A critical vulnerability has been discovered in the Ghostscript rendering platform, identified as CVE-2024-29510.
This flaw, a format string vulnerability, affects versions up to 10.03.0 and allows attackers to bypass the -dSAFER sandbox, leading to remote code execution (RCE).
This vulnerability has significant implications for web applications and services that utilize Ghostscript for document conversion and preview functionalities.
Ghostscript, a Postscript interpreter and document conversion toolkit, has evolved from a UNIX tool for printers to a widely used component in automated systems, as reported by Codeanlabs.
Many web applications, including chat programs and cloud storage services, rely on Ghostscript for handling and converting user-supplied files.
Despite efforts to enhance security through sandboxing, vulnerabilities like CVE-2024-29510 highlight the ongoing risks.
The vulnerability exploits Ghostscript’s handling of format strings, allowing an attacker to manipulate memory and execute arbitrary code.
The -dSAFER sandbox, designed to restrict dangerous operations, can be bypassed through this flaw.
The vulnerability is particularly concerning because it can be triggered by uploading a specially crafted EPS file or embedding the exploit in a LibreOffice document.
Exploit Code Example
Below is a simplified version of the exploit code that demonstrates how an attacker can execute arbitrary commands:
% Subtract a bit from the address to make sure we write a null over the field
/PtrTarget -3 PtrPathControlActive ptr_add_offset def
% And overwrite it!
IdxStackControllable PtrTarget write_to
% And now path_control_active == 0, so we can use %pipe% as if -dSAFER was never set :)
(%pipe%gnome-calculator) (r) file
This code effectively disables the -dSAFER sandbox, allowing the execution of the gnome-calculator command.
The command can be replaced with any other command to suit the attacker’s needs.
Impact
The impact of CVE-2024-29510 is far-reaching.
Web applications and services that use Ghostscript for document processing are at risk.
Attackers can exploit this vulnerability to execute arbitrary code on the server, potentially leading to data breaches, system compromise, and further attacks.
To mitigate this vulnerability, it is crucial to update Ghostscript to version 10.03.1 or later.
Check for patch versions that address this issue if the latest version is unavailable for your distribution.
Additionally, consider using the provided test kit to verify if your Ghostscript installation is affected:
A critical security vulnerability has been discovered in HCL Domino, a popular enterprise server software, that could potentially expose sensitive configuration information to remote unauthenticated attackers.
This vulnerability, CVE-2024-23562, has raised concerns among cybersecurity experts and enterprises relying on HCL Domino for their operations.
CVE-2024-23562 vulnerability allows a remote, unauthenticated attacker to exploit the system and access sensitive configuration information.
This information could then be used to launch further attacks against the affected system, potentially compromising the security and integrity of the enterprise’s data.
The vulnerability impacts multiple releases of HCL Domino, specifically versions 11, 12, and 14.
It is also suspected that earlier releases may be affected, although this has not been conclusively confirmed.
As of now, a fix for this vulnerability is not available.
HCL has acknowledged the issue and is tracking it under SPR# EPORD2AKDF.
In the meantime, users are advised to implement the recommended workarounds and mitigations to protect their systems.
Workarounds and Mitigations
To mitigate the risk posed by this vulnerability, it is recommended that anonymous access to the Domino server be denied over internet protocols.
The following steps can be taken to achieve this:
Access Internet Site Document Settings: Navigate to the location of Internet site document settings.
Deny Anonymous Access: Set the “Anonymous” fields under “TCP Authentication” and “TLS Authentication” to “No”.
These instructions apply to HCL Domino releases 9 and above.
For further guidance on securing your HCL Domino server, the following resources are available:
Server Access for Notes® Users, Internet Users, and Domino® Servers
Protecting Files on a Server from Web Client Access
Validation and Authentication for Internet and Intranet Clients
Creating Public Access Pages, Forms, Subforms, Outlines, Views, Agents, and Style Sheets
The discovery of CVE-2024-23562 highlights the importance of continuous vigilance and proactive security measures in enterprise environments.
