Secret CISO 11/30: Zello and Bologna FC Face Breaches, China's Privacy Settings Evolve, Canadian Media Sues OpenAI, Cybersecurity Measures Enhanced

Secret CISO 11/30: Zello and Bologna FC Face Breaches, China's Privacy Settings Evolve, Canadian Media Sues OpenAI, Cybersecurity Measures Enhanced

Hello there, Welcome to today's edition of the Secret CISO newsletter. We're here to keep you updated on the latest developments in the world of cybersecurity. Let's dive right in!

First up, we have a security alert from Zello, urging users to reset their passwords amid a likely data breach. This isn't the first time Zello has faced such an issue, highlighting the importance of robust security measures.

In sports, Bologna FC has fallen victim to a ransomware attack by RansomHub, leading to the theft of confidential data. This incident underscores the need for stringent security protocols across all sectors, including sports.

Moving to the East, a recent survey reveals that nearly half of China's digital users are still struggling with changing privacy and security settings. This statistic underscores the need for user-friendly security solutions and increased awareness.

In legal news, five Canadian news media outlets are suing OpenAI for copyright breach, part of a wave of lawsuits against the company over data used to train AI systems. Meanwhile, concerns over data breaches are prompting improvements in cybersecurity measures. Despite no medical record information being accessed in a recent breach, the incident has raised concerns about the security of sensitive data. In a similar vein, we're seeing lessons learned from a cyber attack being used to enhance data security measures. The incident in question involved unauthorized individuals gaining access to sensitive data.

In a shocking revelation, the Metropolitan Police accidentally revealed the names of alleged Westminster 'honeytrap' victims, likely to be reported as a data breach. On a concerning note, a recent report reveals that 64% of Americans have never checked to see if they were affected by a data breach. This statistic is a stark reminder of the need for proactive security measures and awareness. In the financial sector, Patelco Credit Union is under investigation following a data breach that has raised concerns over the security of sensitive personal information.

Finally, we have some expert strategies for navigating financial security in 2025, including diversifying investments, leveraging digital tools, building emergency funds, staying informed, and optimizing tax. That's all for today. Stay safe and secure!

Data Breaches

  1. Zello Users Advised to Reset Passwords Following Likely Breach: Zello, the popular push-to-talk app, has advised its users to reset their passwords as a precautionary measure following a likely data breach. This is not the first time Zello has suffered a data breach, highlighting the need for robust security measures. Source: WebProNews
  2. Bologna FC Victim of Ransomware Attack: Italian football club, Bologna FC, has confirmed a data breach following a ransomware attack by RansomHub. The hackers claim to have stolen all confidential data due to a lack of network security. Source: The Register
  3. OpenAI Sued by Canadian News Outlets for Copyright Breach: Five Canadian news media outlets have filed a lawsuit against OpenAI for a data breach. The case is part of a series of lawsuits against OpenAI over data used to train generative AI systems. Source: Al Jazeera
  4. Data Breach Raises Concerns at Patelco Credit Union: A data breach at Patelco Credit Union has led to concerns over the security of sensitive personal information. The breach was reported on June 29, 2024, and an investigation is currently underway. Source: KGET
  5. Met Police Accidentally Reveals Names of Alleged Victims: The Metropolitan Police has accidentally revealed the names of alleged victims in a 'honeytrap' case, likely to be reported as a data breach. One of the victims expressed their frustration at the breach. Source: The Guardian

