All news with #regulatory action tag

🔒 Europol and international partners have taken down LeakBase, an English-language forum that trafficked stolen credentials and stealer logs, seizing two domains and the site's customer database. Coordinated actions on March 3 included arrests, house searches and interviews across the US, Australia, Belgium, Poland, Portugal, Romania, Spain and the UK. Europol said 37 of the forum’s most active users were targeted and vowed to continue tracing offenders as part of Operation Leak.

🔐 A Russian national, Evgenii Ptitsyn, pleaded guilty to a wire fraud conspiracy for administering the Phobos ransomware operation that victimized hundreds worldwide. Extradited from South Korea in November 2024, prosecutors say the RaaS campaign — linked to the Crysis family — collected over $39 million from more than 1,000 victims and accounted for roughly 11% of ID Ransomware submissions in mid‑2024. Affiliates paid about $300 per deployment for decryption keys; Ptitsyn faces up to 20 years and is scheduled for sentencing on July 15. International law enforcement actions, including Operation Aether, have disrupted parts of the gang and warned over 400 companies.

🔎 This Fortinet podcast episode examines the evolving EU-centric cybersecurity regulatory landscape and its implications for global businesses. Host Joe Robertson speaks with Dr. Tommaso De Zan of Access Partnership about layered rules such as NIS2, the Cyber Resilience Act, DORA, and emerging cloud sovereignty initiatives. They contrast horizontal and vertical regulations, highlight differences between regulations and directives, and emphasize that industry accepts rules but resents uncertainty. Practical advice includes early policy monitoring, engagement in consultations, and embedding security into products and operations.

🔒 A Florida woman was sentenced to 22 months in prison and fined $50,000 for operating a years‑long scheme that trafficked thousands of stolen Microsoft Certificate of Authenticity (COA) labels. Heidi Richards, who ran Trinity Software Distribution, purchased tens of thousands of genuine COAs, had employees extract and transcribe product keys, and sold those keys in bulk to customers worldwide. Prosecutors reported she wired $5,148,181.50 to the supplier between July 2018 and January 2023.

⚠️The Pentagon has directed the Department of War to designate Anthropic a supply-chain risk after talks over military use of its AI model, Claude, reached an impasse. President Donald Trump ordered federal agencies to phase out Anthropic technology within six months, while Secretary of Defense Pete Hegseth ordered immediate cessation of contractor activity. Anthropic says the designation followed its refusal to allow mass domestic surveillance or fully autonomous weapons and calls the move legally unsound and limited to DoW contracts under 10 USC 3252. The dispute has drawn industry pushback and reignited debate over civil liberties, procurement policy, and how safeguards should apply in defense settings.

🔒 The U.S. Department of Justice announced the seizure of $61 million in Tether allegedly tied to pig-butchering crypto scams that lured victims through romance and fake investment platforms. Authorities say the funds were traced to wallets used to launder stolen proceeds, with rapid routing across many addresses to obscure ownership. HSI officials highlighted global tracing efforts while Tether noted extensive freezing of illicit assets.

🔒 A forthcoming overhaul to the UK GDPR will convert the Information Commissioner's Office from a single-commissioner model into a board-run government agency, with Paul Arnold appointed as the first CEO of the new structure. The changes, to be enacted through the Data (Use and Access) Act 2025, aim to improve continuity, broaden expertise and manage a growing workload. The reform also grants the ICO new investigatory and compulsory powers and expands duties affecting businesses, while Data Essentials training will be scaled up.

⚖️New York Attorney General Letitia James sued Valve Corporation, alleging the company facilitated illegal gambling through randomized loot boxes in Counter-Strike 2, Dota 2, and Team Fortress 2 on Steam. The complaint says rare virtual items can be exchanged for real money, that odds are skewed to increase value, and that the mechanics are addictive and harmful to children. James is seeking injunctive relief, disgorgement of profits, and fines.

⚠ CISA issued Emergency Directive 26-03 requiring immediate mitigation of critical vulnerabilities in Cisco SD‑WAN systems, citing exploitable flaws including CVE-2026-20127 and CVE-2022-20775. Agencies must inventory systems, collect virtual snapshots and logs, apply patches, hunt for evidence of compromise, and implement vendor hardening guidance. CISA will monitor compliance, provide technical assistance, and deliver additional resources as needed. The directive is supported by the NSA, ASD’s ACSC, Canada’s Cyber Centre, NCSC-NZ, and NCSC-UK.

🔔 CISA and international partners warn of active exploitation of Cisco SD-WAN systems, adding CVE-2026-20127 and CVE-2022-20775 to the Known Exploited Vulnerabilities Catalog. FCEB agencies are required by Emergency Directive 26-03 to inventory, update, and assess SD-WAN deployments. Organizations should collect artifacts, apply vendor updates, follow the Catalyst SD-WAN Hardening Guide, and hunt for evidence of compromise immediately.

