vietnam Announces National Cybersecurity Firewall Plan Under New Digital Governance Law
Vietnam has announced plans to focus on building a cybersecurity firewall. The statement was delivered by Public Security Minister LÆ°Æ¡ng Tam Quang on Feb. 7, following the closing session of the Communist Party of Vietnam’s 14th National Congress. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/vietnam-cybersecurity-firewall/
-
Senate Health Cyber Bill Clears Committee Hurdle
Bipartisan Bill Would Mandate Multifactor Authentication, Pen Testing. Proposed legislation that’s been kicking around Congress for the last few years that aims to help bolster cybersecurity of the healthcare sector cleared a critical hurdle on Thursday. But will the bill gain enough momentum to pass the full Senate, the House and be signed into law?…
-
Researchers Unveil Aeternum C2 Infrastructure with Advanced Evasion and Persistence Tactics
For years, defenders have relied on a simple strategy to dismantle botnets find and seize their command-and-control (C2) servers. That weakness enabled global law enforcement operations to disrupt massive botnets such as Emotet, TrickBot, and QakBot. But a newly identified C2 framework,Aeternum, may render those tactics obsolete. Instead of using centralized servers or domains, Aeternum…
-
Europol goes after The Com’s ransomware and extortion networks
Law enforcement agencies across 28 countries have spent the past year building cases against a loosely organized collective known as The Com, a decentralized network of mostly … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/27/europol-the-com-network-arrests/
-
‘Project Compass’ Cracks Down on ‘The Com’: 30 Members of Notorious Cybercrime Gang Arrested
International law enforcement operation led by Europol targets network of teenagers and young adults involved in ransomware attacks, extortion and other crimes First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/project-compass-com-arrests/
-
Project Compass is Europol’s new playbook for taking on The Com
Tags: lawOfficials said 30 perpetrators have been arrested in the past year, and global law enforcement cooperation is closing the gap. First seen on cyberscoop.com Jump to article: cyberscoop.com/project-compass-the-com-europol/