INTERPOL Operation Synergia III Shuts Down 45,000 Malicious IPs, 94 Arrested

INTERPOL’s Operation Synergia III led to 94 arrests and the takedown of 45,000 malicious IPs in 72 countries targeting phishing, malware, and fraud networks...

INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime

INTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and ransomware campaigns, as part of the agency's ongoing efforts to dismantle criminal networks, disrupt emerging threats, and safeguard victims from scams. The effor...

295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager

Threat intelligence firm GreyNoise has warned of a "coordinated brute-force activity" targeting Apache Tomcat Manager interfaces. The company said it observed a surge in brute-force and login attempts on June 5, 2025, an indication that they could be deliberate efforts to "identify and access...

INTERPOL Arrests 41, Takes Down 22,000 Malicious IPs and 59 Servers

INTERPOL with global law enforcement and Group-IB, successfully dismantled a vast network of malicious IP addresses and servers.…...

Associated-Threat-Analyzer - Detects Malicious IPv4 Addresses And Domain Names Associated With Your Web Application Using Local Malicious Domain And IPv4 Lists

Associated-Threat-Analyzer detects malicious IPv4 addresses and domain names associated with your web application using local malicious domain and IPv4 lists. Installation From Git git clone https://github.com/OsmanKandemir/associated-threat-analyzer.git cd associated-threat-analyzer && pip3...

Sorting Through Haystacks to Find CTI Needles

Clouded vision CTI systems are confronted with some major issues ranging from the size of the collection networks to their diversity, which ultimately influence the degree of confidence they can put on their signals. Are they fresh enough and sufficiently reliable to avoid any false positives or...

Risky Business: Determining Malicious Probabilities Through ASNs

Akamai researchers have analyzed ASNs to determine some shocking stats about the state of malicious IPs and where they are from...

RagnarLocker ransomware gang breached 52 critical infrastructure organizations

In a FLASH publication issued by the FBI in coordination with DHS/CISA, the FBI says it has identified at least 52 organizations across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including organizations in the critical manufacturing, energy, financial services,...

Pinpoint and Act Upon “Bad Reputation” IPs

There’s no question that today’s cyber attackers use increasingly sophisticated methods in order to disrupt business or steal private data. And faced with so many attacks from various sources, IT professionals are forced to constantly challenge themselves to identify those alerts more critical th...

Introducing Guardicore Threat Intelligence Firewall

Guardicore’s Threat Intelligence Firewall blocks connections to malicious IPs, limiting security attack surface before reaching critical assets...

ThreatIngestor - Extract And Aggregate Threat Intelligence

An extendable tool to extract and aggregate IOCs from threat feeds. Integrates out-of-the-box with ThreatKB and MISP, and can fit seamlessly into any existing worflow with SQS, Beanstalk, and custom plugins. Overview ThreatIngestor can be configured to watch Twitter, RSS feeds, or other sources,...

Introducing Guardicore Cyber Threat Intelligence

Introducing Cyber Threat Intelligence CTI, a freely available resource to assist in identifying and investigating malicious IP addresses and domains...

Just-Metadata - Tool that Gathers and Analyzes Metadata about IP Addresses

Just-Metadata is a tool that can be used to gather intelligence information passively about a large number of IP addresses, and attempt to extrapolate relationships that might not otherwise be seen. Just-Metadata has "gather" modules which are used to gather metadata about IPs loaded into the...