IT Security Newsletter

IT Security Newsletter - 5/30/2024

Written by Cadre | Thu, May 30, 2024

The Ticketmaster "breach"-what you need to know

Earlier this week, a cybercriminal group posted an alleged database up for sale online which, it says, contains customer and card details of 560 million Live Nation/Ticketmaster users. The data was offered for sale on one forum under the name "Shiny Hunters". ShinyHunters is the online handle for a group of notorious cybercriminals associated with numerous data breaches, including the recent AT&T breach. Some researchers expressed their doubts about the validity of the data set. READ MORE...

FBCS Data Breach Impact Grows to 3.2 Million Individuals

The number of individuals impacted by the data breach suffered recently by the debt collection agency Financial Business and Consumer Solutions (FBCS) has increased to 3.2 million. The incident came to light in late April, when FBCS informed the Maine Attorney General that it had discovered a breach on February 26. In the two weeks prior to the discovery of the intrusion, hackers accessed some systems and may have stolen information. READ MORE...

Multi-day DDoS storm batters Internet Archive

The Internet Archive has been under a distributed-denial-of-service (DDoS) attack since Sunday, and is trying to keep services going. While the San Francisco institution has assured users that its collections and web archives are safe - that's the good news - it warns service remains spotty for the online library and its Wayback Machine. Since the flood of phony network traffic began, attackers have launched "tens of thousands of fake information requests per second." READ MORE...

TrickBot and Other Malware Droppers Disrupted by Law Enforcement

The infrastructure of the TrickBot botnet and several other malware droppers was shut down or disrupted in an international operation involving authorities in over a dozen countries, Europol announced. Between May 27 and May 29, as part of Operation Endgame, authorities targeted Bumblebee, IcedID, Pikabot, Smokeloader, SystemBC, and Trickbot to disrupt their criminal activities and arrest the cybercriminals operating them. READ MORE...

BlackSuit Claims Dozens of Victims With Carefully Curated Ransomware

The BlackSuit ransomware gang has leaked stolen data from attacks against 53 organizations spanning a year. Researchers from ReliaQuest analyzed in-depth an attack that took place in April from the ransomware group, which has been active since May 2023. The group - believed to be spun off from the Royal ransomware gang - primarily targets US-based companies in critical sectors such as education and industrial goods. READ MORE...

Russian influence op keeps trying but struggles to win hearts and minds

An online influence campaign linked to Russia has shifted tactics to avoid being discovered as it continues to target upcoming elections in Europe, according to new research from Meta. The efforts by Doppelganger, a threat group that has been linked to Russian government contractors and President Vladimir Putin, to influence online debate has been relatively unsuccessful, according to Meta's quarterly threat report released Wednesday. READ MORE...

59% of public sector apps carry long-standing security flaws

Applications developed by public sector organizations have more security debt than those created by the private sector, according to Veracode. Security debt, defined for this report as flaws that remain unfixed for longer than a year, exists in 59% of applications in the public sector, compared to the overall rate of 42%. The research analyzed public sector organizations in more than 25 countries across the globe. READ MORE...

Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access

A proof-of-concept exploit (PoC) for a critical vulnerability in Fortinet's FortiSIEM product has emerged, paving the way for broad exploitation. The vulnerability, tracked under CVE-2024-23108, was disclosed and patched in February, along with a related bug, CVE-2024-23109. Both carry max-severity scores of 10 on the CVSS scale, and are unauthenticated command injection flaws that could potentially let threat actors use crafted API requests for remote code execution (RCE). READ MORE...

Researchers crack 11-year-old password, recover $3 million in bitcoin

Two years ago when "Michael," an owner of cryptocurrency, contacted Joe Grand to help recover access to about $2 million worth of bitcoin he stored in encrypted format on his computer, Grand turned him down. Michael, who is based in Europe and asked to remain anonymous, stored the cryptocurrency in a password-protected digital wallet. He generated a password using the RoboForm password manager and stored that password in a file encrypted with a tool called TrueCrypt. READ MORE...

  • ...in 1908, Mel Blanc, the original voice of Bugs Bunny, Daffy Duck, and dozens of other cartoon characters, is born in San Francisco, CA.
  • ...in 1911, Ray Harroun wins the first Indianapolis 500, pioneering the use of a rear-view mirror to spot approaching competitors.
  • ...in 1922, the Lincoln Memorial is dedicated in Washington, D.C. by former President William Howard Taft.
  • ...in 1989, student demonstrators in Beijing's Tienanmen Square unveil a 33-foot statue depicting the "Goddess of Democracy," constructed of foam and papier-mache.