Organizations using HCL Domino are urged to implement the recommended mitigations promptly and stay updated on any further developments from HCL regarding a permanent fix.
"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo
Both Sony and Vivo announced very compelling flagship smartphones this year. In fact, both of them were announced in May. In this article, we’ll compare them, the Sony Xperia 1 VI vs Vivo X100 Ultra. Granted, these two phones are quite different, even though there are a couple of similarities between them. Before we get to it, do note that the Vivo X100 Ultra only comes in a Chinese variant. It did not launch globally, unlike the Xperia 1 VI. It does work perfectly fine in global markets, just make sure your carrier has proper support for it.
With that being said, we’ll first list the specifications of these two phones. Following that, we’ll compare them across a number of other categories, including design, display, performance, battery life, cameras, and audio performance. We have a lot of ground to cover, so… let’s get down to it.
Sony decided to widen its flagship this time around. Now it actually looks like a regular smartphone. Sony’s phones were very narrow before, and this change probably suits the vast majority of you. That phone still has a slightly narrower display aspect ratio than the Vivo X100 Ultra, but the difference is minimal. Both smartphones are made out of metal (aluminum) and glass.
The Sony Xperia 1 VI is shorter, narrower, and thinner than the Vivo X100 Ultra. Granted, it does have a smaller display than Vivo’s flagship, so that definitely plays a role here. It is also considerably lighter in comparison, by 37 grams. The Xperia 1 VI has slightly thicker top and bottom bezels as it does not include a display camera hole. The Vivo X100 Ultra has a centered display camera hole at the top. The Xperia 1 VI includes a flat display, while the Vivo X100 Ultra has a curved one.
Unlike the Vivo X100 Ultra, Sony’s flagship has a flat frame all around the phone. Both phones feature rounded corners, however. The back side of the Xperia 1 VI is flat, while the same cannot be said for the Vivo X100 Ultra. Even their camera islands are vastly different. Sony’s flagship has vertically aligned cameras in the top-left corner. The Vivo X100 Ultra includes a large camera oreo in the top portion of its backplate, and it’s centered.
Both of these smartphones are IP68 certified for water and dust resistance. Both of them feel like premium products in the hand, though considerably different. They are both also quite slippery. The Xperia 1 VI is easier to use with one hand, though both phones are quite large.
Sony Xperia 1 VI vs Vivo X100 Ultra: Display
The Sony Xperia 1 VI features a 6.5-inch fullHD+ (2340 x 1080) LTPO OLED display. That panel is flat, and it can project up to 1 billion colors. It also offers a refresh rate of up to 120Hz, while HDR content is supported here. The screen-to-body ratio here is around 86%, while the display aspect ratio on the Xperia 1 VI is 19.5:9. The Gorilla Glass Victus 2 from Corning is in charge of protecting this display.
On the flip side, the Vivo X100 Ultra features a 6.78-inch QHD+ (3200 x 1440) LTPO AMOLED display. This display is curved, and its refresh rate goes up to 120Hz. It can project up to 1 billion colors, and Dolby Vision is supported, as is HDR. The maximum brightness here is 3,000 nits. The screen-to-body ratio of the Vivo X100 Ultra is at around 89%, while the display aspect ratio is 20:9. We don’t know what display protection is Vivo using.
Both of these displays are excellent. They’re vivid, have great viewing angles, and those deep, inky blacks. They’re also more than sharp enough, even though the Vivo X100 Ultra is considerably sharper in comparison. The Vivo X100 Ultra has another notable difference, a display that does get brighter. The Xperia 1 VI’s display is not dim by any means, but the Vivo X100 Ultra does get notably brighter in direct sunlight.
Sony Xperia 1 VI vs Vivo X100 Ultra: Performance
Both of these phones are fueled by the same processor. Qualcomm’s Snapdragon 8 Gen 3 chip fuels these two phones. That is Qualcomm’s most powerful processor at the moment. The Xperia 1 VI offers 12GB of LPDDR5X RAM, while the Vivo X100 Ultra comes with up to 16GB of LPDDR5X RAM. Both smartphones utilize UFS 4.0 flash storage. So, they’re basically on the same playing field in terms of performance-related specs.
