Last week was a busy week for law enforcement as multiple marketplaces and cybercrime networks were taken down. It has led to a significant amount of hardware and data being seized. While it might not keep those cybercrime sites offline for long, the intelligence that will be gleaned from the servers and other devices will be used to launch other attacks to take down other sites.
FourKites has published a short white paper that examines why supply chain business leaders should rethink their approach to technology. The report “Why you should rethink your supply chain tech” (Registration required) is based on a survey by YouGov of 250 US supply chain decision makers.
JumpCloud has announced the acquisition of Stack Identity, a next-generation identity security and access visibility platform. Stack Identity was founded in June 2020 and emerged from stealth in 2022.
Enterprise Times talked with the founders of Alkira about their plans to disrupt the networking market. It is taking MCN and its existing NaaS and turning them into an enhanced version of NaaS that it calls a Networking Infrastructure as a Service Platform.
JumpCloud research has revealed that IT admins feel embattled as they face a rising tide of security problems from unauthorised apps to AI. The details are contained in the company’s Q1 2025 SME IT Trends Report. Entitled “From Chaos to Control: Simplifying IT in the Fast Lane of Change”(registration required), the report looks at everything from risk to AI and where people work and cybersecurity.
The Azul 2025 State of Java report (registration required) is out. It shows that enterprises are abandoning Oracle Java in droves. 88% of respondents are hotfooting it elsewhere due to cost, licensing, restrictive policies, and the sales tactics of Oracle staff.
BlueVoyant
BlueVoyant appointed Michael Montoya as Chief Operation Officer. In his role as COO, Montoya will take on the responsibility of overseeing the technology, product, and operations organizations. Montoya brings more than 25 years of information technology (IT) and cybersecurity leadership experience, having worked at Equinix and Digital Realty.
Montoya said, “It is an honor to join the BlueVoyant team in this time of rapid acceleration and expansion. More than ever, CISO’s and their teams need a platform that brings together risk, compliance, and operations in a manner that can help them protect their organizations from the growing and innovative digital pandemic of cyber attacks.
BlueVoyant released findings from its fifth annual global survey into supply chain cyber risk management. This release looked at data from the Philipines, which shows that 84% of organisations reporting an average of 3.13 breaches impacting operations in 2024.
William Oh, interim head of Asia-Pacific at BlueVoyant. “Despite the rising frequency of breaches, awareness and prioritisation of these issues remain alarmingly low compared to global counterparts. The importance of managing risk across the supply chain cannot be understated, especially as the Philippines remains a prevalent target for cyber attacks like phishing, scam calls, and data breaches.”
Europol
German authorities, supported by Europol, the US and other law enforcement agencies took down two cybercrime platforms. Cracked and Nulled had more than 10 million users in total. the three-day operation saw:
- 2 suspects arrested
- 7 properties searched
- 17 servers and over 50 electronic devices seized
- 12 domains seized
- Around EUR 300 000 of cash and cryptocurrencies seized
Those devices will now be examined by multiple law enforcement agencies to drive more intelligence-led operations against cybercrime.
Europol also published its latest joint report with Eurojust, Common Challenges in Cybercrime. The 18-page report is freely available and addresses issues such as data volume, access to data and anonymisation services, among others.
Access to data is a complex issue for law enforcement as it means dealing with increasingly strong encryption and judicial approval to crack devices varies across the EU. New EU legislative tools should make this easier but there is still concern about a lack of coherence in how they are applied.
Jumpcloud
JumpCloud announced the winners of the 2025 JumpCloud customer awards, the Jumpies. The three winners are:
- Best Use Case: iQuanti India Pvt Ltd
- Scaling for Success: Campaign Zero
- Make Work Happen Champion: Luis Martin, Director, IT & Security, GumGum
The company also announced the JumpCloud 2024 Partner Award Winners. This year, 18 winners were selected across three categories.
noyb
The EU General Court has sided with the European Data Protection Board (EDPB) against the Irish DPC. This relates to a 2018 case that noyb brought against Meta and which the Irish DPC refused to proceed with. When ordered by the EDPB, it decided to sue the EDPB in the European Courts. It has lost that case but still has the option to appeal to the CJEU. It is yet another setback for the tech-friendly Irish DPC.
noyb analysed the current EDPB statistics to see how effective or not national Data Protection Authorities (DPAs) are. The result shows that over the last 7 years just 1.3% of cases result in a fine, despite data protection professionals saying fines work.
Max Schrems: “European data protection authorities have all the necessary means to adequately sanction GDPR violations and issue fines that would prevent similar violations in the future. Instead, they frequently drag out the negotiations for years – only to decide against the complainant’s interests all too often.”
ThreatQuotient
ThreatQuotient and Ask Sage announced a partnership to enable governments to more efficiently and productively use AI to meet specific use cases and enhance human capabilities with their combined AI capabilities.
Through this new integration government customers can securely train a number of supported AI models using curated Threat Intelligence and produce reports which are then ingested into ThreatQuotient’s Threat Library. This means threat analysts using the platform for threat intelligence and conducting investigations can select data for AI training and run reports on specific threats.
US Department of Justice
In addition to its involvement with the Cracked and Nulled seizure, the US Justice Department was involved in another major takedown. Thirty-nine domains and their infrastructure operated from Pakistan, providing online marketplaces for hacking and fraud tools, have been taken down. They were operated by a group called Saim Raza (aka HeartSender).
The tools included phishing kits, scam pages and email extractors, all designed to support fraud operations. The site is believed to have enabled over $3 million for its owners.
U.S. Attorney Nicholas J. Ganjei, said, “Almost everyone has a friend or loved one that has been affected by these types of computer hacks. These scams not only target businesses but individuals as well and cause significant hardship to the victims. Even though these people reside abroad, the use of these websites made it easy for them to spread their malicious hacking tools for a fee.”
