All news with #regulatory action tag

🔒 The founders of the Samourai Wallet crypto-mixing service, CEO Keonne Rodriguez and CTO William Lonergan Hill, were sentenced after pleading guilty to operating an unlicensed money-transmitting business and laundering funds. Rodriguez received five years and Hill four years in prison, plus fines and three years of supervised release. Authorities seized servers and domains, removed the mobile app, and secured forfeiture of $237,832,360.55 linked to illicit transactions.

🔐 Amazon Web Services has been designated a critical third-party provider (CTPP) by the European Supervisory Authorities under the EU’s DORA regulation, which took effect in January 2025. The designation establishes a formal oversight relationship between AWS and the ESAs and signals heightened regulatory engagement for financial services customers operating in the EU. AWS says it will continue investing in compliance, operational resilience, risk management, and transparency, and will support customers with documentation, whitepapers, and a dedicated security and compliance team to help meet DORA obligations.

🔒 The US, UK, and Australia have sanctioned Russian bulletproof hosting provider Media Land and related companies for supporting ransomware gangs such as LockBit, BlackSuit, and Play. Three executives were also designated and assets frozen, while clients and facilitators face secondary sanctions. Five Eyes agencies issued guidance for ISPs to detect and block BPH-enabled abuse.

🔎 A coordinated Europol-led operation, Intellectual Property Crime Cyber-Patrol Week, targeted online piracy and IP infringement across Europe. Thirty investigators using advanced OSINT methods identified 69 suspect sites, of which 25 illicit IPTV services were referred to crypto service providers and 44 were added to ongoing probes. Authorities traced roughly $55m in cryptocurrency flows tied to those services. The exercise also tested new technologies and reinforced cross-border collaboration among more than 15 countries and private partners.

🔒 DoorDash has confirmed a data breach in October 2025 that exposed customers' names, phone numbers, physical addresses and email addresses. The company said an employee was targeted in a social engineering scam that allowed unauthorized access, but there is currently no indication the data has been misused. DoorDash stated that sensitive identifiers and payment information were not accessed and that it has engaged an external firm, notified law enforcement, rolled out security enhancements and issued additional staff training.

🔒 Google Cloud EMEA has been designated a critical ICT third-party provider under the EU DORA. The designation acknowledges the systemic importance of financial entities using Google Cloud services and establishes a direct oversight channel with a Lead Overseer from the ESAs. Google Cloud commits to transparency, customer support for compliance, and collaboration to strengthen digital operational resilience across Europe. They provide resources like a Register of Information Guide and an ICT Risk Management Customer Guide to support customers' compliance journeys.

🔒 Five individuals have pleaded guilty to serving as facilitators for North Korean cyber operations, the US Department of Justice said. They used false or stolen identities and hosted employer laptops in US residences to create the appearance of domestic remote IT workers, aiding APT38-linked efforts. The DoJ said the activity impacted more than 136 US organizations, generated over $2.2m for Pyongyang and compromised the identities of 18 US residents, and authorities seized $15m in Tether tied to related heists.

⚖️ The U.S. Department of Justice announced five U.S. citizens pleaded guilty for facilitating North Korea’s illicit IT worker and revenue-generation schemes. The defendants hosted company-issued laptops, supplied or sold U.S. identities, and helped overseas IT workers pass vetting to obtain jobs at American firms. DOJ says the schemes impacted more than 136 U.S. companies, generated over $2.2 million for the DPRK, and compromised the identities of more than 18 U.S. persons.

🔒 The Bundestag approved the federal government's draft law to implement the NIS2 Directive on 13 November 2025, bringing new cybersecurity obligations for an estimated 29,850 companies and federal authorities. Affected organizations must strengthen risk analyses, incident response, backups and encryption, and report incidents to the BSI within 24/72/30 hours/days. The law expands BSI supervisory powers and allows bans on "critical components" coordinated by the Interior Ministry, drawing criticism from industry groups.

🔒Aleksey Olegovich Volkov, a 25-year-old Russian accused of acting as an initial access broker, is set to plead guilty in a federal case tied to the Yanluowang ransomware group. Prosecutors say he sold administrator credentials to operators and received over $256,000, while victims paid ransoms up to $1 million. Investigators traced Bitcoin flows to wallets Volkov verified with identity documents, and his plea includes more than $9 million in restitution.

🔒 The UK government today introduced the Cyber Security and Resilience Bill, proposing a major overhaul of the NIS Regulations to align with updated EU standards. The draft would regulate managed service providers, expand scope to data centres and smart-appliance electricity flows, and mandate supply-chain risk management and NCSC Cyber Assessment Framework-based controls. Incident reporting windows would tighten to an initial 24 hours and full report within 72 hours, while the ICO and regulators gain stronger enforcement and fee powers.

