< ciso
brief />
Tag Banner

All news with #enforcement tag

58 articles

Armenia Detains Russian Tourist on U.S. Extradition Warrant

📰 Armenian authorities have detained a Russian tourist, Aleksandr Ermakov, at Yerevan's Zvartnots airport on June 28 after a U.S. extradition request tied to a REvil/Sodinokibi investigation. His lawyers claim Washington has targeted the wrong man, asserting the detained individual is Aleksandr Yuryevich Ermakov of Omsk, not the sanctioned Aleksandr Gennadievich Ermakov. The U.S. charging documents and an Interpol notice allege extensive ransomware activity, but Armenian officials have not commented publicly.
read more →

US Sanctions VPN and Malware Providers Linked to Ransomware

🔒 The U.S. Treasury's OFAC sanctioned virtual private network provider First VPN Service (1VPNS), its administrator Dmytro Rashevskyi, and a Belarusian cryptor vendor, Yegeniy Silayev, for enabling ransomware operations. Authorities say 1VPNS marketed no-logs service to cybercriminals and used false identities to obtain infrastructure, while Silayev sold tools to evade malware detection. The action follows a multinational takedown and server seizures tied to widespread cybercrime.
read more →

US seizes nearly 400 illegal FIFA World Cup domains

⚖️ The U.S. Justice Department has seized nearly 400 domains tied to illegal live streams of FIFA World Cup 2026 matches. The operation, coordinated via the ICHIP Network and partners, targeted servers and domains across multiple countries, including Peru and Bulgaria. Authorities acted with support from FIFA, broadcasters and industry groups to disrupt piracy and warn of malware and fraud risks to viewers.
read more →

Ten years of the GDPR: mixed outcomes and lessons

📄 Ten years after the GDPR came into force, data protection is far more established across Europe and beyond, raising consumer awareness and making privacy a competitive factor for businesses. Record fines against major tech firms underline enforcement seriousness, even as many penalties remain disputed. Companies increasingly view the regulation as burdensome and legally uncertain, complicating innovation, notably in AI development.
read more →

Police dismantle nine groups in illegal streaming crackdown

🔎 European and international law enforcement agencies concluded a seven-month operation that dismantled nine organised crime groups and arrested 29 suspects tied to illegal streaming services. Coordinated by Bulgaria with Europol support and involving 13 countries, the action identified over 18,000 IPs, 4,370 piracy-linked domains, and removed more than 27,000 illegal streaming URLs. Authorities conducted 148 searches, referred 59 cases for prosecution, and continue work on dozens of related investigations.
read more →

Spain Dismantles $4.7M Spanish-Language Manga Piracy Site

🚨 Spanish police dismantled what they say was the largest Spanish-language manga piracy platform, active since 2014 and attracting millions of monthly users worldwide. Authorities allege the site offered free, unauthorized access to copyrighted manga and generated over $4,700,000 in advertising revenue through aggressive pop-up ads. Many of those ads were pornographic and appeared on nearly every user action, raising child-safety and reputational concerns. Four people were arrested, investigators seized more than $470,000 in cold cryptocurrency wallets and disrupted a secondary site under development.
read more →

Former Ransomware Negotiator Pleads Guilty in ALPHV Attacks

🔒 41-year-old Angelo Martino, a former negotiator at DigitalMint, pleaded guilty to participating in BlackCat (ALPHV) ransomware operations that targeted U.S. companies in 2023. Prosecutors say Martino shared confidential victim negotiation positions and insurance limits with the operators, enabling larger extortion demands, and worked with accomplices Ryan Goldberg and Kevin Martin. The trio operated as affiliates, paying administrators a 20% cut, and targeted at least five U.S. organizations, including firms and nonprofits that paid multimillion-dollar ransoms. DigitalMint condemned the conduct and said the employees were fired when the activity was discovered.
read more →

Russian Operator Gets 2-Year Term for TA551 Botnet Role

⚖️ The U.S. Department of Justice sentenced Russian national Ilya Angelov to two years in prison and fined him $100,000 for operating a botnet that enabled ransomware attacks against American companies. Angelov, 40, of Tolyatti, used aliases "milan" and "okart" and co‑managed the Russia‑based cybercriminal group TA551, which distributed malware-laden spam and sold access to compromised machines. Prosecutors say TA551 sold bot access to groups behind BitPaymer and IcedID, contributing to millions in extortion payments.
read more →

U.S. Sentences Russian Hacker 6.75 Years for Ransomware Role

🔒 Aleksei Olegovich Volkov, a 26-year-old Russian national, was sentenced in the U.S. to 81 months in prison after pleading guilty to facilitating dozens of ransomware attacks as an initial access broker. Authorities say he helped breach networks and sell access to ransomware groups, resulting in over $9 million in actual losses and more than $24 million in intended losses. He was arrested in Italy in January 2024, extradited to the U.S., and agreed to pay restitution and forfeit tools used in the crimes.
read more →

Operation Alice: Over 373,000 Dark Web Sites Dismantled

🛡️ A Europol-backed, German-led operation has dismantled over 373,000 .onion sites tied to a fraudulent platform called Alice with Violence CP that advertised child sexual abuse material (CSAM) and cybercrime-as-a-service. The multi-year investigation, concentrated between 9–19 March, turned thousands of decoy domains into an honeypot that helped identify 440 customers. Authorities have issued an international arrest warrant for an alleged Chinese operator and continue probes into more than 100 suspects.
read more →

