Secret CISO 9/8: Indian Parliament, Google Maps Breaches; Social Security, Merseyside Taxi Data Leaks; Yubico Security Key Vulnerability; North Korean LinkedIn Scams

Secret CISO 9/8: Indian Parliament, Google Maps Breaches; Social Security, Merseyside Taxi Data Leaks; Yubico Security Key Vulnerability; North Korean LinkedIn Scams

Welcome to today's issue of Secret CISO, your daily dose of the most impactful cybersecurity news. Today, we're diving into a series of security breaches and data leaks that have been making headlines. We start with a major security breach in the Indian Parliament, where the accused launched a coordinated gas attack aiming to discredit Indian democracy.

Then, we shift our focus to Google Maps, where security researchers have spotted a potential data breach that could expose your physical address. In the US, a data breach involving social security numbers could impact millions of Americans. Meanwhile, a New Yorker has been charged with hacking US computers, trafficking credit cards, and money laundering.

Across the pond, a significant data breach has exposed the names and addresses of thousands of taxi drivers on Merseyside. And back home, Adventist Health has discovered a data breach that could put thousands of Tulare patients' data at risk. In the tech world, we're decoding the most misunderstood data security terms in the US and exploring the secrets of physical penetration testing. We also look at the dangers of picking up the phone and the scariest money scams shared by cybersecurity experts.

Finally, we delve into the latest research in cybersecurity, including a study on youth opinions on AI, a report on how security budgets continue to outpace IT budgets, and an investigation into the use of COVERTCATCH malware via LinkedIn job scams. Stay tuned for more updates and remember, knowledge is the best defense against cyber threats. Stay safe, stay informed with Secret CISO.

Data Breaches

  1. Parliament Security Breach: A major security breach occurred on the anniversary of the 2001 Parliament terror attack. The accused launched a coordinated gas attack with the aim to discredit Indian democracy and gain global attention. Source: Times of India
  2. New Google Maps Security Alert: Security researchers at Malwarebytes Labs have spotted a potential data breach risk with Google Maps. Users' physical addresses could be exposed through data breach leaks and social media. Source: Forbes
  3. Social Security Data Breach: Personal information, including Social Security numbers, could have been stolen in a recent data breach, potentially affecting Medicare services. Source: Chattanooga Times Free Press
  4. New Yorker Charged With Hacking U.S. Computers: A New Yorker has pleaded guilty to charges of hacking U.S. computers, trafficking credit cards, and money laundering. This case highlights the ongoing threat of data breaches. Source: DataBreaches.net
  5. Merseyside Taxi Drivers' Data Leak: A significant data breach has exposed the names and addresses of thousands of taxi drivers on Merseyside, raising serious security concerns. Source: Taxi-Point

Security Research

  1. North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams: Researchers Robert Wallace and Blas Kojusner have discovered a new malware, COVERTCATCH, being deployed by North Korean threat actors via LinkedIn job scams. The malware is designed to steal sensitive information from unsuspecting victims. Source: The Hacker News.
  2. Security Budgets Continue to Outpace IT Budgets: According to Nick Kakolowski, Sr. Research Director at IANS, CISOs are prioritizing strategic investments in security over broad IT expansions. This trend indicates a growing emphasis on cybersecurity in the business sector. Source: Traders Magazine.
  3. VIU Researcher Studying Youth Opinions on AI: A researcher at Vancouver Island University is studying how young people perceive artificial intelligence. The study aims to understand the potential security implications and ethical considerations of AI from a youth perspective. Source: Nanaimo News Bulletin.
  4. Russian Hackers Using the Same Exploits As Those Deployed by Spyware Vendors: Security researchers have discovered a spying campaign on users in Mongolia, which ran from November 2023. The hackers used the same exploits as those deployed by spyware vendors, indicating a potential link between cybercriminals and commercial spyware. Source: MSN.
  5. Cyber Security Experts Share the Scariest Money Scams They've Seen — and How To Stay Safe: Abhishek Karnik, McAfee's Head of Threat Research, shares some of the scariest money scams he's seen and provides advice on how to stay safe. The article highlights the increasing sophistication of cyber scams and the importance of cybersecurity awareness. Source: Yahoo Finance.

Top CVEs

  1. CVE-2024-36138: A bypass vulnerability has been identified in Windows, allowing arbitrary command injection and code execution via child_process.spawn / child_process.spawnSync. This vulnerability is a result of an incomplete fix of CVE-2024-27980. Source: CVE-2024-36138
  2. CVE-2023-30587: A vulnerability in Node.js version 20 allows for bypassing restrictions set by the --experimental-permission flag using the built-in inspector module. This vulnerability affects Node.js users employing the permission model mechanism. Source: CVE-2023-30587
  3. CVE-2023-30582: A vulnerability in Node.js version 20 allows malicious actors to monitor files they do not have explicit read access to. This flaw arises from an inadequate permission model that fails to restrict file watching through the fs.watchFile API. Source: CVE-2023-30582
  4. CVE-2023-30583: A vulnerability in Node.js 20 allows fs.openAsBlob() to bypass the experimental permission model when using the file system read restriction with the --allow-fs-read flag. Source: CVE-2023-30583
  5. CVE-2023-30584: A vulnerability in Node.js version 20 relates to improper handling of path traversal bypass when verifying file permissions. Source: CVE-2023-30584

API Security

  1. CVE-2024-39715 - Code Injection Vulnerability in VSPC REST API: A low-privileged user with REST API access can remotely upload arbitrary files to the VSPC server, leading to remote code execution. This vulnerability exposes the server to potential malicious attacks, emphasizing the need for robust access control mechanisms in APIs. Source: Vulners
  2. CVE-2023-30582 - Inadequate Permission Model in Node.js API: A flaw in Node.js version 20's experimental permission model allows malicious actors to monitor files they do not have explicit read access to when the --allow-fs-read flag is used with a non-* argument. This vulnerability underscores the importance of a comprehensive permission model in API security. Source: Vulners
  3. CVE-2023-30583 - Permission Bypass in Node.js API: The fs.openAsBlob() function in Node.js 20 can bypass the experimental permission model when using the file system read restriction with the --allow-fs-read flag. This flaw arises from a missing check in the fs.openAsBlob() API, highlighting the need for thorough validation in API functions. Source: Vulners

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. From the Parliament security breach in India to the Google Maps security alert, we've covered a lot of ground. It's clear that the world of cybersecurity is as dynamic as ever, with new threats and vulnerabilities emerging daily. Remember, knowledge is power. By staying informed, we can all play a part in fortifying our defenses and safeguarding our digital world.

So, don't keep this valuable information to yourself. Share Secret CISO with your friends and colleagues, and let's spread the word about the importance of cybersecurity. Until next time, stay safe and stay vigilant.

Read more

Secret CISO 11/20: Ford's Supplier Data Breach, Cyera's $300M Funding Boost, Patelco and Aspen Healthcare Data Breaches, Microsoft's 'Zero Day Quest', T-Mobile Thwarts Data Breach

Secret CISO 11/20: Ford's Supplier Data Breach, Cyera's $300M Funding Boost, Patelco and Aspen Healthcare Data Breaches, Microsoft's 'Zero Day Quest', T-Mobile Thwarts Data Breach

Welcome to today's issue of Secret CISO, your daily dose of the most impactful cybersecurity news. Today, we delve into the world of data breaches, risk assessment tools, and the rising costs of cyber threats. Ford recently completed an investigation into a data breach, concluding that its systems

By Secret CISO