Cyber & Crypto Podcast – Episode 2

Ticketmaster Hack with widely used tools. RiskIQ says it has identified malicious code within a different third-party marketing and analytics service used by Ticketmaster. The service is developed by a company called SociaPlus.
“This supplier was also breached by the Magecart actors, and the scripts they served to customers were modified on subdomains specifically set up for Ticketmaster as a customer,” RiskIQ says. “We observed instances in December 2017 through January 2018 where the Magecart skimmer was added to one of the SociaPlus scripts and subsequently injected into multiple Ticketmaster websites.”

Cryptocurrency Exchange Developer Bancor loses 23.5 Million. Based on the currently published details, it seems that the Bancor hack was enabled by permissioned backdoors that were put in the smart contracts by the team, and were presumably compromised by the attackers.

Hospital diverts ambulances due to ransomware attack – Missouri county medical center. Happened on a Monday at 11am and that Wednesday they were only 70% restored.

Timehop breach – 21 million users are affected by a breach that exposed names, email addresses, access tokens and for some users, phone numbers. Someone obtained valid user credentials for an administrator account and then used those credentials to log into Timehop’s cloud services provider. The unauthorized user created a new administrator account and then began doing reconnaissance, Timehop says in a technical write-up.
“For the next two days, and on one day in March 2018 and one day in June 2018, the unauthorized user logged in again and continued to conduct reconnaissance,” the company says.

Multi-factor Providers:

How-to articles for setting up 2-factor:

Follow me on Twitter @eenglish34

Listen on Google Play Music