Secret CISO 8/4: Stanford Study on Employee Security Training, Google Ads Glitch, SoftBank's Data Leak, WazirX's $230M Breach, TikTok's Privacy Laws Violation
Welcome to today's issue of Secret CISO, your daily dose of cybersecurity insights. Today, we're diving into the world of data breaches and how they're impacting businesses across the globe. Stanford University's recent study reveals that a staggering 88% of data breaches are caused by human error, emphasizing the importance of robust employee cyber training programs.
Meanwhile, a major glitch in Google Ads has exposed competitor data, raising serious privacy concerns. In other news, a whopping 54% of companies have experienced a third-party breach, with 40% struggling to handle these risks due to budget constraints. This comes as SoftBank and Naver face scrutiny following a data leak from Naver's cloud service last year.
On the financial front, WazirX, a crypto exchange, is exploring all options to restore its platform following a $230 million security breach. And in the corporate world, Intel is facing a jobs bloodbath with 15,000 roles on the line due to data breach recovery costs. In the healthcare sector, protecting patient data in the digital age is becoming increasingly critical as data breaches can lead to severe consequences, including identity theft and financial loss.
Lastly, we'll look at the role of Data Protection Officers in companies and how they're equipped to use a Data Breach Notification in the event of a breach. Stay tuned for more updates and remember, knowledge is the best defense against cyber threats. Stay safe and secure!
Data Breaches
- Major Glitch in Google Ads Exposes Competitor Data: A significant flaw in Google Ads allowed advertisers to identify their direct competitors by searching the exposed product titles, leading to serious privacy concerns. Source: The Cyber Express
- 54% of Companies Have Experienced Third-Party Breach: According to the CyberRisk Alliance's latest Cybersecurity Buyer's Intelligence Report, over half of companies have suffered a third-party data breach, with 40% struggling to manage these risks due to budget constraints. Source: India Technology News
- Data Leaks from Naver's Cloud Service: Japanese regulators are scrutinizing data leaks that originated from a breach of Naver's cloud service last year. This scrutiny has led SoftBank and Naver to sell down their stake in Japan's Line app. Source: The Japan Times
- $230 Million Breach at Crypto Exchange WazirX: Following a $230 million security breach, crypto exchange WazirX is exploring all options to restore its platform. The exchange had previously faced criticism for the idea of socializing loss. Source: Economic Times
- Cash App Faces Class Action Lawsuit Over Data Breaches: Mobile payment service Cash App is facing a class action lawsuit regarding data breaches that occurred between 2022 and 2023. Americans affected by the breaches can claim up to $2500 from a $15 million settlement. Source: The Sun
Security Research
- Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool: Hackers have been found exploiting misconfigured Jupyter Notebooks to launch DDoS attacks using a repurposed Minecraft tool. This highlights the importance of proper server security and the potential risks of misconfiguration. Source: The Hacker News
- Chinese Research Vessel Spotted in Escoda Shoal: A Chinese research vessel has been spotted surveying areas in the South China Sea, raising security concerns. This highlights the importance of tracking vessel movements for maritime security. Source: Philstar.com
- The Battle for the Poles: Major Powers Race to Control the Arctic and Antarctica: Major powers are racing to control the Arctic and Antarctica, with clear military and security applications. This highlights the geopolitical significance of these regions and the potential security implications. Source: Voz.us
- US Hands Over Russian Cybercriminals in WSJ Reporter Prisoner Swap: The US has handed over Russian cybercriminals in a prisoner swap, following the discovery of a significant security breach. This highlights the ongoing issue of cybercrime and the importance of international cooperation in addressing it. Source: WIRED
- The Dumbest Thing in Security This Week: CrowdStrike, Delta and Information Asymmetry: The realm of heap exploitation has always intrigued security researchers due to its complexity and the potential for high-impact vulnerabilities. This week, a case involving CrowdStrike and Delta highlighted the challenges and potential pitfalls in this area. Source: The Cyber Express
Top CVEs
- Unauthorized Data Modification in Sync Post With Other Site Plugin: The Sync Post With Other Site plugin for WordPress, up to version 1.6, is vulnerable to unauthorized data modification due to a missing capability check. This allows authenticated attackers with Subscriber-level access to create new draft posts and update existing ones. Source: CVE-2024-6709
- SQL Injection in itsourcecode Placement Management System: A critical vulnerability was found in itsourcecode Placement Management System 1.0, affecting an unknown function of the file login.php. The manipulation of the email argument leads to SQL injection, which can be launched remotely. Source: CVE-2024-7449
- Cross Site Scripting in FastAdmin: A problematic vulnerability was found in FastAdmin 1.5.0.20240328, affecting an unknown code of the file /[admins_url].php/general/attachment/edit/ids/4?dialog=1. The manipulation of certain arguments leads to cross site scripting, which can be initiated remotely. Source: CVE-2024-7453
- Local File Read by Prompt Injection in stitionai/devika: The stitionai/devika main branch is vulnerable to Local File Read (LFI) by Prompt Injection due to the integration of Google Gimini 1.0 Pro with HarmBlockThreshold.BLOCK_NONE for certain HarmCategories in safety_settings. This allows malicious commands to be executed, such as reading sensitive file contents. Source: CVE-2024-6331
- Improper Control of Resource Identifiers in SimpleMachines SMF: A critical vulnerability was found in SimpleMachines SMF 2.1.4, affecting an unknown function of the file /index.php?action=profile;u=2;area=showalerts;do=remove. The manipulation of the aid argument leads to improper control of resource identifiers, which can be launched remotely. Source: CVE-2024-7437
Black Hat Next Week?
Get Stickers at #3122
and learn API security
Final Words
And that's a wrap for today's edition of Secret CISO. We've covered everything from the importance of employee cyber training to the latest data breaches and security glitches. Remember, in the world of cybersecurity, knowledge is power. So, stay informed, stay vigilant, and most importantly, stay secure.
If you found this newsletter helpful, why not share it with your friends and colleagues?
Let's spread the word and help each other stay one step ahead of the cyber threats out there. Until next time, keep your data safe and your systems secure.