Welcome to today's issue of Secret CISO, where we delve into the most pressing cybersecurity issues of the day. Today, we're looking back at the worst data breaches of 2024 and the lessons corporations continue to ignore. From healthcare crises to genetic privacy leaks, we explore why cybersecurity failures persist.

We also cover the recent ransomware attack on American Addiction Centers, affecting almost 411,000 patients. Despite protective measures implemented prior to the attack, the breach has raised questions about the effectiveness of current security measures. In other news, we examine the potential risks of AI strategies and how they could set you up for a data breach. From data privacy breaches to intellectual property risks and compliance challenges, we discuss the need for careful management of AI tools.

We also discuss the recent data breach at General Dynamics, resulting from a phishing campaign targeting its personnel. This breach underscores the ongoing threat of phishing attacks and the need for robust cybersecurity measures. In the healthcare sector, we look at the cyberattack on Ascension that leaked sensitive medical information. The breach of Social Security numbers, medical procedure codes, and more highlights the urgent need for improved data security in healthcare.

Finally, we discuss the multifaceted challenges of data security in autonomous driving, from technology and law to social ethics. With data potentially exploited by criminals to threaten national security, the risks are significant. Stay tuned for more insights, news, and expert opinions in the world of cybersecurity.

Data Breaches

1. American Addiction Centers Ransomware Attack Affects Almost 411,000 Patients: American Addiction Centers suffered a ransomware attack affecting nearly 411,000 patients. Despite implementing protective measures prior to the attack, patient data was compromised. Additional security measures are being put in place to prevent future breaches. Source: HIPAA Journal
2. General Dynamics Reports Data Breach Following Phishing Campaign: General Dynamics confirmed a data breach involving employee benefits accounts, which stemmed from a phishing campaign targeting its personnel. The company is investigating the extent of the breach and has not disclosed the number of affected individuals. Source: Tech Monitor
3. Ascension Cyberattack Leaked Sensitive Medical Information: Ascension, a non-profit health system, reported a ransomware attack that resulted in the breach of sensitive information including Social Security numbers and medical procedure codes. The attack occurred in May, but the extent of the breach is still being determined. Source: Wichita Eagle
4. Hackers Release Second Batch of Stolen Cisco Data: Hackers have leaked a second batch of data stolen from Cisco in a data breach that occurred in October 2024. The extent of the breach and the specific data leaked have not been disclosed by the company. Source: Hackread
5. Texas Tech Health Sciences Center El Paso Data Breach Impacted 1.4 Million People: A significant data breach at Texas Tech University Health Sciences Center in El Paso compromised the personal and medical information of 1.4 million people earlier in 2024. The university is working to notify affected individuals and provide them with credit monitoring services. Source: CBS4 Local

Security Research

1. AI's Achilles' Heel: Researchers Expose Major Model Security Flaw: Researchers have successfully used electromagnetic signals to steal and replicate AI models from a Google Edge TPU with an accuracy of 99.91%. This exposes a significant security flaw in AI models and highlights the need for improved security measures. Source: SciTechDaily
2. Sophisticated Phishing Scam Exploits Google Ads to Target Web3 Users: A sophisticated phishing scam has been discovered by ScamSniffer, a security research platform. The scam exploits Google Ads to target Web3 users, highlighting the increasing sophistication of cyber threats. Source: CoinTrust
3. AI development service Builder.ai exposed over 1TB of data on three million users: Security researchers have discovered a major database with over 3 million records exposed by AI development service Builder.ai. The incident underscores the importance of robust data security measures in the AI industry. Source: MSN
4. New malware CookiePlus targets nuclear sector workers: A new malware named CookiePlus is targeting nuclear sector workers, posing substantial risks including data theft. The discovery emphasizes the need for strong security measures in the nuclear sector. Source: SecurityBrief Asia
5. Researchers Uncovered Dark Web Operation Acquiring KYC Details: Researchers have uncovered a dark web operation that acquires KYC details, revealing how cybercriminals exploit genuine identity information. The operation was detailed in the company's Quarterly Threat Intelligence Update for Q4 2024. Source: Cyber Security News

Top CVEs

1. CVE-2024-3393 - Palo Alto Networks PAN-OS software vulnerability: A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance. Source: CVE-2024-3393
2. CVE-2020-9236 - Huawei product vulnerability: There is an improper interface design vulnerability in Huawei product. A module interface of the impacted product does not deal with some operations properly. Attackers can exploit this vulnerability to perform malicious operation to compromise module service. Source: CVE-2020-9236
3. CVE-2020-9210 - Huawei products vulnerability: There is an insufficient integrity vulnerability in Huawei products. A module does not perform sufficient integrity check in a specific scenario. Attackers can exploit the vulnerability by physically install malware. This could compromise normal service of the affected device. Source: CVE-2020-9210
4. CVE-2020-9089 - Huawei smartphones vulnerability: There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller's access. Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information leak. Source: CVE-2020-9089
5. CVE-2020-9080 - Huawei smart phone product vulnerability: There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated attacker could craft a specific input to exploit this vulnerability. Successful exploitation may lead to local privilege escalation. Source: CVE-2020-9080

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. We've delved into the biggest data breaches of 2024, explored the potential pitfalls of AI strategies, and examined the multifaceted challenges of data security in autonomous driving. Remember, cybersecurity isn't just about protecting systems, it's about safeguarding the digital lifestyle that we've come to rely on.

So, let's continue to learn from these incidents and strive to create a safer digital world. If you found today's newsletter informative, please consider sharing it with your friends and colleagues.

They might find it just as valuable. Stay safe, stay informed, and see you in the next edition of Secret CISO.