Security Research

  1. What Putin's nuclear-capable Oreshnik missile means for NATO security: Alexander Graef, a senior researcher, suggests that Europe is on the brink of a new security threshold due to Putin's nuclear-capable Oreshnik missile. The implications for NATO security are significant and require urgent attention. Source: Washington Post
  2. Major Data Leak Exposes Personal Information of Thousands: A massive data leak, exposing over 600K sensitive files, has been made public. The leak was discovered by leading security researcher Jeremiah, raising concerns about potential ID theft. Source: Digital Information World
  3. Google And Microsoft Users Warned—Rockstar 2FA Bypass Attacks Incoming: Security researchers Diana Solomon and John Kevin Adriano warn that Microsoft user accounts are the prime target of incoming Rockstar 2FA bypass attacks. This highlights the need for robust security measures. Source: Forbes
  4. Microsoft launches $4M bug bounty challenge to secure AI, cloud: Microsoft has launched a $4M bug bounty challenge to incentivize high-impact security research and strengthen collaborations with external researchers. The challenge aims to enhance the security of AI and cloud technologies. Source: SC Media
  5. North Korean hackers impersonate tech professionals to steal billions in crypto: Researchers revealed at Cyberwarcon that North Korean hackers are impersonating tech professionals to steal billions in cryptocurrency. This highlights the increasing sophistication of cyber threats. Source: CryptoSlate

Top CVEs

  1. CVE-2024-53865 - IBM Z HMC Web Services API Clear Text Passwords: The Python package "zhmcclient" writes password-like properties in clear text into its HMC and API logs, affecting users who have enabled the Python loggers named "zhmcclient.api" or "zhmcclient.hmc". This issue has been fixed in zhmcclient version 1.18.1. Source: CVE-2024-53865
  2. CVE-2024-53507 - SQL Injection in Siyuan 3.1.11: A SQL injection vulnerability was discovered in Siyuan 3.1.11, potentially allowing malicious actors to manipulate SQL queries. Source: CVE-2024-53507
  3. CVE-2024-35367 - Out-of-bounds Read in FFmpeg n6.1.1: FFmpeg n6.1.1 has an Out-of-bounds Read vulnerability via libavcodec/ppc/vp8dsp_altivec.c, potentially leading to unauthorized data access. Source: CVE-2024-35367
  4. CVE-2024-36617 - Integer Overflow in FFmpeg CAF: FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF, potentially leading to a denial of service or other unspecified impact. Source: CVE-2024-36617
  5. CVE-2024-52782 - Remote Code Execution in DCME: DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution, potentially allowing malicious actors to execute arbitrary code. Source: CVE-2024-52782

API Security

  1. Exploit for Authentication Bypass by Spoofing in Zabbix: A new exploit has been discovered that allows for authentication bypass in Zabbix by spoofing. The exploit involves taking a cookie from the browser and replacing it with one in a script, along with changing the username. The new modified JWT token is then used to bypass the Zabbix SSO login portal. Source: vulners.com
  2. zhmcclient Clear Text Password Vulnerability: The Python client library for the IBM Z HMC Web Services API, zhmcclient, has been found to write password-like properties in clear text into its HMC and API logs. This issue affects users who have enabled the Python loggers named "zhmcclient.api" or "zhmcclient.hmc" and use certain functions. The issue has been fixed in zhmcclient version 1.18.1 and users are advised to upgrade. Source: vulners.com

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. From Zello's password reset to Bologna FC's ransomware attack, it's clear that cybersecurity is a crucial aspect of our digital lives. We hope these insights help you stay ahead of potential threats and enhance your security measures. Remember, cybersecurity isn't just a one-time fix, it's an ongoing process. So, stay vigilant, stay informed, and most importantly, stay secure. If you found this newsletter helpful, please consider sharing it with your friends and colleagues.

Let's work together to create a safer digital world. Until next time, keep those firewalls up and those passwords strong!

Read more

Secret CISO 12/10: Unprecedented Data Breaches at HealthAlliance, Irish University, and Highgate Hotels; Deloitte and Cipla Deny Hacks; Research Reveals OpenWrt Vulnerability and Arctic Security Shifts

Secret CISO 12/10: Unprecedented Data Breaches at HealthAlliance, Irish University, and Highgate Hotels; Deloitte and Cipla Deny Hacks; Research Reveals OpenWrt Vulnerability and Arctic Security Shifts

Good morning, Secret CISO readers! Today's newsletter is packed with critical updates from the cybersecurity world. We're seeing a concerning trend of firms failing to grasp the financial impact of cyber breaches, with HealthAlliance paying a hefty $550,000 for neglecting a known vulnerability. In Ireland,

By Secret CISO