Tag: law
-
Law Enforcement Dismantles SocksEscort Proxy Network in Operation Lightning
Operation Lightning sees international law enforcement partners shut down ‘SocksEscort,’ a major malicious proxy service used by cybercriminals worldwide First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/socksescort-proxy-network-op/
-
Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries
A court-authorized international law enforcement operation has dismantled a criminal proxy service named SocksEscort that enslaved thousands of residential routers worldwide into a botnet for committing large-scale fraud.”SocksEscort infected home and small business internet routers with malware,” the U.S. Department of Justice (DoJ) said. “The malware allowed SocksEscort to direct internet First seen on thehackernews.com…
-
Law enforcement shuts down botnet made of tens of thousands of hacked routers
An international law enforcement operation shut down a service called SocksEscort, which allegedly helped cybercriminals all over the world launch ransomware and DDoS attacks, as well as distribute child sexual abuse material. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/12/law-enforcement-shuts-down-botnet-made-of-tens-of-thousands-of-hacked-routers/
-
US disrupts SocksEscort proxy network powered by Linux malware
Law enforcement agencies in the U.S. and Europe along with private partners have disrupted the SocksEscort cybercrime proxy network that used only edge devices compromised via the AVRecon malware for Linux. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-disrupts-socksescort-proxy-network-powered-by-linux-malware/
-
Law enforcement disrupted Tycoon 2FA phishing-as-a-service platform
Authorities disrupted the Tycoon 2FA phishing-as-a-service platform used to send millions of phishing emails to over 500,000 orgs worldwide. The joint effort, led by Microsoft, Europol, and industry partners, aimed to target the infrastructure of Tycoon 2FA phishing-as-a-service platform responsible for tens of millions of fraudulent emails reaching over 500,000 organizations each month worldwide. By…
-
Sean Cairncross lays out what’s coming next for Trump’s cyber strategy
The national cyber director is pitching an approach that blends cyber operations with diplomacy, law enforcement and pressure on CEOs to shore up their organizations. First seen on cyberscoop.com Jump to article: cyberscoop.com/national-cyber-director-trump-cyber-strategy-interagency-cell-critical-infrastructure-pilots/
-
Cyber Espionage Group CL-UNK-1068 Linked to China Targets Asian Infrastructure
Tags: china, cyber, espionage, government, group, infrastructure, law, malware, open-source, technology, threatA highly sophisticated cyber espionage group, designated as CL-UNK-1068, has been actively targeting critical infrastructure across South, Southeast, and East Asia since at least 2020. Originating from China, the threat actors focus on high-value sectors, including aviation, energy, government, law enforcement, technology, and telecommunications. The attackers use a versatile mix of custom malware, open-source utilities,…
-
Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure
High-value organizations located in South, Southeast, and East Asia have been targeted by a Chinese threat actor as part of a years-long campaign.The activity, which has targeted aviation, energy, government, law enforcement, pharmaceutical, technology, and telecommunications sectors, has been attributed by Palo Alto Networks Unit 42 to a previously undocumented threat activity group dubbed First…
-
US state laws push age checks into the operating system
Tags: lawBad legislation, but an especially big headache for FOSS First seen on theregister.com Jump to article: www.theregister.com/2026/03/06/os_age_verification/
-
US state laws push age checks into the operating system
Tags: lawBad legislation, but an especially big headache for FOSS First seen on theregister.com Jump to article: www.theregister.com/2026/03/06/os_age_verification/
-
How hackers bypassed MFA with a $120 phishing kit until a global takedown shut it down
In a co-ordinated public-private operation between law enforcement agencies and cybersecurity industry partners, Tycoon 2FA – one of the world’s most prolific phishing-as-a-service platforms – has been dismantled. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hackers-bypassed-mfa-120-phishing-kit-global-takedown-shut-down
-
How hackers bypassed MFA with a $120 phishing kit until a global takedown shut it down
In a co-ordinated public-private operation between law enforcement agencies and cybersecurity industry partners, Tycoon 2FA – one of the world’s most prolific phishing-as-a-service platforms – has been dismantled. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hackers-bypassed-mfa-120-phishing-kit-global-takedown-shut-down
-
FBI Detains U.S. Government Contractor in Massive $46 Million Fraud Scheme
In a major law enforcement operation, authorities have arrested a U.S. government contractor accused of executing a massive cryptocurrency theft. John Daghita allegedly stole over $46 million in digital assets from the United States Marshals Service (USMS). This successful apprehension highlights the growing intersection of insider threat management, cryptocurrency tracing, and international law enforcement collaboration.…
-
LeakBase marketplace unplugged by cops in 14 countries
Tags: banking, breach, credentials, cybercrime, data, germany, infrastructure, international, Internet, law, marketplace, phishing, service, theftGlobal effort: Thanks to international co-operation, a number of criminal marketplaces have been seized in recent years, including BreachForums and RaidForums.Law enforcement agencies involved in various ways in this week’s takedown came from Australia, Belgium, Canada, Germany, Greece, Kosovo, Malaysia, Netherlands, Poland, Portugal, Romania, Spain, the United Kingdom and the US.News of the seizure comes…
