Secret CISO 4/30: FTC Strengthens Health Data Breach Notification, Kaiser Permanente Leaks 13.4M Members' Data, Malicious Containers Found on Docker Hub, AI Risks to US Critical Infrastructure

Secret CISO 4/30: FTC Strengthens Health Data Breach Notification, Kaiser Permanente Leaks 13.4M Members' Data, Malicious Containers Found on Docker Hub, AI Risks to US Critical Infrastructure

Welcome to today's issue of Secret CISO, your daily source for the most impactful cybersecurity news. Today, we're diving into the latest updates on data breaches and security measures. The FTC has finalized updates to the Health Breach Notification Rule, aiming to improve readability and authorize covered entities to expand their use of security measures.

Meanwhile, a data breach at the collection agency FBCS has affected millions of users, highlighting the importance of robust data security measures. In a concerning development, persistent sensitive information breaches are failing people living with HIV, as repeated data breaches disclose their HIV status. The Information Commissioner has called for urgent action to address this issue. Data security and privacy in online entertainment are also under the spotlight, with hackers targeting these platforms and exposing millions of accounts. In the real estate sector, new data shows a significant rise in Bay Area home prices, but a data breach at Kaiser Permanente has put a damper on the news.

In legal news, CorrectCare has agreed to pay $6.49 million to settle a data breach lawsuit, while Kisco Senior Living faces a class action over a 2023 data breach. The High Court has also refused to revisit a class certification in a data breach row involving Chili's. On the research front, security experts are introducing new services to eliminate false positives and detect zero-day threats.

However, they've also discovered millions of malicious 'imageless' containers on Docker Hub, raising concerns about the security of these platforms. Stay tuned for more updates and remember, knowledge is the first line of defense in cybersecurity. Stay safe and informed with Secret CISO.

Data Breaches

  1. FTC Finalizes Updates to Health Breach Notification Rule: The Federal Trade Commission has updated the Health Breach Notification Rule to improve readability and allow covered entities to expand their use of data security breach notifications. The changes will take effect 60 days after publication in the Federal Register. Source: HealthITSecurity
  2. Collection Agency Data Breach Affects Millions: Financial Business and Consumer Solutions (FBCS) has experienced a data breach affecting millions of users. The collection agency has sent out notification letters to the affected customers. Source: TechRadar
  3. Persistent Sensitive Information Breaches Failing People Living with HIV: The Information Commissioner's Office has called for urgent action following repeated data breaches that have disclosed the HIV status of individuals, denying them basic dignity and privacy. Source: ICO
  4. Data Security and Privacy in Online Entertainment: Data breaches in the online entertainment sector are a major concern as they can expose millions of accounts, putting personal and financial data at risk. Source: FinSMEs
  5. Kaiser Permanente Data Breach Affecting 13.4 Million Members: Kaiser Permanente has announced a data breach affecting 13.4 million current and former members. The released information did not include sensitive data such as Social Security numbers or financial information. Source: KABC

Security Research

  1. Outpost24 Introduces Application Security Expert Service: Outpost24 has launched a new Dynamic Application Security Testing (DAST) verification service, DAST Expert. This service aims to provide organizations with a comprehensive analysis of application security, eliminating false positives and enhancing overall security posture. Source: Yahoo Finance
  2. Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years: Security researcher Andrey Polkovnichenko has reported the presence of millions of malicious 'imageless' containers on Docker Hub over the past five years. The documentation for these containers has no connection, indicating a significant security concern. Source: The Hacker News
  3. USPS phishing, UK IoT law, industrial USB attacks: Security researcher Renee Burton discovered a China-linked group named Muddling Meerkat that can consistently get DNS mail records through, indicating potential phishing attacks. This discovery highlights the need for increased vigilance and security measures. Source: CISO Series
  4. Gemini 1.5 Pro – Powered With Automated Malware Analysis To Detect Zero-Day: Gemini 1.5 Pro is a new tool designed for SOC, Threat Research, or DFIR departments. It offers automated malware analysis to detect zero-day threats, providing real-time security insights to a community of 400,000 independent security researchers. Source: Cybersecurity News
  5. Vulnerability Recap 4/29/24: Cisco, Microsoft, Palo Alto & More: A recap of recent vulnerabilities discovered by security researchers, including a critical exploit type bug, CVE-2024-4058. The latest update addresses 18 vulnerabilities, emphasizing the importance of regular updates and patches in maintaining security. Source: eSecurity Planet

