363: ShinyHunters behind Ticketmaster Breach?! (Half a Billion Customers Exposed!) - podcast episode cover

363: ShinyHunters behind Ticketmaster Breach?! (Half a Billion Customers Exposed!)

Technado
Jun 06, 20241 hr 11 minSeason 1Ep. 363
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Daniel is back and the Technado studio got a makeover! We kick off the show with some breaking news: TikTok accounts are being compromised through a zero-click DM attack, and over 360 million stolen accounts were leaked on Telegram cybercrime channels.

After our breaking news segment, we cover Bring Me The Horizon's hacking-themed website promoting their new album (spoiler alert: the website itself got hacked). Then, over half a million SOHO routers were remotely bricked - but we still don't know who did it or why.

In Linux news, hackers are packing malware with Kiteshield to avoid AV detection. CISA also issued an alert to federal agencies to patch an actively exploited (high-severity!) Linux kernel flaw.

After a quick break, it's time for Deja News! The upcoming Windows AI Recall feature has more haters every day: researchers are now calling it a security "disaster." BreachForums is back online thanks to a threat actor known as ShinyHunters (who also claims to be responsible for this week's Ticketmaster and Santander breaches). To wrap up the segment, Okta is warning (again) about credential-stuffing attacks targeting its CIC authentication offering.

In happier news, the US DoJ led an international operation to take down the world's largest botnet, and the man responsible has been arrested. And to wrap up the show, Cox Communications patched an auth-bypass bug that could have been disastrous - thanks to an independent security researcher.

Check out the stories Daniel and Sophie covered below:
https://thehackernews.com/2024/06/celebrity-tiktok-accounts-compromised.html
https://www.bleepingcomputer.com/news/security/361-million-stolen-accounts-leaked-on-telegram-added-to-hibp/
https://techcrunch.com/2024/05/28/rock-bands-hidden-hacking-themed-website-gets-hacked/
https://www.theregister.com/2024/05/31/pumoking_eclipse_remote_router_attack/
https://gbhackers.com/kite-shield-packer-abused/
https://thehackernews.com/2024/05/cisa-alerts-federal-agencies-to-pat

For the best experience, listen in Metacast app for iOS or Android