Welcome to today's issue of Secret CISO, your daily dose of cybersecurity insights. Today, we delve into the unprecedented cybersecurity crisis that has rocked AT&T, affecting over 100 million people. We'll explore how this major data breach has sent shockwaves through the digital landscape, with hackers managing to access sensitive customer data. In a surprising twist, AT&T reportedly paid a hacker $370,000 to delete the stolen data. But how effective was this strategy?

And what does it mean for the future of cybersecurity? We'll also touch on the recent security breaches at the Hard Rock Stadium during the Copa final, where fans managed to breach security gates, causing chaos and raising serious questions about event security measures. In the political sphere, we'll discuss the near-fatal shooting of Donald Trump and the security lapses that led to this shocking event. Finally, we'll look at the gap between data security perceptions and breach reality, and why it's crucial to consider human emotions while developing cybersecurity measures. Stay tuned for these stories and more, as we keep you updated on the latest in cybersecurity.

Data Breaches

1. Data Breach at AT&T: The AT&T data breach in 2024 has affected approximately 73 million current and former customers. The company's customers were impacted by a data breach relating to cellular activity for a period of six months. AT&T reportedly negotiated with a liaison to pay a hacker hundreds of thousands of dollars to delete customer data that had been stolen in a mass-cyberattack. Source: iHeart, Cyber Daily, The Verge
2. Security Breach at Hard Rock Stadium: Fans breached security gates at Hard Rock Stadium ahead of Copa final. The incident involved fans, mostly wearing Colombia's yellow and red colors, jumping over security railings. The situation led to a chaotic scene with police trying to subdue the crowd. Source: NBC 5 Dallas-Fort Worth, WWLP
3. Security Lapses at Trump Rally: The attempted assassination of Donald Trump at a campaign rally in Butler, Pennsylvania, has raised significant security concerns. The incident has led to calls for the resignation of the head of the Secret Service due to the perceived security failure. Source: Times of India, Gazette
4. Data Breach at Cornerstone Healthcare Group Management Services: Cornerstone recently discovered that an unauthorized third-party potentially accessed and acquired sensitive and personal information. The breach is currently under investigation. Source: Business Wire
5. Data Breach at Center for Urban Community Services: Between September 4, 2023, and September 10, 2023, the Center for Urban Community Services (CUCS) experienced a cybersecurity incident. An unauthorized third-party potentially accessed and acquired sensitive and personal information. Source: Morning Star

Security Research

1. New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection: The new version of HardBit ransomware uses enhanced obfuscation, passphrase protection, and unique extortion tactics, making it more difficult for cybersecurity measures to detect and neutralize it. Source: The Hacker News
2. Rooftop where gunman shot at Trump was identified as a security vulnerability before rally: The Secret Service had identified a nearby building as a security concern before a Trump rally. This incident highlights the need for more thorough security measures at public events. Source: NBC News
3. Is the commercial flight industry slipping in safety standards? An expert explains: The Flight Safety Foundation has raised concerns about the safety standards in the commercial flight industry following multiple aviation incidents in the United States. Source: Global News
4. Security Bite: Apple addresses privacy concerns around Notification Center database: Apple has addressed privacy concerns related to the Notification Center database in its macOS Sequoia. This move demonstrates Apple's commitment to user privacy and data security. Source: Startup News
5. White House revamps security guidelines for universities: The White House has revised security guidelines for universities, which could have a significant impact on research institutions in the United States. The move is aimed at enhancing the security of sensitive research data. Source: University World News

Top CVEs

1. CVE-2024-39732 - IBM Datacap Navigator Vulnerability: IBM Datacap Navigator versions 9.1.5 to 9.1.9 temporarily store data from different environments, which could be accessed by a malicious user. This highlights the importance of secure data storage and handling practices. Source: vulners.com
2. CVE-2024-39741 - IBM Datacap Navigator Directory Traversal: IBM Datacap Navigator versions 9.1.5 to 9.1.9 could allow a remote attacker to traverse directories on the system using a specially crafted URL request. This underscores the need for robust input validation and URL encoding. Source: vulners.com
3. CVE-2024-39734 - IBM Datacap Navigator Cookie Security: IBM Datacap Navigator versions 9.1.5 to 9.1.9 do not set the secure attribute on authorization tokens or session cookies, potentially exposing them to attackers. This highlights the importance of secure cookie handling. Source: vulners.com
4. CVE-2024-39733 - IBM Datacap Navigator Credential Storage: IBM Datacap Navigator versions 9.1.5 to 9.1.9 store user credentials in plain text, which can be read by a local user. This emphasizes the need for secure credential storage. Source: vulners.com
5. CVE-2023-52885 - Linux Kernel Vulnerability: A vulnerability in the Linux kernel has been resolved that could lead to a use-after-free report in svc_tcp_listen_data_ready(). This highlights the need for regular patching and updates. Source: vulners.com

API Security

1. CVE-2024-6738 - Tronclass API Vulnerability: The thumbnail API of Tronclass, a product of WisdomGarden, has been found to lack proper access control. This vulnerability allows unauthenticated remote attackers to obtain specific files by altering the parameters. This highlights the importance of robust access control in API security. Source: Vulners.

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. From the unprecedented AT&T data breach to the security lapses at the Trump rally, it's clear that cybersecurity is more critical than ever. As we navigate this digital landscape, let's remember to stay vigilant, stay informed, and most importantly, stay secure.

If you found this newsletter helpful, why not share it with your friends and colleagues?

After all, cybersecurity is a team sport. We're all in this together. Stay tuned for tomorrow's edition where we'll bring you more exclusive insights from the world of cybersecurity. Until then, keep your data close and your security closer. Stay safe out there.