Secret CISO 6/4: Christie's Data Breache, ASX Guidance on Security, Snowflake's Security Concerns, and Latest Cybersecurity Research Developments
Welcome to today's issue of Secret CISO. We're diving deep into a series of high-profile data breaches that have rocked the world of cybersecurity. Christie's Auction House is in the spotlight after a ransomware group threatened to leak customer data, prompting an investigation into their security measures.
In other news, the ASX has updated its guidance on data breaches, highlighting the ever-growing risks and threats in cybersecurity. This comes as Federman & Sherwood investigates DG3 North America, Inc. for a data breach, and collection agency FBCS reveals that over 3.2 million people have been impacted by a data breach. On the legal front, trade groups are challenging the FCC's data breach rules, while a report reveals that only 49% of organizations feel somewhat prepared to handle a breach.
In the world of research, we'll be looking at the latest findings from security experts, including a critical look at Windows 11's AI-powered Recall feature and the cybersecurity problems of military electrification. Stay tuned for more updates on these stories and a roundup of the latest vulnerabilities. As always, we're here to keep you informed and prepared in the ever-evolving landscape of cybersecurity.
Data Breaches
- Christie's Auction House Data Breach: Christie's Auction House is notifying customers of a significant data breach following threats from the RansomHub ransomware group to leak stolen information. The extent of the data breach is yet to be determined. Source: CPOMagazine
- DG3 North America Data Breach: DG3 North America, Inc. is under investigation by Federman & Sherwood for a data breach. The details of the breach, including the number of affected customers and the type of data compromised, are currently unknown. Source: BusinessWire
- FBCS Data Breach: Debt collection agency Financial Business and Consumer Solutions (FBCS) has reported a data breach impacting over 3.2 million people. The nature of the compromised data is yet to be disclosed. Source: BleepingComputer
- 23andMe Data Breach: Genetic testing company 23andMe is facing a data breach, with lawyers vying for leadership fearing imminent bankruptcy. The extent of the breach and the impact on customers' genetic data is currently unknown. Source: The Recorder
Security Research
- Snowflake Warns: Targeted Credential Theft Campaign Hits Cloud Customers: Security researcher Kevin Beaumont has identified a targeted credential theft campaign impacting Snowflake's cloud customers. The suspected perpetrators are a teen crime group. Source: The Hacker News
- DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks: DarkGate malware campaigns are rapidly adapting, with the latest attacks replacing AutoIt with AutoHotkey to evade security solutions, according to Trellix security researchers. Source: The Hacker News
- Rapid7 launches new AI security research partnership with Queen's University Belfast: Rapid7 has partnered with Queen's University Belfast to speed up the delivery of cloud security innovations to the market. The collaboration aims to bridge the gap between the cybersecurity industry and academia. Source: Sync NI
- Vulnerabilities Exposed Millions of Cox Modems to Remote Hacking: Security researcher Curry has discovered vulnerabilities in Cox modems that could expose millions of devices to remote hacking. The vulnerabilities were first investigated in 2021. Source: Security Week
- Security Researcher Calls Windows 11 AI 'Recall' Screenshotting Feature a Disaster: Security researcher Kevin Beaumont has criticized Microsoft's new AI 'Recall' screenshotting feature in Windows 11, calling it a disaster due to its potential privacy implications. Source: MacRumors
Top CVEs
- CVE-2024-31310: This is a reserved CVE entry, details of which will be disclosed once the security problem is publicized by the responsible organization or individual. Until then, the nature of the vulnerability remains unknown. Source: Vulners
- CVE-2024-36123: This CVE entry is currently reserved and will be detailed once the associated security issue is made public by the responsible party. The specifics of the vulnerability are not available at this time. Source: Vulners
- CVE-2024-4540: This is a reserved CVE entry, the details of which will be disclosed once the security problem is publicized by the responsible organization or individual. Until then, the nature of the vulnerability remains unknown. Source: Vulners
- CVE-2024-31316: This CVE entry is currently reserved and will be detailed once the associated security issue is made public by the responsible party. The specifics of the vulnerability are not available at this time. Source: Vulners
- CVE-2024-5197: This is a reserved CVE entry, the details of which will be disclosed once the security problem is publicized by the responsible organization or individual. Until then, the nature of the vulnerability remains unknown. Source: Vulners
Final Words
And that's a wrap for today's Secret CISO newsletter. We've journeyed through the world of data breaches, ransomware threats, and cybersecurity research. From Christie's Auction House to Ticketmaster, no one is immune to the ever-evolving threats in the digital world. Remember, knowledge is power. Stay informed, stay vigilant, and most importantly, stay secure. If you found this newsletter helpful, please consider sharing it with your friends and colleagues. Let's work together to create a safer digital world for all. Until next time, keep your data close and your security closer. Stay safe out there, [Your Name]