The U.S. Department of Justice has charged five members of the cybercrime gang Scattered Spider for related cyber attacks affecting numerous individuals and organizations, including Okta, Caesars Entertainment, Twilio, DoorDash, MailChimp, Reddit, and Riot Games.
UK Police have arrested a 17-year-old suspected Scattered Spider member accused of the MGM hack that disrupted casinos and hotels in Las Vegas on September 12, 2023, costing over $100 million in recovery.
The raid of the hacking forum follows the auction of stolen data from Europol last week and an April leak of information said to have been taken from a contractor used by the Five Eyes intelligence agencies.
International law enforcement operation appears to have significantly disrupted the capabilities of the LockBit ransomware group, one of the biggest internet-based criminal hacking organizations in the world, seizing about 200 of the group's crypto wallets and over 1,000 decryption keys.
The infrastructure for the Qakbot malware botnet that has been a plague since 2007 has been dismantled by an FBI-led law enforcement action. The botnet was composed of over 700,000 infected computers, and is responsible for hundreds of millions of dollars in damages worldwide during its run.
This appears to be the first time that the SEC has sent a Wells Notice to a CISO. While novel, this Wells Notice furthers the SEC’s recent enforcement and rulemaking focus on meaningful and timely cybersecurity-related disclosures, as well as holding individual liable for their roles in company violations.
European law enforcement agencies arrested five suspects linked to an online investment fraud scheme that defrauded over 33,000 victims of at least $98 million.
Genesis dark web market that is thought to have facilitated the sale of some 80 million credentials is now in the hands of law enforcement, after an international campaign that involved about 200 raids and 100 arrests.
ODIN Intelligence, a law enforcement technology vendor, has experienced a chain of security incidents as of late including a defaced website (and possibly much worse). Company had already been a magnet for controversy over some of its more privacy-invasive products.
The FBI and Europol seized 48 internet domains for DDoS-for-hire services in a multi-prong operation, charged six administrators with cybercrimes, and obtained customer databases.