Tag: law-enforcement
All items tagged law-enforcement.
- Two Scattered Spider members plead guilty over the 2024 Transport for London intrusion
- Swiss Federal Audit Office: federal cyber-governance split leaves strategic oversight without a complete incident picture
- Law-enforcement momentum — Operation Endgame expands, Silver Fox mass-arrest, Conti loader plea
- SocGholish / TA569 — Operation Endgame seized 106 servers, but seven delivery clusters remain operational
- NIS2 transposition remains incomplete — France and Spain still among the laggards
- UK Information Commissioner resigns with immediate effect — regulator left leaderless mid-restructure
- Operation Endgame expands to SocGholish/TA569 — 106 C2 servers down, FakeUpdates loader stripped from 14,971 WordPress sites
- UK ICO issues criminal caution to London Clinic insider over Princess of Wales medical-record access
- China arrests 67 members of the Silver Fox (Winos/ValleyRAT) cybercrime network
- UPDATE: FBI "Operation Ghost Hook" seizes the Outsider PhaaS infrastructure Google had sued
- Law-enforcement follow-through — Conti loader developer pleads guilty, AudiA6 laundering service dismantled
- European Commission refers France and Spain to the CJEU over NIS2 non-transposition `[SINGLE-SOURCE]`
- Conti loader developer Oleksii Lytvynenko pleads guilty in US federal court after extradition from Ireland
- South Korea fines Coupang a record ₩624.7 bn over an unrevoked signing key held by a former employee
- UPDATE: Maine AG takes its breach-notification portal offline after confirming the VRChat/Discord filings were a hoax
- AudiA6 ransomware crypto-laundering service dismantled — two charged, Switzerland among the participating countries
- EDPB adopts a harmonised GDPR Article 33 breach-notification template; consultation open to 5 August
- UPDATE: EU Cyber Resilience Act reaches its first hard deadline — notifying-authority designation due 11 June
- ICO secures Proceeds-of-Crime confiscation from former RAC employees who sold ~30,000 customer records
- Finance / payments — Stripe-abusing Magecart and OFAC Iran sanctions
- Germany's Gesetzentwurf zur Stärkung der Cybersicherheit: cabinet-approved active-cyberdefence powers for BKA, Bundespolizei and BSI
- CRA June 11 notifying-authority deadline — first hard CRA milestone with ENISA SRP manual and Secure Update Mechanisms advisory published
- EU 20th Russia sanctions package: managed security services prohibition in force since 25 May; Commission interpretive guidance outstanding
- EU Council TTE June 9: CSA2 (high-risk supplier framework) + NIS2 simplification progress reports tabled; trilogue targeted early 2027 [SINGLE-SOURCE]
- OFAC sanctions Nobitex and three Iranian exchanges as conduits for IRGC-affiliated ransomware proceeds
- Spain arrests doxer who published personal data on INCIBE, prosecutorial and security-service staff
- California AG sues former 23andMe (Chrome Holding Co.) over the 2023 genetic-data breach — bulk-enumeration coding error plus absent credential-stuffing defences
- CNIL fines IQVIA Operations France €5M for health data warehouse security failures: no MFA, no log monitoring, no network segmentation
- Dutch Police + NCSC dismantle Asocks residential-proxy botnet (~17 M devices, 200 NL-hosted servers seized)
- Germany's federal cabinet approves the Cybersicherheitsstärkungsgesetz — BKA, BSI and Federal Police gain authority to redirect traffic and disable attacker infrastructure
- CrowdStrike, Google and Shadowserver simultaneously sever all four C2 channels of the GlassWorm developer-targeting botnet (not to be confused with the Nx Console / TanStack GitHub-publish chain in § 5) — Russia-attributed, active since early 2025
- Dutch National Police arrest 35-year-old over AFC Ajax fan-data breach — misconfigured API access-control and shared keys exposed 300,000+ accounts and 42,000 season-ticket records
