🎯 New Year’s resolution: Get Spamhaus’ free DROP lists to block known malicious IP ranges before they ever reach your network.

Start the year protected - access the list here 👇
https://www.spamhaus.org/blocklists/do-not-route-or-peer/

#DROP #IPs #ThreatIntel #NetworkHygiene #BulletproofHosting

Worth a read
https://decodecybercrime.com/meet-netshield-how-shielding-became-a-service-for-cybercrime/

#cybersecurity #bulletproofhosting

🔥 Want an easy, free way to block this traffic? Grab the DROP list here: ⬇️ ⬇️
https://www.spamhaus.org/blocklists/do-not-route-or-peer/

#DROP #IPs #BulletproofHosting #ThreatIntel

Kosten, naar verluidt: € 1,17. Resultaat: de bankrekening achter uw creditcard maximaal in het rood.

Geen dank aan Let's Encrypt voor het certificaat.

En de hele IP-reeks is crimineel (158.94.208.0 - 158.94.211.255, servers waarschijnlijk in Nederland). De nep KPN-inlog website aldaar gehost is ook nog steeds live (screenshots in https://todon.nl/@ErikvanStraten/115462433239010045).

#Phishing #CyberCrime #BulletProofHosting #LANEDONET #LetsEncryptIsEvil

CISA and international partners have issued guidance to help ISPs and defenders mitigate cyber risks linked to Bulletproof Hosting Providers.
These infrastructures continue to support ransomware, phishing, and malware distribution at scale.
Key theme: reduce BPH effectiveness so adversaries are pushed toward compliant, legitimate hosting.
What technical controls would you prioritize?

Follow @technadu for more actionable threat updates.

#infosec #CISA #ThreatIntel #BulletproofHosting #CyberDefense #BlueTeam #NetworkSecurity

This week, everywhere you look, bulletproof hosting (BPH) is in cyber news headlines. From the CrazyRDP takedown, to sanctions against entities adjacent to Aeza, and most recently Media Land LLC and ML[.]Cloud] LLC (do these measures actually move the needle?), to new CISA guidance on mitigating BPH activities.🛡️

It’s clear the spotlight is firmly on one of cybercrime’s most persistent enablers. And for a good reason. Few infrastructures have enabled so much criminal activity, for so long, with such resilience.

Spamhaus has tracked BPH operators and their evolving tactics for decades. 🕵️ We've watched the ecosystem shift from monolithic BPHs to layered and complex business structures.

So, amid the sensational headlines, we’ve compiled a grounded look at the topic, covering: the history, the current landscape, and where the threat landscape is likely to head next.

Read it in full here 👉 https://www.spamhaus.org/resource-hub/bulletproof-hosting/the-anatomy-of-bulletproof-hosting-past-present-future-/

#Bulletproofhosting #Cybercrime

📬 Operation Endgame trifft die Infrastruktur im Kern
#Rechtssachen #Szene #BulletproofHosting #CrazyRDP #Durchsuchungen #Infrastruktur #MalwareTeams #Politie #razzia https://sc.tarnkappe.info/824e26

On November 12, around 250 physical servers were seized by the Dutch police at two datacenters in the Netherlands 👉 https://www.politie.nl/nieuws/2025/november/14/02---duizenden-servers-in-beslaggenomen-in-omvangrijk-cybercrime-onderzoek.html

We assess the unnamed #bulletproofhosting provider (BPH) is CrazyRDP, a major #cybercrime hub previously operating front companies such as 🇺🇸 Delis LLC (AS211252), 🇺🇸 Limenet LLC (AS394711) and, most recently, 🇺🇸 Sovy Cloud Services (AS401110) and its downstreams (all incorporated in 🇺🇸 as well): ... ⤵️ 1/2

Like all other internet abuse, bulletproof hosting does not just happen - it is enabled by facilitators such as network carriers, datacenter operators, IP brokers and domain registrars. Sometimes, malicious infrastructure agglomerates in the internet vicinity of such facilitators - why not join the show if your criminal competitors thrive there already?🧐

A particularly prolific example is 🇩🇪aurologic GmbH (regular readers might recognize the name), as highlighted by Recorded Future in a report published on November 6 ⤵️
https://www.recordedfuture.com/research/malicious-infrastructure-finds-stability-with-aurologic-gmbh

#Cybercrime #BulletproofHosting #ThreatIntel #HostingProviders

This is traffic you DO NOT want to connect with. ✋

🔥 Get FREE access to this additional layer of protection here ⬇️ ⬇️
https://www.spamhaus.org/blocklists/do-not-route-or-peer/

#DROP #IPs #BulletproofHosting #ThreatIntel

Hey #PoPo , word eens #FSCKING wakker!

