Welcome to today's issue of Secret CISO. We're diving into the deep end of data breaches, from how to minimize the damage to the latest victims of these cyber attacks. We'll take a look at the MeridianLink attack and the strategies used by the ransomware group BlackCat. We'll also discuss the fallout from the massive data breaches suffered by Victorian Freight Specialists, MediSecure, and ICBC, and how these incidents have impacted their operations and customer trust. In the world of entertainment, even Keanu Reeves isn't safe from data breaches.

We'll explore how the Ticketmaster data breach could be just the beginning of a larger problem. We'll also delve into the world of data security startups, with a focus on Eureka, an Israeli company that's caught the eye of Tenable. The legal repercussions of data breaches are also on our radar, with Christie's facing a class action lawsuit over a cyberattack and ICBC ordered to pay $15,000 to each person who had their data breached. Finally, we'll touch on the latest research in cybersecurity, including the potential risks of Microsoft's new AI tool, the growing threat of Linux espionage, and the discovery of a backdoor account in Zyxel products.

Stay tuned for all this and more in today's issue of Secret CISO.

Data Breaches

1. Victorian Freight Specialists Data Breach: Victorian Freight Specialists, a leading logistics company, has suffered a massive data breach, compromising their corporate, accounting, sales, customers, agents, and freight databases. The extent of the breach is yet to be determined. Source: Cyber Daily
2. MediSecure Data Breach: Australian e-prescription provider MediSecure has gone into administration weeks after a significant data breach. The breach resulted in customer information being posted online, leading to the company's collapse. Source: 9News
3. ICBC Data Breach: The Insurance Corporation of British Columbia (ICBC) has been ordered to pay $15,000 each to people who had their data breached before Justice Institute attacks. The total number of affected individuals is 79. Source: Vancouver Sun
4. Ticketmaster Data Breach: Ticketmaster, the world's leading online ticketing platform, has suffered a massive data breach. The extent of the breach and the impact on customers' data is currently unknown. Source: Ventureburn
5. TikTok Security Breach: TikTok, the popular social media platform, has recently dealt with a security breach when hackers targeted well-known brands and celebrities on the platform. The extent of the breach and the impact on users' data is currently unknown. Source: PYMNTS.com

Security Research

1. NSF enhances research security with new TRUST proposal assessment process: The U.S. National Science Foundation has introduced a new risk mitigation process called Trusted Research Using Safeguards and Transparency (TRUST) to enhance research security. Source: NSF
2. Researchers Show How Malware Could Steal Windows Recall Data: Researchers have demonstrated how malware can exploit a powerful feature in Windows Recall to steal data, urging Microsoft to address this security issue. Source: SecurityWeek
3. Apple promises to finally fix Screen Time bug that lets children visit blocked sites: Vienna-based security researchers Andreas Jagersberger and Ro Achterberg have discovered a bug in Apple's Screen Time feature that allows children to access blocked sites. Apple has promised to fix the bug. Source: AppleInsider
4. 'NsaRescueAngel' Backdoor Account Again Discovered in Zyxel Products: Security researcher Timothy Hjort from Outpost24 has discovered a backdoor account named 'NsaRescueAngel' in Zyxel products. Successful exploitation of these issues could lead to serious security breaches. Source: SecurityWeek
5. Russian Power Companies, IT Firms, and Govt Agencies Hit by Decoy Dog Trojan: Security researchers Aleksandr Grigorian and Stanislav Pyzhov have reported that Russian power companies, IT firms, and government agencies have been targeted by the Decoy Dog Trojan, leveraging primary compromise vectors from vulnerable systems. Source: The Hacker News

Top CVEs

1. CVE-2024-30172: A significant issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. The problem lies in an infinite loop that can occur via a crafted signature and public key during Ed25519 verification. This vulnerability could potentially allow attackers to cause a denial of service. Source: CVE-2024-30172
2. CVE-2024-35554: A Cross-Site Request Forgery (CSRF) vulnerability was found in idccms v1.35. The issue resides in the component, which could be exploited by an attacker to perform unwanted actions on behalf of an authenticated user. Source: CVE-2024-35554
3. CVE-2024-35576: Tenda AX1806 v1.0.0.1 was found to contain a stack overflow vulnerability via the iptv.stb.port parameter in the function. This flaw could allow an attacker to execute arbitrary code on the affected system. Source: CVE-2024-35576
4. CVE-2022-28658: A vulnerability in Apport argument parsing was discovered that mishandles filename splitting on older kernels, resulting in argument injection. This could potentially allow an attacker to escalate privileges. Source: CVE-2022-28658

Final Words

And that's a wrap for today's edition of Secret CISO. We've seen how data breaches can quickly escalate and cause significant damage to companies, and how crucial it is to have robust data security measures in place. From the MeridianLink attack to the unfortunate collapse of MediSecure, these incidents serve as stark reminders of the importance of cybersecurity in our increasingly digital world. Remember, knowledge is power. By staying informed, we can all play a part in creating a safer digital landscape.

If you found today's newsletter helpful, please consider sharing it with your friends and colleagues.

Let's work together to spread the word about the importance of cybersecurity. Stay safe, stay informed, and see you in the next edition of Secret CISO.