Secret CISO 9/30: MoneyGram's data breach, OpenAI drama affects users safety, Iranian spear phishing threat, and new research on router users' security awareness

Secret CISO 9/30: MoneyGram's data breach, OpenAI drama affects users safety, Iranian spear phishing threat, and new research on router users' security awareness

Welcome to today's issue of Secret CISO, your daily dose of the latest in cybersecurity news. Today, we're diving into a whirlwind of data breaches, security investments, and emerging threats. Meta is making headlines after being slapped with a hefty $102m EU fine for a security breach, a stark reminder of the importance of robust security measures. Meanwhile, Attorney General Michelle Henry has launched a new Data Breach Portal for Pennsylvanians, a proactive move in the face of increasing data incidents. In the corporate world, only 2% of organizations are fully implementing cyber resilience measures, with data protection/trust and cloud security being top investment priorities. MoneyGram is under investigation following a data breach, and Amazon has emerged victorious in a recent case, setting a precedent for future data breach prosecutions.

On the global stage, security agencies from the UK and US are warning of a growing Iranian spear phishing threat, while Cameroon's pension fund downplays a recent ransomware attack. In the realm of technology, we explore data security best practices for Cloud CRM systems, the value of security investments for business growth, and the balance between understanding threats and responding to them. Plus, a new vulnerability in Kia's system enables remote access to millions of cars using just a license plate.

Finally, we delve into the world of research, with new studies revealing the key to identifying ransomware attacks, the urgent need for investment in global water security, and the potential vulnerabilities in AI APIs. Stay tuned for more updates and insights in the ever-evolving world of cybersecurity. Stay safe, stay informed.

Data Breaches

  1. Meta Fined for Security Breach: Meta was fined $102 million by the EU for a security breach involving the storage of passwords in plain text, a basic security measure neglect. Source: FinTech Global
  2. MoneyGram Under Investigation Following Data Breach: MoneyGram is under investigation by the ICO following a data breach reported by the company. The extent of the breach is yet to be determined. Source: Computing UK
  3. Cameroon's Pension Fund Data Breach: Cameroon's National Social Insurance Fund reported a data breach, which they claim to be inconsequential. The impact of the breach is still under review. Source: ITWeb Africa
  4. Chile's CCU Loses Data in Cybersecurity Breach: Compañía de Cervecerías Unidas (CCU) reported a cybersecurity breach that impacted its IT systems in South America. The extent of the data loss is yet to be determined. Source: Wine Business
  5. Services Australia Reports Breach Spike: Services Australia reported a 330% increase in breaches, with stolen account details being the primary cause. The agency is working on mitigating the issue. Source: Information Age | ACS

Security Research

  1. New Critical Password Warning—86% Of All Router Users Need To Act Now: A recent study reveals that a staggering 86% of broadband users are unaware of the cybersecurity measures of their devices, emphasizing the need for increased user education on device security. Source: Forbes
  2. Critical printing system bugs affect hundreds of thousands of Linux machines: Security researcher Simone Margaritelli has disclosed several unpatched vulnerabilities affecting Linux systems, highlighting the need for immediate patching and system updates. Source: Cybernews
  3. New Research Reveals Windows Event Logs Key to Identifying Ransomware Attacks: JPCERT/CC has identified that Windows Event Logs can be crucial in identifying ransomware attacks, providing a new tool for cybersecurity professionals. Source: Cybersecurity News
  4. Urgent investment needed to tackle global water security: A new study by researchers at the Advanced Science Research Center at the CUNY Graduate Center identifies regions most vulnerable to water security issues, calling for urgent investment in these areas. Source: Innovation News Network
  5. ChatGPT's New Memory Feature Raises Security Concerns Over Manipulation and False Information Storage: Security researcher Johann Rehberger has identified vulnerabilities in ChatGPT's new memory feature, raising concerns over potential manipulation and false information storage. Source: Times Now News

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO! We've covered a lot of ground, from the drama at OpenAI to the hefty fine Meta had to pay for a security breach. We've also delved into the importance of data protection and the alarming fact that only 2% of organizations fully implement cyber resilience measures. Remember, in the world of cybersecurity, knowledge is power.

So, stay informed, stay vigilant, and most importantly, stay secure. If you found this newsletter helpful, please consider sharing it with your friends and colleagues. Let's work together to create a safer digital world. Until next time, keep your data close and your security settings closer. Stay safe out there!

Read more

Secret CISO 11/20: Ford's Supplier Data Breach, Cyera's $300M Funding Boost, Patelco and Aspen Healthcare Data Breaches, Microsoft's 'Zero Day Quest', T-Mobile Thwarts Data Breach

Secret CISO 11/20: Ford's Supplier Data Breach, Cyera's $300M Funding Boost, Patelco and Aspen Healthcare Data Breaches, Microsoft's 'Zero Day Quest', T-Mobile Thwarts Data Breach

Welcome to today's issue of Secret CISO, your daily dose of the most impactful cybersecurity news. Today, we delve into the world of data breaches, risk assessment tools, and the rising costs of cyber threats. Ford recently completed an investigation into a data breach, concluding that its systems

By Secret CISO