Welcome to today's issue of Secret CISO, your daily dose of the most impactful cybersecurity news. Today, we're diving into the underutilized power of encryption in preventing data breaches, as highlighted by Forbes.

We'll also explore Experian's 12th annual Data Breach Industry Forecast, which flags emerging cyber threats from unexpected sources. In legal news, settlement talks are set to begin early in the litigation following a massive data breach at Change Healthcare. Meanwhile, a worrying trend is emerging as 63% of companies plan to pass data breach costs to customers, according to CSO Online.

In the realm of data leaks, we'll look at the Ticketmaster hack and what victims should know, as well as a potential data breach at a national utility service provider that led to a woman's arrest. We'll also delve into the alleged breach exposing MyKad data of 17 million Malaysians, currently under investigation by the National Cyber Security Agency. In the world of mergers, IXOPAY and Aperia Compliance are joining forces to extend advanced payment data security worldwide. And in research news, we'll discuss a new study revealing the reasons women leave cyber security, including bullying, a 24/7 culture, and a pay gap. Finally, we'll look at the latest vulnerabilities and patches, including a security breach at Agartala mission, a data breach claim at Bologna FC, and the launch of SureAccess, a Zero Trust Network Access Solution by 42Gears, aimed at transforming enterprise security.

Stay tuned for these stories and more in today's Secret CISO. Stay safe out there!

Data Breaches

1. Old Battles, New Wars: Rediscovering Encryption's Power To Prevent Data Breaches: Amidst the increasing cyber threats, encryption is being recognized as a potent tool to prevent data breaches, yet its utilization remains low. Source: Forbes
2. Change Healthcare Data Breach Settlement Talks To Be Explored Early in MDL: Following a massive data breach, Change Healthcare is set to start settlement talks early in the litigation process. Source: Data Breaches
3. Ticketmaster Hacked: What Victims of Data Breach Should Know: Ticketmaster has suffered a data security incident, with fans receiving emails from the company about the breach. Source: MSN
4. Authorities probing claim of massive MyKad data leak on dark web: The National Cyber Security Agency is investigating claims of a massive data leak involving MyKad data on the dark web, urging the public to monitor their bank accounts for suspicious transactions. Source: Free Malaysia Today
5. Bologna FC verifies the data breach claim of RansomHub: Bologna FC has confirmed a ransomware cyber-attack on its internal security systems, verifying the data breach claim made by RansomHub. Source: iZOOlogic

Security Research

1. Cyber Threat Alert: Compromised Software Code Poses New Systemic Risk to U.S. Critical Infrastructure: A research report by Fortress Information Security reveals a significant risk to U.S. critical infrastructure due to compromised software code. The study analyzed thousands of products and identified alarming risk patterns. Source: prnewswire.com
2. AI Bypasses Biometric Security In $138.5 Million Financial Fraud Risk: Security researchers discovered a deepfake AI cyber attack that successfully bypassed the biometric protections of a major financial institution, posing a financial fraud risk of $138.5 million. Source: forbes.com
3. Oxford University to lead AI security research through new national laboratory partnership: Oxford University has been chosen to lead the AI Security Research (LASR) through a new national laboratory partnership. The £8.22 million government-funded initiative is a significant step towards strengthening Britain's cyber resilience. Source: ox.ac.uk
4. Researchers Uncover Backdoor in Solana's Popular Web3.js npm Library: Security researcher Kirill Boychenko has discovered a backdoor in Solana's widely used Web3.js npm library. Compromised systems could create vulnerabilities that spread throughout enterprise networks. Source: thehackernews.com
5. 16 Zero-Days Uncovered in Fuji Electric Monitoring Software: Security researchers have found 16 zero-day vulnerabilities in Japanese equipment manufacturer Fuji Electric's Tellus and V-Server remote monitoring software. These vulnerabilities could potentially be exploited by malicious actors. Source: govinfosecurity.com

Top CVEs

1. Type Confusion in V8 in Google Chrome (CVE-2024-12053): A remote attacker could potentially exploit object corruption via a crafted HTML page in Google Chrome versions prior to 131.0.6778.108. This vulnerability is due to type confusion in V8. Source: CVE-2024-12053
2. Stack Based Buffer Overflow in DP Service (CVE-2024-52544): An unauthenticated attacker can trigger a stack-based buffer overflow in the DP Service (TCP port 3500). This vulnerability has been resolved in the latest firmware version. Source: CVE-2024-52544
3. Remote Code Execution in HPE Aruba Networking ClearPass Policy Manager (CVE-2024-51771): A vulnerability in the web-based management interface could allow an authenticated remote threat actor to conduct a remote code execution attack. Successful exploitation could enable the attacker to run arbitrary commands on the underlying operating system. Source: CVE-2024-51771
4. Arbitrary File Uploads in Advanced File Manager Plugin for WordPress (CVE-2024-11391): The plugin is vulnerable to arbitrary file uploads due to missing file type validation. This makes it possible for authenticated attackers to upload arbitrary files on the affected site's server which may enable remote code execution. Source: CVE-2024-11391
5. Insecure File Upload in IBM Cognos Controller (CVE-2024-45676): IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user to upload insecure files, due to insufficient file type validation. Source: CVE-2024-45676

API Security

1. CVE-2024-12056 Client Secret not checked with OAuth Password grant type: A significant vulnerability has been identified in the OAuth Password grant type where the client secret is not checked. This loophole could allow an attacker to connect to a web server using an unauthorized client application as part of the OAuth deployment. However, exploitation requires valid credentials and does not allow the attacker to bypass user authentication. Source: vulners.com
2. CVE-2024-46624 InfoDom Performa 365 v4.0.1 Privilege Escalation: InfoDom Performa 365 v4.0.1 has a security flaw that allows authenticated attackers to elevate their privileges to Administrator. This can be achieved via a crafted payload sent to the application. This vulnerability could potentially give attackers full control over the system. Source: vulners.com

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. We've journeyed through the old battles and new wars of data breaches, exploring the power of encryption and the emerging threats flagged by Experian's 12th Data Breach Industry Forecast. We've also delved into the potential settlement talks for the Change Healthcare data breach and the alarming trend of companies passing data breach costs to customers.

Remember, in this digital age, knowledge is power. Stay informed, stay vigilant, and most importantly, stay secure. If you found today's newsletter helpful, don't keep it to yourself. Share it with your friends, colleagues, and network.

Let's work together to create a safer digital world. Until next time, keep your data close and your security closer.