📣 In case you missed it: resharing a recent blog post on the rise of malicious activity and abuse reports linked to Traffic Distribution Systems (TDS) — infrastructure increasingly exploited for phishing and other malicious campaigns. 🎣 You'll learn: - How TDS are being abused - Why they’re so hard to take down - What we can do together to fight back 📖 Read the full blog here 👉

Blog | TDS Abuse - What’s hiding behind the veil? | Spamhaus Project

On November 12, around 250 physical servers were seized by the Dutch police at two datacenters in the Netherlands 👉

Duizenden servers in beslaggenomen in omvangrijk cybercrime onderzoek

In een onderzoek naar een malafide hostingbedrijf zijn door het team cybercrime Oost-Nederland duizenden servers in beslaggenomen. Het hostingbedri...

We assess the unnamed #bulletproofhosting provider (BPH) is CrazyRDP, a major #cybercrime hub previously operating front companies such as 🇺🇸 Delis LLC (AS211252), 🇺🇸 Limenet LLC (AS394711) and, most recently, 🇺🇸 Sovy Cloud Services (AS401110) and its downstreams (all incorporated in 🇺🇸 as well): ... ⤵️ 1/2

Operation Endgame 3.0 is here! This phase targets the notorious information and credential stealer #Rhadamanthys. It's another major international effort that’s seen 1,025 servers taken down and 20 domains seized. 💪 👏 Excellent work by @npub1fg22...yfva and all partners involved — the takedown of Rhadamanthys marks a significant win for the global cybersecurity community. As with earlier phases of #OperationEndgame, Spamhaus is providing remediation support. Those affected will be contacted in due course with guidance on next steps. Operation Endgame website 👉

Operation Endgame

Operation endgame

Europol press release ⤵️

Europol

End of the game for cybercrime infrastructure: 1025 servers taken down – Operation Endgame’s latest phase targeted the infostealer Rhadamanthys, Remote Access Trojan VenomRAT, and the botnet Elysium | Europol

Between 10 and 14 November 2025, the latest phase of Operation Endgame was coordinated from Europol’s headquarters in The Hague. The actions ...

Got a new IP or domain? You'll want to make sure it’s nice and warm before sending! 📨 Get the details on: - When an IP is considered “new” ✨ - What it means to warm up your IP and domain, how to do it, and how it impacts your sending reputation - Why we strongly discourage using warm-up services 🙅 Read the full FAQ here ➡️

FAQs | Sending marketing emails - advice for marketers

#Email #Sender #WarmUp

my-oh-MYNIC it's not been a great six months…since loosening restrictions for the 🇲🇾 .my ccTLD in late 2024, new domain registrations have sky-rocketed - and so have listings… Between April and September 🇲🇾 .my saw a +543% increase, ranking #3 in the Top 20 ccTLDs! 😱 Get the full story the latest Domain Report here 👇

Report | Domain Reputation Update Apr - Sept 2025 | Spamhaus Project

#ccTLD #DomainReputation

Like all other internet abuse, bulletproof hosting does not just happen - it is enabled by facilitators such as network carriers, datacenter operators, IP brokers and domain registrars. Sometimes, malicious infrastructure agglomerates in the internet vicinity of such facilitators - why not join the show if your criminal competitors thrive there already?🧐 A particularly prolific example is 🇩🇪aurologic GmbH (regular readers might recognize the name), as highlighted by Recorded Future in a report published on November 6 ⤵️

Malicious Infrastructure Finds Stability with aurologic GmbH

This investigative report reveals how German hosting provider aurologic GmbH has become a central enabler of malicious internet infrastructure, lin...

#Cybercrime #BulletproofHosting #ThreatIntel #HostingProviders