And yes… both of them offer great performance. They’re very fluid in basically all scenarios. You can easily multitask with both smartphones and even if you push them really hard they won’t budge. We’re talking about regular, everyday performance here. They’re great for multimedia consumption, emailing, messaging, browsing, and everything else you can think, of, both phones work great.
Now, many of you are probably wondering about gaming too. Well, it’s worth noting that the Xperia 1 VI does tend to throttle both CPU and GPU during gaming, only if you’re running truly demanding titles, though. We’re presuming that it’s doing that to keep the phone from overheating. Even though that’s happening, you likely won’t notice any impact on your gameplay because of this. Both phones run very demanding games without a problem.
Sony Xperia 1 VI vs Vivo X100 Ultra: Battery
Sony’s flagship features a 5,000mAh battery. The Vivo X100 Ultra, on the flip side, has a 5,500mAh unit. Vivo’s handset includes a silicon carbon battery, which is why such a large unit fits inside this body. Now, despite the fact the Vivo X100 Ultra has a larger battery, the Xperia 1 VI offers a better battery life. It’s a real road warrior when it comes to battery life, and the difference is notable.
The Vivo X100 Ultra can get up to 7 hours of screen-on-time, while the Xperia 1 VI goes above and beyond that. Getting over 8 hours of screen-on-time is not out of the question. Do note that gaming will impact those numbers on both sides, as will other truly graphically-demanding tasks. Your mileage will vary either way, so just keep that in mind. Both smartphones do offer great battery life, but the Xperia 1 VI is a step ahead, one step at least.
When the charging is concerned, the situation is flipped. The Vivo X100 Ultra supports 80W wired, 30W wireless, and reverse wired charging. The Sony Xperia 1 VI supports 30W wired, 15W wireless, and reverse wireless charging. Vivo’s handset not only charges much faster both via a wire and wirelessly, but it includes a charger in the box. The Xperia 1 VI doesn’t even include a charging cable.
Sony Xperia 1 VI vs Vivo X100 Ultra: Cameras
Both of these phones include three cameras on the back. Those camera setups are considerably different, though. The Xperia 1 VI has a 48-megapixel main camera, a 12-megapixel ultrawide unit (123-degre FoV), and a 12-megapixel periscope telephoto unit (3.5x-7.1x continuous optical zoom, macro). The Vivo X100 Ultra, on the flip side, includes a 50-megapixel main camera (1-inch type sensor, gimbal OIS), a 50-megapixel ultrawide camera (116-degree FoV), and a 200-megapixel periscope telephoto camera (3.7x optical zoom, macro).
It is also worth noting that both smartphones collaborated with ZEISS, and have the company’s T* coating on their lenses. Sony’s handset tends to keep things closer to real life when it comes to images. The Vivo X100 Ultra tends to prefer warmer colors, and the images from that phone look a bit more processed. Both smartphones do a great job during the day, as they provide tons of detail and well-balanced shots. The same goes for low light too, though the VIvo X100 Ultra has a tendency to brighten up the scenes a bit more than the Xperia 1 VI. Sony’s handset is not afraid of keeping things a bit darker in low light, closer to real life.
The Vivo X100 Ultra does a better job when it comes to portrait photography, while we also prefer its macro photography prowess… even though the Xperia 1 VI does a really good job on both of those fronts. Their ultrawide cameras are their weakest links, but they’re still very good. Do noet that the Xperia 1 VI’s ultrawide camera has a notably wider field-of-view (FoV), though. You can’t really go wrong with either of these phones when it comes to camera performance.
Audio
There are stereo speakers included on both of these smartphones. The ones on the Sony Xperia 1 VI are louder, though, notably louder. The Vivo X100 Ultra’s speakers are not dim, though, not at all. The sound is good on both sides, though.
