Secret CISO 6/1: Snowflake Denies Compromise, Illinois State Office Hit, UMD Secures $500M DoD Contract
Good morning, Secret CISO subscribers! Today's newsletter is packed with the latest updates on some major cybersecurity breaches. Ticketek, the popular event ticketing platform, has suffered a significant data breach, exposing customer details including names, dates of birth, and email addresses. The company is currently notifying affected customers and working closely with Australia's National Office of Cyber Security. In a related story, Snowflake, a cloud-based data platform, has denied reports of a security breach, despite claims from infosec analysts at Hudson Rock that the company was compromised, leading to the theft of data on hundreds of millions of users. Meanwhile, the Illinois Secretary of State's office has also been impacted by a data breach, alerting residents about the incident. In the entertainment sector, Ticketmaster has confirmed a data breach affecting a staggering 560 million customers.
The breach was allegedly linked to cloud storage company Snowflake, which has denied the allegations. In other news, an infamous hacker group, ShinyHunters, claims to be behind a breach at one of the world's largest banks, with 30,000,000 customers' data allegedly exposed and on sale. We also bring you the latest research updates in the cybersecurity field, including a report on the security risks in grid modernization, a $500 million contract awarded to a UMD research laboratory by the Department of Defense, and insights on how 5G features can support distributed controls and configurable security for power systems. Stay tuned for more details on these stories and other important cybersecurity updates. Stay safe and secure!
Data Breaches
- Ticketek Customer Details Exposed: Australian ticketing company Ticketek suffered a data breach, exposing customer names, dates of birth, and email addresses. The company is currently notifying affected customers and working with Australia's National Office of Cyber Security. Source: The Guardian
- Snowflake Denies Cyber-Thieves Breach: Despite claims from infosec analysts at Hudson Rock, data warehousing company Snowflake denies that it was compromised by cyber-thieves who allegedly stole data on hundreds of millions of users. Source: The Register
- Illinois Secretary of State Office Data Breach: The Illinois Secretary of State's office has alerted residents about a recent data breach that impacted the agency. The extent of the breach and the data involved have not been disclosed. Source: NBC Chicago
- Ticketmaster Data Breach: Ticketmaster confirmed a data breach after the hacking group known as ShinyHunters claimed responsibility. The breach allegedly contains details for 560 million customers. Source: The New York Times
- Trillion-Dollar Bank Data Breach: An infamous hacker group, ShinyHunters, claims to be behind a breach at one of the world's largest banks, with 30,000,000 customers' data allegedly exposed and on sale. The name of the bank has not been disclosed. Source: Daily Hodl
Security Research
- Is SASE Living Up to the Hype in 2024?: The Secure Access Service Edge (SASE) model is being scrutinized for its effectiveness in 2024. The model, which combines network security and wide area networking capabilities in a single cloud-based service, is being evaluated for its ability to meet the evolving needs of businesses. Source: BankInfoSecurity
- UMD Research Laboratory Receives Department of Defense Contract: The Applied Research Laboratory for Intelligence and Security at the University of Maryland has secured a contract worth up to $500 million from the Department of Defense. This is the largest research contract in the university's history. Source: dbknews
- Security Risks in Grid Modernization: Researchers have warned about potential security risks in the modernization of power grids. They used a grid simulator to assess how manipulating the level of electricity that flows back and forth after hacking a smart meter can create vulnerabilities. Source: govinfosecurity
- NIST Taps Analygence to Help Fix Vulnerability Database Backlog: The National Institute of Standards and Technology (NIST) has contracted Analygence to help address a backlog in its vulnerability database. The company has previously worked with multiple federal customers, including the Cybersecurity and Infrastructure Security Agency. Source: Nextgov/FCW
- Snowflake Compromised? Attackers Exploit Stolen Credentials: Security researchers have discovered that attackers are exploiting stolen credentials to compromise Snowflake, a cloud-based data warehousing platform. The data is ingested from various sources, transformed, and analyzed using SQL. Source: Help Net Security
Top CVEs
- WP STAGING WordPress Backup Plugin Vulnerability (CVE-2024-4469): A vulnerability has been discovered in the WP STAGING WordPress Backup Plugin, versions prior to 3.5.0. This flaw allows users with the administrator role to conduct Server Side Request Forgery (SSRF) attacks, potentially causing issues in multisite configurations. Users are advised to update to the latest version to mitigate the risk. Source: CVE-2024-4469.
- Unifier and Unifier Cast Missing Authorization Vulnerability (CVE-2024-36246): A missing authorization vulnerability has been identified in Unifier and Unifier Cast Version 5.0 or later. If exploited, this vulnerability could allow arbitrary code execution with LocalSystem privilege, potentially leading to data modification or malicious program installation. Users are urged to apply the patch "20240527" to address this issue. Source: CVE-2024-36246.
Final Words
And that's a wrap for today's edition of Secret CISO. As we've seen, the digital landscape is a battlefield, with cyber threats lurking in every corner. From Ticketek's unfortunate data breach to the alleged Snowflake compromise, it's clear that no entity is immune. But remember, knowledge is power. By staying informed, we can better prepare and protect ourselves in this ever-evolving cyber world.
If you found this newsletter helpful, please consider sharing it with your friends and colleagues. Let's spread the word and foster a community that's well-informed and cyber-resilient. After all, in the face of cyber threats, we're stronger together. Stay safe, stay informed, and see you in the next edition of Secret CISO.