The ransomware group known as RansomHub recently leaked data allegedly stolen from the Florida Department of Health.  RansomHub added the agency to its Tor-based leak site on July 2, claiming to have stolen over 100 gigabytes of data from its network, including personally identifiable information (PII) and protected health information (PHI).

A threat actor, "Sp1d3rHunters," continued their extortion campaign against Ticketmaster on Monday by claiming to leak over 30,000 print-at-home tickets stolen from the vendor.  The threat actor advertised the data dump on an underground forum alongside a four-step guide for users to make their own printable barcode tickets.  They claimed to have tickets for gigs by Stevie Nicks, Pearl Jam, Foo Fighters, Red Hot Chili Peppers, and many more artists.  The threat actor warned Ticketmaster that they now have to reset 30K more tickets.

"Eldorado," a new Ransomware-as-a-Service (RaaS), encrypts Windows and Linux files with locker variants. According to Group-IB, Eldorado first appeared on March 16, 2024, when an advertisement for the affiliate program was posted on the ransomware forum RAMP. Researchers said the Eldorado ransomware uses Golang for cross-platform capabilities, Chacha20 for file encryption, and RSA-OAEP for key encryption. This article continues to discuss findings regarding the Eldorado RaaS.

The US Cybersecurity and Infrastructure Security Agency (CISA) has published its "Guide to Operational Security for Election Officials." This guide provides a comprehensive overview of Operational Security (OPSEC) in elections, underlining risks and offering practical mitigation measures to improve election infrastructure security. OPSEC systematically identifies and protects sensitive organizational data, information, and capabilities.

According to TRM Labs, cryptocurrency exchange hacks and exploits has resulted in the theft of twice as much money in the first half of 2024 as the same period in 2023. A new TRM report found that cryptocurrency exchange hackers stole $1.38 billion between January 1 and June 24, 2024. This article continues to discuss the rise in hacks and exploits on cryptocurrency exchanges.

Infosecurity Magazine reports "Crypto Thefts Double to $1.4 Billion, TRM Labs Finds"

According to the New York Times (NYT), OpenAI, the ChatGPT maker, had an undisclosed breach in early 2023. The NYT reports that the attacker stole employee forum discussions but did not access systems housing and building the Artificial Intelligence (AI). OpenAI claims that no customer or partner data was stolen, and the breach did not threaten national security, so it did not notify the FBI. This article continues to discuss the theft of secrets from OpenAI in 2023.

Roll20, a popular online tabletop platform for role-playing games (RPGs), recently revealed that its systems had been breached.  The company said that a threat actor gained unauthorized access to the company’s administrative website on June 29 and could view and access all user accounts, exposing Roll20 users’ personally identifiable information (PII).  The data stolen includes users’ first and last names, email addresses, the last known IP address, and the last four digits of the credit card of users who maintained a stored payment method in their Roll20 account.

Twilio recently confirmed that it had suffered a data breach after hackers leaked 33 million phone numbers associated with the Authy application.  In late June, hacking group ShinyHunters said they were leaking 33 million random phone numbers associated with Twilio’s two-factor authentication app Authy.

According to security researchers at Cybernews, nearly 10 billion unique passwords have been leaked on a cybercrime forum, putting online users worldwide at risk of account compromise.  The researchers say they discovered the leak of 9.94 million plaintext passwords, described as the largest password compilation of all time.  It was posted on a popular hacking forum by a user named "ObamaCare" on July 4.  The researchers noted that this user, who only registered for the forum in late May 2024, has previously shared sensitive information accessed from breaches.

Security researchers at blockchain monitoring firm Certik recently discovered that more than $1.1bn worth of cryptocurrency has been lost from Web3 cybersecurity incidents in the first half of 2024.  The researchers noted that these losses occurred across 408 on-chain security incidents over the six-month period, making the average cost to victims per incident $2.9m.  The median loss was $230,784, highlighting the wide disparity between the losses suffered during individual attacks.