๐Ÿ“ฃ NEW FROM CISA: 'Mitigating Risks From Bulletproof Hosting Providers' In CISAโ€™s latest publication they give networks practical steps to mitigate and protect themselves from the activities coming from bulletproof hosts. Publication:
Cybersecurity and Infrastructure Security Agency CISA
Bulletproof Defense: Mitigating Risks From Bulletproof Hosting Providers | CISA
CISA and its partners urge ISPs and network defenders to implement these recommendations to mitigate risks posed by BPH providers.
 We love the shoutout to Spamhaus' DROP list. Access is free for a reason: to protect everyone from the worst of the worstโ€ฆ and from networks that have fallen asleep at the wheel while their resources get hijacked for malicious purposes. image
๐Ÿ“ฃ In case you missed it: resharing a recent blog post on the rise of malicious activity and abuse reports linked to Traffic Distribution Systems (TDS) โ€” infrastructure increasingly exploited for phishing and other malicious campaigns. ๐ŸŽฃ You'll learn: - How TDS are being abused - Why theyโ€™re so hard to take down - What we can do together to fight back ๐Ÿ“– Read the full blog here ๐Ÿ‘‰
Blog | TDS Abuse - Whatโ€™s hiding behind the veil? | Spamhaus Project
 image
On November 12, around 250 physical servers were seized by the Dutch police at two datacenters in the Netherlands ๐Ÿ‘‰
Duizenden servers in beslaggenomen in omvangrijk cybercrime onderzoek
In een onderzoek naar een malafide hostingbedrijf zijn door het team cybercrime Oost-Nederland duizenden servers in beslaggenomen. Het hostingbedri...
 We assess the unnamed #bulletproofhosting provider (BPH) is CrazyRDP, a major #cybercrime hub previously operating front companies such as ๐Ÿ‡บ๐Ÿ‡ธ Delis LLC (AS211252), ๐Ÿ‡บ๐Ÿ‡ธ Limenet LLC (AS394711) and, most recently, ๐Ÿ‡บ๐Ÿ‡ธ Sovy Cloud Services (AS401110) and its downstreams (all incorporated in ๐Ÿ‡บ๐Ÿ‡ธ as well): ... โคต๏ธ 1/2
Operation Endgame 3.0 is here! This phase targets the notorious information and credential stealer #Rhadamanthys. It's another major international effort thatโ€™s seen 1,025 servers taken down and 20 domains seized. ๐Ÿ’ช ๐Ÿ‘ Excellent work by @npub1fg22...yfva and all partners involved โ€” the takedown of Rhadamanthys marks a significant win for the global cybersecurity community. As with earlier phases of #OperationEndgame, Spamhaus is providing remediation support. Those affected will be contacted in due course with guidance on next steps. Operation Endgame website ๐Ÿ‘‰
Operation Endgame
Operation endgame
 Europol press release โคต๏ธ
Europol
End of the game for cybercrime infrastructure: 1025 servers taken down – Operation Endgame’s latest phase targeted the infostealer Rhadamanthys, Remote Access Trojan VenomRAT, and the botnet Elysium | Europol
Between 10 and 14 November 2025, the latest phase of Operation Endgame was coordinated from Europol’s headquarters in The Hague. The actions ...
Got a new IP or domain? You'll want to make sure itโ€™s nice and warm before sending! ๐Ÿ“จ Get the details on: - When an IP is considered โ€œnewโ€ โœจ - What it means to warm up your IP and domain, how to do it, and how it impacts your sending reputation - Why we strongly discourage using warm-up services ๐Ÿ™… Read the full FAQ here โžก๏ธ
FAQs | Sending marketing emails - advice for marketers
 #Email #Sender #WarmUp image
my-oh-MYNIC it's not been a great six monthsโ€ฆsince loosening restrictions for the ๐Ÿ‡ฒ๐Ÿ‡พ .my ccTLD in late 2024, new domain registrations have sky-rocketed - and so have listingsโ€ฆ Between April and September ๐Ÿ‡ฒ๐Ÿ‡พ .my saw a +543% increase, ranking #3 in the Top 20 ccTLDs! ๐Ÿ˜ฑ Get the full story the latest Domain Report here ๐Ÿ‘‡
Report | Domain Reputation Update Apr - Sept 2025 | Spamhaus Project
 #ccTLD #DomainReputation image
Like all other internet abuse, bulletproof hosting does not just happen - it is enabled by facilitators such as network carriers, datacenter operators, IP brokers and domain registrars. Sometimes, malicious infrastructure agglomerates in the internet vicinity of such facilitators - why not join the show if your criminal competitors thrive there already?๐Ÿง A particularly prolific example is ๐Ÿ‡ฉ๐Ÿ‡ชaurologic GmbH (regular readers might recognize the name), as highlighted by Recorded Future in a report published on November 6 โคต๏ธ
Malicious Infrastructure Finds Stability with aurologic GmbH
This investigative report reveals how German hosting provider aurologic GmbH has become a central enabler of malicious internet infrastructure, lin...
 #Cybercrime #BulletproofHosting #ThreatIntel #HostingProviders