What neither of these phones offers is an audio jack. You can always hook up your headphones to their Type-C ports, though. Both smartphones also offer Bluetooth 5.4 support, so wireless audio connectivity is here if you need it.
Amazon has just introduced its latest smart speaker/alarm clock called the Echo Spot. The new Amazon Echo Spot has arrived just a few days ahead of the upcoming Amazon Prime Day 2024 sale. Just like its 2017 counterpart, the new Echo Spot is designed to be your nightstand tech buddy. The Alexa-connected smart speaker has a small touchscreen and supports all the voice controls of the previous Echo devices.
The new Amazon Echo Spot speaker offers better visuals and improved audio
According to the official press release, the Amazon Echo Spot 2024 speaker offers “even better visuals and improved audio quality.” Similar to the Echo Dot or other Echo products, the latest Echo Spot variant lets you control IoT devices spread across your smart home. The new offering flaunts a 1.73-inch front-firing direction speaker. It delivers “clear vocals and deep bass,” as per Amazon.
While the previous variant of the Echo Spot was launched with a full circular screen, the new version’s display is split in half. Amazon has removed a camera from the latest offering. For more privacy, the new speaker has a hardware button to turn the microphone off. Furthermore, there are physical volume control buttons onboard the new model.
The new Echo Spot lets you see time, weather, and song titles at a glance on its small screen. You can personalize your display with a clock face or multiple fun colors. The speaker allows you to customize the display to fit the aesthetic of your room. You can choose from as many as six different colorways – Orange, Violet, Magenta, Lime, Teal, and Blue. Besides, the device also allows you to mix and match colors with several clock faces.
Amazon is offering the latest Echo Spot with more than 40 percent discount for Prime users
The Echo Spot 2024 speaker is priced at $79.99. It is significantly less than the $149.99 2017 version at the launch. However, during the Prime Day 2024 sale on July 16 and July 17, Prime members can get it with a discount of more than 40 percent. It will be available for just $44.99 for these users. The new smart speaker from the brand will be available in Black, Glacier White, and Ocean Blue hues.
Shopify has denied a breach of its systems after a cybercriminal posted alleged Shopify customer details online.
Shopify told BleepingComputer and other publications that the incident happened at a third party:
“Shopify systems have not experienced a security incident. The data loss reported was caused by a third-party app. The app developer intends to notify affected customers.”
The cybercriminal posting under the handle “888” claims the breach took place in 2024 and contains 179,873 rows of users’ information.
Post by 888 offering Shopify data for sale
The data offered for sale includes:
Shopify ID
First name
Last name
Email address
Mobile phone number
It also includes some Shopify specific data like number of orders, total spent, email subscription status, email subscription date, SMS subscription status, and SMS subscription date.
Where the data comes from is a good question.
In March, Cybernews reported about a publicly accessible MongoDB database that belonged to a US-based company, Saara, who develop Shopify plugins. The leaked database stored 25GB of data which stemmed from plugins covering over 1,800 Shopify stores.
In June, we reported about a breach affecting Evolve Bank & Trust that also affected several of its partners. Shopify is a partner of Evolve.
No doubt this isn’t the end of the story. We will keep you updated.
Protecting yourself after a data breach
There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.
Check the vendor’s advice. Every breach is different, so check with the vendor to find out what’s happened, and follow any specific advice they offer.
Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
Watch out for fake vendors. The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify the identity of anyone who contacts you using a different communication channel.
Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
Consider not storing your card details. It’s definitely more convenient to get sites to remember your card details for you, but we highly recommend not storing that information on websites.
Set up identity monitoring.Identity monitoring alerts you if your personal information is found being traded illegally online, and helps you recover after.
Malwarebytes has a free tool for you to check how much of your personal data has been exposed online. Submit your email address (it’s best to give the one you most frequently use) to our free Digital Footprint scan and we’ll give you a report and recommendations.
As we approach Unpacked later this week, where Samsung is set to announce the Galaxy Z Flip 6 and Galaxy Z Fold 6, one has to wonder if Samsung can take the crown back from OnePlus/OPPO in the foldable market.
