Welcome to the final edition of Secret CISO for 2023, where the digital landscape's shadows reveal their most pressing secrets. As the year closes, we uncover a series of breaches and vulnerabilities that remind us of the ever-evolving challenges in cybersecurity.

In a chilling revelation, the Kazu Group claims responsibility for a ransomware attack on ManageMyHealth, raising alarms about the sanctity of sensitive health data. Meanwhile, EmEditor's trusted installer has been compromised, turning into infostealer malware, urging users to take immediate action.

Oracle faces a potential class action lawsuit for allegedly mishandling data breach notifications, impacting millions. Similarly, MetroWest Credit Union and 700Credit grapple with breaches exposing thousands of Social Security numbers, spotlighting the perils of third-party data handling.

On the innovation front, a UK-based security researcher ethically hacked the Australian Government, earning a prestigious visa and underscoring the value of responsible disclosure. Yet, the emergence of Shai Hulud 3.0 malware and the active exploitation of MongoBleed remind us of the persistent threats to supply chains and databases.

Apple users are urged to install emergency updates following a major targeted attack, while an AI-discovered zero-day vulnerability in XSpeeder's devices goes unheeded, raising questions about the future of AI in cybersecurity.

As we step into a new year, these stories serve as a stark reminder of the vigilance required to protect our digital world. Stay informed, stay secure, and join us in 2024 for more insights from the frontlines of cybersecurity.

Data Breaches

1. ManageMyHealth Data Breach: The Kazu Group Claims Ransomware Attack. The Kazu group has claimed responsibility for a ransomware attack on ManageMyHealth (MMH), a prominent health management platform. This breach has raised concerns about the security of sensitive health data managed by the platform. Source: Geekzone.
2. EmEditor Website Breach Turns Trusted Installer Into Infostealer Malware: A breach at the EmEditor website has resulted in the trusted installer being turned into infostealer malware. Users are advised to disconnect affected systems from the network and perform full malware scans using updated endpoint security tools. Source: eSecurity Planet.
3. Oracle Facing Possible Class Action Over Data Breaches Impacting Millions: Oracle is facing a potential class action lawsuit for allegedly not complying with the Texas Data Breach Act. The lawsuit claims Oracle failed to notify affected individuals as required by law, impacting millions of users. Source: Statesman.
4. MetroWest Community Federal Credit Union Data Breach Impacts 7,573: A data breach at MetroWest Credit Union has affected 7,573 individuals, exposing sensitive information such as Social Security numbers and financial details. Affected individuals are advised to check if they are impacted. Source: Claim Depot.
5. 700Credit Breach Puts 5.8 Million Social Security Numbers at Risk: The 700Credit data breach has exposed 5.8 million Social Security numbers due to a failure by a third-party partner. This breach highlights the risks associated with third-party data handling. Source: Economic Times.

Security Research

1. Tech Bytes: Security researcher hacked the Australian Government to support his visa application: A UK-based security researcher successfully identified and responsibly disclosed a critical vulnerability within the Australian Government's systems. This act of ethical hacking led to the researcher being granted Australia's 858 National Innovation visa, highlighting the importance of responsible disclosure in cybersecurity. Source: Proactive Investors.
2. New Shai Hulud 3.0 malware variant raises fresh supply chain security concerns: Security researchers from Aikido Security NV have detected a new variant of the Shai Hulud malware, which refines previous techniques to target supply chains more effectively. This variant poses significant risks to businesses by potentially disrupting operations and compromising sensitive data. Source: SiliconANGLE.
3. 'Heartbleed of MongoDB' under active exploit - The Register: Dubbed MongoBleed, this vulnerability in MongoDB has been actively exploited, with security researchers publishing a proof of concept. The flaw allows attackers to access sensitive memory data, prompting urgent calls for patching and mitigation. Source: The Register.
4. Apple users urged to install emergency security updates following major targeted attack: Security researcher Gilherme Rambo discovered a hidden flaw in Apple's internal messaging system, leading to a major targeted attack. Apple has released emergency security updates to address this vulnerability, urging users to update their devices immediately. Source: UNILAD Tech.
5. AI-discovered maximum severity XSpeeder zero-day disregarded | SC Media: An AI-powered security research firm, pwn.ai, identified a maximum severity vulnerability in XSpeeder's network edge devices. Despite the critical nature of the flaw, the vendor has ignored the report, raising concerns about the handling of AI-discovered vulnerabilities. Source: SC Media.

Final Words

As we wrap up today's edition of Secret CISO, it's clear that the cybersecurity landscape is as dynamic and challenging as ever. From the alarming breaches at ManageMyHealth and 700Credit to the ethical hacking story that led to a visa grant, each piece of news underscores the critical importance of vigilance and proactive measures in safeguarding our digital world.

Whether it's the evolving threats like the Shai Hulud 3.0 malware or the urgent need for patching vulnerabilities such as MongoBleed, staying informed is your first line of defense. Remember, cybersecurity is not just about technology; it's about people, processes, and the continuous pursuit of knowledge.

If you found today's insights valuable, please share this newsletter with your friends and colleagues. Together, we can build a more secure digital future by spreading awareness and fostering a community of informed and vigilant cybersecurity advocates.

Thank you for joining us today. Stay safe, stay secure, and we'll see you in the next edition of Secret CISO!