Secret CISO 3/20: Royal Data Breach, Greensboro College Lawsuit, Jacksonville Beach Cyberattack, Water Security Research, Open-source Ransomware on TeamCity Servers
Welcome to today's edition of Secret CISO, your daily dose of exclusive and unique insights into the world of cybersecurity. Today, we delve into the recent data breach involving the Princess of Wales, Kate Middleton. An investigation is underway to determine if staff at a private clinic unlawfully accessed her medical records. This breach of confidentiality is not the first for the Princess, raising serious concerns about the security measures in place. In other news, Greensboro College is facing a proposed federal class action over a data breach affecting 52,000 individuals. The North Carolina school is accused of failing to implement adequate data security measures. Meanwhile, Jacksonville Beach's computer systems were targeted by cybercriminals, potentially compromising personal information of its residents. In the research realm, we explore how researchers are working to improve water security in Colombia, amidst deforestation and risks to their water supply. We also highlight the recognition of Strathclyde's cyber security research group as a Centre of Excellence for its impactful research. Lastly, we touch on the latest vulnerabilities identified by security researchers, including misconfigurations in Google Firebase leading to over 19.8 million leaked secrets, and a new Loop DoS attack threatening 300,000 systems. Stay tuned for more in-depth analysis and the latest cybersecurity news in tomorrow's edition of Secret CISO.
Data Breaches
- Kate Middleton's Medical Data Breach: The Princess of Wales' medical records were allegedly accessed unlawfully by staff at a private clinic, leading to a probe by the Information Commissioner's Office. The breach is not the first time Kate has faced public exposure of private information. Source: YouTube, Standard, Sky News
- Greensboro College Data Breach: Greensboro College in North Carolina is facing a proposed federal class action for allegedly failing to implement adequate data-security measures, leading to a data breach affecting 52,000 individuals. Source: Bloomberg Law News
- Jacksonville Beach Cyberattack: Cybercriminals who attacked Jacksonville Beach's computer systems may have obtained people's personal information, according to the city. The extent of the breach and the number of affected individuals are not yet known. Source: JaxToday
- Change Healthcare Data Breach: A class action lawsuit has been filed against health insurance companies following a data breach. The details of the breach, including the number of affected individuals and the nature of the compromised data, have not been disclosed. Source: HMP Global Learning Network
- Valley Oaks Health Data Breach: Valley Oaks Health filed a notice of data breach with the Attorney General of Massachusetts after discovering a breach in their system. The details of the breach, including the number of affected patients and the nature of the compromised data, have not been disclosed. Source: JD Supra
Security Research
- "Open-source ransomware, RATs deployed on compromised TeamCity servers": Security researchers have identified a new ransomware strain, BianLian, exploiting CVE-2024-27198. The ransomware is deployed on compromised TeamCity servers, demonstrating the increasing sophistication of cyber threats. Source: SC Media
- "How Can Researchers Improve Water Security In Colombia?": Researchers are collaborating with a Colombian community to assess and mitigate deforestation and water supply risks. The project highlights the importance of international cooperation in addressing environmental security issues. Source: Forbes
- "Misconfigurations in Google Firebase lead to over 19.8 million leaked secrets": A research study revealed that misconfigurations in Google Firebase have led to the exposure of over 19.8 million user records. This incident underscores the importance of proper security settings in protecting user data. Source: Security Boulevard
- "300,000 Systems Vulnerable to New Loop DoS Attack": Researchers from the CISPA Helmholtz Center for Information Security have discovered a new Loop DoS attack that leaves 300,000 systems vulnerable. This finding emphasizes the need for robust security measures to protect against evolving cyber threats. Source: Security Week
- "Hackers Selling GlorySprout Malware with Anti-VM Features in underground Fourm for $300": Security researchers have discovered that hackers are selling GlorySprout malware with anti-VM features on underground forums for $300. This development highlights the growing commercialization of cybercrime. Source: Cyber Security News
Top CVEs
- CVE-2023-45177: IBM MQ versions 9.0 LTS to 9.3 CD are vulnerable to a denial-of-service attack due to an error in the MQ clustering logic. This vulnerability could potentially disrupt services and impact business operations. Source: CVE-2023-45177
- CVE-2024-2627: Google Chrome versions prior to 123.0.6312.58 have a 'use after free' vulnerability in Canvas that could allow a remote attacker to exploit heap corruption via a crafted HTML page. This could potentially lead to unauthorized information disclosure or even system takeover. Source: CVE-2024-2627
- CVE-2023-46839: A flaw in the phantom functions feature of PCI devices could allow a device to extend the number of outstanding requests. This could potentially lead to unauthorized access or data leakage if the device is assigned to a guest. Source: CVE-2023-46839
- CVE-2024-2626: Google Chrome versions prior to 123.0.6312.58 have an 'out of bounds read' vulnerability in Swiftshader that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This could potentially lead to unauthorized information disclosure or even system takeover. Source: CVE-2024-2626
- CVE-2023-46841: A vulnerability in the interaction of Control-flow Enforcement Technology (CET) and Shadow Stacks (CET-SS) in recent x86 CPUs could potentially lead to unauthorized manipulation of return addresses, potentially leading to system compromise. Source: CVE-2023-46841
Final Words
That's it for today's edition of Secret CISO. We hope you found our insights valuable and that they'll help you stay one step ahead of the cyber threats out there. Remember, in the world of cybersecurity, knowledge is power. So, don't keep it to yourself. Share this newsletter with your friends and colleagues to help them stay informed too. Until next time, stay safe and secure!