Good morning! In today's issue of Secret CISO, we're diving into a series of data breaches that have recently shaken the cyber world. Tokyo is pressing Naver for more information on the Line data breach that resulted in the leakage of over 510,000 items of personal information. Meanwhile, AT&T is under scrutiny for a data breach that exposed customers' names, addresses, and social security numbers, highlighting the weakness of 4-digit passcodes. Visionary Integration Professionals (VIP) also reported a data breach, leaking consumers' social security numbers. In light of these breaches, we'll be sharing tips on how to protect yourself if your personal information has been exposed. In other news, over half a million Roku accounts were compromised in a second cyber security breach, and DJI, a major Chinese drone manufacturer, suffered a data breach at the hands of R00TK1T. We'll also be discussing the latest research revealing that 92% of enterprises are unprepared for the AI wave and the security challenges it brings. Stay tuned for more updates on these stories and other breaking news in the world of cybersecurity. Stay safe and secure!

Data Breaches

1. Naver's Line Data Breach: Tokyo continues to press Naver over its handling of a data breach that occurred in October, resulting in the leak of approximately 510,000 items of personal information about users and business partners. The incident has raised concerns over the company's data security measures. Source: Korea JoongAng Daily
2. AT&T Data Breach: A significant data breach at AT&T has exposed customers' names, home addresses, phone numbers, dates of birth, and Social Security numbers. The incident highlights the vulnerability of 4-digit passcodes and the need for stronger security measures. Source: Lexology
3. Visionary Integration Professionals Data Breach: Visionary Integration Professionals (VIP) reported a data breach to the Attorney General of California on April 15, 2024. The breach resulted in the leak of consumers' Social Security numbers, emphasizing the need for improved data protection strategies. Source: JD Supra
4. T2 Data Breach: The Australian branch of specialty tea retailer T2 has reportedly suffered a data breach affecting more than 80,000 customers, primarily in the EU. The incident underscores the global reach of data breaches and the importance of robust cybersecurity measures. Source: Cyber Daily
5. Roku Security Breach: Roku has experienced a second cyber security breach, compromising over half a million accounts. In response, the company has taken proactive steps including password resets for all affected accounts, demonstrating the ongoing threat of cyber attacks. Source: CyberGuy

Security Research

1. New Research Reveals 92% of Enterprises Unprepared for AI Wave and the Security Challenges it Brings: A new study by Absolute Security indicates that a majority of businesses are not ready for the security issues that come with the adoption of AI technology. The report highlights the need for enterprises to bolster their cyber resilience strategies to counter these challenges. Source: iTWire
2. Security Enhancements in 3GPP Release 18: Ericsson's latest research focuses on the security improvements in the 3GPP Release 18. The report provides insights into the company's ongoing work on future network security and standardization. Source: Ericsson
3. Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes: Security researcher Alvaro Muñoz discovered several flaws in OpenMetadata that hackers are exploiting to mine cryptocurrency on Kubernetes. The vulnerabilities underscore the need for robust security measures in the crypto space. Source: The Hacker News
4. Clarify DMCA Carveout For AI Research, DOJ Says: The Department of Justice has called for clarity on the DMCA exemption for computer security research, which covers many types of research focused on the security and integrity of AI models. The move highlights the growing importance of AI in cybersecurity. Source: Law360
5. Atlassian Confluence Linux Instances Targeted with Cerber Ransomware: Cado Security's research shows that Atlassian Confluence Linux instances are being targeted with Cerber ransomware. The attack occurs in three stages, highlighting the sophistication of modern cyber threats. Source: SC Media

Top CVEs

1. CVE-2024-3914 - Use After Free in V8 in Google Chrome: A remote attacker could potentially exploit heap corruption in Google Chrome versions prior to 124.0.6367.60 via a crafted HTML page, due to a use after free vulnerability in V8. Source: CVE-2024-3914
2. CVE-2023-44227 - Missing Authorization in Mitchell Bennis Simple File List: A missing authorization vulnerability exists in Mitchell Bennis Simple File List, affecting versions from n/a through. The details of the vulnerability are not specified. Source: CVE-2023-44227
3. CVE-2023-36505 - Improper Input Validation in Saturday Drive Ninja Forms Contact Form: An improper input validation vulnerability exists in Saturday Drive Ninja Forms Contact Form, affecting versions from n/a through. The details of the vulnerability are not specified. Source: CVE-2023-36505
4. CVE-2023-51500 - Missing Authorization in Undsgn Uncode Core: A missing authorization vulnerability exists in Undsgn Uncode Core, affecting versions from n/a through. The details of the vulnerability are not specified. Source: CVE-2023-51500
5. CVE-2024-2961 - Overflow in GNU C Library: The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, potentially leading to application crashes or overwriting of neighbouring data. Source: CVE-2024-2961

Final Words

And that's a wrap for today's edition of Secret CISO. We've covered a lot of ground, from Tokyo pressing Naver over a data breach, to the weaknesses of 4-digit passcodes exposed by a large AT&T data breach, and the steps Roku has taken in response to a security breach. Remember, data breaches are becoming an almost regular occurrence. It's crucial to stay informed and take necessary precautions to protect your personal information. If you've found this newsletter helpful, please consider sharing it with your friends and colleagues. Stay safe, stay informed, and see you in the next edition of Secret CISO.