Secret CISO 4/20: Unprecedented Data Breaches at Mobile Guardian, Xfinity-Comcast, and Home Depot; Research on Cybersecurity Regulations and Data Act Guidance

Secret CISO 4/20: Unprecedented Data Breaches at Mobile Guardian, Xfinity-Comcast, and Home Depot; Research on Cybersecurity Regulations and Data Act Guidance

Welcome to today's issue of Secret CISO, your daily dose of the latest in cybersecurity. Today, we're diving into a series of data breaches that have rocked the digital world, affecting millions of users and exposing sensitive personal information. First up, we have a data security breach at Mobile Guardian, a device management app used by students. Personal information of parents and staff at 127 schools was accessed, highlighting the vulnerability of educational institutions to cyber threats. Next, we have a major data breach at AT&T, exposing millions of customers. We'll be sharing tips on how to protect yourself in this digital era rife with data breaches. In another alarming incident, cybercriminals are threatening to leak all 5 million records from a stolen database of high-risk individuals. The breach was genuine and occurred at an unnamed third party. Xfinity/Comcast customers are also in the spotlight following a massive data breach affecting more than 35.8 million users. We'll be discussing eligibility for compensation following this breach. In research security, we have a statement from the Vice President for Research (VPR) on the revision of the University's information security regulations. We'll also be looking at the European Commission's guidance on the Data Act, South Korea's PIPC updates DPIA guide, and a data breach at Home Depot that leaked the personal information of 10,000 employees. Stay tuned for more updates on cyberattacks on Frontier Communications, ConnectWise, and Kisco Senior Living, LLC. We'll also be covering the latest research in cybersecurity, including insights on securing the wireless spectrum, the threat of deepfakes, and the role of artificial intelligence in security. Finally, we'll wrap up with the latest vulnerabilities and their impact on network security. Stay safe and informed with Secret CISO.

Data Breaches

  1. Mobile Guardian Data Breach: Personal information of parents and staff at 127 schools was accessed in a data security breach involving Mobile Guardian, a device management app installed on personal learning devices used by students. Source: CNA
  2. AT&T Customer Data Exposed: Millions of AT&T customers' data was exposed in a major breach, highlighting the importance of using prevention tools, changing exposed passwords, and adopting smart online practices. Source: West Island Blog
  3. Xfinity/Comcast Data Breach: Xfinity/Comcast recently suffered a massive data breach affecting more than 35.8 million customers, raising questions about customer eligibility for compensation. Source: Business Insider
  4. Home Depot Third-Party Data Breach: Home Depot suffered a third-party data breach when a trusted vendor leaked a sample of 10,000 employee records. Source: CPO Magazine
  5. Frontier Communications Cyberattack: Frontier Communications reported a cyberattack, with an SEC filing confirming a data breach that impacted customers of the Dallas-based telecommunications carrier. Source: Channel Futures

Security Research

  1. Securing the wireless spectrum - ASU News - Arizona State University: ASU researcher Yanchao Zhang is leading the development of solutions to secure the wireless spectrum. His research focuses on privacy and security in DSS systems. Source: ASU News
  2. 5.3M World-Check records may be leaked; how to check your records - SC Magazine: In 2016, more than 2 million records from the database were leaked by an unidentified third party. The potential leak of 5.3M World-Check records is currently being investigated by security researcher Chris Vickery. Source: SC Magazine
  3. Artificial Intelligence | Deepfakes to become even more of a concern - YouTube: David Emm, the principal security researcher at Kaspersky, discusses the growing concern of deepfakes in artificial intelligence. He highlights the potential security risks and implications of this technology. Source: YouTube
  4. DARPA Aims to Boost 'Velocity' of AI Tools Effort - MeriTalk: DARPA is aiming to increase the speed of AI tool development for national security research. The goal is to enhance the role of AI in security measures. Source: MeriTalk
  5. Chinese hackers preparing to attack critical US infrastructure: FBI | The Hill: Security researchers with Microsoft and Google have linked the hacker group Volt Typhoon to China. The FBI warns that these hackers have compromised critical US infrastructure and are preparing for an attack. Source: The Hill

Top CVEs

  1. CVE-2024-29964 - Multiple Vulnerabilities in Docker Instances in Brocade SANnav: Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and configuration that leads to multiple vulnerabilities. Docker daemons are exposed to the WAN interface, and other vulnerabilities allow total control over the Ova appliance. A Docker instance could access any other instances, and a few could access sensitive files. Source: vulners.com
  2. CVE-2024-2761 - Stored XSS in Genesis Blocks WordPress Plugin: The Genesis Blocks WordPress plugin before 3.1.3 does not properly escape data input provided to some of its blocks, allowing using with at least contributor privileges to conduct Stored XSS. Source: vulners.com
  3. CVE-2024-29965 - Information Disclosure in Brocade SANnav: In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to back up the appliance from the web interface or the command line interface ("SSH"). The resulting backups are world-readable. A local attacker can recover backup files, restore them to a new malicious appliance, and retrieve the passwords of all the users. Source: vulners.com
  4. CVE-2024-29966 - Hard-Coded Credentials in Brocade SANnav: Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation that appear as the appliance's root password. The vulnerability could allow an unauthenticated attacker full access to the Brocade SANnav. Source: vulners.com
  5. CVE-2024-29967 - Insecure Mount Points in Brocade SANnav: In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points, allowing reading and writing access to sensitive files. The vulnerability could allow a sudo privileged user on the host OS to read and write access to these files. Source: vulners.com

Final Words

That's a wrap for today's edition of Secret CISO. We've covered a lot of ground, from data breaches affecting schools and major corporations, to the latest research in cybersecurity. Remember, in this digital era, staying informed is your first line of defense. If you found this newsletter helpful, please consider sharing it with your colleagues and friends. Together, we can stay one step ahead of the cyber threats. Stay safe and see you tomorrow for more updates in the world of cybersecurity. Remember, the secret to cybersecurity is staying informed. So, keep reading Secret CISO.

Read more

Secret CISO 11/24: Niantic's AI Map Data Breach, Baer's Furniture Co. Settlement, Netflix's Worst Leak, Microsoft's Security Failures, Irish Research on NHS Leak, Quantum-Proof Ethereum

Secret CISO 11/24: Niantic's AI Map Data Breach, Baer's Furniture Co. Settlement, Netflix's Worst Leak, Microsoft's Security Failures, Irish Research on NHS Leak, Quantum-Proof Ethereum

Welcome to today's edition of Secret CISO, your daily dose of the most impactful cybersecurity news. Today, we delve into the controversial use of Pokemon Go player data by Niantic to train AI map models, raising serious privacy concerns and potential data breach risks. We also discuss the

By Secret CISO