🔒 Zhimin Qian, dubbed the "Bitcoin Queen," was sentenced in London to 11 years and eight months after a seven-year Met Police investigation found she laundered proceeds from a £5.5 billion cryptocurrency investment scheme that defrauded more than 128,000 victims in China between 2014 and 2017. Investigators seized 61,000 Bitcoin — now valued at roughly £5.5 billion — marking the largest crypto seizure in UK history. Two associates received prison terms and authorities confiscated additional assets including wallets, encrypted devices, cash, and gold.

🛡️ The Senate voted 60-40 to advance a continuing resolution that temporarily reinstates the Cybersecurity Information Sharing Act of 2015 (CISA) and the Federal Cybersecurity Enhancement Act through January 2026. The measure restores liability shields, antitrust exemptions and FOIA protections that encourage private-sector threat sharing and renews authority for EINSTEIN intrusion-detection services for civilian agencies. The stopgap leaves another funding deadline early next year and raises questions about a full reauthorization versus further short-term extensions.

🔒 Aleksey Olegovich Volkov, a Russian national who used aliases including chubaka.kor and nets, has agreed to plead guilty to acting as an initial access broker for the Yanluowang ransomware group. Between July 2021 and November 2022 he sold credentials that enabled intrusions at eight U.S. companies and facilitated ransom demands ranging from $300,000 to $15 million. FBI warrants seized server logs, stolen data, chat histories and iCloud records linking Volkov to the scheme and to partial Bitcoin payments. He faces up to 53 years in prison and must pay more than $9.1 million in restitution.

🔒 A Russian national has pleaded guilty to acting as an initial access broker for the Yanluowang ransomware group, admitting to selling corporate network access used in attacks on at least eight U.S. companies between July 2021 and November 2022. FBI searches of a server tied to the operation recovered chat logs, stolen files, and victim credentials that linked payments and access to the defendant. Investigators traced the suspect through Apple iCloud data, cryptocurrency exchange records, and social media accounts, and blockchain analysis tied portions of ransom payments to addresses he provided. He faces decades in prison and more than $9.1 million in restitution.

🔓 The European Commission's leaked "Digital Omnibus" draft would revise the GDPR, shifting cookie rules into the regulation and allowing broader processing based on legitimate interests. Websites could move from opt-in to opt-out tracking, and companies could train AI on personal data without explicit consent if safeguards like data minimization, transparency and an unconditional right to object are applied. Privacy groups warn the changes would weaken protections.

🔒 SonicWall says a Mandiant-led investigation concluded that state-sponsored actors accessed cloud-stored firewall configuration backup files in September. The company reports the activity was isolated to a specific cloud environment and did not affect SonicWall products, firmware, source code, or customer networks. As a precaution, customers were advised to reset account credentials, temporary access codes, VPN passwords, and shared IPSec secrets. SonicWall also stated there is no connection between the breach and separate Akira ransomware activity.

🔒 Britain’s major mobile carriers have agreed to upgrade networks to eliminate phone-number spoofing within a year under the new Telecoms Charter. The pact, signed by BT EE, Virgin Media O2, Vodafone Three, Tesco Mobile, TalkTalk and Sky, requires call-origin labeling for international calls, broader data sharing with police, advanced tracing and faster victim support. Operators report AI systems already block millions of scam calls and texts monthly.

🔎 International authorities dismantled three large credit card fraud and money‑laundering networks in a coordinated November 4 operation, Operation Chargeback, resulting in 18 arrests and the seizure of assets worth over EUR 35 million. Investigators say the rings exploited four major German payment service providers to process and launder at least EUR 300 million in fraudulent charges that affected more than 4.3 million cardholders worldwide. The schemes generated about 19 million fake online subscriptions by using stolen card data and low, recurring charges to evade detection.

🛡️ The U.S. Treasury on Tuesday sanctioned eight individuals and two entities tied to North Korea's global financial network for laundering proceeds from cybercrime and fraudulent IT-worker schemes. The list names Jang Kuk Chol and Ho Jong Son, linked to $5.3 million in cryptocurrency managed for First Credit Bank, as well as Korea Mangyongdae Computer Technology Company (KMCTC), its president U Yong Su, and Ryujong Credit Bank. Treasury said the funds help finance Pyongyang's weapons and cyber programs, while blockchain firm TRM Labs reported sustained crypto inflows indicative of salary-routing activity.