Welcome to today's issue of Secret CISO, your daily dose of cybersecurity insights. Today, we're diving into the latest wave of data breaches that have left hundreds of thousands of accounts compromised. Streaming giant Roku has been hit with a second security incident in as many months, affecting nearly 576,000 accounts. This comes hot on the heels of a breach in March that impacted thousands of users. Meanwhile, the VA has mistakenly sent a CT veteran other veterans' personal information, and data analytics company Sisense is facing questions from customers following a recent breach announcement. In other news, Molen & Associates and Greylock McKinnon have both filed notices of data breaches, affecting an unknown number of consumers and leaking victims' SSNs respectively. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is investigating a data breach that may have compromised companies across various industries. On the research front, we'll be looking at the latest trends and tactics in phishing data, as well as the role of technology in the security and resilience of small states, with a focus on Estonia. We'll also be discussing the potential impact of unpatched vulnerabilities in containers, and the adoption of a new C2 tool 'DarkBeatC2' by Iranian MuddyWater Hackers in their latest campaign. Stay tuned for more updates and remember, knowledge is power when it comes to cybersecurity. Stay safe out there!

Data Breaches

1. Roku Data Breach: Streaming giant Roku has suffered its second security breach in as many months, this time affecting approximately 576,000 user accounts. The company had previously announced a breach in March that impacted 15,000 accounts. Roku has not yet disclosed the specifics of the data compromised in the breach. Source: TechCrunch
2. VA Data Breach: The Department of Veterans Affairs (VA) has accidentally sent a Connecticut veteran personal information belonging to other veterans. The specifics of the data breach, including the number of veterans affected, have not been disclosed. Source: WFSB
3. Molen & Associates Data Breach: Molen & Associates, a tax preparation and accounting firm, has reported a data breach affecting an unknown number of consumers. The company discovered unauthorized access to its systems on April 5, 2024, and has since notified the Attorney General of Montana. Source: JD Supra
4. Greylock McKinnon Data Breach: Greylock McKinnon Associates, Inc. has reported a data breach that exposed the Social Security Numbers of 341,650 individuals. The company discovered the breach on April 5, 2024, and has since notified the Attorney General of Maine. Source: JD Supra
5. Health-Care Provider Data Breach: A data breach at an unnamed health-care provider may have affected up to 500,000 individuals. The specifics of the breach, including the type of data compromised, have not been disclosed. Class-action lawsuits have been filed in Dane County Circuit Court in response to the breach. Source: Government Technology

Security Research

1. "BadBatBut Vulnerability": A security researcher known as “RyotaK” has revealed a vulnerability in multiple programming languages that could lead to a command. This vulnerability has the potential to impact a wide range of systems and applications. Source: cxotoday.com
2. "Quantum Computing Security Discussions": Tennessee Senator Marsha Blackburn has engaged in discussions with industry leaders in quantum computing, security, and research. This highlights the growing importance of quantum computing in the field of cybersecurity. Source: thequantuminsider.com
3. "CISA's Malware Analysis Platform": The Cybersecurity and Infrastructure Security Agency's (CISA) new malware analysis platform could enable better threat intelligence. The platform's effectiveness will depend on how organizations and security researchers utilize it. Source: darkreading.com
4. "Phishing Data Trends and Tactics": A report uncovers the latest trends and tactics in phishing data over the past year. The research provides valuable insights into the evolving landscape of phishing threats. Source: scmagazine.com
5. "Global AI Trust, Risk and Security Management Research": A new report highlights the growing emphasis on demonstrating responsible AI practices in the field of security management. The research provides a comprehensive overview of the current state and future trends in AI security. Source: finance.yahoo.com

Top CVEs

1. CVE-2024-3400 - Palo Alto Networks PAN-OS Vulnerability: A command injection vulnerability has been identified in the GlobalProtect feature of Palo Alto Networks PAN-OS software. This vulnerability could allow an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Fixes are currently in development. Source: vulners.com
2. CVE-2023-51499 - WooCommerce Shipping Per Product Vulnerability: A Missing Authorization vulnerability has been discovered in WooCommerce's Shipping Per Product feature. The details of the vulnerability and its impact are yet to be disclosed. Source: vulners.com
3. CVE-2023-51515 - Undsgn Uncode Core Vulnerability: A Missing Authorization vulnerability has been found in Undsgn's Uncode Core, potentially leading to Privilege Escalation. Further details are yet to be disclosed. Source: vulners.com
4. CVE-2023-51409 - Jordy Meow AI Engine: ChatGPT Chatbot Vulnerability: An Unrestricted Upload of File with Dangerous Type vulnerability has been identified in Jordy Meow's AI Engine: ChatGPT Chatbot. The details of the vulnerability and its impact are yet to be disclosed. Source: vulners.com
5. CVE-2023-52211 - Automattic WP Job Manager Vulnerability: A Missing Authorization vulnerability has been discovered in Automattic's WP Job Manager. The details of the vulnerability and its impact are yet to be disclosed. Source: vulners.com

Final Words

And that's a wrap for today's edition of Secret CISO. It's clear that the digital landscape is a battlefield, with Roku's recent data breach affecting nearly 576,000 accounts and the VA mistakenly sending personal information to the wrong veterans. The importance of robust cybersecurity measures cannot be overstated. Remember, knowledge is power. By staying informed, we can all play a part in creating a safer digital world. If you found today's newsletter helpful, please consider sharing it with your friends and colleagues. Let's spread the word and strengthen our defenses, one newsletter at a time. Stay safe, stay informed, and see you in the next edition of Secret CISO.