Secret CISO 4/24: OracleCMS and Change Healthcare Breaches, Lawsuits Over AT&T and UnitedHealth Data Leaks, AI-Driven Phishing Attacks Surge
Welcome to today's issue of Secret CISO. We're diving into a series of data breaches that have recently come to light, affecting organizations from healthcare to law enforcement. First up, we're looking at the Shoalhaven City Council's data breach involving their after-hours phone call service, OracleCMS. Meanwhile, Change Healthcare is under scrutiny for a massive data breach that experts predict will break records. The breach has also impacted UnitedHealth, with a substantial portion of people potentially affected. In legal news, AT&T is facing a lawsuit over a data breach, and the Catholic Medical Center has announced a breach affecting nearly 2,792 patients.
On the brighter side, St. Helena Library has confirmed that it was not affected by a recent data breach that hit the Solano County Library system. In law enforcement, the Panama City Police Department is dealing with a security breach that has cost five people their jobs. And in education, the University Systems of Georgia has announced a data breach compromising personal information.
We'll also be discussing the latest research in cybersecurity, including a report from Zscaler that found a 60% increase in AI-driven phishing attacks. Plus, we'll look at the latest job openings in the cybersecurity field. Stay tuned for more updates on these stories and other breaking news in the world of cybersecurity. As always, stay safe and secure.
Data Breaches
- OracleCMS Data Breach - Shoalhaven City Council: Shoalhaven City Council has reported a data breach involving OracleCMS, an after-hours phone call service used by the council. The extent of the breach and the data affected are yet to be disclosed. Source: Shoalhaven City Council
- Change Health Attack: Details Emerge; Breach Will Top Record: Change Healthcare, a major player in the healthcare sector, has suffered a significant data breach. The breach's details are still emerging, but it's expected to surpass previous records in terms of impact. Source: BankInfoSecurity
- Beasley Allen files lawsuit over AT&T Data Breach: Law firm Beasley Allen has filed a lawsuit against AT&T over a recent data breach. The details of the breach and the number of affected customers have not been disclosed. Source: WSFA
- Security Breach at Panama City Police Department, Five People Terminated and Resigned: A security breach at the Panama City Police Department has led to the termination and resignation of five people. The nature of the breach and the data affected are still under investigation. Source: MyPanhandle
- Millions Affected By Oklahoma Student Loan Authority Data Breach Leak: A data breach at the Oklahoma Student Loan Authority has leaked personal information of millions of people with student loans. The extent of the data leaked is still being determined. Source: News on 6
Security Research
- Zscaler Research Finds 60% Increase in AI-Driven Phishing Attacks: Zscaler's ThreatLabz 2024 Phishing Report reveals a significant increase in AI-driven phishing attacks, highlighting the evolving sophistication of cyber threats. Source: Markets Insider
- US government says security flaw in Chirp Systems' app lets anyone remotely control smart devices: The US cybersecurity agency warns of a security flaw in Chirp Systems' app, which allows remote control of smart devices, emphasizing the importance of robust security measures in IoT. Source: Yahoo Movies UK
- IANS Research Receives Strategic Investment From the Apax Digital Funds: IANS Research receives a strategic investment from the Apax Digital Funds, enabling it to support more CISOs and their teams in securing their businesses. Source: Morningstar
- NTT Research Brings Innovation To Networking And Security: NTT Research is pursuing groundbreaking research in vital areas including all-optical networking and security, showcasing the potential for innovative solutions in cybersecurity. Source: Forbes
- Forescout Research Elevates Warnings as Security Threats to Exposed Critical Infrastructure Go Ignored: Forescout Research warns that the internet exposure of Operational Technology (OT) and Industrial Control Systems (ICS) continues to be a critical infrastructure security issue. Source: The Galveston County Daily News
Top CVEs
- CVE-2024-21511: Versions of the package mysql2 before 3.9.7 are vulnerable to Arbitrary Code Injection due to improper sanitization of the timezone parameter. This could allow an attacker to execute arbitrary code. Source: CVE-2024-21511
- CVE-2024-31077: Forminator prior to 1.29.3 contains a SQL injection vulnerability. A remote authenticated attacker with administrative privilege could potentially obtain and alter any information in the database and cause a denial-of-service (DoS). Source: CVE-2024-31077
- CVE-2024-28890: Forminator prior to 1.29.0 contains an unrestricted upload of file with dangerous type vulnerability. A remote attacker could potentially obtain sensitive information by accessing files on the server, alter the site that uses the plugin, and cause a denial-of-service (DoS). Source: CVE-2024-28890
- CVE-2023-47731: IBM QRadar Suite Software and IBM Cloud Pak for Security are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Source: CVE-2023-47731
- CVE-2023-7253: The Import WP WordPress plugin before 2.13.1 does not prevent users with the administrator role from conducting SSRF attacks, which may be a problem in multisite. Source: CVE-2023-7253
Final Words
That's it for today's edition of Secret CISO. We've covered a lot of ground, from the OracleCMS data breach affecting Shoalhaven City Council to the increasing threat of cybercriminals post the Change Healthcare data breach. We've also touched on the lawsuit over AT&T's data breach and the exposure of patient information via vendor phishing at CMC. Remember, the world of cybersecurity is ever-evolving, and staying informed is the first step in staying secure.
If you found today's newsletter helpful, please consider sharing it with your colleagues and friends. Let's work together to create a safer digital world. Stay safe and see you in the next edition of Secret CISO!