Last year, OnePlus announced its first foldable with an asterisk, the Open. We put an asterisk there because it is essentially the OPPO Find N3 in everything but the logo. This is not OPPO’s first foldable, but it’s a third-generation foldable. And it completely surpassed Samsung in one fell swoop. Not only did OnePlus and OPPO put out better hardware than Samsung, but it also put out better software.
I recently went back to the OnePlus Open, to use it again ahead of the Galaxy Z Fold 6 launch, and to see how it compares to the current best foldable on the market. And I fell in love with the Open all over again. The rumors for the Galaxy Z Fold 6 aren’t that great. The rumormill is pointing to a phone that is mostly the same as the previous model, but a tad wider and a new processor.
OnePlus’ Open Canvas feature is the best foldable feature we’ve seen so far
With the OnePlus Open last year, OnePlus debuted Open Canvas which is a feature that was also brought to the OnePlus Pad, and it’s genius. To put it in the simplest terms, Open Canvas allows the user to have more screen real estate than is actually available. You’re able to push apps off of the screen, and swipe over to them whenever you want. You can run up to six apps on the screen at the same time, which is impressive. Though, admittedly, it’s not something I do that often.
It’s not all software though, another decision OnePlus and OPPO made that helped Open Canvas perform so well is, the front display. OnePlus and OPPO opted for a 18:9 front display, which is the aspect ratio for most smartphones these days. But that also means when you open the phone, you’re getting a square display (almost) but it also means that having apps side-by-side, they will be 18:9 aspect, instead of super skinny apps like they are on Samsung’s Galaxy Z Fold models.
One of my biggest complaints with foldables is the aspect ratios of the displays. Samsung, for example, uses a very skinny front display that feels more like a TV remote versus a smartphone. That makes the inner display almost exactly a square, and when you have two apps in multi-window, you’re looking at two very skinny apps. It’s just not a good user experience, and that had really turned me off from using foldables, because both screens kind of suck for using apps normally.
OnePlus put its best cameras ever, in the Open
Another area where foldables typically fall short is in the camera department. This is likely because companies are looking to keep phones lighter and thinner, but need larger batteries inside foldables to power those larger displays. OnePlus said screw it, let’s put in the best cameras we’ve ever had.
With the Open, OnePlus included a 48-megapixel primary camera with a f/1.7 aperture, a 64-megapixel 3x telephoto and a 48-megapixel ultrawide. On paper, that sounds outstanding, in practice, it is. I was amazed at how well the Open took photos last year while I was reviewing it, and now picking it up again about 8 months later with countless new updates, it’s still impressive. As I noted in my review last year, OnePlus might have the best cameras on any phone with the Open, nevermind a foldable. Though that has changed now, especially with the Vivo X Fold3 Pro being available.
OnePlus did include a pretty massive camera bump on the Open to accommodate these cameras, but it’s worth it. That camera bump also makes it easier to hold onto the OnePlus Open, in my experience.
Samsung can’t seem to get rid of the crease
We’re writing this ahead of Unpacked, and we haven’t seen the Galaxy Z Fold 6 in person yet, other than in leaks. But it seems like Samsung is still pretty far behind the competition on getting rid of the crease. Companies like Motorola, OnePlus and OPPO have all done a really good job of getting rid of the crease. I mean, it’s almost non-exsistent on the new Razr+ that was announced last month, as well as the OnePlus Open. But with Samsung, you will most likely still see that crease, and it’s definitely an eyesore.
Can Samsung take back the throne?
While I did spend about 750 words trashing Samsung and its foldables, it has come a long way since the first Galaxy Fold back in 2019. But there’s still a long way to go. Not just for Samsung but for every company making foldables. Samsung was first to the market, and that means that its competition was able to learn from its mistakes more than Samsung itself.
