Welcome to today's issue of Secret CISO. We're diving into the world of data breaches, exploring the recent $4000 Direct Deposit 2025 eligibility and payment dates. We'll also be looking at the aftermath of the 2022 data breach of Green Valley Pecan Company and the lessons learned. In other news, Las Palmas Del Sol Healthcare has discovered a two-year insider data breach, while VisionPoint Eye Center in Illinois is dealing with the fallout of a security breach that occurred in October 2024. We'll also be discussing the recent data breach extortion scheme involving a US Army soldier and AT&T and Verizon, and the top 10 most read cybersecurity stories for 2024.

In addition, we'll be examining the new proposed rule to modify the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security, and how Blutone Technologies is now helping to address data breach notification law. Lastly, we'll be looking at the data leak at Volkswagen that exposed the location of 800,000 electric car drivers for months, and the most notable tech failures of 2024. Stay tuned for all this and more in today's issue of Secret CISO.

Data Breaches

1. Data Breach at Green Valley Pecan Company: A settlement has been reached concerning the 2022 data breach at Green Valley Pecan Company. The incident has highlighted the need for improved data security measures. Source: HQSC Recruitment
2. Las Palmas Del Sol Healthcare 2-Year Insider Data Breach: Las Palmas Del Sol Healthcare has discovered a two-year-long insider data breach. VisionPoint Eye Center in Illinois also experienced a security breach involving unauthorized network access. Source: The HIPAA Journal
3. AT&T and Verizon Data Breach Extortion Scheme: A US Army soldier has been charged in connection with a data breach extortion scheme targeting AT&T and Verizon. This case represents the latest in a series of high-profile telecom security breaches. Source: Mobile ID World
4. Volkswagen Data Leak: A data leak at a Volkswagen subsidiary has exposed the location and other data of 800,000 electric vehicle owners for several months. Source: Mashable
5. Data Breach Lawsuit Against Byte Federal: Byte Federal is facing a data breach lawsuit, one of 1,500 such suits targeting companies in 2024. The complaints allege that the companies failed to adequately protect user data. Source: National Law Journal

Security Research

1. Recalibrating Your Resilience - ASIS International: The article discusses the emotional stress and burnout experienced by content moderators, extremism researchers, and security analysts due to their constant exposure to distressing content. It emphasizes the importance of resilience and self-care in these professions. Source: ASIS International
2. New "DoubleClickjacking" Exploit Bypasses Clickjacking Protections on Major Websites: Security researcher Paulos Yibelo has discovered a new technique, dubbed "DoubleClickjacking", that can bypass clickjacking protections on major websites. The exploit relies on multiple clicks instead of a single one, making it harder to detect and prevent. Source: The Hacker News
3. FortiGuard Labs Links New EC2 Grouper Hackers to AWS Credential Exploits: FortiGuard Labs has identified a new hacker group, EC2 Grouper, that is exploiting AWS credentials. The group's activities are characterized by their unique methods of attack and evasion, posing a significant threat to security teams. Source: Hackread
4. Blockchain Bandit Resurfaces: $172 Million in Stolen Ethereum Moves After Two Years: A notorious hacker known as the "Blockchain Bandit" has resurfaced after two years, moving $172 million in stolen Ethereum. The exploit was first revealed by security researcher Adrian Bednarek in 2019. Source: Binance
5. Patched BitLocker Flaw Still Susceptible to Hack: Security researcher Thomas Lambertz has revealed that a recently patched flaw in BitLocker is still susceptible to hacking. The revelation was made at the recently concluded Chaos Communication Congress in Germany. Source: BankInfoSecurity

Top CVEs

1. PHPGurukul Land Record System Cross Site Scripting: A vulnerability in PHPGurukul Land Record System 1.0 allows for cross-site scripting through manipulation of the 'Land Property Type' argument in the /admin/add-propertytype.php file. The exploit can be initiated remotely. Source: CVE-2024-13075
2. Path Traversal in path-sanitizer: The npm package path-sanitizer, versions prior to 3.1.0, has a vulnerability that allows for path traversal. The filters can be bypassed using .=%5c. This vulnerability is fixed in version 3.1.0. Source: CVE-2024-56198
3. Cross-site Scripting in SvegliaT Buttons: Mario Di Pasquale's SvegliaT Buttons has a vulnerability that allows for stored cross-site scripting. The issue affects all versions of SvegliaT Buttons. Source: CVE-2024-56020
4. Privilege Escalation in Trend Micro Deep Security: Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 have a vulnerability that could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system to exploit this. Source: CVE-2024-55955
5. SQL Injection in PHPGurukul Land Record System: A critical vulnerability has been found in PHPGurukul Land Record System 1.0. The vulnerability is in an unknown functionality of the /index.php file and allows for SQL injection through manipulation of the 'searchdata' argument. The attack can be launched remotely. Source: CVE-2024-13078

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO, the first in 2025! As we navigate the ever-evolving landscape of data breaches and security threats, it's crucial to stay informed and vigilant. Remember, the first line of defense is awareness. We hope you found today's insights valuable. If you did, why not share this newsletter with your friends and colleagues? Let's work together to create a safer digital world.

Stay safe, stay secure, and see you in the next edition of Secret CISO.