Secret CISO 7/21: Meta's $220M Fine, AT&T's Data Breach Lawsuit Continues, Global Tech Outage Exploited, and of course CrowdStrike's Faulty Update

Secret CISO 7/21: Meta's $220M Fine, AT&T's Data Breach Lawsuit Continues, Global Tech Outage Exploited, and of course CrowdStrike's Faulty Update

Welcome to today's issue of Secret CISO! Today, we're diving into a series of data breaches and security incidents that have been making headlines. First up, we're looking at a vendor data breach at UCHealth, a healthcare provider that recently opened a new open space in Greeley. The breach has led to the release of a new app for both iPhone and Android users, aimed at enhancing privacy and security.

Next, we're discussing the hefty $220 million fine that Nigeria has imposed on Meta for breaching data protection and consumer rights laws. The fine comes after accusations of discriminatory practices, abuse of market dominance, and unauthorized sharing of Nigerians' personal data.

In other news, the UK Cyber Security Center has reported an increase in phishing attempts following a global tech outage. The outage affected 8.5 million devices running Microsoft software, highlighting the scale of the threat. Meanwhile, Americans can now claim a one-time payment from a $2.25 million settlement following a data breach surrounding health data.

This comes as AT&T faces another class-action lawsuit over a major data breach impacting nearly all of its wireless customers. In the US, a survey among Chief Information Security Officers (CISO) has revealed that three in four organizations are at risk of a cyberattack, with Colorado businesses being the most at risk. Finally, we're covering a series of research findings and expert insights into the world of cybersecurity. From the potential of blockchain in preventing data breaches to the rise of AI-powered security kits, we're keeping you updated on the latest developments in the field. Stay tuned for more exclusive updates and insights in the world of cybersecurity.

Stay safe, stay informed with Secret CISO!

Data Breaches

  1. UCHealth Vendor Data Breach: UCHealth, a healthcare provider, has experienced a data breach through one of its vendors. The breach's extent and impact are yet to be disclosed. The organization has urged its users to download their app for updates. Source: UCHealth
  2. Meta Fined by Nigeria: Nigeria has fined Meta $220 million for breaching data protection and consumer rights laws. The social media giant is accused of discriminatory practices, market dominance abuse, unauthorized personal data sharing, and denying Nigerians access to their platform. Source: Firstpost
  3. AT&T Data Breach: AT&T is facing another class-action lawsuit following a major data breach that impacts nearly all of its wireless customers. The extent of the breach and the data compromised are yet to be disclosed. Source: MSN
  4. Fractal ID Data Breach: Fractal ID, a digital identity verification company, has suffered a data breach due to an employee reusing a password. The breach resulted in the theft of personal details of 6,300 users, representing 0.5% of its database. Source: The Block
  5. Coinbase-Linked Bank Security Breach: A security breach at a third-party bank used by Coinbase to process payments has exposed the personal information of more than 150 of the exchange's customers. The incident occurred on July 11th, and the extent of the breach is still under investigation. Source: Daily Hodl

Security Research

  1. China's State Security Authorities Warn of Foreign Espionage: China's state security authorities have issued a warning about foreign spy agencies attempting to steal core scientific research. A foreign spy, posing as the head of a consulting firm, was reported to have approached a researcher with the aim of extracting sensitive information. Source: Global Times
  2. Research Team Uncovers Optimal Conditions for Soursop Cultivation: A research team has discovered the optimal conditions for the cultivation of Soursop, a move that could boost food security and agricultural diversity. The findings could have significant implications for regions where food security is a pressing issue. Source: Newswise
  3. CrowdStrike Security Issue Causes Global Windows System Failures: A security issue with CrowdStrike has resulted in global Windows system failures. The situation has raised serious concerns about the broader implications of such vulnerabilities. Source: SecurityBrief Australia
  4. Korea Edges Ahead of Rivals to Build Europe's Nuclear Reactors: Korea is leading the race to build Europe's nuclear reactors, despite security concerns. Nuclear plants are considered sensitive pieces of infrastructure, and this development could have significant geopolitical implications. Source: BNN Bloomberg
  5. Google Introduces AI-Powered Security Kit: Google's Project Zero has introduced a new AI-powered security kit aimed at enhancing automated vulnerability research. This could potentially give human researchers a break and improve the efficiency of vulnerability detection. Source: MSN