So what can Samsung do with the Galaxy Z Fold 6 to take back the throne? Well, for one, upgrade the cameras. The Galaxy Z Fold 5 cameras are not great at all, to be quite honest, especially for a $1700 phone. They will get the job done, but the Galaxy S24 Ultra is far better. The software is getting there, Samsung does have plenty of great software tweaks to take advantage of that display. However, the biggest thing Samsung needs to address is the aspect ratio.
Last year, at Unpacked in Korea, I spoke with Samsung and talked about how the Pixel Fold (the OnePlus Open wasn’t out yet) was better than the Galaxy Z Fold 4 (at the time), because of the wider front display. Meaning I didn’t need to open the phone as much. Samsung thought that was pointless. This makes me think Samsung wants you to open the phone all the time versus using the front display a lot and opening it for multitasking. If Samsung adopts the wider aspect ratio of the Pixel Fold or the regular smartphone aspect ratio of the OnePlus Open, I think a lot of my complaints about Samsung’s foldables will be solved.
It sort of feels like, after last year, that Samsung is just phoning it in these days for foldables. A big reason for that is the competition or lack thereof. In the US, it’s really only competing with the Pixel Fold and OnePlus Open, and only one of those is sold at carriers. On the flip side, it is competing with Motorola, and that’s about it. What Samsung really needs is more competition in the US (its biggest market), which will push them to innovate and make bigger upgrades to its foldables.
An internal memo reviewed by Bloomberg revealed that starting in September, Microsoft employees in China will need to use an iPhone for authentication when they sign into company systems. Android phones will not be allowed as multi-factor authentication devices. When signing into Microsoft systems, employees need to use a smartphone and two Microsoft apps to log in.
When the new rules take effect in less than two months, iPhone handsets will be required to run the two Microsoft apps, the Microsoft Authenticator password manager and Identity Pass app. The software company requires multi-factor authentication to guard against hackers. The new rules will impact hundreds of Microsoft employees who work in Mainland China.
Microsoft’s memo notes that it blocked Android phones from being used for multi-factor authentication because Android phones are not allowed to run Google services in China. That prevents the Microsoft employees from accessing the Google Play Store leaving Apple’s App Store as the only place where these employees can download the required security apps. Android app storefronts are fragmented in China with the ban on Google services forcing phone manufacturers in the country to offer their own app stores. Such manufacturers include Huawei and Xiaomi.
Microsoft employees in China will need to use an iPhone at work|Image credit-Apple
Any members of the Microsoft staff in China owning an Android phone will be forced to purchase an iPhone 15 for a one-time payment. Microsoft will make iPhones available at hubs across China and even in Hong Kong where Google services are allowed. Microsoft employees in China will still be allowed to use Android handsets as their personal phones.
The company has been the target of multiple state-sponsored attacks by hackers. Back in January, an attack linked to Russia affected many U.S. government agencies including the State Department. With U.S. lawmakers putting pressure on Microsoft, the company started the Secure Future Initiative (SFI) company-wide last November. SFI will use AI to help it address vulnerabilities in the cloud faster, make it more difficult for hackers to obtain credentials, and automatically require multi-factor authentication for employees.
And that brings us right back to the internal memo alerting Microsoft workers on the Mainland that they must use an iPhone at work.
Ticketmaster hackers leak 30,000 ticket barcodes for top upcoming events, including music concerts. They also share a DIY counterfeit tutorial on making physical tickets from the leaked barcodes and other ticketing data.
Ticketmaster hackers have leaked 30,000 additional ticket barcodes for some of the top upcoming events and concerts featuring popular artists and music bands.
It is also worth noting that on July 4 and 5, 2024, as exclusively reported by Hackread.com, ShinyHunters and Sp1d3rHunters, who are two different individuals but are affiliated with the group behind the Ticketmaster data breach, leaked 44,000 and 170,000 ticket barcodes related to Taylor Swift’s The Eras Tour. With these leaks, the total number of leaked ticketing data goes up to 640,000.
