Week of May 31st, 2024
Welcome to Your Cybersecurity Recap: a bite-sized weekly newsletter by cybersecurity enthusiasts, for cybersecurity enthusiasts.
Here are this week’s top takeaways:
Packetlabs Founder Joins Cyber.Right.Now Council, Continuing His Advocacy Mission for the Advancement of Cybersecurity in Canada
It’s official: Packetlabs’ founder, Richard Rogerson, CISSP-ISSAP, OSCE, OSCP , is now a Council member of Cyber.Right.Now.
Cyber. Right. Now is one of the most recognized Canadian Chamber of Commerce advocacy initiatives, having helped elevate the importance of cybersecurity across the country to enhance Canada’s economic and national security.
Since its inception in 2021, the Council has advocated for measures that increased the cyber resilience of Canada’s critical infrastructure, helped improve two-way information sharing between government and industry on cyber threats, supported investment in Canadian cybersecurity innovation, and drove attention to the need to boost the diversity and scale of Canada’s cyber talent pool.
As a Council member, Richard will play an integral role in developing recommendations, advocacy materials, and organizing events, particularly during Cybersecurity Awareness Month, as required—and will meet with both other council members and key government officials to offer expert advice on guidance on the future of cybersecurity in Canada. He sits on the Council with 21 other tech leaders. Updates on Richard’s mission can be found via our monthly Cybersecurity Recap newsletter.
Ticketmaster Has Allegedly Been Breached, Resulting in 560M Users’ Data Up for Sale
The notorious hacker group ShinyHunters has claimed to have breached the security of Ticketmaster-Live Nation, compromising the personal data of an estimated 560 million users. This massive 1.3 terabytes of data is now up for sale on the site Breach Forums for a one-time fee of $500,000.
The American website Ticketmaster, one of the largest online ticket sales platforms in the world, has yet to confirm whether it has experienced a security breach. Cybersecurity experts are warning that the claims could be false–however, authorities in Australia, where it was first reported, have confirmed via a recent press release that they are investigating.
An advert with some data samples allegedly obtained in the breach have been posted on the website Breach Forums by ShinyHunters– a newly relaunched hacking forum. This latest alleged hack coincides with the relaunch of BreachForums, a site on the dark web where other hackers buy and sell stolen material, and information to enable hacks to take place.
The FBI cracked down on the domain in March 2023, arresting its administrator Conor Brian Fitzpatrick, but it has since reappeared.
Users of the forums often inflate the scale of their hacking to attract attention from other hackers. They are often where large stolen databases first appear but can also feature false allegations and claims.
Recommended by LinkedIn
ShinyHunters has been linked to a string of high-profile data breaches resulting in millions of dollars in losses to the companies involved. These breaches have included, but are not limited to:
The increasing number and scale of such data breaches reaffirm that monitoring the Dark Web is not just a precautionary measure; it’s a critical defense strategy for safeguarding an organization’s brand, assets, and data.
Proactive Dark Web monitoring involves surveilling discussions pertaining to cybercrime, which often delve into the intricacies of targeting specific organizations, people, networks, or systems. Monitoring enables organizations like yours to stay one step ahead of cybercriminals by identifying emerging threats, mitigating risks, and assisting you in fortifying your defenses against evolving attack vectors.
Investing in Dark Web-related surveillance has been shown to yield a:
Are you concerned about the Dark Web's impacts on your organization? Contact our team to learn what we advise.
CISA Alerts Agencies to Patch Actively Exploited Linux Kernel Flaw
Just in: the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting the Linux kernel to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked as CVE-2024-1086 (CVSS score: 7.8), this high-severity issue relates to “a use-after-free bug in the netfilter component that permits a local attacker to elevate privileges from a regular user to root and possibly execute arbitrary code.”
"Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation," reads CISA’s statement. “In light of the active exploitation of CVE-2024-1086 and CVE-2024-24919, federal agencies are recommended to apply the latest fixes by June 20, 2024, to protect their networks against potential threats.”
Also added to the KEV catalog is a newly disclosed security flaw impacting Check Point network gateway security products (CVE-2024-24919, CVSS score: 7.5) that allows an attacker to read sensitive information on Internet-connected Gateways with remote access VPN or mobile access enabled.