Netherlands Busts Bulletproof Hosting Network Linked to Disinformation and Cybercrime

Dutch authorities arrested two suspects after dismantling a bulletproof hosting network linked to cybercrime, disinfo, and Russian sanctions evasion...

83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile EPMM can be traced back to a single IP address on bulletproof hosting infrastructure offered by PROSPERO. Threat intelligence firm GreyNoise said it recorded 417 exploitati...

Sanctioned Bulletproof Host Linked to Hijacking of Old Home Routers

Compromised home routers in 30+ countries had DNS traffic redirected, sending users to malicious sites while normal browsing appeared unaffected...

CISA: Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers V2

CISA, in collaboration with the U.S. National Security Agency, U.S. Department of Defense Cyber Crime Center, U.S. Federal Bureau of Investigation, and international partners, have released the guide Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers to help internet service...

Happy 16th Birthday, KrebsOnSecurity.com!

KrebsOnSecurity.com celebrates its 16th anniversary today! A huge "thank you" to all of our readers -- newcomers, long-timers and drive-by critics alike. Your engagement this past year here has been tremendous and truly a salve on a handful of dark days. Happily, comeuppance was a strong theme...

UK Exposes Bulletproof Hosting Operator Linked to LockBit and Evil Corp

The operator, Alexander Volosovik, also known as “Yalishanda”, “Downlow” and “Stasvl,” ran a long-running bulletproof hosting operation used by top ransomware groups...

CISA Releases Guide to Mitigate Risks from Bulletproof Hosting Providers

Today, Cybersecurity and Infrastructure Security Agency CISA, in collaboration with the U.S. National Security Agency, U.S. Department of Defense Cyber Crime Center, U.S. Federal Bureau of Investigation, and international partners, released the guide Bulletproof Defense: Mitigating Risks from...

CISA: Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers

CISA, in collaboration with the U.S. National Security Agency, U.S. Department of Defense Cyber Crime Center, U.S. Federal Bureau of Investigation, and international partners, have released the guide Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers to help internet service...

U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware

The U.S. Department of the Treasury's Office of Foreign Assets Control OFAC has levied sanctions against Russia-based bulletproof hosting BPH service provider Aeza Group to assist threat actors in their malicious activities and targeting victims in the country and across the world. The sanctions...

Nebulous Mantis Targets NATO-Linked Entities with Multi-Stage Malware Attacks

Cybersecurity researchers have shed light on a Russian-speaking cyber espionage group called Nebulous Mantis that has deployed a remote access trojan known as RomCom RAT since mid-2022. RomCom "employs advanced evasion techniques, including living-off-the-land LOTL tactics and encrypted command a...

OPSEC Failure Exposes Coquettte's Malware Campaigns on Bulletproof Hosting Servers

A novice cybercrime actor has been observed leveraging the services of a Russian bulletproof hosting BPH provider called Proton66 to facilitate their operations. The findings come from DomainTools, which detected the activity after it discovered a phony website named cybersecureprotect.com hosted...

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

One of the most notorious providers of abuse-friendly "bulletproof" web hosting for cybercriminals has started routing its operations through networks run by the Russian antivirus and security firm Kaspersky Lab , KrebsOnSecurity has learned. Security experts say the Russia-based service provider...

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. All four pleaded guilty to conspiracy and racketeering charges. But there is a...

A history of ransomware: How did it get this far?

Today's ransomware is the scourge of many organizations. But where did it start? If we define ransomware as malware that encrypts files to extort the owner of the system, then the first malware that could be classified as ransomware is the 1989 AIDS Trojan. However, while it encrypted filenames a...

5 Types of Cyber Crime Groups

Discover the five main types of cyber crime groups: access as a service, ransomware as a service, bulletproof hosting, crowd sourcing, and phishing as a service as well as tips to strengthen your defense strategy...

Lolek Bulletproof Hosting Servers Seized, 5 Key Operators Arrested

European and U.S. law enforcement agencies have announced the dismantling of a bulletproof hosting service provider called Lolek Hosted, which cybercriminals have used to launch cyber-attacks across the globe. "Five of its administrators were arrested, and all of its servers seized, rendering...

Feds Seize Bulletproof Hosting Service ”Lolek Hosted”

By Habiba Rashid Operating from Europe, Lolek Hosted offered services that shielded clients' identities and turned a blind eye to the content they posted. This is a post from HackRead.com Read the original post: Feds Seize Bulletproof Hosting Service "Lolek Hosted"...

5 Types of Cyber Crime Groups

Discover the five main types of cyber crime groups: access as a service, ransomware as a service, bulletproof hosting, crowd sourcing, and phishing as a service as well as tips to strengthen your defense strategy...

5 Types of Cyber Crime Groups

Discover the five main types of cyber crime groups: access as a service, ransomware as a service, bulletproof hosting, crowd sourcing, and phishing as a service as well as tips to strengthen your defense strategy...

Massive AdSense Fraud Campaign Uncovered - 10,000+ WordPress Sites Infected

The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70 bogus domains mimicking URL shorteners and infect over 10,800 websites. "The main objective is still ad fraud by artificially increasing traffic to pages which contain the AdSense ID...