John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
Operation Power Off Round 2: 53 Domains Seized in Sustained DDoS Takedown
Europol's Operation Power Off 53 domains seized, 75,000 users warned, 25 search warrants served. Law enforcement has moved from arresting admins to systematically dismantling the ecosystem.
Read More
Law Enforcement Had a Good Week: At Least 6 Marketplaces Down, 213 Arrests, and a Historic Conviction
At least six dark web marketplaces dismantled, LeakBase seized, $12M in crypto fraud frozen, and the first Take It Down Act conviction. Law enforcement capabilities are improving. It's worth saying so.
Read More
The W3LL Takedown Is the Third Major PhaaS Bust in 2026. The FBI Is Running a Campaign.
FBI Atlanta and Indonesian police dismantled W3LL, a full-service phishing-as-a-service platform that had been running since 2019 and was explicitly designed to bypass MFA. It's the third major PhaaS takedown in 2026, and that pattern matters more than any single bust.
Read More
The LAPD Was Not Hacked. But 7.7 Terabytes of Its Data Leaked Anyway.
World Leaks didn't touch LAPD's network. They breached a third-party file-sharing app connected to the LA City Attorney's Office that apparently had no password protecting it. 337,000 files including Internal Affairs records and witness names are now in an extortion group's hands.
Read More
The Man Behind REvil and GandCrab Finally Has a Name. He's Still Free.
Germany's BKA publicly identifies the leader behind GandCrab and REvil ransomware, confirming years of researcher suspicion.
Read More
Operation Leak Is Still Playing Out, and Russia Just Arrested One of Its Own
LeakBase's alleged admin was arrested in Russia. RedLine's alleged developer was extradited to the US. Two arrests, two continents, and one genuinely unusual week for cybercrime enforcement.
Read More
The Hack That Broke the Promise of Anonymity: 8 Million Crime Tips Stolen from P3 Intel
P3 Global Intel, which powers Crime Stoppers tip lines worldwide, was hacked. 8 million anonymous tips are now in criminal hands. The parent company still hasn't confirmed a thing.
Read More
Dark Web Infrastructure Is Getting Harder to Monetize
Operation Alice took down 373,000 dark web sites. European prosecutors indicted three for the UniCredit breach. The pattern: law enforcement is attacking the infrastructure layer, not just individual offenders.
Read More
The 31.4 Tbps Botnet Crackdown Signals a New DDoS Enforcement Phase
US, German, and Canadian authorities dismantled four major DDoS botnets spanning 3 million IoT devices and record-setting attacks. The how matters as much as the what.
Read More
Cyber Enforcement Is Moving Upstream, and Defenders Should Pay Attention
Recent actions show growing pressure on facilitators and infrastructure, not just frontline operators, which creates real defensive opportunities.
Read More
INTERPOL Just Sinkholed 45,000 Criminal IPs and Arrested 94 People Across 72 Countries
Operation Synergia III was one of the biggest cybercrime infrastructure takedowns ever. 45,000 malicious IPs redirected, 94 arrests, 72 countries involved. Here's what that actually means.
Read More
The SocksEscort Takedown: Your Linux Server Might Be Someone Else's Criminal Proxy
US authorities dismantled SocksEscort, a proxy-for-hire botnet built on silently infected Linux devices. Here's why this takedown matters more than it seems, and why 'it's Linux, it's fine' isn't a security posture.
Read More