Conor Brian Fitzpatrick, the owner of the infamous cybercrime website BreachForums, was recently sentenced to time served and 20 years of supervised release.  Conor Brian Fitzpatrick of Peekskill, New York, known online as "Pompompurin," was arrested in March 2023.  In April, he pleaded guilty to conspiracy to commit device fraud, access device fraud, and possession of child pornography.  Launched in 2022 and also known as Breached, BreachForums had become a top hacker marketplace when it was taken down in March 2023.

Lending giant LoanDepot recently announced that roughly 16.6 million individuals were impacted by a ransomware attack disclosed earlier this month.  In a Form 8-K filing with the Securities and Exchange Commission (SEC) on January 4th, the company said it “has determined that the unauthorized third party activity included access to certain company systems and the encryption of data.”  Affected individuals will be notified soon and offered free credit monitoring and identity protection services.  

A team of researchers in China has introduced a novel approach to improving privacy for cross-border e-commerce users. The presented encryption algorithm is based on social network analysis, which could help users maintain security when transferring sensitive information during international transactions. The team has implemented a multifaceted strategy, initially using a logical inference mapping method for blockchain to encode public and private keys with asymmetric encryption.

The US Justice Department recently announced separate charges against two Russian nationals accused of being involved in cybercriminal activities, including a man allegedly involved in the 2013 hacking of retailers Michaels and Neiman Marcus.  According to the DoJ, one indicted individual is Aleksey Timofeyevich Stroganov, also known as Aleksei Stroganov, Flint, Flint24, Gursky Oleg, and Oleg Gurskiy.  He and his accomplices allegedly hacked into the computers of companies and individuals in an effort to steal personal information, including credit and debit card data.

The "Science of Security (SoS) Program Review: 2011-2023" report is now available.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued Emergency Directive 24-01 in response to the widespread and active exploitation of vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure appliances. Ivanti recently released information about two vulnerabilities, tracked as CVE-2023-46805 and CVE-2024-21887, which enable an attacker to move laterally across a target network, exfiltrate data, and gain persistent system access.

The Russia-backed Advanced Persistent Threat (APT) group ColdRiver, also known as Blue Charlie, Callisto, Star Blizzard, or UNC4057, has unleashed custom malware called Spica. According to Google's Threat Analysis Group (TAG), Spica is the first custom malware developed and used by ColdRiver. ColdRiver typically targets Non-Governmental Organizations (NGOs), former intelligence and military officers, and NATO governments for cyber espionage.

VMware has confirmed the active exploitation of a critical vCenter Server Remote Code Execution (RCE) that was patched in October 2023. The vCenter Server management platform is for VMware vSphere environments and helps administrators manage ESX and ESXi servers, as well as Virtual Machines (VMs). The vulnerability, discovered by Trend Micro, stems from an out-of-bounds write flaw in vCenter's DCE/RPC protocol implementation.