The latest 30,000 data leak includes ticketing and barcodes related to the following events and artists:
Pearl Jam
Sammy Hagar
Stevie Nicks
Steve Miller Band
Cirque du Soleil
USHER: Past Present Future
Chris Brown – The 11:11 Tour
P!NK: Summer Carnival 2024 (Multiple cities)
Aerosmith: PEACE OUT The Farewell Tour – (10+ cities)
Neil Young – Crazy Horse – Love Earth Tour July 08
Alanis Morissette – The Triple Moon Tour – July 13
Red Hot Chili Peppers: Unlimited Love Tour – July 17
Bruce Springsteen and The E Street Band 2024 Tour
Screenshot from Ticketmaster dataset (Screenshot credit: Hackread.com)
What Exactly is in This Data Leak?
The ticket industry is a complicated one. Although Hackread.com has over a decade of experience in data breach analysis, things can be tricky sometimes. Therefore, we used ChatGPT-4o to analyze a small sample from the leak. Here’s what it found:
The leak of Ticketmaster ticketing data, including barcodes, is indeed bad news for Ticketmaster and its customers. Here's an analysis:
What is in the Leak
The provided data includes:
1: Ticket Barcodes: Unique ticket barcode values. 2: Event Details: Start time, event key, event ID, event name, venue details, etc. 3: Sales Order Information: Sales order ID, transaction ID, ticket type codes. 4: Seating Information: Section name, row number, seat number. 5: Venue Info: Venue ID, venue name, address, city, state, country, postal code. 6: User and Session Information: Browser ID, web session cookie values.
Potential Risks and Implications
Ticket Forgery and Resale:
Barcode Duplication: The leaked barcodes can be duplicated to create counterfeit tickets. Fraudsters could print fake tickets using these barcodes and sell them to unsuspecting buyers.
Loss of Revenue: Counterfeit tickets can lead to revenue loss for both Ticketmaster and event organizers.
Overcrowding and Security Risks: Events could face overcrowding if counterfeit tickets are used, leading to security and safety issues.
Verification Challenges: Ensuring the authenticity of tickets at event entry points will become more challenging, potentially causing delays and operational disruptions.
Increased Costs: Implementing measures to mitigate the impact of the leak, such as reissuing tickets or enhancing verification processes, will incur additional costs.
This leak is a significant issue for Ticketmaster, requiring immediate and comprehensive action to mitigate the risks and prevent future occurrences.
Can Anyone Use These Tickets?
Well, kind of. The online tickets could be impossible to use, but apparently, the physical copies of tickets can be used without any hurdles. Last week, Ticketmaster told Hackread.com that there is no way to use these tickets because the company uses a technology called “SafeTix,” which protects tickets by automatically refreshing with a new and unique barcode every few seconds, making it impossible to reuse.
However, the company did not mention anything about physical copies of tickets, which hackers have pointed out in their latest counterstatement, announcing that they have extracted physical tickets as well.
“Our Response to Ticketmaster’s claims is Ticketmaster lies to the public and says barcodes can not be used. The ticket database we have includes both online and physical ticket types.”
Hackers
What’s worse for Ticketmaster is that the hackers have also shared a four-step tutorial explaining how to make your own real tickets using the leaked information. This includes a YouTube video, Ticketmaster’s TicketFast artwork guidelines, and a link to the Ticketmaster site explaining printing guidelines for their tickets. Hackread.com will not share the complete tutorial due to security reasons.
Sp1d3rHunters on Breach Forums with the latest Ticketmaster dataset (Screenshot credit: Hackread.com)
Who is Behind the Ticketmaster Data Breach?
The original Ticketmaster data breach saw claims from the ShinyHunters hacker group of stealing 560 million user records and a ransom demand of $1 million—an offer that Ticketmaster denies it ever facilitated or has any plans to accept.
Last week, the ransom demand increased to $8 million after ShinyHunters revealed (in a now-deleted post on Breach Forums) that the stolen data was larger than previously anticipated, making it more valuable than ever. This includes the following information:
980 million sales orders
680 million orders detail
1.2 billion party lookup records
440 million unique email addresses
4 million uncased and deduped records
560 million AVS (Address Verification System) detail records
400 million encrypted credit card details with partial information
But who is the threat actor or group behind the Ticketmaster data breach? According to two known cybersecurity researchers who shared exclusive information on the basis of anonymity, ShinyHunters is not behind this data breach but is merely affiliated with a high-profile, financially motivated threat group that is the actual actor behind the breach.
