Hello there, Secret CISO readers! Today's issue is packed with the latest updates on the cybersecurity landscape. We're diving into the shocking revelation of a massive data breach, where a staggering 10 billion passwords were dumped on the hacker forum, BreachForums. This incident, dubbed as RockYou2024, is considered the biggest data breach ever reported, raising serious concerns about credential stuffing and brute force attacks.

But that's not all. We're also exploring the current state of cybersecurity threats, which are constantly evolving and posing new challenges. From the rise of AI-powered attacks to the critical unpatched flaws in popular Gogs Open-Source Git Service, we're covering it all. In the retail sector, we're discussing how SASE is shielding storefronts in the digital age, with insights from IBM Security's 2023 Cost of a Data Breach Report. We're also highlighting the importance of PCI-DSS compliance, as demonstrated by Pyypl's recent certification.

We'll also guide you on how to check if your password was leaked in a data breach, a crucial step in maintaining your online security. Plus, we're shedding light on the trends in the cloud database market and the implications of data sovereignty, security, and compliance. Lastly, we're touching upon the recent data breach claims against HITC Telecom by the STORMOUS Ransomware Group, the alleged Europol crypto data breach, and the unreported 2023 data breach at OpenAI. Stay tuned for these stories and more in today's issue of Secret CISO. Stay safe, stay informed!

Data Breaches

1. Ten Billion Passwords Dumped on Hacker Forum BreachForums: In a massive data breach, nearly 10 billion passwords were exposed on the hacker forum BreachForums, escalating the risk of credential stuffing and brute force attacks for users. Source: Techzine Europe and DQIndia
2. Shielding the Storefront: How SASE Protects Retailers in a Digital Age: IBM Security's 2023 Cost of a Data Breach Report indicates the average cost of a data breach, emphasizing the importance of strong security measures like the Payment Card Industry Data Security Standard (PCI DSS) for retailers. Source: Intelligent CISO
3. Critical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service: Unpatched flaws in the Gogs Git service pose severe security risks, enabling attackers to breach and manipulate code. Source: The Hacker News
4. STORMOUS Ransomware Group Claiming Breach of HITC Telecom: The STORMOUS ransomware group has claimed a breach of HITC Telecom, highlighting the ongoing threat of cyber attacks and breaches in the telecom sector. Source: Cyber Security News
5. IntelBroker Lists Alleged Europol Crypto Data Online: IntelBroker claimed a breach of Europol's EPE platform back in May, leading to the theft of critical files and documents. The data is now allegedly listed online, posing a significant security concern. Source: Cyber Daily

Security Research

1. Efficient water quality management could reduce future water scarcity by half: A new study by the Water Security Research Group suggests that efficient water quality management could potentially reduce future water scarcity by half. This research emphasizes the importance of water security and the need for effective management strategies. Source: idw-online.de
2. Critical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service: Security researchers Yakir Kadkoda and Ilay Goldman have disclosed critical unpatched flaws in the popular Gogs open-source Git service. The vulnerabilities could allow unauthorized access to sensitive data. Source: thehackernews.com
3. Research security in Australia and Defence Export Controls information session: The Australian Academy of Science, in collaboration with the Department of Defence, held a discussion on research security in Australia. The session focused on the importance of maintaining security in research and the role of defence export controls. Source: science.org.au
4. Crypto hacking thefts double to US$1.4 billion: Researchers have reported that the amount of cryptocurrency stolen in hacks globally more than doubled in the first six months of 2024. This highlights the increasing security risks associated with cryptocurrencies. Source: itnews.com.au
5. A&M researchers to test new lie detection technology at TAMIU: Researchers from Texas A&M, a partner of the ARLIS consortium of universities in the Intelligence and Security University Research Enterprise Academic Consortium, are testing a new lie detection technology. This research could potentially revolutionize security and intelligence operations. Source: lmtonline.com

Top CVEs

1. CVE-2024-3651: A vulnerability in the kjd/idna library, specifically within the idna.encode() function, affecting version 3.6, can lead to a denial of service condition due to its handling of crafted input strings. This vulnerability is triggered by a crafted input that causes the function to process the input with a high computational load, significantly increasing the processing time. Source: CVE-2024-3651
2. CVE-2024-38330: IBM System Management for i 7.2, 7.3, and 7.4 could allow a local user to gain elevated privileges due to an unqualified library program call. A malicious actor could cause user-controlled code to run with administrator privilege. Source: CVE-2024-38330
3. CVE-2024-6229: A stored cross-site scripting (XSS) vulnerability exists in the 'Upload Knowledge' feature of stangirard/quivr, affecting the latest version. Users can upload files via URL, which allows the insertion of malicious JavaScript payloads. These payloads are stored on the server and executed whenever any user clicks on a link containing the payload, leading to potential data theft, session hijacking, and reputation damage. Source: CVE-2024-6229
4. CVE-2024-31897: IBM Cloud Pak for Business Automation is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. Source: CVE-2024-31897
5. CVE-2024-37528: IBM Cloud Pak for Business Automation is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Source: CVE-2024-37528

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. We've covered a lot of ground, from the shocking dump of ten billion passwords on BreachForums to the latest advancements in AI-powered attacks. We've also looked at the importance of PCI-DSS compliance, how to check if your password has been leaked, and the rising trend of cyberattacks in the transportation industry. Remember, cybersecurity is a shared responsibility. It's not just about protecting your own data, but also about contributing to the overall security of the digital landscape.

So, if you found today's newsletter informative, please share it with your colleagues and friends. Let's spread the word and foster a culture of cybersecurity awareness. Stay safe, stay informed, and keep an eye out for tomorrow's edition of Secret CISO. Until tomorrow, remember - in the world of cybersecurity, staying alert is the key to staying secure.