Hello there, In today's issue of Secret CISO, we're diving into a series of data breaches that have recently made headlines. LinkedIn has been hit with a hefty 310 million Euro fine over a data breach, highlighting the increasing vigilance of regulators when it comes to data privacy.

Meanwhile, the Materials Transportation Company and Leaders Staffing are both under investigation for data breaches, demonstrating that no industry is immune to these threats. In the healthcare sector, over 940,000 Medicare beneficiaries have been impacted by a data breach, underscoring the urgent need for robust data security measures in this industry. On a similar note, General Physician, PC has had to notify patients of a data breach leaking their social security numbers and other protected information. In the gaming world, Pokémon Developer Game Freak has confirmed a data breach that exposed thousands of employee records, reminding us that even the most seemingly secure systems can be vulnerable. In other news, Cisco is investigating an alleged data breach, with a hacker claiming involvement of big firms. The Fontainebleau data breach has resulted in a class action settlement, and Cash App users are set to receive direct payments from a $15m data breach settlement.

On the acquisition front, Cyera has purchased Trail Security for $162 million, marking a significant move in the data security industry. Lastly, we'll look at a massive data breach impacting 93,000 users of Transak, and several ongoing investigations into potential data breaches at Boston Children's Health Physicians, American Water, and Omni Family Health. Stay tuned for these stories and more in today's issue of Secret CISO. Stay safe and secure!

Data Breaches

1. Ireland Fines LinkedIn 310 Mn Euros Over EU Data Breach: LinkedIn has been fined 310 million euros by an Irish regulator for a data privacy breach. The professional networking platform is being held accountable for not adhering to European Union data privacy norms. Source: Barron's
2. Materials Transportation Company Data Breach: On October 22, 2024, Materials Transportation Company reported a data breach to the Attorney General of Texas. The extent of the breach and the data compromised is yet to be disclosed. Source: Business Wire
3. Over 940,000 Medicare Beneficiaries Impacted by Data Breach: A data breach has compromised the personal information of over 940,000 Medicare beneficiaries. The exposed data includes names and social security numbers. Source: Lexology
4. Pokémon Developer Game Freak's Data Breach: Game Freak, the developer of Pokémon, confirmed a data breach that occurred two months ago. The breach resulted from illegal access to the company's systems and included thousands of employee records. Source: CPO Magazine
5. Cisco Investigates Alleged Data Breach: Cisco is investigating a data breach announced by a hacker known as IntelBroker on a cybercrime forum. The hacker claims to have breached Cisco systems, but the extent of the breach and the data compromised is yet to be confirmed. Source: Business World

Security Research

1. Chrome Security Update, Patch for High Severity Vulnerability: Google has released a security update for its Chrome browser to patch a high severity vulnerability. The flaw was identified by external security researchers Vsevolod Kokorin from Solidlab and Seunghyun Lee. Source: cybersecuritynews.com
2. Fortinet Confirms Exploitation of Critical FortiManager Zero-Day: Security researcher Kevin Beaumont has identified a high-severity flaw, dubbed FortiJump, in Fortinet's FortiManager. The flaw has been exploited since July 2024 and has been added to CISA's KEV catalog. Source: infosecurity-magazine.com
3. The Global Security Initiative: China's International Policing Activities: A new research paper from the International Institute for Strategic Studies (IISS) provides expert insights into China's international policing activities and security approaches. Source: iiss.org
4. ESET Research Podcast: CosmicBeetle: ESET Research has released a podcast on CosmicBeetle, a clumsy cybercrime group wielding buggy malicious tools. The podcast aims to educate the security community about this group's activities. Source: welivesecurity.com
5. Samsung phone users exposed to EoP attacks, Google warns: Google has issued a warning about a use-after-free vulnerability in Samsung phones that exposes users to Elevation of Privilege (EoP) attacks. The flaw was spotted and reported by an unnamed security researcher. Source: theregister.com

Top CVEs

1. CVE-2024-47575 - Critical Authentication Bypass in FortiManager: FortiManager versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.12, and Fortinet FortiManager Cloud versions 7.4.1 through 7.4.4, 7.2.1 through 7.2.7, 7.0.1 through 7.0.13, 6.4.1 through 6.4.7 are vulnerable to an authentication bypass that could allow an attacker to execute arbitrary code or commands. Source: CVE-2024-47575
2. CVE-2024-20268 - SNMP Vulnerability in Cisco ASA and FTD Software: A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an unexpected reload of the device, leading to a denial of service (DoS) condition. Source: CVE-2024-20268
3. CVE-2024-20412 - Static Credentials Vulnerability in Cisco FTD Software: Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series is vulnerable to an unauthenticated, local attack due to the presence of static accounts with hard-coded passwords. This could allow an attacker to access the affected system and retrieve sensitive information. Source: CVE-2024-20412
4. CVE-2024-20402 - SSL VPN Vulnerability in Cisco ASA and FTD Software: A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. Source: CVE-2024-20402
5. CVE-2024-10290 - Information Disclosure in ZZCMS 2023: A problematic vulnerability was found in ZZCMS 2023, which affects an unknown part of the file 3/qq-connect2.0/API/com/inc.php. The manipulation leads to information disclosure and can be initiated remotely. Source: CVE-2024-10290

API Security

1. MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress (CVE-2024-9943): This plugin is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.4 due to missing or incorrect nonce validation on several functions. This vulnerability allows unauthenticated attackers to update vendor account details, create vendor accounts, and delete arbitrary users via a forged request, provided they can trick a site administrator into performing an action. Source: vulners.com
2. ZZCMS 2023 (CVE-2024-10290): A problematic vulnerability was found in ZZCMS 2023, affecting an unknown part of the file 3/qq-connect2.0/API/com/inc.php. The manipulation leads to information disclosure, and the attack can be initiated remotely. The exploit has been publicly disclosed. Source: vulners.com

Sponsored by Wallarm API Security Solution

Final Words

As we wrap up today's edition of Secret CISO, we're reminded that the world of cybersecurity is a dynamic one, with new threats and challenges emerging daily. From the hefty fine levied on LinkedIn over a data breach, to the alarming number of Medicare beneficiaries impacted by a similar breach, it's clear that no sector is immune. We've also seen how companies like Pokémon Developer Game Freak are not exempt from these threats, with thousands of employee records compromised in a recent breach. And let's not forget the alleged data breach at Cisco, a reminder that even those in the business of security are not invincible.

But it's not all doom and gloom. Companies like Cyera are investing in next-generation data loss prevention, and researchers are working tirelessly to uncover and address vulnerabilities. In this ever-evolving landscape, staying informed is our first line of defense.

So, if you found today's newsletter helpful, why not share it with your colleagues and friends? Let's work together to create a safer digital world. Until next time, stay safe and stay informed.