The name of the threat group cannot be shared at this time due to security reasons and for reasons Hackread.com would rather not disclose until authorities do so on their own. On the other hand, sources also told Hackread.com that Sp1d3rHunters is also not involved in the breach; their main role is to post about the breach on different forums to attract as many potential buyers as possible.
Nevertheless, it’s another day with more bad news for Ticketmaster. If you are a Ticketmaster user, make sure to change your account password and keep an eye on any suspicious activity.
Google could boost Play Protect’s local app scanning capabilities soon. Now, the system would be more powerful and efficient thanks to the implementation of the YARA tool. The change would be a new step in the mixed malware-scanning approach implemented last year by the company.
Play Protect, Play Services, and Play Store are Google’s main tools to keep your Android device free of malware. Play Protect works both on apps you download from the Play Store and on APKs from external sources. Previously, the company used a cloud-based approach that required sending APKs from external sources to Google for analysis.
However, since last year, Google Play Protect can locally scan unknown APKs for malware. This way, the Mountain View giant adopted a mixed malware-scanning approach instead of a fully cloud-based one. Now, Play Protect’s local malware scanning could get more powerful thanks to the implementation of YARA.
YARA would enhance Google Play Protect’s local APK scanning
YARA is not exactly a new tool, and it has even been used in traditional antivirus for a long time. YARA is a tool capable of detecting malware by classifying it by “families.” It works by searching for code that is common among a “family” of malware. Families are set through “YARA rules” where files (apps in this case) meet certain common characteristics.
This approach prevents malware from bypassing traditional hash-based scanning. The latter works by searching for an exact hash match, but modern malware is capable of modifying itself to generate a new hash. So, basically, local malware scanning should become more efficient and effective soon, with greater detection capacity. YARA scanning references are available in the latest Play Store v41.7.16 update, as spotted by Android Authority.
It’s notable that local scanning is less powerful than cloud-based scanning. Mobile devices do not have the hardware resources necessary to run all the scanning tools that Google runs on its powerful servers. That’s why the company takes a mixed approach rather than local-only. However, the implementation of YARA will make Play Protect’s local malware analysis more capable, powerful, and autonomous.
Microsoft’s employees based in China will have to change their phones if they run Android. Microsoft is establishing a new policy where its employees will have to exclusively use iPhone devices. The main reason seems to be the ban on Google Play Services in the Asian country.
According to Bloomberg, as of September, employees affected by the decision will only be able to use Apple devices to access identity verification apps. The company wants to ensure that everyone has the Microsoft Authenticator and Identity Pass apps on their phones.
Microsoft employees forced to replace their Android devices with iPhones
The decision is part of an initiative to set stronger security measures that strengthen the company against potential attacks. For months now, Microsoft has been the target of constant attacks allegedly sponsored by the Russian government. The US government even confirmed that a related data breach also affected the State Department. The breach did not compromise the security of key confidential data. However, the situation caused US legislators to pressure the Redmond giant to implement stricter security systems.
According to the report, the company will provide iPhone 15 units as a “one-time purchase” to its staff in China. Interestingly, even employees based in Hong Kong will have to comply with the measure. It’s noteworthy that Google Play Services are available in Hong Kong. However, Microsoft is not making exceptions with its new policies.
New policies contradict the Chinese government’s position regarding foreign devices
Still, the Chinese government may not be too happy with Microsoft employees now exclusively using iPhone devices. Since 2023, they have been promoting the abandonment of devices of foreign origin at work. Like Microsoft, the Chinese government cites security concerns as the reason for the measure. However, now Microsoft employees in China will have to discard Android devices from local brands such as Xiaomi and Huawei in favor of iPhones.
