Secret CISO 3/7: Unicredit's $3.1M Fine, Parliament Security Breach, New Malware Campaign, Cyber Threats During Election Season
Welcome to today's edition of the Secret CISO newsletter, where we bring you the latest and most impactful cybersecurity news. In a significant development, a Florida judge has granted a $2.2M settlement following a data breach at a pharmacy, with approximately 350,000 members eligible for compensation. Meanwhile, in a major security breach on the anniversary of the 2001 parliament attacks, Delhi police are seeking 90 days to file a charge sheet. In the banking sector, Italy's data protection authority has fined UniCredit, the country's second-largest bank, $3.1 million for a data breach case. On the other side of the Atlantic, American Express has announced a data breach that may have affected card members' account and financial data. In healthcare, New York-based Northeast Orthopedics & Sports Medicine reported a significant data security incident last year, while NewGen Administrative Services, a company operating nursing homes across the western United States, reported a data breach to the California authorities. In the tech world, almost 7M Glosbe users' data was exposed by an unsecured server, and a massive database of Google, Facebook, and WhatsApp 2FA codes was leaked. In the realm of cybersecurity research, Cado Security has revealed a new malware campaign and its most common targets. Meanwhile, the UK government is recognizing security researchers who have disclosed vulnerabilities to the UK government. Stay tuned for more updates and remember, knowledge is the first line of defense.
Data Breaches
- Pharmacy's Data Breach Settlement: A Florida judge has granted a $2.2M settlement following a data breach at a pharmacy. Approximately 350,000 members will be eligible for compensation. Source: Law.com
- Parliament Security Breach: A major security breach occurred on the anniversary of the 2001 parliament attacks, leading to the arrest of six individuals. Delhi police are seeking 90 days to file a charge sheet. Source: Hindustan Times
- Unicredit Data Breach: Italy's data protection authority has fined UniCredit, the country's second-largest bank, $3.1 million for a data breach. Source: Nasdaq
- American Express Data Breach: American Express announced a data breach that may have affected card members' account and financial data due to an issue with third-party partners. Source: Security Magazine
- Google, Facebook, and WhatsApp 2FA Codes Leak: A massive database of 2FA codes from Google, Facebook, and WhatsApp was leaked, raising concerns about user security. Source: Spiceworks
Security Research
- "New research uncovers an emerging malware campaign": Cado Security has discovered a new malware campaign, revealing its most common targets. The research provides insights into the evolving threat landscape and the need for robust cybersecurity measures. Source: Security Magazine
- "How CISA Fights Cyber Threats During Election Primary Season": Sentinel One Labs researcher discusses the increasing use of crowdsourced cyber threats during election seasons. The first-ever Election Security Research Forum was held in September, highlighting the importance of cybersecurity in the electoral process. Source: Dark Reading
- "Recognising UK-based security researchers who have disclosed vulnerabilities to UK government": The UK government has recognized and awarded local security researchers who have disclosed vulnerabilities, emphasizing the importance of collaboration between the government and the cybersecurity community. Source: NCSC
- "MeitY cybersecurity group seeks ideas in thrust areas": The Indian government is seeking proposals for research and development in key cybersecurity areas such as digital forensics and IoT security, demonstrating the government's commitment to strengthening national cybersecurity infrastructure. Source: The Economic Times
- "Flaws in public records management tool could let hackers nab sensitive data linked to requests": A security researcher has revealed vulnerabilities in a popular public records management tool used by state and local governments, highlighting the potential for hackers to access sensitive data. Source: Nextgov
Top CVEs
- CVE-2024-27308 - Mio Metal I/O Library Vulnerability: A flaw in the Mio Metal I/O library for Rust could lead to invalid tokens being returned under certain circumstances. This could result in a use-after-free vulnerability, particularly serious for users of Tokio. The issue has been fixed in Mio v0.8.11. Source: CVE-2024-27308
- CVE-2024-20337 - Cisco Secure Client SAML Authentication Vulnerability: A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF) injection attack against a user. This could lead to the execution of arbitrary script code in the browser or access to sensitive, browser-based information. Source: CVE-2024-20337
- CVE-2023-47691 - Podlove Web Player Missing Authorization Vulnerability: Podlove Web Player suffers from a missing authorization vulnerability. The details of this vulnerability are currently not disclosed. Source: CVE-2023-47691
- CVE-2024-27307 - JSONata JSON Query and Transformation Language Vulnerability: A malicious expression can use the transform operator to override properties on the Object constructor and prototype in JSONata. This may lead to denial of service, remote code execution or other unexpected behavior in applications that evaluate user-provided JSONata expressions. Source: CVE-2024-27307
- CVE-2024-27304 - pgx PostgreSQL Driver and Toolkit for Go SQL Injection Vulnerability: SQL injection can occur in pgx if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. Source: CVE-2024-27304
Final Words
That's a wrap for today's edition of Secret CISO. From the $2.2M settlement in Florida to the security breach in Delhi's Parliament, it's clear that cybersecurity is a global concern. Remember, staying informed is the first step in staying secure. If you found this newsletter helpful, please consider sharing it with your colleagues and friends.
Let's work together to make the digital world a safer place. Stay safe and see you tomorrow with more updates from the world of cybersecurity.