An international law enforcement operation has taken down Genesis Market, a notorious illegal online marketplace that traded in stolen credentials such as email, bank account, and social media platform information. The operation, codenamed Operation Cookie Monster, involved 17 countries and resulted in 119 arrests and 208 property searches across 13 nations. Since its inception in March 2018, Genesis Market has become a major hub for criminal...
Read More
Conor Brian Fitzpatrick, a 20-year-old man and founder of the now-defunct BreachForums, has been charged with conspiracy to commit access device fraud in the United States. Fitzpatrick, who went by the online name "pompompurin," may face up to five years in prison if found guilty. He was arrested on March 15, 2023. The charges come after an investigation by the Department of Justice (DoJ) led to...
Read More
Aruba Networks Releases Patches for Eight Vulnerabilities in ClearPass Policy Manager Software. Aruba Networks, a leading provider of network access enforcement solutions, has recently disclosed a set of patches to address eight vulnerabilities in its ClearPass Policy Manager software. The software is used to enforce unified network access across wireless, wired, and VPN networks. The most severe vulnerability, CVE-2023-25589, was discovered by New Zealander pentester Daniel Jensen....
Read More
Six Law Firms Targeted in GootLoader and SocGholish Malware Campaigns Mar 01, 2023 - In January and February 2023, six different law firms were targeted in two separate threat campaigns distributing GootLoader and FakeUpdates (aka SocGholish) malware strains. GootLoader is a first-stage downloader that is capable of delivering a wide range of secondary payloads such as Cobalt Strike and ransomware. It employs search engine optimization (SEO)...
Read More