All news with #regulatory action tag

🚨 Dubai-led authorities shut down nine cryptocurrency investment fraud centers and arrested 276 suspects in a coordinated international operation. Investigators said the networks ran pig-butchering (romance baiting) schemes that built trust with victims and pushed them to fake crypto platforms where funds were quickly seized and laundered. Several individuals now face wire fraud and money-laundering charges, and U.S. agencies linked millions in losses through FBI IC3 complaints.

🔎 Europol announced arrests and seizures after a two‑year probe into professionalised Albanian scam call centres that ran an investment fraud operation estimated to have cost victims at least €50m. Authorities arrested 10 suspects and searched three call centres and nine homes, seizing nearly €900,000, 443 computers, 238 mobile phones and multiple storage devices. Victims were lured via misleading ads and pressured by retention agents posing as investment advisors.

🔍 Austrian and Albanian authorities, supported by Europol and Eurojust, dismantled a large-scale cryptocurrency investment fraud operation responsible for estimated losses of €50 million. The coordinated action, which began in June 2023 and culminated in raids on April 17, resulted in 10 arrests and seizures of cash, hundreds of computers and mobile devices for forensic analysis. The ring operated professional call centres with up to 450 employees, using fake trading platforms and "retention agents" who used remote-access tools and psychological pressure to extract funds and later re-scam victims with bogus recovery fees.

🔒 French authorities have arrested a 21-year-old who used the alias 'HexDex', suspected of carrying out around 100 data breaches since late 2025. Prosecutors say he was preparing another data dump when detained and has been charged with six offences, including aggravators for organised gang activity. Alleged victims include the Ministry of National Education, where the Compas trainee-teacher system exposed roughly 243,000 employee records, as well as registries, unions, cultural institutions, sports federations, food banks and hotel chains. Stolen files were redistributed on criminal marketplaces; his account page now displays a message saying it was seized.

📜 The House Republican proposals — the SECURE Data Act and the GUARD Financial Data Act — would establish federal privacy standards that broadly preempt stronger state laws while limiting private lawsuits and centralizing enforcement with the FTC and state attorneys general. The bills emphasize data minimization, controller-processor obligations, a federal data broker registry, and new limits on automated profiling and teen data. Critics warn the measures could weaken existing protections, impose heavy operational burdens on CIOs and CISOs, and force vendors and legal teams to rework procurement, retention, and AI training practices.

🔒 Tyler Buchanan has pleaded guilty in a Florida court to conspiring with others to hack company computer systems and steal at least $8 million in virtual currency. He faces sentencing later this year. Buchanan is tied to the notorious Scattered Spider group, which has used SMS phishing and colleague impersonation to target employees. Security leaders are urged to reinforce defenses and train staff against social engineering.

🔐 DORA's Article 9 makes credential management a binding financial risk control for EU financial entities, requiring least-privilege access, phishing‑resistant FIDO2/WebAuthn authentication, and cryptographic key protection. The regulation extends to third-party providers and mandates evidenceable controls. Organisations must deploy vaulting, JIT access, and continuous monitoring to reduce dwell time and meet supervisory expectations.

⚠️ Sean Plankey has withdrawn his nomination to lead CISA after a 13-month delay marked by bipartisan holds, unverified allegations, and reported Senate maneuvering. Plankey was first nominated last March, renominated in January, and faced objections from Sen. Rick Scott and Sen. Ron Wyden while working on Coast Guard issues. Conflicting reports — including a contested claim he was escorted out of Coast Guard headquarters — and questions about past financial ties surfaced but remain unresolved. Observers warn the leadership vacuum, amid staff and budget cuts at the agency, poses tangible national security risks; Plankey says he supports the administration’s next nominee.

🚨 Spanish police dismantled what they say was the largest Spanish-language manga piracy platform, active since 2014 and attracting millions of monthly users worldwide. Authorities allege the site offered free, unauthorized access to copyrighted manga and generated over $4,700,000 in advertising revenue through aggressive pop-up ads. Many of those ads were pornographic and appeared on nearly every user action, raising child-safety and reputational concerns. Four people were arrested, investigators seized more than $470,000 in cold cryptocurrency wallets and disrupted a secondary site under development.

🔐 The UK government has pledged £90m to bolster national cyber resilience, announced at the NCSC's CYBERUK conference on 22 April, with a particular emphasis on supporting small and medium-sized enterprises. The funding will promote adoption of the Cyber Essentials standard, which recently passed a 10,000 quarterly certification milestone and saw around a 20% uplift in uptake. Ministers will also launch an Cyber Resilience Pledge this summer requiring signatories to make cyber security a board-level responsibility, join the NCSC Early Warning service and mandate Essentials across supply chains.

