Welcome to today's issue of Secret CISO. We're diving into a series of data breaches that have recently shaken the tech world.

Texas Tech University has suffered a significant data breach, impacting 1.4 million individuals. The stolen data includes sensitive information such as names, social security numbers, and financial details. Meanwhile, Meta, the parent company of Facebook, has been hit with a hefty fine of $263 million for a data breach that occurred in 2018. The breach was a result of a vulnerability in Facebook's code, leading to a personal data breach. On the other side of the pond, Ireland's data privacy regulator has levied a similar fine on Meta for data security failures that led to the exposure of information on about 29 million Facebook users.

In the education sector, Granite School District has reported a data breach where all student records were accessed. The district has emphasized that data privacy and security are among its highest priorities. We also delve into how organizations can respond quickly to data breaches and avoid investigations. With the threat of cyberattacks increasing, so too have the costs of data breaches. In the realm of AI, we discuss the hurdles of data breaches and regulatory uncertainty in AI implementation.

Despite these challenges, 60% of the global workforce in organizations possess the skills to implement AI. Lastly, we explore the latest security research, including the potential risk of a data breach in an Amazon-hosted AI tool for UK military recruitment, and the implications of Azure Data Factory bugs exposing cloud infrastructure. Stay tuned for more updates and insights in the world of cybersecurity.

Data Breaches

1. Texas Tech University Data Breach Impacts 1.4 Million: Texas Tech University Health Sciences Center (TTUHSC) has suffered a data breach impacting 1.4 million individuals. The stolen data includes names, Social Security numbers, addresses, dates of birth, and government-issued ID numbers. The university has taken steps to ensure the security of the network and has begun an investigation. Source: Infosecurity Magazine
2. Meta Fined $263 Million for 2018 Data Breach: Meta, formerly known as Facebook, has been fined $263 million by the Irish Data Protection Commission (DPC) for a data breach in 2018. The breach resulted from a vulnerability in Facebook's code, leading to a personal data breach. The fine is for data security failures that led to the exposure of information on about 29 million Facebook users. Source: Engadget
3. Granite School District Data Breach: All student records were accessed in a data breach at Granite School District. The school district officials stated that data privacy and security are among Granite's highest priorities and measures are in place to protect student information. Source: ABC4 Utah
4. Risk of Data Breach in Amazon-Hosted AI Tool for UK Military Recruitment: An Amazon-hosted AI tool used for UK military recruitment carries a risk of data breach, which could lead to the identification of defense personnel. The government has been warned about the potential consequences. Source: The Guardian
5. ConnectOnCall Data Breach Impacts Over 900,000 Individuals: ConnectOnCall, a healthcare communication platform, disclosed a data breach impacting over 900,000 individuals. The breach exposed the personal information of the affected individuals. Source: Security Affairs

Security Research

1. Old Meets New in Online Influence: Josh A. Goldstein from CSET provides an expert analysis on Meta's quarterly threat in an op-ed published by Tech Policy Press. He discusses the intersection of traditional and modern methods in online influence operations. Source: CSET
2. Azure Data Factory Bugs Expose Cloud Infrastructure: Security researchers Ofir Balassiano and David Orlovsky highlight the vulnerabilities in Azure Data Factory that could expose cloud infrastructure. These flaws underline the importance of robust security measures in cloud services. Source: Dark Reading
3. Chinese perspective on Military Uses of AI: In a China Global podcast episode, CSET's Sam Bresnick shares his expert insights on the Chinese perspectives on the military use of AI. The discussion offers a unique look into how AI is shaping military strategies. Source: CSET
4. Researcher demonstrates how to hack digital license plates, evade tolls: As digital license plates become more prevalent, a researcher demonstrates how they can be hacked to evade tolls. This research underscores the security implications of digital license plates. Source: TechSpot
5. SIPRI researchers lead discussions on quantum technologies: SIPRI partnered with the United Nations International Computing Center and Quantum Delta NL to explore the peace and security implications of quantum technologies. The discussions led by SIPRI researchers highlight the potential impact of these technologies on global security. Source: SIPRI

Top CVEs

1. CVE-2024-55949 - MinIO Privilege Escalation: A privilege escalation vulnerability has been discovered in MinIO, an S3 compatible object store. All users are impacted and advised to upgrade to the latest version as there are no workarounds available. Source: CVE-2024-55949
2. CVE-2024-12356 - Privileged Remote Access Vulnerability: A critical vulnerability has been found in Privileged Remote Access (PRA) and Remote Support (RS) products, allowing an unauthenticated attacker to inject commands. Source: CVE-2024-12356
3. CVE-2024-52949 - iptraf-ng Buffer Overflow: iptraf-ng 1.2.1 has a stack-based buffer overflow vulnerability. Further details are not provided in the summary. Source: CVE-2024-52949
4. CVE-2024-50379 - Apache Tomcat TOCTOU Race Condition: A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat allows for remote code execution on case insensitive file systems when the default servlet is enabled for write. Users are recommended to upgrade to the latest version. Source: CVE-2024-50379
5. CVE-2024-35230 - GeoServer Information Disclosure: GeoServer, an open-source geospatial data server, has a vulnerability where the welcome and about page includes sensitive version and revision information. This issue has been patched in version 2.26.0 and all users are advised to upgrade. Source: CVE-2024-35230

API Security

1. CVE-2024-42194 HCL BigFix Inventory Access Control Vulnerability: HCL BigFix Inventory has been affected by an access control vulnerability due to improper handling of insufficient permissions or privileges. Attackers with read-only account access can potentially alter certain configuration parameters by crafting a specific REST API. Source: vulners.com
2. CVE-2024-55949 MinIO Privilege Escalation in IAM Import API: MinIO, an S3 compatible object store, is vulnerable to a privilege escalation in its IAM import API. This issue affects all users since MinIO commit 580d9db85e04f1b63cc2909af50f0ed08afa965f and has been addressed in commit f246c9053f9603e610d98439799bdd2a6b293427 included in RELEASE.2024-12-13T22-19-12Z. No workarounds are available, and all users are advised to upgrade. Source: vulners.com

Sponsored by Wallarm API Security Solution

Final Words

As we wrap up today's edition of Secret CISO, we're reminded that the world of cybersecurity is a constantly evolving landscape. From the massive data breach impacting 1.4 million at Texas Tech University to the hefty fine Meta is facing for GDPR violations, it's clear that data security is more crucial than ever.

We also learned about the importance of swift response to data breaches, the potential risks of AI implementation, and the ongoing efforts of security researchers in uncovering vulnerabilities and strengthening defenses. Remember, knowledge is power.

By staying informed, we can better prepare and protect our organizations from potential threats. If you found today's newsletter helpful, please consider sharing it with your colleagues and friends. Stay safe, stay informed, and see you in the next edition of Secret CISO.