Ticketmaster and FastBooking Hacked. Lessons Learned?

Fool me once, shame on you. Fool me twice, shame on me. In June of 2018, Ticketmaster announced a data breach that affected potentially five percent of their entire customer database. This breach may have resulted in the theft of confidential data to include customer payment details and more. Ticketmaster’s website security was compromised by a malware-laden chatbot which they had installed on quite a few of the Ticketmaster websites worldwide. This is deja vu all over again, as only a few months prior malware-laden chatbots brought breaches to Sears, Delta Airlines, and Best Buy. Think carefully about installing third-party web services and giving them access to your cloud infrastructure before your security operations center team has a chance to thoroughly audit their security and evaluate the risk of integrating their services with your own critical cloud infrastructure. The cyberattackers compromising chatbots on Ticketmaster may have collected names, emails, payment details, and other key login information. On the other side of the world, Paris-based FastBooking, a firm that sells hotel booking software, was hacked by a malicious attack that may have possibly impacted the data and customers of over 1,000 hotels across the world. To give you a sense of how big this breach could be, consider that in Japan, as reported so far, the FastBooking breach impacted over 380 Japan-based hotels; just one impacted Japanese hotel chain noted that it impacted the information of an estimated 124,000 of their guests. In this case of the FastBooking breach, the attacker identified a vulnerability in an application hosted on the FastBooking server, which in turn was exploited to install malicious software. As always, you are only as strong as your weakest cloud infrastructure link. Think carefully about all of your SaaS vendor services and integrating them with your cloud infrastructure. Proceed cautiously until your security operations center team has a chance to thoroughly audit their security and assess their risk as a potential vendor. The use of CipherCloud’s award-winning cloud access security broker (CASB+) can help lock down your cloud applications and protect them against all of the common cloud threats. We can stop malware and attacker tools, and meet advanced persistent threats (APTs) head-on. To learn more, request a CASB+ trial to see how it can better fit your needs.

Pwn2Own Contest Will Pay $900,000 For Hacks That Exploit Tesla’s Model 3

The Model 3 will be entered into Pwn2Own this year, the first time a car has been included in the annual high-profile hacking contest. The prize for the winning security researchers: a Model 3. TechCrunch reports: Pwn2Own, which is in its 12th year and run by Trend Micro’s Zero Day Initiative, is known as one of the industry’s toughest hacking contests. ZDI has awarded more than $4 million over the lifetime of the program. Pwn2Own’s spring vulnerability research competition, Pwn2Own Vancouver, will be held March 20 to 22 and will feature five categories, including web browsers, virtualization software, enterprise applications, server-side software and the new automotive category. The targets, chosen by ZDI, include software products from Apple, Google, Microsoft, Mozilla, Oracle and VMware. And, of course, Tesla . Pwn2Own is run in conjunction with the CanSec West conference. There will be “more than $900,000 worth of prizes available for attacks that subvert a variety of [the Model 3’s] onboard systems,” reports Ars Technica. “The biggest prize will be $250,000 for hacks that execute code on the car’s getaway, autopilot, or VCSEC.”

“A gateway is the central hub that interconnects the car’s powertrain, chassis, and other components and processes the data they send. The autopilot is a driver assistant feature that helps control lane changing, parking, and other driving functions. Short for Vehicle Controller Secondary, VCSEC is responsible for security functions, including the alarm.”

“Stole $24 Million But Still Can’t Keep a Friend”

Unsettling new claims have emerged about Nicholas Truglia, a 21-year-old Manhattan resident accused of hijacking cell phone accounts to steal tens of millions of dollars in cryptocurrencies from victims. The lurid details, made public in a civil lawsuit filed this week by one of his alleged victims, paints a chilling picture of a man addicted to thievery and all its trappings. The documents suggest that Truglia stole from his father and even a dead man — all the while lamenting that his fabulous new wealth brought him nothing but misery.

Reddit Security Incident

Following the news that Reddit has locked user accounts whilst it investigates a potential security incident, Raj Samani, Chief Scientist and McAfee Fellow commented below.

Microsoft Publishes Patches for Skype for Business and Team Foundation Server, (Tue, Jan 15th)

Today, Microsoft published an advisory on CVE-2019-0624 on a spoofing vulnerability in Skype for Business 2015. It requires a few steps of the attacker and isn’t entirely straightforward to execute. They must be an authenticated user and then send a spoofed request that can then perform a XSS on the victim machine at the privilege level of the user using Skype for Business.

Offensive Security Appoints Ning Wang as CEO to Lead Organization’s Next Stage of Growth

Today, we all constantly read about data breaches that could have been prevented if the impacted organization had just done what they were supposed to do. The unfortunate reality is that cyberattacks are now a matter of ‘when’ and not ‘if’ for the average enterprise. Yet the landscape is changing and protecting your environment is actually getting more challenging, not less.

Adopting a ‘Zero Trust’ Approach: 5 Cyber Threats to Expect in 2019

By Zane Pokorny on January 15, 2019

Key Takeaways

  • Forrester researched recent cybersecurity trends and market patterns to make predictions for what kinds of threats and risks we’ll face in 2019.
  • Their findings included XSS attacks, botnets taking advantage of internet-of-things devices, the growing threats posed by mobile devices in the workplace, and more.
  • Forrester suggests adopting a “Zero Trust” approach to cybersecurity moving forward — that means staying vigilant with endpoint visibility and using threat intelligence solutions to keep both eyes open.

One of the biggest challenges we face in the cybersecurity realm is deciding how to prioritize our limited resources. The possible threats out there are too multifarious for any one organization to respond to comprehensively — we all need some context to decide what to focus on and what to ignore.