Top CVEs

  1. CVE-2024-31621 - FlowiseAI Inc Flowise v.1.6.2 Remote Code Execution: A vulnerability in FlowiseAI Inc Flowise v.1.6.2 and earlier versions allows remote attackers to execute arbitrary code via a crafted script to the api/v1. Users are advised to update to the latest version. Source: CVE-2024-31621
  2. CVE-2024-32493 - Znuny LTS SQL Injection: Znuny LTS 6.5.1 through 6.5.7 and Znuny 7.0.1 through 7.0.16 have a vulnerability where a logged-in agent can inject SQL in the draft form ID parameter of an AJAX. Users are advised to update to the latest version. Source: CVE-2024-32493
  3. CVE-2024-32492 - Znuny External Execution: Znuny 7.0.1 through 7.0.16 have a vulnerability where the ticket detail view in the customer front allows the execution of external. Users are advised to update to the latest version. Source: CVE-2024-32492
  4. CVE-2023-50432 - simple-dhcp-server Denial of Service: simple-dhcp-server through ec976d2 allows remote attackers to cause a denial of service (daemon crash) by sending a DHCP packet without any option fields. Source: CVE-2023-50432
  5. CVE-2023-51254 - Jfinalcms v.5.0.0 Cross Site Scripting: A Cross Site Scripting vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the friendship link. Source: CVE-2023-51254

Final Words

And that's a wrap for today's edition of Secret CISO. As we've seen, the world of data security is constantly evolving, with new threats and challenges emerging every day. From the FTC's updates to the Health Breach Notification Rule to the persistent sensitive information breaches affecting people living with HIV, it's clear that data security is more important than ever. Remember, knowledge is power. By staying informed about the latest developments in data security, you can take steps to protect your own data and help others do the same. So why not share this newsletter with your friends and colleagues? They might find it just as useful as you do. Until next time, stay safe and stay informed.

Remember, in the world of data security, the only constant is change. And as your Secret CISO, I'll be here to guide you through it.

Read more

Secret CISO 5/11: Data Breaches in Nigeria, Kelly Benefits, Hertz and SK Telecom, Outdated Security Practices, New Phishing Techniques, and Latest Research on AI and Cybersecurity

Secret CISO 5/11: Data Breaches in Nigeria, Kelly Benefits, Hertz and SK Telecom, Outdated Security Practices, New Phishing Techniques, and Latest Research on AI and Cybersecurity

Welcome to today's edition of Secret CISO, your daily source for the most impactful cybersecurity news. Today, we delve into a series of data breaches and security practices that have made headlines. In Iceland, a former special prosecutor is under investigation for data theft, while in Nigeria, over

By Secret CISO
Secret CISO 5/10: Nova Scotia Schools and SogoTrade Hit by Data Breaches, LPL Financial Drops Defamation Suit, Cyber Threats Escalate with PowerSchool Extortion, and Researchers Uncover New Malware Tools

Secret CISO 5/10: Nova Scotia Schools and SogoTrade Hit by Data Breaches, LPL Financial Drops Defamation Suit, Cyber Threats Escalate with PowerSchool Extortion, and Researchers Uncover New Malware Tools

Hello there, Secret CISO readers! In today's issue, we're diving into a series of data breaches that have rocked the cybersecurity world. From Nova Scotia's education system to SogoTrade, LPL Financial, and even the Department of Justice, no sector seems to be immune. We&

By Secret CISO
Secret CISO 5/9: iHeartMedia, Capital One, DermCare, SogoTrade Face Data Breach Lawsuits; PowerSchool Hack Threatens NC Schools; SK Telecom's Major Security Breach; Healthcare Data Security Importance Highlighted

Secret CISO 5/9: iHeartMedia, Capital One, DermCare, SogoTrade Face Data Breach Lawsuits; PowerSchool Hack Threatens NC Schools; SK Telecom's Major Security Breach; Healthcare Data Security Importance Highlighted

Welcome to today's issue of Secret CISO, where we bring you the latest news and insights from the world of cybersecurity. Today, we're diving into a series of data breaches that have led to class-action lawsuits against iHeartMedia, Capital One Bank, DermCare Management, and SogoTrade. We&

By Secret CISO