Welcome to today's issue of Secret CISO. We're diving into the world of data breaches, security, and the evolving landscape of cyber threats. From the lessons learned from the Snowflake breaches to the investigation of AMD's data breach, we're covering it all. We'll also be discussing the launch of Cyera's data incident response service and how it's bringing speed and focus to security investigations. Plus, we'll be looking into the recent data breaches at Apple and Accenture, and the impact of these incidents on their businesses.

In other news, we'll be exploring the concept of 'Privacy by Design' and its impact on security and GRC. We'll also be discussing the recent data breach at the Post Office and the lawsuit faced by Panera due to a data breach in March 2024. On the technical side, we'll be delving into the role of security researchers in identifying and addressing security flaws. From the drama at Kraken to the use of AI in reporting malicious emails, we're covering the latest in security research. Stay tuned for all this and more in today's issue of Secret CISO.

Data Breaches

1. Lessons Learned from the Snowflake Breaches: Snowflake's recent data breaches highlight the importance of fine-grained data activity monitoring for proactive defense against evolving cyber threats. Source: Security Boulevard
2. AMD Investigating Data Breach: Advanced Micro Devices (AMD) is probing a potential data breach after data appeared for sale on a Darknet forum. AMD has stated that the potential data leak is not as damaging as initially suspected. Source: Spiceworks, Tom's Hardware
3. Apple Source Code Breach: A hacker has posted source code claiming to be from a new breach of Apple, marking a significant data breach for the tech giant. Source: Forbes
4. Accenture Employee Data Leak: A hacker known as "888" has leaked a file containing the contact and personal details of 32,828 current and former employees of Accenture. Source: Hackread
5. Panera Data Breach: Panera faces a class action lawsuit following a significant data breach in March 2024 that impacted current and former employees. Source: ClassAction.org

Security Research

1. Microsoft Corporate Email Spoofing Bug: A security researcher has discovered a flaw that allows threat actors to spoof Microsoft corporate emails, potentially enabling phishing attacks. Microsoft initially dismissed the disclosure, highlighting the importance of ethical conduct in cybersecurity research. Source: Computing UK
2. LevelBlue Labs' Evasive Loader Research: LevelBlue Labs, a managed security services provider, has released new research on an evasive loader targeting Chinese-speaking victims. The threat actor behind this has not yet been classified as an advanced persistent threat (APT). Source: Dallas Innovates
3. Chrome 126 Update Patches Vulnerability: Google's Chrome 126 update patches a vulnerability that was exploited at a hacking competition. The security defects were reported by a security researcher known as 'wgslfuzz'. Source: TechRadar
4. CVE-2023-48759 - Missing Authorization in Crocoblock JetElements For Elementor: This vulnerability affects JetElements For Elementor, where an attacker can exploit missing authorization checks. Users are advised to update to the latest version. Source: SC Magazine
5. CVE-2023-47770 - Missing Authorization in Muffin Group Betheme: Betheme by Muffin Group has a missing authorization vulnerability. Users are recommended to update to the latest version to mitigate this vulnerability. Source: Security Magazine

Top CVEs

1. CVE-2023-48759 - Missing Authorization in Crocoblock JetElements For Elementor: A vulnerability has been identified in JetElements For Elementor, where an attacker can exploit missing authorization checks. Users are advised to update to the latest version. Source: CVE-2023-48759
2. CVE-2023-47770 - Missing Authorization in Muffin Group Betheme: Betheme by Muffin Group has a missing authorization vulnerability. Users are recommended to update to the latest version to mitigate this vulnerability. Source: CVE-2023-47770
3. CVE-2023-47771 - Missing Authorization in ThemePunch OHG Essential Grid: Essential Grid by ThemePunch OHG is affected by a missing authorization vulnerability. Users are advised to update to the latest version. Source: CVE-2023-47771
4. CVE-2023-47681 - Missing Authorization in QuadLayers WooCommerce Checkout Manager: QuadLayers WooCommerce Checkout Manager has a missing authorization vulnerability. Users are recommended to update to the latest version to mitigate this vulnerability. Source: CVE-2023-47681
5. CVE-2023-45658 - Missing Authorization in POSIMYTH Nexter: Nexter by POSIMYTH has a missing authorization vulnerability. Users are advised to update to the latest version. Source: CVE-2023-45658

API Security

1. Kiuwan API Endpoint Access Control Vulnerability (CVE-2023-49112): Kiuwan's API endpoint /saas/rest/v1/info/application lacks proper access control mechanisms, allowing authenticated users to read information about applications without necessary rights. This issue affects Kiuwan. Source: CVE-2023-49112
2. Password Hash Exposure in mintplex-labs/anything-llm (CVE-2024-5213): In mintplex-labs/anything-llm versions up to and including 1.5.3, the password hash of a user is returned in the response after login and account creations. This could potentially lead to sensitive information exposure. Source: CVE-2024-5213
3. SQL Injection in WP Hotel Booking Plugin (CVE-2024-3605): The WP Hotel Booking plugin for WordPress is vulnerable to SQL Injection via the 'room_type' parameter of the /wphb/v1/rooms/search-rooms REST API endpoint due to insufficient escaping and lack of sufficient preparation on the existing SQL query. Source: CVE-2024-3605

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. We've delved into the lessons learned from the Snowflake breaches, the ongoing investigation into AMD's data breach, and the innovative approach of Cyera's data incident response service. We've also touched on the alleged breaches at Apple and Accenture, and the impact of privacy by design on security and GRC.

Remember, staying informed is the first step in protecting your systems and data. Share this newsletter with your colleagues and friends, and let's foster a culture of cybersecurity awareness together. Stay safe, stay secure. See you in the next edition of Secret CISO.