Secret CISO 8/10: Massive Data Breach Exposes 3 Billion, CSC ServiceWorks, First Commonwealth FCU, McLaren Cyber Attacks, Netflix and Cash App Settlements, Microsoft Office Vulnerability, Security Research on AI Threats

Secret CISO 8/10: Massive Data Breach Exposes 3 Billion, CSC ServiceWorks, First Commonwealth FCU, McLaren Cyber Attacks, Netflix and Cash App Settlements, Microsoft Office Vulnerability, Security Research on AI Threats

Welcome to today's issue of Secret CISO, your daily dose of the most critical cybersecurity news. Today, we delve into the dark web, where a major IT breach has exposed the data of nearly 3 billion people. We'll also look at the latest security issues faced by CSC ServiceWorks, which has been hit by multiple data breaches over the past year. In legal news, Columbus is facing a class-action lawsuit over a cybersecurity breach that leaked data, including social security numbers.

In a continuations of the yesterday's story, Netflix is dealing with the fallout from a data breach that leaked a list of every anime, show, and movie. We also have updates on the Cash App settlement related to a data breach, with some payments reaching up to $2500. On the tech front, Microsoft is warning of an unpatched Office vulnerability that could lead to data exposure. In the healthcare sector, AG Nessel is alerting consumers on ways to protect their data following a cyber attack on McLaren. And in the world of finance, if you think you might have been impacted by the Ticketmaster hack, we have some advice on what to do next.

Finally, we'll explore the latest research in cybersecurity, including a student who raised security concerns in Mobile Guardian MDM weeks before a cyberattack, and a security researcher who has found basic security flaws in ransomware firms. Stay safe and informed with Secret CISO.

Data Breaches

  1. Major IT Breach Exposes Data of Nearly 3 Billion People: A recent data breach has exposed personal data of nearly 3 billion individuals, including Social Security Numbers and addresses. Source: Times of India
  2. CSC ServiceWorks Data Breach: CSC ServiceWorks has revealed a data breach affecting thousands of people, marking the latest security issue to beset the company over the past year. Source: TechCrunch
  3. First Commonwealth FCU Data Breach: Migliaccio & Rathod LLP is involved in the First Commonwealth FCU data breach investigation, highlighting the increasing need for robust cybersecurity measures. Source: CIO News
  4. McLaren Cyber Attack: Cyber attacks in the healthcare sector have been increasing, as well as the severity of the data breaches. The largest data breach in 2023 compromised numerous patient records. Source: Michigan Government News
  5. Netflix Data Breach: Netflix has suffered a data breach, resulting in the leak of several anime shows, movies, and other content. The breach underscores the need for stronger security measures in the entertainment industry. Source: Beebom

Security Research

  1. Northeastern partners with National Science Foundation to launch regional research security center: A new research security center, supported by a $4.9M investment from the NSF, will act as an information hub for the research community. This initiative aims to strengthen the security of research activities and protect intellectual property. Source: Northeastern Global News
  2. South Korea's HD HHI to build Large Test Vessel: Security researcher Eunhyuk Cha is contributing to the research and development of a large test vessel in South Korea. This project showcases the importance of international relations and security studies in the field of cybersecurity. Source: Korea Times
  3. How a cybersecurity researcher befriended, then doxed, the leader of LockBit ransomware gang: Security researcher Jon DiMaggio successfully infiltrated and exposed the leader of the LockBit ransomware gang. This case highlights the effectiveness of social engineering in cybersecurity. Source: CyberScoop
  4. Aqua Security Researchers Disclose Series of AWS Flaws: Aqua Security has discovered six vulnerabilities in Amazon Web Services' cloud services. This discovery underscores the continuous need for robust cloud security measures. Source: ZDNet
  5. Black Hat 2024: Security researchers warn of the growing threat of AI attacks, which could potentially become lethal. Cybersecurity company HiddenLayer recently highlighted this issue at Black Hat 2024. Source: CNET

Top CVEs

  1. CVE-2023-31315: A flaw in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. Source: CVE-2023-31315
  2. CVE-2023-38018: IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. Source: CVE-2023-38018
  3. CVE-2024-41890: Apache Answer has a vulnerability where a user sends multiple password reset emails, each containing a valid link. Within the link's validity period, this could potentially lead to the link being misused or hijacked. Users are recommended to upgrade to version 1.3.6. Source: CVE-2024-41890
  4. CVE-2024-7640: A critical vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. The manipulation of the argument case_register_id leads to sql injection. The attack may be initiated remotely. Source: CVE-2024-7640
  5. CVE-2024-7641: Another critical vulnerability was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. Source: CVE-2024-7641

API Security

  1. OpenFGA Authorization Bypass: OpenFGA v1.5.7 and v1.5.8 have been found vulnerable to authorization bypass when using Check API with a model that employs but not and from expressions and a userset. The recommended solution is to downgrade to v1.5.6, which is backward compatible. A patch is currently being developed. Source: Vulners and CVE
  2. s2n-tls's mTLS API ordering may skip client authentication: An API ordering issue in s2n-tls could cause client authentication to be unexpectedly disabled on the server. Server applications are affected if client authentication is enabled by calling s2n_connection_set_config() before s2n_connection_set_client_auth_type(). A patch is included in v1.5.0, and workarounds are available. Source: Vulners

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. As we've seen, the dark web continues to be a hotbed for data breaches, exposing the personal data of billions. From major IT breaches to vulnerabilities in popular apps, it's clear that cybersecurity is a pressing concern that requires our constant vigilance. Remember, knowledge is power. By staying informed about these issues, we can take steps to protect our data and maintain our digital security.

So, don't keep this valuable information to yourself.

Share this newsletter with your friends, colleagues, and anyone else who might benefit from it.

Together, we can create a safer digital world. Until next time, stay safe and secure!

Read more

Secret CISO 11/20: Ford's Supplier Data Breach, Cyera's $300M Funding Boost, Patelco and Aspen Healthcare Data Breaches, Microsoft's 'Zero Day Quest', T-Mobile Thwarts Data Breach

Secret CISO 11/20: Ford's Supplier Data Breach, Cyera's $300M Funding Boost, Patelco and Aspen Healthcare Data Breaches, Microsoft's 'Zero Day Quest', T-Mobile Thwarts Data Breach

Welcome to today's issue of Secret CISO, your daily dose of the most impactful cybersecurity news. Today, we delve into the world of data breaches, risk assessment tools, and the rising costs of cyber threats. Ford recently completed an investigation into a data breach, concluding that its systems

By Secret CISO