Hello there, Secret CISO readers! We've got a jam-packed newsletter for you today, filled with the latest happenings in the world of cybersecurity. First up, we delve into the FTC's investigation of TikTok's data and security practices, specifically concerning children's privacy violations. This case has now been referred to the Department of Justice, highlighting the increasing scrutiny on social media platforms and their data handling practices.

Next, we turn our attention to a new law in Pennsylvania that mandates organizations affected by a data breach to cover the cost of credit monitoring for the victims. This is a significant step towards holding companies accountable for data breaches and ensuring victims are adequately supported. In other news, a nonprofit-led cloud security task force is discussing efforts to establish a “National Cyber Feed” for sharing threat information. This initiative could be a game-changer in the fight against cyber threats, enhancing collaboration and information sharing across organizations. We also cover a series of data breaches and cyberattacks, including the Niconico cyberattack, IntelBroker's alleged data leak of IT consulting firm Cognizant, and the TeamViewer hack attributed to Russian cyberspies. These incidents underscore the importance of robust cybersecurity measures and the potential consequences of lapses in security.

Finally, we explore the realm of public cloud security with a comprehensive guide for IT and security admins. As more organizations migrate to the cloud, understanding and implementing effective security measures is crucial. Stay tuned for more updates and insights in the world of cybersecurity. Stay safe and secure!

Data Breaches

1. Ticketmaster Data Breach: Ticketmaster has suffered a significant data breach, exposing sensitive user information. The company is now working to enhance its security measures to prevent future breaches. Source: Ticketmaster
2. Planet Nissan Data Breach Settlement: Planet Nissan has settled a class action lawsuit concerning a 2022 data breach that affected about 1,000 people. Affected individuals can claim payments worth $5,250 from the settlement. Source: Planet Nissan
3. DoorDash Data Breach Affecting 4.9 Million People: DoorDash has announced a data breach that has affected 4.9 million people. The breach has exposed sensitive user information, prompting the company to enhance its security measures. Source: DoorDash
4. ABI Research: Internet2 Grouper before version 5.6 has a critical authentication bypass vulnerability when using LDAP authentication in specific configurations. This flaw allows unauthorized access to sensitive systems, posing significant security risks. Source: ABI Research
5. Factorio versions before 1.1.101: Factorio versions before 1.1.101 are vulnerable to arbitrary code execution via crafted servers. Attackers can exploit Lua base module functions to execute bytecode, potentially compromising client systems. Source: Factorio

Security Research

1. The Problem the US TikTok Crackdown and Kaspersky Ban Have in Common: Security researcher Patrick Wardle discusses the fundamental differences between apps like TikTok and Kaspersky antivirus, highlighting the complexities of cybersecurity in the digital age. Source: WIRED
2. LayerZero CEO Dismisses Claims of Critical Vulnerability as 'Baseless': A blockchain security researcher identified a potential flaw in LayerZero's messaging system, which the CEO has dismissed as baseless. The incident underscores the importance of robust security measures in blockchain technology. Source: Coinspeaker
3. Rogue traders spy UK opportunity - Food Manufacture: A leading food expert warns that chaos in food security could jeopardize food safety, highlighting the critical intersection between food production and cybersecurity. Source: Food Manufacture
4. PMCG Hosts Conference on Critical Infrastructure Security: PMC Research presents a study on the state of critical infrastructure security and resilience in Georgia, emphasizing the importance of protecting critical infrastructure from cyber threats. Source: Georgia Today
5. Juniper Networks Releases Critical Security Update for Routers: Juniper Networks has released a critical security update for its routers, demonstrating the ongoing need for vigilance and proactive measures in cybersecurity. Source: The Hacker News

Top CVEs

1. IBM InfoSphere Information Server 11.7 Data Exposure: A vulnerability in IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. Source: CVE-2023-50953
2. IBM InfoSphere Information Server 11.7 Stored Cross-Site Scripting: IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI, potentially leading to credentials disclosure within a trusted session. Source: CVE-2024-28798
3. IBM InfoSphere Information Server 11.7 Authentication Bypass: IBM InfoSphere Information Server 11.7 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references. Source: CVE-2024-31898
4. IBM InfoSphere Information Server 11.7 Cross-Site Scripting: IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI, potentially leading to credentials disclosure within a trusted session. Source: CVE-2024-28794
5. IBM InfoSphere Information Server 11.7 Cross-Site Scripting: IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI, potentially leading to credentials disclosure within a trusted session. Source: CVE-2023-50964

API Security

1. CosmicSting: Critical Unauthenticated XXE Vulnerability in Adobe Commerce and Magento (CVE-2024-34102): A severe security flaw has been identified in Adobe Commerce and Magento, dubbed as CVE-2024-34102. This vulnerability arises from improper handling of nested deserialization, allowing attackers to exploit XML External Entities (XXE) during the process. The exploitation could lead to unauthorized admin access to REST API, GraphQL API, or SOAP API, potentially resulting in data theft, service disruption, and complete system compromise. Source: Vulners
2. Hard-Coded API Key Vulnerability in Piccoma App (CVE-2024-38480): The Piccoma App for Android and iOS versions prior to 6.20.0 has been found to use a hard-coded API key for an external service. This vulnerability could allow a local attacker to obtain the API key. However, it's important to note that the app's users are not directly affected by this vulnerability. Source: Vulners

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. From the FTC's investigation of TikTok's data practices to the latest data breaches and cybersecurity updates, we've covered a lot of ground. Remember, in the digital world, knowledge is your best defense. If you found this newsletter helpful, why not share it with your friends and colleagues? They might appreciate the heads-up, and we'd certainly appreciate the support.

Stay safe, stay informed, and keep an eye out for tomorrow's edition of Secret CISO. Until then, remember - the only secure system is one that's unplugged, locked in a safe, and buried 20 feet under the ground. And even then, I'd check on it from time to time.