BTW "mezohost․cc" (samen met subdomains "plesk." en 'backup.") verstopt zich achter Cloudflare met certificaten van "Google Trust Services": https://www.virustotal.com/gui/domain/mezohost.cc

(Edit) Sinds 1 juni dit jaar: https://crt.sh/?Identity=mezohost.cc

#BulletProofHosting #MezoHostCC #RailNetLLC #CyberCrime #CyberCriminaliteit #OVHisEvil #BigTechIsEvil #Politie #GoogleIsEvil #CloudflareIsEvil

DROP is free to use, giving you an extra layer of protection against the worst IP space on the internet.

Access it here ⬇️ ⬇️
https://www.spamhaus.org/blocklists/do-not-route-or-peer/

#DROP #IPs #BulletproofHosting #ThreatIntel

(🇺🇸 49.3 Networking LLC), a bulletproof hosting provider we've previously reported on. The sole network it propagates follows a similar hosting pattern than those currently announced by AS213441. Both ASNs share the same uplink, corroborating the suspicion that they might be part of the same cybercriminal operation.

Finished your meal? Have some mint DROPs to take away the phish 👉 https://www.spamhaus.org/blocklists/do-not-route-or-peer/ and protect your network. Enjoy!

#BulletproofHosting #Phishing #Cybercrime #OSINT

3/3

Bulletproof host Stark Industries evades EU sanctions

https://krebsonsecurity.com/2025/09/bulletproof-host-stark-industries-evades-eu-sanctions/

#HackerNews #BulletproofHosting #StarkIndustries #EUSanctions #CyberSecurity #DigitalPrivacy

https://www.spamhaus.org/blocklists/do-not-route-or-peer/

Remember, this is traffic you do not want to connect with.

#DROP #IPs #BulletproofHosting #ThreatIntel

Behind the Curtain: How Lumma Affiliates Operate
#Lumma #GhostSocks #AnonRDP #BulletproofHosting #HostCay #OnlineSIM #SMS_Activate #Zadarma
https://www.recordedfuture.com/research/behind-the-curtain-how-lumma-affiliates-operate

🔥 Spamhaus provides FREE access to anyone who wants to add this layer of protection.

Get it here ➡️ https://www.spamhaus.org/blocklists/do-not-route-or-peer/

Remember, this is traffic you do not want to connect with. Not ever. DROP it now.

#DROP #IPs #BulletproofHosting #ThreatIntel

a russian hosting service that takes payment in crypto, Aeza Group, was just hit with #OFAC sanctions.

they've sent funds to a bunch of the shadiest crypto exchanges - #Cryptomus, #MEXC, #Binance, and (of course) #HTX, the crypto exchange run by the business partner of the president of the united states.

also looks like they took payment in #Tether, the #stablecoin whose money is managed by america's secretary of commerce howard lutnick.

* OFAC press release: https://ofac.treasury.gov/recent-actions/20250701
* Wallet: https://intel.arkm.com/explorer/address/TU4tDFRvcKhAZ1jdihojmBWZqvJhQCnJ4F

#JustinSun #threatintel #threatassessment #DNS #bulletproofhosting #cybersecurity #infosec #justinSun #howardlutnick #ransomware #russia #putin #vladimirPutin #ukraine #aeza #aezagroup

Get it here ➡️ https://www.spamhaus.org/blocklists/do-not-route-or-peer/

Remember, this is traffic you do not want to connect with. Not ever. DROP it and move on.

#DROP #IPs #BulletproofHosting #ThreatIntel

📬 CODA gegen die Szene: Der globale Krieg gegen Anime-Piraterie
#Rechtssachen #Szene #BilibiliTV #BulletProofHosting #ComplianceRaten #DMCALöschanfragen #MP4Upload #Streamtape https://sc.tarnkappe.info/3c9909