At a glance.
- Five Eyes describe techniques used by Chinese threat actors.
- Criminals leak TicketMaster print-at-home tickets.
- Cyberattack disrupts Frankfurt University of Applied Sciences.
Five Eyes describe techniques used by Chinese threat actors.
The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC), and its international partners have issued an alert outlining new attack techniques used by Chinese state-sponsored actors. The advisory describes attacks launched by APT40, a threat actor tied to China's Ministry of State Security, against Australian networks. The ACSC states, "APT40 has embraced the global trend of using compromised devices, including small-office/home-office (SOHO) devices, as operational infrastructure and last-hop redirectors for its operations in Australia....Many of these SOHO devices are end-of-life or unpatched and offer a soft target for N-day exploitation. Once compromised, SOHO devices offer a launching point for attacks to blend in with legitimate traffic and challenge network defenders."
The advisory also notes that "APT40 does occasionally use procured or leased infrastructure as victim-facing C2 infrastructure in its operations; however, this tradecraft appears to be in relative decline."
If you're on the front line, we've got your back.
Mark your calendar for mWISE™, the unique cybersecurity conference from Mandiant, now part of Google Cloud. Built by practitioners for practitioners, it runs from September 18–19, 2024 in Denver, Colorado.
What makes mWISE different from other cybersecurity conferences? It’s a targeted event with hands-on learning for frontline practitioners. The intimate setting allows you to make one-on-one connections with leaders in the field. And best of all, it’s focused on learning without the sales pitches.
Criminals leak TicketMaster print-at-home tickets.
BleepingComputer reports that the Sp1derHunters threat actor has leaked nearly 39,000 print-at-home tickets for 154 upcoming events, including Pearl Jam, Foo Fighters, Billy Joel & Sting, Bruce Springsteen, and Carrie Underwood concerts. The data was allegedly stolen after the threat actors breached TicketMaster's Snowflake account.
The threat actors leaked 166,000 Taylor Swift ticket barcodes last week, demanding a $2 million ransom. TicketMaster said these barcodes were useless, since the company's anti-fraud measures refresh ticket codes every few seconds. Sp1derHunters responded by leaking the print-at-home tickets, which they claim can't be automatically rotated.
Cyberattack disrupts Frankfurt University of Applied Sciences.
The Frankfurt University of Applied Sciences in Germany yesterday disclosed a "serious hacker attack" that shut down its IT systems, the Record reports. The university stated, "The extent of the attack cannot yet be estimated at this point in time. Unfortunately, it is therefore not yet possible to say when the IT systems and services will be available again to their usual extent." The incident has affected communications infrastructure and online enrollment. The attack also forced the university to disable elevators in campus buildings.
