Welcome to today's issue of Secret CISO, your daily dose of cybersecurity news. Today, we're diving into the recent PowerSchool data breach that has exposed millions of student and teacher records, including sensitive information such as Social Security numbers. This breach has impacted school districts across the nation, from San Diego to Nova Scotia, and even as far as Utah. In other news, a shocking data breach has left millions of smartphone users vulnerable, with hackers allegedly stealing detailed location data collected by popular apps. This breach is linked to Gravy Analytics, a US data location company that brokers location data for more than 10,000 popular apps. We'll also be discussing the risks of relying solely on vendor patches for cybersecurity, as highlighted by Origina CEO. Plus, we'll look at the potential financial impact of the Nova Scotia school system's cybersecurity breach, and the lawsuit against T-Mobile over a massive data breach impacting 79 million Americans.

Finally, we'll touch on the latest research and expert insights in the field of cybersecurity, including a terrifying prediction for a 'uniquely dangerous' 2025 from a global risk expert, and the latest jobs at Microsoft you can apply for this January. Stay tuned for these stories and more in today's Secret CISO newsletter. Stay safe, stay informed.

Data Breaches

1. PowerSchool Data Breach Exposes Millions of Student and Teacher Records: PowerSchool, a widely used education software company, suffered a significant data breach, exposing sensitive information such as names, addresses, email addresses, and potentially Social Security numbers of students and teachers. The breach has impacted multiple school districts across the nation. Source: CyberGuy, CBC News, The Andalusia Star-News
2. Millions' Location Data Exposed in Major Hack Linked to Popular Apps: A shocking data breach has left millions of smartphone users vulnerable, with hackers allegedly stealing detailed location data collected by popular apps. The breach was linked to US data location company Gravy Analytics, which brokers location data for more than 10,000 popular apps. Source: Euro Weekly News, iNews
3. Cybersecurity Breach of Nova Scotia School System Could Have Financial Impact: A cybersecurity breach of the Nova Scotia school system could have a significant financial impact. The breach, which occurred between December 22 and December 28, also affected schools in Alberta and included social insurance numbers collected before 2010. Source: Coast Reporter, Global News
4. T-Mobile Sued Over Massive Data Breach Impacting 79 Million Americans: T-Mobile is facing a lawsuit over a massive data breach that exposed sensitive personal information, such as names, phone numbers, and Social Security numbers, of 79 million Americans. Source: Benzinga
5. Multiple Utah School Districts Hit by Cybersecurity Breach of Student Information: A cybersecurity breach affected some of the biggest school districts in Utah. The nationwide breach exposed sensitive data about students, families, and educators. Source: KJZZ

Security Research

1. Can science be both open and secure? Nations grapple with tightening research security as China's dominance grows: Governments worldwide are concerned about potential security risks arising from international scientific collaborations. The fear is that these collaborations could inadvertently lead to rivals gaining military or trade advantages. Source: EastMojo
2. Global risk expert makes terrifying prediction for a 'uniquely dangerous' 2025: Security experts, including those from RANE, have raised concerns about potential global risks in 2025, warning of potential dangers similar to those of the 1930s. Source: Daily Mail
3. Muddling Meerkat Linked to Domain Spoofing in Global Spam Scams: Security researchers have criticized Microsoft for its lack of transparency in vulnerability disclosure, following the discovery of the Muddling Meerkat domain spoofing scam. Source: Hackread
4. Officials announce Mississippi Cyber and Technology Center to advance security research: A collaboration between the state of Mississippi, a state university, and the U.S. military aims to advance security research and make significant strides in the field. Source: Supertalk.fm
5. Millions at risk due to severe security flaw in license plate readers: A security researcher discovered a severe security flaw in Motorola's automated license plate reader, potentially putting millions at risk. Source: MSN

Top CVEs

1. Linux Kernel Memory Allocation Vulnerability (CVE-2024-57881): A vulnerability in the Linux kernel's memory allocation could potentially lead to a system crash. The issue arises from the function split_large_buddy() calling pfn_to_page() on a possibly non-existent PFN. The issue has been resolved in the latest kernel update. Source: CVE-2024-57881
2. Linux Kernel ALSA Memory Allocation Vulnerability (CVE-2024-57800): A warning is observed with CONFIG_DMA_API_DEBUG enabled in the Linux kernel's ALSA memory allocation. The issue arises from the device driver failing to check map error. The issue has been resolved in the latest kernel update. Source: CVE-2024-57800
3. IBM Jazz Foundation Cross-Site Scripting Vulnerability (CVE-2021-29669): IBM Jazz Foundation versions 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 are vulnerable to cross-site scripting. This vulnerability could potentially lead to credentials disclosure. Source: CVE-2021-29669
4. IBM Watsonx.ai Cross-Site Scripting Vulnerability (CVE-2024-49785): IBM watsonx.ai versions 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data 4.8 through 5.0.3 are vulnerable to cross-site scripting. This vulnerability could potentially lead to credentials disclosure. Source: CVE-2024-49785
5. Guangzhou Huayi Intelligent Technology Jeewms SQL Injection Vulnerability (CVE-2025-0392): A critical vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms up to version 20241229. The vulnerability arises from the manipulation of the argument store_code leading to SQL injection. Upgrading to version 20250101 resolves this issue. Source: CVE-2025-0392

API Security

1. Linux Kernel ALSA: memalloc Vulnerability (CVE-2024-57800): A vulnerability has been resolved in the Linux kernel's ALSA: memalloc. The issue was related to the DMA-API debug, where the device driver failed to check map error. The specialized dma_mapping_error() helper is now recommended for checking returned DMA addresses. Source: CVE-2024-57800
2. Linux Kernel dma-debug Vulnerability (CVE-2024-47143): A potential deadlock scenario has been fixed in the Linux kernel's dma-debug. The deadlock could occur when the dma debug API is called while holding the rq_lock(). The solution involves calling dma_entry_free() after put_hash_bucket() to avoid this situation. Source: CVE-2024-47143

Sponsored by Wallarm API Security Solution

Final Words

That's it for today's edition of Secret CISO. We've covered a lot of ground, from the PowerSchool data breach affecting millions of students and teachers, to the potential financial impact of a cybersecurity breach on the Nova Scotia school system. We've also touched on the risks associated with relying solely on vendor patches for cybersecurity, and the terrifying prediction for a 'uniquely dangerous' 2025 by a global risk expert. Remember, in the world of cybersecurity, knowledge is power. Stay informed, stay vigilant, and most importantly, stay safe.

If you found today's newsletter helpful, please consider sharing it with your friends and colleagues. Together, we can create a safer digital world. See you tomorrow for more exclusive insights and analysis. Stay secure!