🔒 The U.S. Treasury Department's Office of Foreign Assets Control designated Matrix LLC (doing business as Operation Zero) and its owner, Sergey Zelenyuk, under the Protecting American Intellectual Property Act, marking the first use of that law. The move coincided with the sentencing of former L3Harris manager Peter Williams, who was given 87 months for stealing eight zero‑day exploits and selling them to Operation Zero for about $1.3 million in cryptocurrency. OFAC also named related companies and individuals, including a UAE front company and a suspected Trickbot affiliate, freezing U.S. assets and warning of potential secondary sanctions for U.S. persons who transact with the designated parties.

🔒 A former senior executive at L3Harris cyber-division Trenchant, Australian national Peter Williams, has been sentenced to 87 months in prison after pleading guilty to stealing and selling zero-day exploits to a Russian broker. He admitted taking eight cyber-exploit components over three years, accepting cryptocurrency payments and providing paid follow-on support. Authorities say the theft cost Trenchant/L3Harris about $35m and posed significant national security risks. Williams was ordered to forfeit $1.3m, cryptocurrency, property and luxury items, and to serve three years of supervised release with special conditions.

🔒 The UK Information Commissioner's Office (ICO) has fined Reddit £14.47m for failing to implement robust age verification and for not conducting a required DPIA before January 2025. The regulator found that children under 13 had personal data processed without a lawful basis and were potentially exposed to inappropriate content. Reddit maintains it avoids collecting identity data to protect privacy, while experts warn heavy-handed identity checks could introduce new privacy and security risks.

🔒 Peter Williams, a 39-year-old former senior employee at L3Harris, was sentenced to just over seven years in prison after pleading guilty to selling eight zero-day exploits to the Russian exploit broker Operation Zero. Prosecutors say he received up to $4 million in cryptocurrency and has been ordered to forfeit proceeds, including properties and luxury items. The theft, which occurred between 2022 and 2025, targeted tools intended for sale only to the U.S. government and select allies and prompted criminal charges and sanctions.

🔒 The UK Information Commissioner's Office has fined Reddit £14.47 million for collecting and processing the personal information of children under 13 without adequate safeguards. The ICO found Reddit lacked a meaningful age-verification system until July 2025 and judged the measures introduced then could be easily bypassed. Reddit said it will appeal and disputes the regulator's assessment.

🔒 The ShinyHunters extortion gang claims it stole millions of user records from Dutch telecom Odido, adding the company to its dark‑web leak site and asserting nearly 21 million records were taken. Odido disclosed the incident on February 12, reporting that attackers accessed its customer contact system on February 7 and that exposed fields vary by customer. The carrier said no Mijn Odido passwords, call records, location data, billing data, or identity scans were exposed; ShinyHunters, however, alleges internal corporate data and plaintext passwords were also taken. Odido reported the breach to the Dutch Data Protection Authority, blocked the attackers' access, and engaged external cybersecurity specialists while investigations continue.

🔍 Security leaders remain largely removed from top executive decision-making despite growing prominence. IANS Research and Artico Search’s 2026 State of the CISO Benchmark Report finds 64% of CISOs still report into IT while only 11% report to the CEO. Experts argue that such arrangements can create conflicts of interest as CIO incentives favor efficiency and delivery over enterprise risk reduction. Many urge giving CISOs independence, a clear seat at the table, and reporting aligned to enterprise risk owners.

🔒 Spanish authorities arrested four alleged members of the hacktivist group Anonymous Fénix for a series of distributed denial-of-service (DDoS) attacks that targeted government ministries, political parties, and public institutions. The Spanish Civil Guard said the group first struck in April 2023 and intensified activity after severe floods in Valencia in late October 2024, using X and Telegram for recruitment and propaganda. Courts ordered seizure of the group's X and YouTube accounts and closure of its Telegram channel following the arrests.

🔒 Texas Attorney General Ken Paxton has sued TP-Link, alleging the company deceptively marketed routers as secure while obscuring Chinese supply-chain ties and labeling devices Made in Vietnam. The complaint cites firmware vulnerabilities exploited by Chinese state-backed actors and a large credential-theft botnet built from compromised routers. Paxton seeks monetary penalties and injunctions forcing disclosure of Chinese origins and limits on data collection; TP-Link denies the allegations and says U.S. user data is stored on domestic AWS servers.

⚖️ A Spanish court has ordered NordVPN and ProtonVPN to block 16 websites and a dynamic set of IP addresses in Spain that facilitate illegal streaming of LaLiga matches. The measures were issued inaudita parte, meaning the providers were not called to a hearing and will have no opportunity to appeal. Rights holders argue VPNs fall under the EU Digital Services Regulation; the vendors say they were not notified and question the efficacy and legality of the order.