Welcome to today's issue of Secret CISO. We're diving into the world of cybersecurity, where the stakes are high and the threats are ever-evolving.

First, we're looking at the recent valuation of TikTok's parent company, ByteDance, which has hit a staggering $300 billion. Amidst the uncertainty of a potential US ban, the White House is pushing for an end to Chinese-based ownership on national security grounds. Next, we're exploring the human element in cybersecurity. Despite advancements in technology, human error remains a significant contributor to security breaches. In fact, recent statistics from the 2024 Verizon Data Breach Investigations report highlight this ongoing issue.

In other news, Twitch has been hit with a 2 million lira fine by Turkish authorities following a data breach. The breach, which affected over 35,000 individuals in Turkey, involved a 125 GB data leak. Meanwhile, the healthcare sector is on track to set a new record for the number of security incidents this year, with nearly 400 data breaches occurring in the first half of the year alone. We're also covering the final call for the Cash App Class Action Settlement 2024, where victims of a 2022 security breach can claim up to $2500 in compensation.

Lastly, we're discussing the latest cybersecurity vulnerabilities, including flaws found in Keycloak, GNOME Maps, and Undertow. Stay tuned for more updates and insights in the world of cybersecurity. Remember, knowledge is power when it comes to protecting your data and systems. Stay safe, stay informed.

Data Breaches

1. ByteDance's Valuation Skyrockets Amidst Security Concerns: Despite ongoing concerns over national security, ByteDance, the parent company of TikTok, has seen its valuation hit $300 billion. The White House has expressed a desire to end Chinese-based ownership on security grounds, but has stopped short of calling for a ban on TikTok. Source: Reuters
2. Human Error Continues to Drive Security Breaches: Recent statistics from the 2024 Verizon Data Breach Investigations report highlight that human error remains a significant contributor to security breaches. The report underscores the importance of harnessing the human element in cybersecurity. Source: BusinessWorld Online
3. Cash App Security Breach Leads to Class Action Settlement: In 2022, a security breach occurred at Cash App Investing when a former employee accessed sensitive customer data without authorization. A class action settlement has been reached, with the last day to claim up to $2500 in compensation approaching. Source: Yuvagalam
4. Record Number of Security Incidents in Healthcare: The healthcare sector is on track to set a new record for the number of security incidents this year. Nearly 400 data breaches occurred in the first half of the year alone, highlighting the critical role of cybersecurity in healthcare operations and patient safety. Source: Chief Healthcare Executive
5. 23andMe's $30M Settlement for Data Breach Victims: Genetic testing company 23andMe has reached a $30 million settlement following a data breach, offering payouts of up to $10,000 for affected customers. This case raises important questions about genetic privacy. Source: USA Herald

Security Research

1. Don't Hold Down The Ctrl Key Warning As 2SP Cyber Attacks Emerge: Security researchers from Perception Point have warned about the rise of two-step phishing attacks, which have become a significant part of modern cybercrime. These attacks leverage the user's trust in their security systems to gain unauthorized access to sensitive data. Source: Forbes
2. Good Hacker Hacked 100 Dark Web Hackers Using Fake Ransomware Tool: A security researcher and penetration tester successfully infiltrated a notorious criminal marketplace on the dark web. The researcher used a fake ransomware tool to hack into the systems of 100 dark web hackers, highlighting the vulnerabilities within these networks. Source: Forbes
3. Impact of Relocating China's Embassy Near Israeli Mossad HQ on US Security: A Chinese political affairs expert has been tracking the potential security implications of China's decision to relocate its embassy near the Israeli Mossad HQ. The move could have significant implications for US security, although the exact nature of these remains unclear. Source: Modern Diplomacy
4. GitHub projects targeted with malicious commits to frame researcher: A Texas-based security researcher, Mike Bell, has been targeted with malicious commits on GitHub projects. The attacker attempted to frame Bell by using his username and domain, highlighting the increasing sophistication of cyber attacks. Source: Bleeping Computer
5. UK-led operation disrupts world's most harmful cybercrime gang: A Ukrainian security researcher leaked almost two years' worth of internal data from the world's most harmful cybercrime gang, leading to a significant disruption of their operations. The leak underscores the importance of cybersecurity research in combating global cybercrime. Source: Reaction Life

Top CVEs

1. CVE-2023-0657 - Keycloak Token Type Enforcement Flaw: A flaw was found in Keycloak, where it improperly enforces token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token, potentially gaining unauthorized access to data. Source: CVE-2023-0657
2. CVE-2024-0793 - kube-controller-manager Denial of Service: A flaw was found in kube-controller-manager, where the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart. Source: CVE-2024-0793
3. CVE-2023-43091 - GNOME Maps Code Injection: A flaw was found in GNOME Maps, which is vulnerable to a code injection attack via its service.json configuration file. If the configuration file is malicious, it may execute arbitrary code. Source: CVE-2023-43091
4. CVE-2020-25720 - Samba Delegated Administrator Rights: A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation. This issue occurs because the administrator owns the object due to the lack of an Access Control List (ACL) at the time of creation and later being recognized as the 'creator owner.' The retained significant rights of the delegated administrator may not be well understood, potentially leading to unintended privilege escalation or security issues. Source: CVE-2020-25720
5. CVE-2023-4639 - Undertow Cookie Parsing Flaw: A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. Source: CVE-2023-4639

Final Words

And that's a wrap for today's edition of Secret CISO. From ByteDance's soaring valuation amidst security concerns to the human element in cybersecurity and the hefty fines Twitch is facing over data leaks, we've covered a lot of ground. But remember, the cybersecurity landscape is ever-evolving, and staying informed is your first line of defense.

If you found today's newsletter helpful, why not share it with your friends and colleagues? Let's spread the knowledge and build a safer digital world together. Until tomorrow, stay safe and secure.