Welcome to today's issue of Secret CISO, your daily source for the most impactful cybersecurity news. Today, we're diving into the latest updates on data breaches and security measures. The FTC has finalized updates to the Health Breach Notification Rule, aiming to improve readability and authorize covered entities to expand their use of security measures.

Meanwhile, a data breach at the collection agency FBCS has affected millions of users, highlighting the importance of robust data security measures. In a concerning development, persistent sensitive information breaches are failing people living with HIV, as repeated data breaches disclose their HIV status. The Information Commissioner has called for urgent action to address this issue. Data security and privacy in online entertainment are also under the spotlight, with hackers targeting these platforms and exposing millions of accounts. In the real estate sector, new data shows a significant rise in Bay Area home prices, but a data breach at Kaiser Permanente has put a damper on the news.

In legal news, CorrectCare has agreed to pay $6.49 million to settle a data breach lawsuit, while Kisco Senior Living faces a class action over a 2023 data breach. The High Court has also refused to revisit a class certification in a data breach row involving Chili's. On the research front, security experts are introducing new services to eliminate false positives and detect zero-day threats.

However, they've also discovered millions of malicious 'imageless' containers on Docker Hub, raising concerns about the security of these platforms. Stay tuned for more updates and remember, knowledge is the first line of defense in cybersecurity. Stay safe and informed with Secret CISO.

Data Breaches

1. FTC Finalizes Updates to Health Breach Notification Rule: The Federal Trade Commission has updated the Health Breach Notification Rule to improve readability and allow covered entities to expand their use of data security breach notifications. The changes will take effect 60 days after publication in the Federal Register. Source: HealthITSecurity
2. Collection Agency Data Breach Affects Millions: Financial Business and Consumer Solutions (FBCS) has experienced a data breach affecting millions of users. The collection agency has sent out notification letters to the affected customers. Source: TechRadar
3. Persistent Sensitive Information Breaches Failing People Living with HIV: The Information Commissioner's Office has called for urgent action following repeated data breaches that have disclosed the HIV status of individuals, denying them basic dignity and privacy. Source: ICO
4. Data Security and Privacy in Online Entertainment: Data breaches in the online entertainment sector are a major concern as they can expose millions of accounts, putting personal and financial data at risk. Source: FinSMEs
5. Kaiser Permanente Data Breach Affecting 13.4 Million Members: Kaiser Permanente has announced a data breach affecting 13.4 million current and former members. The released information did not include sensitive data such as Social Security numbers or financial information. Source: KABC

Security Research

1. Outpost24 Introduces Application Security Expert Service: Outpost24 has launched a new Dynamic Application Security Testing (DAST) verification service, DAST Expert. This service aims to provide organizations with a comprehensive analysis of application security, eliminating false positives and enhancing overall security posture. Source: Yahoo Finance
2. Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years: Security researcher Andrey Polkovnichenko has reported the presence of millions of malicious 'imageless' containers on Docker Hub over the past five years. The documentation for these containers has no connection, indicating a significant security concern. Source: The Hacker News
3. USPS phishing, UK IoT law, industrial USB attacks: Security researcher Renee Burton discovered a China-linked group named Muddling Meerkat that can consistently get DNS mail records through, indicating potential phishing attacks. This discovery highlights the need for increased vigilance and security measures. Source: CISO Series
4. Gemini 1.5 Pro – Powered With Automated Malware Analysis To Detect Zero-Day: Gemini 1.5 Pro is a new tool designed for SOC, Threat Research, or DFIR departments. It offers automated malware analysis to detect zero-day threats, providing real-time security insights to a community of 400,000 independent security researchers. Source: Cybersecurity News
5. Vulnerability Recap 4/29/24: Cisco, Microsoft, Palo Alto & More: A recap of recent vulnerabilities discovered by security researchers, including a critical exploit type bug, CVE-2024-4058. The latest update addresses 18 vulnerabilities, emphasizing the importance of regular updates and patches in maintaining security. Source: eSecurity Planet

Top CVEs

1. CVE-2024-31621 - FlowiseAI Inc Flowise v.1.6.2 Remote Code Execution: A vulnerability in FlowiseAI Inc Flowise v.1.6.2 and earlier versions allows remote attackers to execute arbitrary code via a crafted script to the api/v1. Users are advised to update to the latest version. Source: CVE-2024-31621
2. CVE-2024-32493 - Znuny LTS SQL Injection: Znuny LTS 6.5.1 through 6.5.7 and Znuny 7.0.1 through 7.0.16 have a vulnerability where a logged-in agent can inject SQL in the draft form ID parameter of an AJAX. Users are advised to update to the latest version. Source: CVE-2024-32493
3. CVE-2024-32492 - Znuny External Execution: Znuny 7.0.1 through 7.0.16 have a vulnerability where the ticket detail view in the customer front allows the execution of external. Users are advised to update to the latest version. Source: CVE-2024-32492
4. CVE-2023-50432 - simple-dhcp-server Denial of Service: simple-dhcp-server through ec976d2 allows remote attackers to cause a denial of service (daemon crash) by sending a DHCP packet without any option fields. Source: CVE-2023-50432
5. CVE-2023-51254 - Jfinalcms v.5.0.0 Cross Site Scripting: A Cross Site Scripting vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the friendship link. Source: CVE-2023-51254

Final Words

And that's a wrap for today's edition of Secret CISO. As we've seen, the world of data security is constantly evolving, with new threats and challenges emerging every day. From the FTC's updates to the Health Breach Notification Rule to the persistent sensitive information breaches affecting people living with HIV, it's clear that data security is more important than ever. Remember, knowledge is power. By staying informed about the latest developments in data security, you can take steps to protect your own data and help others do the same. So why not share this newsletter with your friends and colleagues? They might find it just as useful as you do. Until next time, stay safe and stay informed.

Remember, in the world of data security, the only constant is change. And as your Secret CISO, I'll be here to guide you through it.