-
Police dismantle major phishing platform blamed for attacks on hospitals and schools
International law enforcement agencies have dismantled a major phishing-as-a-service platform used to target hundreds of thousands of accounts worldwide, including those tied to hospitals and schools, Europol said Wednesday. First seen on therecord.media Jump to article: therecord.media/police-dismantle-tycoon-2fa-phishing-platform
-
Police dismantles online gambling ring exploiting Ukrainian women
Spanish and Ukrainian law enforcement authorities dismantled a criminal ring that exploited war-displaced Ukrainian women to run an online gambling scheme that laundered nearly Euro4.75 million in illicit proceeds. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-dismantles-online-gambling-ring-exploiting-ukrainian-women/
-
LeakBase cybercrime forum with 142,000 users taken down in global operation
LeakBase, an open-web cybercrime forum facilitating the trade of leaked databases and “stealer logs” containing stolen credentials, has been taken down in an international law … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/05/europol-leakbase-forum-takedown/
-
Authorities pull plug on Tycoon 2FA phishing-as-a-service platform
Tycoon 2FA, a phishing-as-a-service platform that allowed cybercriminals to bypass MFA and break into online accounts, has been disrupted by law enforcement agencies and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/05/tycoon-2fa-phishing-platform-takedown-europol/
-
Europol-Led Operation Takes Down Tycoon 2FA Phishing-asService Linked to 64,000 Attacks
Tycoon 2FA, one of the prominent phishing-as-a-service (PhaaS) toolkits that allowed cybercriminals to stage adversary-in-the-middle (AitM) credential harvesting attacks at scale, was dismantled by a coalition of law enforcement agencies and security companies.The subscription-based phishing kit, which first emerged in August 2023, was described by Europol as one of the largest phishing First seen on…
-
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
A joint law enforcement operation has dismantled LeakBase, one of the world’s largest online forums for cybercriminals to buy and sell stolen data and cybercrime tools.The LeakBase forum, per the U.S. Department of Justice (DoJ), had over 142,000 members and more than 215,000 messages between members as of December 2025. Those attempting to access the…
-
Operation Leak: Authorities Dismantle LeakBase Forum, Secure User Data and IP Logs
The FBI, working alongside international law enforcement agencies, has successfully dismantled the notorious cybercriminal forum LeakBase. Dubbed >>Operation Leak,<< this coordinated global effort resulted in the seizure of the platform's domains and its underlying infrastructure. LeakBase was a prominent online destination where cybercriminals gathered to buy, sell, and trade stolen databases, corporate data, and personal…
-
Europol-coordinated action disrupts Tycoon2FA phishing platform
An international law enforcement operation coordinated by Europol has disrupted Tycoon2FA, a major phishing-as-a-service (PhaaS) platform linked to tens of millions of phishing messages each month. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/europol-coordinated-action-disrupts-tycoon2fa-phishing-platform/
-
Sprawling FBI, European operation takes down Leakbase cybercriminal forum
The FBI and European law enforcement agencies carried out a global crackdown on a cybercrime forum where criminals bought and sold stolen credentials and exploits of software vulnerabilities. First seen on therecord.media Jump to article: therecord.media/leakbase-cybercrime-fbi-europe-takedown
-
Global Takedown Neutralizes Tycoon2FA Phishing Service
Law enforcers and industry partners have taken down notorious phishing-as-a-service platform Tycoon2FA First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/global-takedown-tycoon2fa-phishing/
-
Shadow AI vs Managed AI: What’s the Difference? FireTail Blog
Tags: access, ai, api, attack, breach, chatgpt, ciso, cloud, computer, control, credentials, credit-card, data, data-breach, framework, google, injection, intelligence, Internet, law, LLM, malicious, mitre, monitoring, network, password, phishing, phone, risk, software, switch, threat, tool, training, vulnerabilityMar 04, 2026 – – Quick Facts: Shadow AI vs. Managed AIShadow AI is a visibility gap: It refers to any AI tool used by employees that the IT department doesn’t know about. Most companies have 10x more AI tools in use than they realize.Managed AI is a “Paved Path”: It uses approved, secure versions…
-
The DocuSign Email That Wasn’t A Three-Redirect Credential Harvest
<div cla TL;DR Attackers sent a convincing DocuSign notification with a “Review & Sign” button that chained through Google Maps redirects to an Amazon S3-hosted credential harvesting page. The redirect chain defeated URL scanners, and real law-firm footers added legitimacy. IRONSCALES Adaptive AI flagged the behavioral mismatch between sender infrastructure and brand identity before the first…
-
The DocuSign Email That Wasn’t A Three-Redirect Credential Harvest
<div cla TL;DR Attackers sent a convincing DocuSign notification with a “Review & Sign” button that chained through Google Maps redirects to an Amazon S3-hosted credential harvesting page. The redirect chain defeated URL scanners, and real law-firm footers added legitimacy. IRONSCALES Adaptive AI flagged the behavioral mismatch between sender infrastructure and brand identity before the first…