Secret CISO 3/8: Swiss Government Data Leak by Play Ransomware
Welcome to the latest installment of the Secret CISO newsletter. As we delve into crucial cybersecurity topics, we also pause to celebrate International Women's Day, honoring the achievements and contributions of women around the world, particularly in the tech and cybersecurity fields. Today, more than ever, the importance of diversity and inclusion in shaping a robust cybersecurity landscape cannot be overstated. In this issue, we address pressing matters from GDPR compliance challenges to the surge in third-party data breaches, while also acknowledging the integral role women play in advancing our industry. Join us as we explore significant developments and celebrate the strides made towards gender equality in cybersecurity.
Data Breaches
Yahoo Data Breach
Yahoo's 2013 data breach compromised the personal information of over three billion accounts, making it one of the largest breaches in history. The breach had significant implications for Yahoo's reputation and user trust. Source: Forbes
UniCredit Bank Data Breach
Italy's data protection authority, the Garante, fined UniCredit Bank 2.8 million euros for failing to prevent a data breach. This incident underscores the importance of robust data security measures in financial institutions. Source: IAPP
Swiss Government Data Leak by Play Ransomware
The Play ransomware gang exposed 65,000 Swiss government documents, accounting for almost 5% of nearly 1.3 million leaked files stolen from its breach. This significant breach highlights the increasing threat of ransomware attacks on government entities. Source: SC Magazine
Fidelity Investments Data Breach
Fidelity Investments experienced a data breach linked to a third-party hack, affecting more than 57,000 Bank of America customers. This incident highlights the risks associated with third-party vendors and the need for stringent cybersecurity measures. Source: Cybersecurity Dive
Interior Health Data Breach
A data breach of more than 20,000 staff at Interior Health led to the health authority trying to track down former employees. This breach underscores the importance of securing employee data and the potential risks of insider threats. Source: iHeartRadio
Security Research
Web apps are ubiquitous in healthcare – and come with vulnerabilities
Security research reveals that web applications, which are widely used in the healthcare sector, are riddled with security vulnerabilities. These vulnerabilities can lead to potential breaches, emphasizing the need for robust security measures. Source: Healthcare IT News
Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client
Security researcher Paulos Yibelo Mesfin discovered a high-severity VPN hijacking bug in Cisco's Secure Client. Cisco has since issued a patch to address this vulnerability. Source: The Hacker News
Actively exploited AnyCubic 3D printer zero-day addressed
Security researchers have warned 3D printer users about a significant security issue in AnyCubic 3D printers that is being actively exploited. The issue has since been addressed. Source: SC Media
Researcher Claims Judge Torres Didn't Define XRP as a Non-Security in SEC v. Ripple Case
Crypto researcher Dark Horse has stirred controversy in the XRP community with his analysis of Judge Analisa Torres' decision in the SEC v. Ripple case, claiming that the judge did not define XRP as a non-security. Source: The Crypto Basic
Unpatched Sceiner Smart Lock Vulnerabilities Allow Hackers to Open Doors
A group of seven security researchers discovered numerous vulnerabilities in Sceiner Smart Locks, allowing hackers to open doors. The vulnerabilities were found in vehicles from 16 car makers. Source: Security Week
Top CVEs
CVE-2024-0203 - Digits plugin for WordPress
The Digits plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.4.1 due to missing nonce validation. This allows unauthenticated attackers to modify the default role of registered users and elevate user privileges via a forged request. Source: CVE-2024-0203
CVE-2024-1442 - Grafana API
A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *. This grants the user access to read, query, edit and delete all data sources within the system. Source: CVE-2024-1442
CVE-2024-23226 - macOS, visionOS, iOS, iPadOS, watchOS, tvOS
The issue was addressed with improved memory handling. Processing web content may lead to arbitrary code execution. Source: CVE-2024-23226
CVE-2024-0818 - paddlepaddle/paddle
Arbitrary File Overwrite Via Path Traversal in paddlepaddle/paddle before certain versions. Source: CVE-2024-0818
CVE-2024-1351 - MongoDB Server
Under certain configurations of --tlsCAFile and tls.CAFile, MongoDB Server may skip peer certificate validation which may result in untrusted connections to succeed. This may effectively reduce the security guarantees provided by TLS and open connections that should have been closed due to failing certificate validation. Source: CVE-2024-1351
CISO Jobs
Director of IT Security, PRI Technology, Pawtucket, RI (Hybrid)
This role stands out due to its critical position within a technology-focused firm, emphasizing a hybrid work model conducive to balancing life and work. The Director of IT Security at PRI Technology will lead the development and implementation of robust security strategies to protect against evolving threats. Given the hybrid nature, this role offers flexibility while still maintaining a strong presence in the physical workplace, essential for fostering team collaboration and overseeing IT security operations effectively.
Read more:https://www.linkedin.com/jobs/view/3826125439
Deputy Director - Information Security Architecture & Engineering, Sound Transit, Seattle, WA (On-site)
This position is notable for its significant impact on public infrastructure and transportation security. The Deputy Director at Sound Transit will have the unique opportunity to safeguard critical systems affecting daily commuter safety and operational efficiency. The role’s on-site requirement underlines its critical nature, allowing direct involvement in the architecture and engineering decisions pivotal to securing the transit network against cyber threats.
Read more: https://www.linkedin.com/jobs/view/3725047911
Director, Cybersecurity Architecture, Crowley, Jacksonville, FL (Hybrid)
This role is crucial within the logistics and transportation industry, focusing on securing complex supply chains and maritime operations. The Director of Cybersecurity Architecture will lead strategic initiatives to enhance security frameworks and mitigate risks across global operations. The hybrid model offers a balance between hands-on engagements and remote flexibility, ideal for strategic planning and international collaboration.
Read more: https://www.linkedin.com/jobs/view/3784990232
Director, Cybersecurity and Crisis Management, Freddie Mac, McLean, VA (Hybrid)
This position offers a unique blend of cybersecurity leadership and crisis management within the financial sector, crucial for protecting sensitive information and ensuring financial stability. The role at Freddie Mac involves developing comprehensive cybersecurity strategies and managing responses to cyber incidents, with a significant salary range indicating the role's importance and impact.
Read more: https://www.linkedin.com/jobs/view/3831633788
Security Engineering Manager, Virtualization Security, Cloud CISO, Google, United States (Remote)
This remote role at Google represents a forefront position in cloud and virtualization security, appealing to those passionate about cutting-edge technologies and large-scale systems. The Security Engineering Manager will lead efforts to secure cloud infrastructure, vital for countless businesses and individuals relying on Google services. The position offers the flexibility of remote work, allowing for talent recruitment nationwide and fostering innovation in virtualization security practices.
Read more: https://www.linkedin.com/jobs/view/3830667070
Final Words
That's it for today's edition of Secret CISO. As we've seen, data breaches continue to be a significant concern across various sectors, from banking to healthcare. It's a stark reminder of the importance of robust cybersecurity measures in our increasingly digital world. Remember, cybersecurity isn't just a one-person job. It's a team effort. So, share this newsletter with your colleagues and friends to keep them in the loop. Let's work together to create a safer digital space for everyone. Stay safe, stay informed, and see you in the next edition of Secret CISO.