- AFC Ajax — 300,000+ fan accounts exposed via misconfigured API access control; Dutch suspect arrested
- Asocks residential-proxy botnet — Dutch Police + NCSC dismantle ~17M-device infrastructure hosted in the Netherlands
- Germany's Cybersicherheitsstärkungsgesetz — federal cabinet approves active-cyber-defence powers; Bundestag passage still ahead
- EU 20th-package managed-security-services ban in force from 25 May — Switzerland adopted listings only; MSS prohibition deferred
- Data-protection enforcement converges on a health-data controls floor — CNIL fines IQVIA €5M; California AG sues over 23andMe
- Netherlands FIOD arrests two over EU sanctions evasion for Stark Industries front; 800 servers seized; NoName057(16) DDoS plumbing dismantled
- Kimwolf / "Dort" DDoS-for-hire operator arrested — 30+ Tbps IoT botnet, U.S. DoD-range targeting, AISURU variant
- Operation Saffron dismantles First VPN — 33+ servers seized, user database captured, Switzerland named JIT participant; Phobos RaaS infrastructure link confirmed
- ICO secures £355,880 POCA confiscation against former Markerstudy Insurance employee for off-hours bulk record access and sale [SINGLE-SOURCE]
- Microsoft DCU disrupts Fox Tempest malware-signing-as-a-service feeding Rhysida, INC, Qilin and Akira ransomware operations
- INTERPOL Operation Ramz — 13-country MENA cybercrime sweep: 201 arrests, 53 servers seized, Algerian PhaaS server takedown
- Fox Tempest — Microsoft DCU disrupts the malware-signing service feeding Rhysida, INC, Qilin and Akira
- EU 20th Russia sanctions package — managed-security-services prohibition effective 25 May; Switzerland adopted most measures 22 May
- Law-enforcement infrastructure takedowns — Operation Saffron (Switzerland JIT), FIOD/Stark Industries, Kimwolf, INTERPOL Ramz
- South Staffordshire Water — ICO £963,900 fine
- BKA Dream Market arrest — "Speedstepper" detained in Germany after seven years at large
- BKA — Dream Market lead administrator "Speedstepper" arrested in Germany
- BKA arrests Dream Market lead administrator "Speedstepper" in Germany — cryptocurrency-to-physical-gold OPSEC failure after seven years at large
- ICO fines South Staffordshire Water £963,900 — water-sector OES with partial SIEM coverage; Cl0p attribution and ZeroLogon kill-chain detail sourced to The Record
- BKA and ZIT dismantle relaunched Crimenetwork darknet marketplace; German operator arrested in Mallorca on European Arrest Warrant
- Audit SIEM/XDR telemetry coverage as a percentage of host inventory; the South Staffordshire 5%-coverage finding is the operational lesson
- German LG Berlin II ruling — Apobank liable for €218,000+ phishing loss; PSD2 IP-analytics obligation clarified
- ENISA expands CVE Numbering Authority root — 4 new CNAs, 7 migrated from MITRE; ~90 European CNAs eligible for transfer
- Polish NIS2 transposition + ABW recommendation to expand essential-entity coverage below headcount threshold
- German LG Berlin II — Apobank ruling sets PSD2 IP-analytics obligation as case law
- Europol shadow-IT — LIBE committee MEPs call for mandate-expansion pause; EDPS sanctioning toolkit identified as binary
- EU Cybersecurity Package 2026 — NIS2 amendment (COM(2026) 13) + Cybersecurity Act 2 enter EP preparatory phase; PQC obligation embedded
- Germany KRITIS-DachG in force — public administration first time in critical-infrastructure scope; registration deadline 17 July 2026
- EDPB Coordinated Enforcement Framework 2026 — 25 DPAs target GDPR transparency obligations (Articles 12–14)
- Poland NIS2 transposition in force 3 April 2026 — water-sector essential-entity status would now apply to the ABW-named facilities
- German court finds bank liable for sophisticated phishing loss — PSD2/IP-analytics obligations clarified