Ticketmaster Hit by Cyber Attack, User Data Compromised

Live Nation, the parent company of Ticketmaster, has confirmed that it fell victim to a cyber attack, resulting in the compromise of user data. The breach was discovered on May 20, and an investigation was promptly launched. A week later, a criminal threat actor attempted to sell the stolen data on the dark web. While experts say the stolen data does not appear to be severe, with no banking or medical information taken, the incident highlights the ongoing threat of cyber attacks on major companies. The news comes as Live Nation faces a separate legal challenge, with the Justice Department and state attorneys general seeking to break up Ticketmaster over alleged antitrust violations.

600,000 Routers Bricked by Mysterious Threat Actor Using Chalubo Malware

A mysterious threat actor used the Chalubo trojan to render over 600,000 SOHO routers inoperable, affecting a single ISP's network. The routers, from ActionTec and Sagemcom, were likely infected with Chalubo, a remote access trojan that creates a botnet. The destructive incident occurred over 72 hours in October 2023, with 49% of impacted routers taken offline, requiring physical replacement. Lumen Technologies, which discovered the incident, suspects the threat actor used Chalubo to obfuscate attribution, but no links to known nation-state actors were found. The Chalubo malware, first discovered in 2018, can launch DDoS attacks and execute Lua scripts on infected devices. Most infections are in the US, with hundreds of thousands of Chalubo bots worldwide.

Cybersecurity Experts Warn of US Power Grid Vulnerabilities Amid Upgrades

The Biden administration's efforts to upgrade the US power grid's aging infrastructure have been met with warnings from cybersecurity experts, who say that neglecting to prioritize cybersecurity measures could leave the grid vulnerable to attacks. The initiative, which includes 21 states, aims to reduce power outages and improve the grid's resilience amid increasing demand and severe weather events. Experts point to the Ukraine-Russia war, where Russia targeted power plants and backup systems, as a stark reminder of the importance of cybersecurity in modernizing the grid. The White House has announced a public-private venture to upgrade 100,000 miles of existing power lines, but congressional action on improving transmission lines has stalled. Cybersecurity experts emphasize that cyber threats are an "ever-present" issue, and that hostile nations and criminal groups pose significant threats to the grid's security.

US Cyber Command Warns of Strategically Consequential Cyberattacks

A senior strategist at US Cyber Command, Emily Goldman, warned that cyberattacks below the threshold of armed conflict are having a significant impact on the US and its allies, with "strategically consequential effects" on their power and influence. Speaking at the International Conference on Cyber Conflict in Estonia, Goldman noted that while NATO's deterrence strategy may prevent catastrophic cyberattacks, it does not address the majority of malicious activity below the threshold of armed conflict, which is becoming routine. She emphasized the need for proactive measures to disrupt and contest these attacks without escalating to armed conflict, citing the US's policy of "defending forward" and "hunt forward" operations as examples. Goldman's comments come as NATO considers establishing a new cyber center and developing its own proactive cyber operational element to counter the growing cyber threat.