Welcome to today's issue of Secret CISO, your daily dose of cybersecurity news and insights. In today's issue, we're diving into a series of data breaches that have hit major companies and institutions across the globe.

First up, Visionworks, the American optical retail chain, is facing a lawsuit over a data breach that occurred in October. The breach, which affected 40,000 individuals, has raised questions about the company's negligence in informing those impacted.

Meanwhile, the automotive industry is not immune to such threats, as evidenced by the recent data leak at Volkswagen. The location data of 800,000 electric cars was leaked, highlighting the urgent need for robust data security measures in the automotive sector. In the healthcare sector, a ransomware attack on Richmond University Medical Center in New York has impacted 670,000 individuals. This incident underscores the growing threat of cyberattacks in the healthcare industry, a sector that holds vast amounts of sensitive patient data.

In legal news, a Texas soldier has been arrested for alleged involvement in data breaches with AT&T and Verizon. This case serves as a stark reminder that threats can come from unexpected sources. On the legislative front, a new amendment to the New York State Data Breach Notification Law came into force on December 21, 2024. The amendment introduces new timelines and expanded regulatory reporting, a move that aims to strengthen data protection measures in the state. Finally, we'll explore the role of AI in enhancing Managed File Transfer (MFT) security. With its ability to analyze vast volumes of data, recognize patterns, and adapt quickly, AI is revolutionizing how companies approach MFT security. Stay tuned for more updates and insights from the world of cybersecurity. Remember, knowledge is power when it comes to protecting your data.

Data Breaches

1. Visionworks Data Breach Lawsuit: American optical retail chain Visionworks is facing a lawsuit over a data breach that occurred in October. The company is accused of negligence in informing 40,000 individuals about the breach. Source: SC Magazine UK
2. Volkswagen Data Leak: Location data of 800,000 electric Volkswagen cars has been leaked. The breach has raised concerns about the security of data in the automotive industry. Source: SecurityWeek
3. New York Hospital Ransomware Attack: Richmond University Medical Center in New York has been hit by a ransomware attack, impacting 670,000 individuals. The hospital is currently investigating the breach. Source: SecurityWeek
4. AT&T and Verizon Data Breaches: A Texas soldier has been arrested for alleged involvement in data breaches with AT&T and Verizon. The soldier now faces extradition to Washington state. Source: MySA
5. Geisinger Data Breach: Geisinger announced that personal information of more than 1 million patients may have been accessed in a data breach. The breach is one of the largest impacting the healthcare sector. Source: Newsitem

Security Research

1. Virtuals Protocol fixes bug, pledges bounty for researcher's discovery: A pseudonymous security researcher identified a critical vulnerability in Virtuals Protocol's audited contract, leading to an urgent fix. The company has also pledged a bounty for the researcher's discovery. Source: Cointelegraph
2. The Cyber Year in Stories: Autumn 2024: Google's security researchers highlighted a significant safety issue in widely used real-world software. The report also discusses the implications of the NIS2 law for EU-operating companies. Source: Cyber Magazine
3. Festive Shopping and NFC Security: Staying Safe from Tag Tampering: A security researcher at Kaspersky warns that NFC tags in public spaces can be reprogrammed or replaced to carry out harmful actions, emphasizing the need for vigilance during festive shopping. Source: SME Asia
4. LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers: Independent security researcher Yuki Chen discovered and reported two vulnerabilities, causing LSASS crashes and Windows Domain Controllers reboots. The flaws are collectively referred to as LDAPNightmare. Source: The Hacker News
5. Gmail Security Threat Confirmed—Google Won't Fix It, Here's Why: A security threat in Gmail has been confirmed, involving a prompt injection attack called a link trap. Despite the potential risks, Google has decided not to fix the issue. Source: Forbes

Top CVEs

1. CVE-2024-43762: A logic error in the code of multiple locations could potentially allow a local escalation of privilege without the need for additional execution privileges or user interaction. This vulnerability could enable an attacker to avoid unbinding a service from the system. Source: Vulners
2. CVE-2024-12907: Kentico CMS version 7 is susceptible to Reflected XSS attacks through the manipulation of a specific GET request parameter sent to the /CMSMessages/AccessDenied.aspx endpoint. It's worth noting that support for this version ended in 2016, and the vulnerability does not exist in version 8. Source: Vulners

Sponsored by Wallarm API Security Solution

Final Words

As we wrap up today's edition of Secret CISO, we're reminded that the world of cybersecurity is ever-evolving. From Visionworks' lawsuit over a data breach to the alarming data leak at Volkswagen, it's clear that no industry is immune to these threats. In other news, the ransomware attack impacting 670,000 at a New York hospital and the Texas soldier accused in AT&T and Verizon data breaches remind us of the human element in these incidents. It's not just about numbers and data; it's about people's lives being disrupted. We also delve into the world of AI, exploring how it's making MFT more secure and the rise of AI-generated phishing emails. It's a double-edged sword, offering both security solutions and new challenges.

Lastly, we touch on the importance of being proactive when you receive a data breach notice and the role of security experts in mitigating attacks and breaches. Remember, knowledge is power. By staying informed, we can all play a part in creating a safer digital world. If you found today's newsletter helpful, please share it with your friends and colleagues.

Let's spread the word and strengthen our defenses, one newsletter at a time. Stay safe and see you tomorrow for more updates from the world of cybersecurity.