🔒Angelo Martino, a 41-year-old former ransomware negotiator, has pleaded guilty to conspiring with the BlackCat (ALPHV) ransomware group after secretly supplying negotiation and insurance details from clients to the gang. While working for incident response firm Digital Mint, he passed policy limits and internal positions to maximize extortion profits and was paid for the information. He also admitted collaborating with associates to deploy ransomware between April and November 2023, and authorities have seized about $10m in assets; he faces up to 20 years and will be sentenced on July 9.

🛡️ France's government agency ANTS confirmed a data breach after a threat actor claimed to have stolen citizen records in an intrusion last week. The agency says exposed fields may include login IDs, full names, email addresses, dates of birth, unique account identifiers and, for some individuals, postal addresses, places of birth and phone numbers. ANTS has notified CNIL, the Paris prosecutor and involved ANSSI, is informing affected users and warns the data could be used for phishing and social engineering.

🕵️ Ofcom has opened an investigation under the UK's Online Safety Act after receiving evidence that Telegram is being used to share child sexual abuse material (CSAM). The regulator says its probe followed reports from the Canadian Centre for Child Protection and its own assessment. Ofcom is also examining teen chat services Teen Chat and Chat Avenue, and has separately scrutinised X over AI-generated nonconsensual explicit content. Where breaches are found, Ofcom can seek fines up to £18 million or 10% of qualifying worldwide revenue and, in serious cases, request court orders to disrupt or block services in the UK.

🔒 A multinational law enforcement operation disrupted DDoS-for-hire infrastructure, seizing servers and databases and resulting in 53 domains being taken down and four arrests. Operation PowerOff, coordinated across 21 countries and outlined by Europol on April 16, removed backend components and more than 100 URLs advertising these services. Authorities recovered data on over three million criminal user accounts, sent roughly 75,000 warning notices to identified users, and posted additional warnings to cryptocurrency platforms to limit further abuse.

🔒 Kamerin Stokes, 23, was sentenced to 30 months in prison after selling access to tens of thousands of hacked accounts tied to DraftKings. Prosecutors say a November 2022 credential‑stuffing attack led by Nathan Austad (aka Snoopy) with accomplice Joseph Garrison compromised nearly 68,000 accounts; the group stole about $635,000 from roughly 1,600 accounts and generated over $2.1 million selling hacked accounts. Stokes, who operated as TheMFNPlug, briefly reopened his shop after pleading guilty with the tagline fraud is fun, was remanded for violating pretrial conditions, and was ordered to pay $1,327,061 in restitution and $125,965.53 in forfeiture, plus three years of supervised release.

🔒 Operation PowerOFF disrupted 53 domains tied to commercial DDoS-for-hire services and resulted in four arrests. Authorities seized servers and supporting infrastructure and obtained access to databases containing over 3 million criminal user accounts linked to more than 75,000 alleged attackers, issuing 25 search warrants. Law enforcement partners across 21 countries coordinated domain seizures, infrastructure disruption, and notification efforts to hinder further attacks and support follow-up investigations.

📢 NIST announced a major operational change to the National Vulnerability Database (NVD), moving to a risk-based enrichment model and ceasing enrichment for all CVEs reported before March 1, 2026. The NVD will prioritize vulnerabilities in software used by the US federal government, critical software under Executive Order 14028, and entries on the CISA Known Exploited Vulnerabilities (KEV) list. CVEs that don't meet those criteria will be labeled Not Scheduled, though all submissions will still be ingested and users may request enrichment by emailing nvd@nist.gov.

🔐 ENISA is pursuing top-level root status in the CVE Program as it is being onboarded by the US Cybersecurity and Infrastructure Security Agency (CISA) to become a TL-Root CNA. Agency leaders told VulnCon26 attendees the move, targeted for 2026 or early 2027, would secure European representation on the CVE Program Board. ENISA plans to onboard EU national CERTs and CSIRTs as CNAs and is expanding its vulnerability team to support this role.

🔒 European regulators have been largely frozen out of early access to Anthropic's new Mythos model, Politico reports. Anthropic's Project Glasswing has initially restricted testing to select U.S. technology firms — notably Apple, Microsoft and Amazon — so partners can evaluate and mitigate security risks. The UK’s AI Security Institute has been permitted to test Mythos and acted on findings, while Germany has opened dialogue but not gained access, prompting concerns about private-sector control over a potent security-focused AI.

🛡️ The US Department of Justice and FBI led a court-authorized operation to neutralize a DNS hijacking network run by Russian APT28 that had compromised SOHO routers across 23 US states. Dubbed Operation Masquerade, the effort sent commands to affected routers to collect evidence and reset malicious DNS resolvers to legitimate ISP settings. Agencies say the remediation did not harm router functionality and can be reversed by users via factory reset or web management pages. Authorities urged owners to update firmware, verify DNS settings and replace end-of-life devices.