< ciso
brief />
Tag Banner

All news with #enforcement tag

58 articles · page 2 of 3

Ex-Google Engineer Convicted for Stealing AI Trade Secrets

🛡️ Linwei Ding, a former Google engineer, was convicted by a federal jury on multiple counts of economic espionage and theft of trade secrets after allegedly taking more than 2,000 confidential documents tied to Google's AI infrastructure and chip designs. Prosecutors say the material included details on Google's TPU and GPU architectures, Cluster Management System software, and custom SmartNICs used in AI supercomputers. Authorities allege the theft occurred between May 2022 and April 2023 and that Ding copied files to personal accounts and founded a China-based startup while still employed by Google. He faces significant federal prison terms if sentenced.
read more →

France Travail Fined €5m After 2024 Breach Exposed 43M

🔒 France Travail has been fined €5 million by the CNIL after a March 2024 cyber-attack that potentially exposed personal data for an estimated 43 million jobseekers. The regulator found failures including weak authentication for Cap Emploi advisors, insufficient logging and monitoring, and overly broad access permissions, breaching Article 32 of the GDPR. France Travail must provide evidence of corrective measures on a strict timeline or face a €5,000 daily fine.
read more →

Slovakian Pleads Guilty to Running Kingdom Darknet Market

⚖️ A Slovakian national, 33‑year‑old Alan Bill (aka "Vend0r" or "KingdomOfficial"), pleaded guilty to a conspiracy to distribute controlled substances for his role operating the darknet Kingdom Market, which operated from March 2021 through December 2023. Federal undercover agents made purchases in July 2022, acquiring methamphetamine, fentanyl and a fraudulent U.S. passport, and authorities seized the site's infrastructure in December 2023. Bill was arrested at Newark Liberty International Airport after customs inspectors found multiple devices and a cryptocurrency hardware wallet linking him to the marketplace; he admitted providing web‑administration services, receiving cryptocurrency payments, and assisting with forum creation and moderation.
read more →

US Charges 31 More Suspects in ATM Malware Jackpotting

🔐 A Nebraska federal grand jury indicted 31 additional defendants accused of participating in an ATM jackpotting operation that used Ploutus malware to steal millions from U.S. ATMs. Authorities say many suspects are Venezuelan or Colombian nationals tied to the gang Tren de Aragua, an organization recently designated by OFAC as a Foreign Terrorist Organization. Investigators allege attackers opened ATM housings, swapped or connected drives to load malware, deleted evidence, and forced machines to dispense cash; the stolen proceeds were split and laundered. The Justice Department has charged 87 TdA members in related cases over the past six months.
read more →

Authorities Identify Black Basta Members, Leader Listed

🚨 Ukrainian and German authorities have identified two Ukrainians allegedly working for the Russia-linked ransomware-as-a-service group Black Basta, while the group's suspected leader, 35-year-old Russian national Oleg Evgenievich Nefedov, has been added to the EU Most Wanted and INTERPOL Red Notice lists. Investigators say the suspects acted as "hash crackers," extracting credentials used to breach corporate networks and deploy ransomware. Searches in Ivano-Frankivsk and Lviv yielded digital storage devices and cryptocurrency assets. Black Basta emerged in April 2022 and is linked to attacks on more than 500 organizations and hundreds of millions in illicit cryptocurrency profits.
read more →

Black Basta leader added to Europol and Interpol lists

🚨 German and Ukrainian authorities have identified Oleg Evgenievich Nefedov as the leader of the Black Basta ransomware group and added him to Europol's 'Most Wanted' and Interpol's 'Red Notice' lists. Raids in the Ivano-Frankivsk and Lviv regions targeted two alleged members who specialized in initial access, hash cracking and privilege escalation, and yielded seized digital storage and cryptocurrency assets. Black Basta, linked to the defunct Conti syndicate, has been tied to more than 600 incidents worldwide affecting major organizations.
read more →

International Takedown of RedVDS Cybercrime Service

🛡️ International law enforcement, together with Microsoft, dismantled the RedVDS cybercrime service after seizing servers hosted in Germany. Authorities from Germany, the United States and the United Kingdom, confirmed by the ZIT and the State Criminal Police Office of Brandenburg, say the platform enabled large-scale phishing and boss‑scam frauds. Microsoft reports $40 million in US losses over seven months and highlights prolific phishing volumes from rented virtual machines. No arrests have been reported; suspects are believed to be located in an unspecified Middle Eastern country.
read more →

France Fines Free Mobile €42M Over 2024 Data Breach

🔒 The French data protection authority, CNIL, fined Free Mobile and parent company Free a combined €42 million for insufficient protection of customer data after an October 2024 breach that exposed information of nearly 23 million subscribers. CNIL cited weak VPN authentication, poor detection of abnormal activity, delayed notifications, and excessive data retention. The companies must complete security fixes and perform mandated data clean-up within required deadlines.
read more →

California Regulators Target Sale of Sensitive Health Data

⚖️California privacy regulators have taken enforcement action under the Delete Act, penalizing a marketing firm and a global analytics provider for trading in sensitive consumer profiles without proper registration. The agency fined Rickenbacher Data LLC (operating as Datamasters) $45,000 and ordered it to stop selling and delete California data. Separately, S&P Global was fined $62,600 for failing to register as a data broker. Officials highlighted risks from lists linked to medical conditions, race, age, political views and spending.
read more →

pcTattletale Founder Pleads Guilty in Stalkerware Case

🔒 The founder of surveillance company pcTattletale pleaded guilty on January 6 to federal charges including computer hacking, conspiracy, and unlawful advertising of surveillance software. Fleming openly promoted the product on YouTube as a way to 'catch a cheater' and touted it as '100% Undetectable.' A May 2024 data breach that exposed more than 138,000 customer accounts precipitated the service shutdown. Sentencing is scheduled for April 3, 2026.
read more →