Operation Alice: 373,000 Fake CSAM Sites Taken Down

🚨 An international law enforcement operation, Operation Alice, has shut down more than 373,000 dark‑web sites that advertised fake child sexual abuse material (CSAM) and other cybercrime services. The Germany‑led probe, supported by Europol, focused on a platform called "Alice with Violence CP" run by a 35‑year‑old suspect in China; investigators say roughly 10,000 users paid between EUR 17 and EUR 250 in Bitcoin, generating about $400,000. Authorities seized 287 servers — 105 in Germany — and have issued an international arrest warrant; 440 purchasers in 23 countries have been identified and 100 are under investigation. Prosecutors note that attempting to buy CSAM is criminal in many jurisdictions even when no material is delivered.
read more →

Proton Mail Provided Subscriber Metadata to Authorities

🔒 Proton Mail disclosed subscriber payment metadata to Swiss authorities, who in turn shared the records with the FBI. The released material appears to be billing- and payment-related information rather than message contents, but such metadata can still link an account to an individual. The case highlights that privacy-focused services may be compelled by legal process to produce stored user records.
read more →

US Charges Former Negotiator Linked to BlackCat Attacks

🔒 The U.S. Department of Justice has charged Angelo Martino, a former DigitalMint ransomware negotiator, with one count of conspiracy to interfere with interstate commerce by extortion after he surrendered on March 10. Unsealed court documents allege Martino shared confidential negotiation details with BlackCat operators and, between April 2023 and April 2025, participated in attacks alongside former colleagues Kevin Tyler Martin and Ryan Goldberg. Prosecutors say the group acted as BlackCat affiliates, paying administrators a 20% cut and extorting at least five U.S. organizations, including a Tampa medical device manufacturer that paid $1.27 million. DigitalMint said it terminated the employees and has cooperated with law enforcement.
read more →

FBI Seizes LeakBase Cybercrime Forum and Member Data

🔒 The FBI has seized the LeakBase cybercrime forum and preserved data from more than 142,000 members as part of a multinational operation coordinated by Europol. On March 3–4 authorities seized two domains, switched nameservers to ns1.fbi.seized.gov and ns2.fbi.seized.gov, and posted a seizure notice. Investigators secured the forum database — including accounts, posts, private messages, credit details, and IP logs — for evidentiary use and executed arrests, searches, and interviews across the US, Australia, Belgium, Poland, Portugal, Romania, Spain, and the UK.
read more →

CISA Emergency Directive: Mitigate Cisco SD‑WAN Risks

⚠ CISA issued Emergency Directive 26-03 requiring immediate mitigation of critical vulnerabilities in Cisco SD‑WAN systems, citing exploitable flaws including CVE-2026-20127 and CVE-2022-20775. Agencies must inventory systems, collect virtual snapshots and logs, apply patches, hunt for evidence of compromise, and implement vendor hardening guidance. CISA will monitor compliance, provide technical assistance, and deliver additional resources as needed. The directive is supported by the NSA, ASD’s ACSC, Canada’s Cyber Centre, NCSC-NZ, and NCSC-UK.
read more →

ICO fines Reddit £14.47m over inadequate age checks

🔒 The UK Information Commissioner's Office (ICO) has fined Reddit £14.47m for failing to implement robust age verification and for not conducting a required DPIA before January 2025. The regulator found that children under 13 had personal data processed without a lawful basis and were potentially exposed to inappropriate content. Reddit maintains it avoids collecting identity data to protect privacy, while experts warn heavy-handed identity checks could introduce new privacy and security risks.
read more →

Spain Arrests Suspected Anonymous Fénix Hacktivists

🔒 Spanish authorities arrested four alleged members of the hacktivist group Anonymous Fénix for a series of distributed denial-of-service (DDoS) attacks that targeted government ministries, political parties, and public institutions. The Spanish Civil Guard said the group first struck in April 2023 and intensified activity after severe floods in Valencia in late October 2024, using X and Telegram for recruitment and propaganda. Courts ordered seizure of the group's X and YouTube accounts and closure of its Telegram channel following the arrests.
read more →

INTERPOL's Operation Red Card 2.0: Coordinated Disruption

🚨 Operation Red Card 2.0 demonstrates how synchronized public‑ and private‑sector action can disrupt transnational fraud. Between December 2025 and January 2026, authorities across 16 African countries used shared intelligence and operational coordination to identify victims, arrest operators, seize devices, and dismantle malicious infrastructure. Fortinet supported the effort through data contributions and the Cybercrime Atlas, helping turn intelligence into enforcement outcomes.
read more →

INTERPOL's Red Card 2.0: 651 Arrests in Africa Crackdown

🔍 A coordinated operation led by INTERPOL and the African Joint Operation against Cybercrime (AFJOC) arrested 651 suspects across 16 countries between December 8 and January 30. Authorities recovered over $4.3 million and identified 1,247 victims linked to schemes responsible for more than $45 million in losses. Investigators seized 2,341 devices, dismantled networks of fraudulent accounts and took down 1,442 malicious websites, domains, and servers.
read more →

Poland Arrests Suspect Linked to Phobos Ransomware

🛡️ Polish police have detained a 47-year-old suspect alleged to have ties to the Phobos ransomware group and seized computers and mobile phones containing credentials, credit card numbers, and server access data. The arrest in Małopolska was carried out by the Central Bureau of Cybercrime Control as part of Operation Aether, an international Europol-coordinated disruption. Authorities say the suspect used encrypted messaging to communicate with Phobos and now faces charges under Article 269b of Poland’s Criminal Code.
read more →