Get a Demo

Required fields are marked with an asterisk *
Skip to main content

TicketMaster hacked - Checkpoint VPNs exploited against corporates - Backdoors in courtrooms' audio recorder

Author:
Threat Research Team
Published on
May 30, 2024
Weekly Reprort
On This Page
Text Link
Text Link
Text Link
Text Link
Share this article:
Sign up for this weekly newsletter
Subscribe

ShinyHunters is selling online 560 million users’ credit card information, allegedly exfiltrated from Live Nation and TicketMaster. The offer was published on BreachForums, a large infamous darkweb marketplace for stolen data, which has now resurfaced only four weeks after being shut down by the FBI. ShinyHunters is an English-speaking cybercrime known for various important hacks, including a 2020 theft of source code from Microsoft’s private Github in 2020 and the 73 million records’ data breach of AT&T in 2021. Among other methods, it is particularly skilled in exploiting vulnerable Github repos and cloud buckets.

A vulnerability in CheckPoint Network Security gateways (CVE-2024-24919) has been exploited in the wild at least since late April and has been used to infiltrate corporate networks. By compromising old accounts with password-only authentication, the attackers were able to access information on Internet-exposed gateways with remote/mobile access VPN. Concretely, they extracted password hashes for local accounts, including accounts used to connect to Active Directory – which they  used to move laterally within victims’ networks.

  1. https://twitter.com/DarkWebInformer/status/1795523843941110237
  2. https://blog.checkpoint.com/security/enhance-your-vpn-security-posture, https://www.mnemonic.io/resources/blog/advisory-check-point-remote-access-vpn-vulnerability-cve-2024-24919/
  3. https://www.hipaajournal.com/ransomhub-american-clinical-solutions/, https://www.securityweek.com/christies-confirms-data-breach-after-ransomware-group-claims-attack/
  4. https://thehackernews.com/2024/05/researchers-warn-of-catddos-botnet-and.html, https://ti.qianxin.com/blog/articles/New-Generation-Botnet-CatDDoS-is-Evolving-Continuously-CN/?ref=blog.xlab.qianxin.com
  5. https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack/
  6. https://thehackernews.com/2024/05/cisa-warns-of-actively-exploited-apache.html
  7. https://www.fortiguard.com/psirt/FG-IR-23-130
  8. https://vulncheck.com/blog/nvd-backlog-exploitation,https://therecord.media/nist-nvd-backlog-clear-end-fiscal-2024

Mitigate

Heading 1

Heading 3

Heading 2

Heading 4

Heading 5
Heading 6

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

Block quote

Ordered list

  1. Item 1
  2. Item 2
  3. Item 3

Unordered list

  • Item A
  • Item B
  • Item C

Text link

Bold text

Emphasis

Superscript

Subscript

PlatformCareersResourcesTrust CenterCompany
© 2025 Zafran. All rights reserved.
Privacy PolicyTerms of Service
© 2025 Zafran. All rights reserved.