Secret CISO 6/2: Ticketmaster breach continues with Australian Ticketek, ShinyHunters' Dark Web Threats, and Latest Cybersecurity Research Developments
Welcome to today's issue of Secret CISO. We're diving into the recent data breaches that have rocked the entertainment industry, with Ticketmaster and Ticketek Australia falling prey to cyberattacks. Millions of users' personal data were exposed, and the fallout is just beginning. We'll explore how the hacking group ShinyHunters claimed responsibility and what this means for the future of online security.
In other news, we'll look at the latest developments in AI safety research, the alarming rate of router attacks, and the cybersecurity gaps in auto workshops. We'll also delve into the potential of 5G and microgrids, and the latest CVEs that have been reserved for future security problems. Stay tuned for an in-depth analysis of these stories and more, as we strive to keep you informed and prepared in this ever-evolving digital landscape.
Data Breaches
- Snowflake Denies Cyber-Thieves Breach: Despite allegations from infosec analysts at Hudson Rock, data warehousing company Snowflake has denied being compromised by cyber-thieves who supposedly stole data on hundreds of millions of users. The company maintains its security measures are robust and no breach has occurred. Source: Snowflake
- Illinois Secretary of State Office Data Breach: The Illinois Secretary of State's office has issued a warning about a recent data breach that impacted the agency. The extent of the breach and the data involved have not been disclosed, but the office is working with cybersecurity experts to investigate and mitigate the issue. Source: Illinois Government News
- Trillion-Dollar Bank Data Breach: The notorious hacker group, ShinyHunters, claims to be behind a breach at one of the world's largest banks, with data allegedly exposed and on sale from 30,000,000 customers. The name of the bank has not been disclosed, but the incident is being investigated by international cybersecurity agencies. Source: Cybersecurity News
- Live Nation Data Breach: Live Nation, the parent company of Ticketmaster, confirmed a data breach after the hacking group known as ShinyHunters claimed responsibility. The breach reportedly includes names, addresses, phone numbers, and some credit card details of Ticketmaster customers. Live Nation is currently investigating the incident. Source: AOL News
- CalPERS Data Breach: Nearly 550 organizations and over 37 million people worldwide have been targeted by a ransomware attack that also exposed the California Public Employees' Retirement System (CalPERS). The extent of the breach is still being determined, but it is believed to be one of the largest in recent history. Source: Yahoo News
Security Research
- Shodan: where hacktivism meets internet intelligence: Shodan, a search engine for internet-connected devices, is being used by both security researchers and hackers. The platform provides a wealth of information about exposed devices, making it a valuable tool for identifying vulnerabilities and potential targets. Source: Cybernews
- Hacker Bricks 600,000 Routers In Just 72 Hours: Security researchers from Black Lotus Labs have analyzed an incident where a hacker managed to brick 600,000 routers in just 72 hours. The attack demonstrates the vulnerability of internet-connected devices and the potential scale of cyber attacks. Source: Forbes
- A Leading AI Researcher Joins Forces with Anthropic for AI Safety Advancements: Influential AI researcher Jan Leike has joined Anthropic to advance AI safety. Leike's contributions to AI safety and machine learning are expected to significantly enhance Anthropic's research efforts. Source: Elblog
- Meet the Team Spearheading OpenAI's Safety and Security Committee: OpenAI has formed a new safety committee led by technical expert Pachocki. The committee will focus on enhancing the safety and security aspects of OpenAI's research efforts. Source: Analytics India Magazine
- Scientists find major gaps in cybersecurity at auto workshops: A study from the University of Skövde has revealed significant cybersecurity gaps in auto workshops. The research highlights the need for improved cybersecurity knowledge and practices in the automotive industry. Source: MSN
Top CVEs
- CVE-2024-31908: This CVE has been reserved for a future security issue. The details will be disclosed once the issue has been publicized by the responsible organization or individual. Source: Vulners
- CVE-2024-31907: A new security problem is anticipated, and this CVE has been reserved for its announcement. The specifics will be made public once the issue has been officially announced. Source: Vulners
- CVE-2024-31889: This CVE has been reserved for an upcoming security issue. The details will be disclosed once the issue has been publicized by the responsible organization or individual. Source: Vulners
- CVE-2024-35142: A new security problem is expected, and this CVE has been reserved for its announcement. The specifics will be made public once the issue has been officially announced. Source: Vulners
- CVE-2024-35140: This CVE has been reserved for a future security issue. The details will be disclosed once the issue has been publicized by the responsible organization or individual. Source: Vulners
Final Words
And that's a wrap for today's edition of Secret CISO. We've delved into the recent Ticketmaster data breach, explored the latest security research, and highlighted some of the most pressing cybersecurity issues of the day. Remember, in the world of cybersecurity, knowledge is power. By staying informed, you're one step ahead of the hackers. So, don't keep this valuable information to yourself.