Welcome to today's issue of Secret CISO, your daily dose of the latest in cybersecurity news and updates.

Today, we're diving into the updated software security recommendations from CISA and the FBI, the alleged data breach at HPE, and the rising costs of data breaches. We'll also explore the vulnerabilities in 2FA security and the need for stricter regulations on social media apps for data privacy. In the spotlight today is the alleged breach at HPE, with a hacker known as IntelBroker claiming to have stolen sensitive data and source code from the tech giant. This comes as IBM's 2024 Cost of a Data Breach Report warns that breaches are not just knocking on the door, they're breaking in, with costs hitting record highs.

Meanwhile, CISA and the FBI have updated their software security recommendations based on public feedback, highlighting the importance of continuous improvement in cybersecurity practices. In other news, a sneaky 2FA kit is exposing vulnerabilities in 2FA security, demonstrating the need for robust and comprehensive security measures. We'll also discuss the under-regulation of social media apps, with a focus on TikTok, Meta, and X, and the urgent need for stricter regulations to protect national security and data privacy.

Stay tuned for more updates on cybersecurity breaches, data security, and expert insights. Don't forget to check out our exclusive interviews with security experts and our deep dives into the latest security research. Stay safe and informed with Secret CISO.

Data Breaches

1. CISA, FBI Update Software Security Recommendations: The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have updated their software security guidelines based on public feedback. The revised recommendations aim to help organizations identify and mitigate risky software security practices. Source: SecurityWeek
2. HPE Investigating Breach Claims After Hacker Offers to Sell Data: Hewlett Packard Enterprise (HPE) is investigating claims by a hacker known as IntelBroker, who is offering to sell source code and other data allegedly stolen from the company. The extent and impact of the breach are still under investigation. Source: SecurityWeek
3. Data Breach Costs Hit Record Highs: How to Protect Your Business in 2025: IBM's 2024 Cost of a Data Breach Report reveals that the cost of data breaches has hit record highs. The report underscores the importance of proactive security measures to protect businesses from increasingly sophisticated cyber threats. Source: TechNative
4. Sneaky 2FA Kit Exposes Vulnerabilities In 2FA Security: A new threat to two-factor authentication (2FA) has been identified by Elad Luz, Head of Research at Oasis Security. The phishing emails associated with this threat are particularly deceptive, highlighting vulnerabilities in 2FA security. Source: InformationSecurityBuzz
5. Breach exposes FBI data links: A significant data breach involving telecom provider AT&T has compromised sensitive information about FBI agents' call and text logs. The extent of the breach and the potential impact on national security are currently being assessed. Source: Digital Watch Observatory

Security Research

1. Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities: External security researchers have discovered vulnerabilities in the first generation MBUX (Mercedes-Benz User Experience). The details of these vulnerabilities have been disclosed, but there is no information on whether they have been exploited in the wild. Source: SecurityWeek
2. A gotcha with iMessage scams, powered by Chinese phishing kit: Security researcher Thomas Roth discovered a vulnerability in Apple's proprietary ACE3 USB-C. The vulnerability has been exploited in iMessage scams, which are powered by a Chinese phishing kit. Source: 9to5Mac
3. Hit by wave of online attacks, Japan shifts to 'active cyber defence': In response to a wave of online attacks, Japan is shifting to an 'active cyber defence' strategy. The move is seen as a significant change in Japan's approach to cybersecurity. Source: The Straits Times
4. AI Predictions for 2025: A Cyber Security Expert's Perspective: A cybersecurity expert predicts that the surge in AI usage will significantly impact our digital world by 2025. The expert also highlights the potential security risks associated with increased AI usage. Source: Check Point Blog
5. 6 Cyber Security Challenges Emerge from World Economic Forum, Check Point Research: Both the World Economic Forum and Check Point Research highlight supply chain vulnerabilities as one of the top cybersecurity risks for organizations. The increasing complexity and interconnectedness of supply chains make them a prime target for cyberattacks. Source: Check Point Blog

Top CVEs

1. CVE-2024-41783 - IBM Sterling Secure Proxy Command Injection: IBM Sterling Secure Proxy versions 6.0.0.0 to 6.2.0.0 have a vulnerability that could allow a privileged user to inject commands into the underlying operating system due to improper validation. This could potentially lead to unauthorized system access. Source: CVE-2024-41783
2. CVE-2025-0585 - a+HRD SQL Injection: The a+HRD from aEnrich Technology has a SQL Injection vulnerability. This allows unauthenticated remote attackers to inject arbitrary SQL commands, potentially leading to unauthorized access, modification, or deletion of database contents. Source: CVE-2025-0585
3. CVE-2025-0576 - Mobotix M15 Cross Site Scripting: A vulnerability in Mobotix M15 4.3.4.83 allows remote attackers to initiate cross-site scripting (XSS) attacks due to improper handling of certain arguments. This could lead to unauthorized access or manipulation of data. Source: CVE-2025-0576
4. CVE-2024-41743 - IBM TXSeries Denial of Service: IBM TXSeries for Multiplatforms 10.1 has a vulnerability that could allow a remote attacker to cause a denial of service using persistent connections due to improper allocation. This could potentially disrupt services and operations. Source: CVE-2024-41743
5. CVE-2024-38337 - IBM Sterling Secure Proxy Information Disclosure: IBM Sterling Secure Proxy versions 6.0.0.0 to 6.2.0.0 have a vulnerability that could allow an unauthorized attacker to retrieve or alter sensitive information due to incorrect permission settings. This could potentially lead to unauthorized access or manipulation of data. Source: CVE-2024-38337

API Security

1. CVE-2023-52923 - Linux Kernel Netfilter Vulnerability: A significant vulnerability has been resolved in the Linux kernel's netfilter. The issue was with the nf_tables set backend, which has now been adapted to use the GC transaction API. This change replaces the old and buggy gc API and the busy mark approach, improving the overall security and efficiency of the system. Source: vulners.com
2. CVE-2025-0579 - Shiprocket Module Vulnerability on OpenCart: A critical vulnerability was found in the Shiprocket Module 3/4 on OpenCart. The vulnerability lies in an unknown functionality of the REST API Module file, where the manipulation of the argument x-username can lead to SQL injection. The vendor was contacted but has not responded yet. Source: vulners.com
3. CVE-2025-0580 - Shiprocket Module Vulnerability on OpenCart: Another critical vulnerability was found in the Shiprocket Module 3 on OpenCart. This issue affects an unknown functionality of the REST API Module file, where the manipulation of the argument contentHash can lead to incorrect authorization. The complexity of an attack is high, and exploitation is known to be difficult. The vendor was contacted but has not responded yet. Source: vulners.com

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. We've covered a lot of ground, from the updated software security recommendations by CISA and the FBI, to the alarming rise in data breach costs, and the sneaky vulnerabilities in 2FA security. We've also touched on the serious implications of data breaches at HPE and the FBI, and the urgent need for tighter regulation of social media apps for national security and data privacy. Remember, in this ever-evolving digital landscape, staying informed is your first line of defense.

So, don't keep this valuable information to yourself. Share Secret CISO with your friends and colleagues, and let's build a safer cyber world together.

Stay safe, stay informed, and see you in the next edition of Secret CISO.