Top CVEs

  1. CVE-2024-37944 - WP Travel Engine XSS Vulnerability: An XSS vulnerability has been identified in WP Travel Engine, due to improper neutralization of input during web page generation. This allows for stored XSS, potentially leading to unauthorized access or data manipulation. Users are advised to update to the latest version. Source: CVE-2024-37944
  2. CVE-2024-6848 - Post and Page Builder by BoldGrid XSS Vulnerability: The Post and Page Builder by BoldGrid plugin for WordPress is susceptible to stored Cross-Site Scripting via file uploads due to insufficient input sanitization and output escaping. This could allow authenticated attackers to inject arbitrary web scripts in pages. Updating to the latest version is recommended. Source: CVE-2024-6848
  3. CVE-2024-37946 - weDevs ReCaptcha Integration for WordPress XSS Vulnerability: An XSS vulnerability has been discovered in weDevs ReCaptcha Integration for WordPress, allowing for stored XSS. This could potentially lead to unauthorized access or data manipulation. Users are advised to update to the latest version. Source: CVE-2024-37946
  4. CVE-2024-37943 - YITH WooCommerce Ajax Product Filter XSS Vulnerability: YITH WooCommerce Ajax Product Filter has been found to have an XSS vulnerability due to improper neutralization of input during web page generation. This allows for reflected XSS, potentially leading to unauthorized access or data manipulation. Users are advised to update to the latest version. Source: CVE-2024-37943
  5. CVE-2024-37936 - Tabs For WPBakery Page Builder XSS Vulnerability: An XSS vulnerability has been identified in Tabs For WPBakery Page Builder, due to improper neutralization of input during web page generation. This allows for stored XSS, potentially leading to unauthorized access or data manipulation. Users are advised to update to the latest version. Source: CVE-2024-37936

API Security

  1. CVE-2024-6491 - Unauthorized Data Modification in Getwid – Gutenberg Blocks Plugin for WordPress: The Getwid – Gutenberg Blocks plugin for WordPress is susceptible to unauthorized data modification due to a missing capability check on the mailchimp_api_key_manage function in all versions up to, and including, 2.0.10. This vulnerability allows authenticated attackers, with Contributor-level access and above, to set the MailChimp API. Source: Vulners
  2. CVE-2024-6489 - Unauthorized Data Modification in Getwid – Gutenberg Blocks Plugin for WordPress: Similar to the above, this vulnerability in the Getwid – Gutenberg Blocks plugin for WordPress allows unauthorized modification of data. The flaw lies in the missing capability check on the get_google_api_key function in all versions up to, and including, 2.0.10. This makes it possible for authenticated attackers, with Contributor-level access and above, to set the Google API. Source: Vulners

Sponsored by Wallarm API Security Solution

Final Words

As we wrap up today's edition of Secret CISO, we're reminded that the digital landscape is a vast open space, much like the new Greeley open space, a refuge for nature lovers. However, unlike the serene and peaceful refuge, the digital landscape is fraught with threats and vulnerabilities. From vendor data breaches to global tech outages, the security challenges are as diverse as the species in a nature reserve. We've seen how Nigeria is taking a stand against data breaches, imposing hefty fines on Meta. Meanwhile, the US is compensating its citizens affected by data breaches. The AT&T data breach has sparked another class-action lawsuit, highlighting the need for robust security measures.

The cybersecurity landscape is a battlefield, and as CISOs, we're the frontline soldiers. We're constantly learning, adapting, and strategizing to keep our organizations safe. But we can't do it alone.

We need to share our knowledge, experiences, and strategies. So, if you found today's edition of Secret CISO helpful, please share it with your colleagues and friends. Let's build a community of cybersecurity professionals who are committed to making the digital world a safer place.

Remember, in the world of cybersecurity, knowledge is our greatest weapon. Stay informed, stay vigilant, and most importantly, stay safe. See you in the next edition of Secret CISO!

Read more

Secret CISO 11/24: Niantic's AI Map Data Breach, Baer's Furniture Co. Settlement, Netflix's Worst Leak, Microsoft's Security Failures, Irish Research on NHS Leak, Quantum-Proof Ethereum

Secret CISO 11/24: Niantic's AI Map Data Breach, Baer's Furniture Co. Settlement, Netflix's Worst Leak, Microsoft's Security Failures, Irish Research on NHS Leak, Quantum-Proof Ethereum

Welcome to today's edition of Secret CISO, your daily dose of the most impactful cybersecurity news. Today, we delve into the controversial use of Pokemon Go player data by Niantic to train AI map models, raising serious privacy concerns and potential data breach risks. We also discuss the

By Secret CISO