Secret CISO 5/9: Zscaler's Data Breach Investigation, Citizen Watches and Golfzon's Customer Data Leaks, LockBit's Attack on Wichita, and Stratix's Endpoint Management Research
Good morning, Secret CISO readers! Today's issue is packed with the latest cybersecurity news and updates. We kick off with Zscaler, a cybersecurity firm, investigating claims of a data breach after hackers offered access to its network. In a similar vein, Citizen Watches customers in Singapore have had their personal details stolen in a data breach, with the PDPC currently investigating the incident. Golfzon, a popular golfing company, faces a record $5.47 million fine after a data breach leaked the information of 2.21 million customers to the dark web.
Meanwhile, popular YouTuber Will Davis has highlighted a massive data breach in Sri Lanka's new VFS Visa system. In other news, the EMBARGO ransomware gang has published Firstmac customer data, including transaction details, addresses, and loan data, in a 500GB data leak.
The LockBit ransomware group has also claimed responsibility for the attack on the City of Wichita, threatening to publish stolen data. On the healthcare front, Ascension Health System has reported a data breach that disrupted clinical operations. Similarly, DocGo has notified the SEC of a recent cyberattack and is investigating the scope of the data breach. In election security news, a former township clerk and her attorney in Michigan face charges over allegations of a voter data breach related to the 2020 election.
Stay tuned for more updates and remember, knowledge is the best defense against cyber threats. Stay safe!
Data Breaches
- Zscaler Data Breach Investigation: Cybersecurity firm Zscaler is currently investigating claims of a data breach after hackers allegedly offered access to its network. The extent of the breach and the potential impact on customers is yet to be determined. Source: Security Affairs
- Citizen Watches Data Breach: Personal details of Citizen Watches customers in Singapore were stolen in a data breach. The Personal Data Protection Commission (PDPC) is currently investigating the breach. Source: The Straits Times
- Golfzon Data Breach: Golfzon, a South Korean company, has been fined a record $5.47 million for a data breach that leaked the personal information of over 2.21 million customers to the dark web. Source: The Korea Times
- VFS Visa System Data Breach: A massive data breach in Sri Lanka's new VFS Visa system was highlighted by popular YouTuber Will Davis. The breach by global visa processing service, VFS Global, is currently under investigation. Source: Newswire
- Firstmac Customer Data Leak: Hackers have published customer transaction details, addresses, loan data, and more, in a 500GB data leak from Firstmac. The extent of the breach and the potential impact on customers is yet to be determined. Source: Cyber Daily
Security Research
- Companies Lag in Endpoint Management, Stratix Research Highlights Security Vulnerabilities: Stratix Research reveals that most companies are lagging in implementing Unified Endpoint Management (UEM) strategies, which streamline IT tasks and secure endpoints regardless of device type. This lack of holistic strategies is leaving companies vulnerable to security breaches. Source: KXAN
- Sam Altman Expresses Concern Over AI and Misinformation Ahead of the Presidential Election: OpenAI CEO, Sam Altman, expressed his concerns about the potential misuse of AI and the spread of misinformation ahead of the presidential election. His comments were made during a talk at the Brookings Institution. Source: Inc.com
- Experts Highlight Progress, Challenges for Election Security: At the RSA Conference 2024, CISA officials and security professionals discussed the progress and challenges in election security. The details of the discussions were not disclosed. Source: TechTarget
- Hacker Heroes – Jeremiah Grossman: SC Magazine features a conversation with cybersecurity expert Jeremiah Grossman, discussing his journey and insights into the cybersecurity field. Source: SC Magazine
- Retired General Paul Nakasone Named Founding Director of Institute for National Defense and Global Security: Vanderbilt University announced the launch of the Institute for National Defense and Global Security, with retired General Paul Nakasone as the founding director. The institute aims to address national defense and global security issues. Source: Vanderbilt University News
Top CVEs
- CVE-2024-27793: This is a reserved CVE entry by an organization or individual for future use when announcing a new security problem. The details will be publicized once the candidate has been announced. Source: CVE-2024-27793
- CVE-2024-24788: A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop. This vulnerability can potentially lead to a Denial of Service (DoS) attack. Source: CVE-2024-24788
- CVE-2024-21793: An OData injection vulnerability exists in the BIG-IP Next Central Manager API (URI). This vulnerability can lead to unauthorized access and potential data breach. Note: Software versions which have reached End of Technical Support (EoTS) are not eligible for updates. Source: CVE-2024-21793
- CVE-2024-30459: A Missing Authorization vulnerability exists in AIpost AI WP Writer. This issue affects AI WP Writer versions from n/a through the latest. This vulnerability can potentially lead to unauthorized access and potential data breach. Source: CVE-2024-30459
- CVE-2024-24833: A Missing Authorization vulnerability exists in Leevio Happy Addons for Elementor. This issue affects Happy Addons for Elementor versions from n/a through the latest. This vulnerability can potentially lead to unauthorized access and potential data breach. Source: CVE-2024-24833
API Security
- Exploit for CVE-2024-26026: A significant SQL injection vulnerability has been identified in the BIG-IP Next Central Manager API. This unauthenticated SQL injection could potentially allow an attacker to manipulate the API's database, leading to unauthorized access or data leakage. It's important to note that software versions that have reached End of Technical Support (EoTS) are not eligible for patches. Source: GitHub Exploit and CVE Details
- Exploit for CVE-2024-21793: An OData injection vulnerability has been discovered in the BIG-IP Next Central Manager API. This could potentially allow an attacker to inject malicious data into the API, leading to unauthorized access or data manipulation. Similar to the previous vulnerability, software versions that have reached End of Technical Support (EoTS) are not eligible for patches. Source: CVE Details
Sponsored by Wallarm API Security Solution
Final Words
And that's a wrap for today's edition of Secret CISO. As we've seen, data breaches continue to be a prevalent issue across various sectors, from cybersecurity firms like Zscaler to consumer brands like Citizen Watches and Golfzon. It's a stark reminder for all of us to stay vigilant and proactive in our cybersecurity efforts.
Remember, cybersecurity is not just the responsibility of IT departments or security teams. It's a collective effort. So, share this newsletter with your colleagues, friends, and anyone else who could benefit from staying informed about the latest in cybersecurity news. Stay safe, stay informed, and see you in the next edition of Secret CISO!