The LockBit ransomware operation is now starting to recruit affiliates and developers from the BlackCat/ALPHV and NoEscape ransomware gangs after recent disruptions and exit scams.  Last week, the NoEscape and the BlackCat/ALPHV ransomware operation's Tor websites suddenly became inaccessible without warning.  According to affiliates associated with NoEscape, the ransomware operators pulled an exit scam, stealing millions of dollars in ransom payments and shutting off the operation's web panels and data leak sites.

Beyond the technical core of cybersecurity, there are complex policy and regulatory aspects. Therefore, the National Cybersecurity Consortium (NCC) has provided funding to the University of Calgary's Faculty of Law to develop programming aimed at training future lawyers, legal academics, and policy experts, as well as to advise on law and policy issues concerning and shaped by cybersecurity.

According to the Cybernews research team, customers at nine Russian cryptocurrency exchanges have been exposed, with private user data being revealed for over two months. The team independently verified the authenticity of the cryptocurrency exchange user data leaks. Although the exchanges are small, the estimated number of customers involved is over 500,000. Full names, credit card numbers, emails, IP addresses, amounts for payment or withdrawal requests, and more, are all part of the data collection. The leaked data included over 615,000 payment requests and 28,000 withdrawal requests.

French authorities recently arrested a Russian national in Paris for allegedly helping the Hive ransomware gang with laundering their victims' ransom payments.  The suspect was apprehended after the French Anti-Cybercrime Office (OFAC) linked him to digital wallets that received millions of U.S. dollars from suspicious sources based on his activity on social networks.  French authorities also seized €570,000 worth of cryptocurrency assets when they detained the 40-year-old suspect and Cyprus resident on December 5.  

Researchers at the University of Wisconsin-Milwaukee's Lubar College of Business have been exploring phishing website attacks and how to reduce them. According to the research team, while most browsers include phishing detection tools to warn users about phishing website attacks, many people are unaware of such tools. Many people do not trust a warning and become victims of their own security behaviors. However, the researchers say users cannot be blamed for such actions as they rarely interact and form a relationship with detection tools quietly running in the background.

The K-12 education sector has become increasingly vulnerable to cyberattacks. These attacks have resulted in the compromise of students' personal information, the exposure of school security information, class disruptions, school closures, and the loss of financial resources. The Cybersecurity and Infrastructure Security Agency (CISA) has reported that 11 education technology vendors have committed to Secure by Design, which involves designing products with more security built-in.

Software maker Adobe recently rolled out fixes for code execution flaws in the enterprise-facing Illustrator, Substance 3D Sampler, and After Effects products.  Adobe documented at least 207 security vulnerabilities and warned users on both Windows and macOS systems of risk of code execution, memory leaks, and denial-of-service attacks.  The Adobe Substance 3D Sampler update addresses at least six vulnerabilities that could lead to arbitrary code execution in the context of the current user.