US Treasury Removes Three From Predator Sanctions List

⚖️ The U.S. Department of the Treasury's OFAC removed three individuals tied to the Intellexa Consortium — Merom Harpaz, Andrea Nicola Constantino Hermes Gambazzi, and Sara Aleksandra Fayssal Hamou — from the Specially Designated Nationals list. Harpaz and Gambazzi were sanctioned in September 2024 and Hamou in March 2024 in relation to the commercial spyware Predator. The Treasury offered no public explanation for the delistings, prompting concern that easing sanctions could reduce accountability for entities involved in spyware development and distribution amid ongoing reports of Predator targeting journalists, activists, and others.
read more →

Instacart to Refund $60M for Deceptive Subscription Tactics

📰 Instacart will refund $60 million to resolve FTC allegations that it misled customers through deceptive subscription and pricing practices. The FTC says Instacart advertised free delivery while charging mandatory service fees, concealed full-refund options behind self-service menus, and failed to disclose automatic charges at the end of Instacart+ free trials. Under the proposed order, affected consumers will receive refunds and the company must clearly disclose subscription terms.
read more →

California Man Pleads in $263M Cryptocurrency Theft

🔒 Evan Tangeman, 22, has pleaded guilty to laundering proceeds from a sophisticated criminal network that stole roughly US $263 million in cryptocurrency. Prosecutors say the Social Engineering Enterprise was organised via online gaming connections and used hackers, impersonating 'callers', burglars and money launderers to seize and convert victims' crypto. Tangeman admitted converting about US $3.5 million and faces sentencing on April 24, 2026.
read more →

UK Committee Urges Legal Liability for Software Insecurity

⚖️ The UK’s Business and Trade Committee has recommended making software providers legally accountable for insecure products, arguing that voluntary measures like the Software Security Code of Practice are insufficient to protect economic stability. The report highlights 2025 incidents affecting Co-op, M&S and Jaguar Land Rover that produced heavy public costs and operational disruption. It urges mandatory compliance, stronger enforcement powers and compulsory incident reporting to shift financial risk back to vendors.
read more →

SEC Drops Lawsuit Against SolarWinds After Years-long Probe

📰The U.S. Securities and Exchange Commission has voluntarily dismissed its lawsuit against SolarWinds and CISO Timothy G. Brown, filing a joint motion to dismiss on November 20, 2025. The October 2023 complaint alleged fraud, internal control failures, and misleading disclosures tied to the late-2020 supply-chain compromise attributed to APT29. Many allegations were rejected by the SDNY in July 2024 as relying on hindsight. SolarWinds' CEO said the company emerges stronger, more secure, and better prepared.
read more →

Samourai Cryptomixer Founders Sent to Prison in U.S. Case

🔒 The founders of the Samourai Wallet crypto-mixing service, CEO Keonne Rodriguez and CTO William Lonergan Hill, were sentenced after pleading guilty to operating an unlicensed money-transmitting business and laundering funds. Rodriguez received five years and Hill four years in prison, plus fines and three years of supervised release. Authorities seized servers and domains, removed the mobile app, and secured forfeiture of $237,832,360.55 linked to illicit transactions.
read more →

Europol Removes Thousands of Extremist Gaming Links

🔍 A coordinated action led by the European Union Internet Referral Unit (EU IRU) on 13 November 2025 resulted in the referral of thousands of extremist links found across gaming and gaming-adjacent platforms. Authorities from eight participating countries flagged 5,408 jihadist links, 1,070 violent right‑wing extremist items and 105 racist or xenophobic posts. Investigators noted illicit content on live streams, video libraries, forums and hybrid storefronts, and described how creators repurpose in-game footage with coded language and imagery to evade detection. The initiative aims to reduce public exposure and bolster cross-border cooperation.
read more →

Five Plead Guilty to Enabling DPRK Remote IT and Hacks

🔒 Five individuals have pleaded guilty to serving as facilitators for North Korean cyber operations, the US Department of Justice said. They used false or stolen identities and hosted employer laptops in US residences to create the appearance of domestic remote IT workers, aiding APT38-linked efforts. The DoJ said the activity impacted more than 136 US organizations, generated over $2.2m for Pyongyang and compromised the identities of 18 US residents, and authorities seized $15m in Tether tied to related heists.
read more →

Bitcoin Queen Sentenced to Nearly 12 Years for £5.5B Scam

🔒 Zhimin Qian, dubbed the "Bitcoin Queen," was sentenced in London to 11 years and eight months after a seven-year Met Police investigation found she laundered proceeds from a £5.5 billion cryptocurrency investment scheme that defrauded more than 128,000 victims in China between 2014 and 2017. Investigators seized 61,000 Bitcoin — now valued at roughly £5.5 billion — marking the largest crypto seizure in UK history. Two associates received prison terms and authorities confiscated additional assets including wallets, encrypted devices, cash, and gold.
read more →

Operation Chargeback: Dismantling Global Card-Fraud Rings

🔍 Operation Chargeback led to coordinated raids and arrests targeting three alleged international fraud and money-laundering networks that exploited stolen payment data from more than 4.3 million cardholders across 193 countries. Authorities executed 60 searches and 18 arrest warrants after nearly five years of investigation, seizing assets and digital evidence. Investigators say the groups generated roughly 19 million fraudulent subscription charges, abused payment-provider systems and used shell companies to launder proceeds while masking low-value recurring fees to avoid detection.
read more →