Secret CISO #15: BofA, State Street, Integris Health, and 50% of the French Citizens data stolen

Secret CISO #15: BofA, State Street, Integris Health, and 50% of the French Citizens data stolen

Happy to be with you again in this The Secret CISO newsletter! As we prepare to dive into another week, we're bringing you a special issue that covers the highlights from the weekend as well as the key insights and developments for Monday. In this edition, we'll explore the significant data breaches that have shaken the financial sector, highlighting the critical importance of cybersecurity vigilance. We'll also delve into the latest research findings that are shaping the landscape of cybersecurity, offering valuable insights into innovative defense strategies. Additionally, we'll spotlight some of the top job opportunities for cybersecurity professionals, showcasing the demand for expertise in this ever-evolving field. Join us as we navigate the digital frontiers, uncovering the challenges and opportunities that lie ahead in the world of cybersecurity.

1. Data Breaches

33M French Citizens Impacted in Country's Largest-Ever Breach

The CNIL is investigating a massive breach at two payment processors affecting 33 million French citizens, marking the country's largest data breach. The breach has raised significant concerns about the security of financial data in France and the effectiveness of current cybersecurity measures.

Read more: https://www.darkreading.com/cloud-security/33m-french-citizens-countrys-largest-ever-breach

US Government Accounting Office Notified by IT Contractor CGI Federal of Data Breach

The GAO announced a breach affecting approximately 6,000 records due to an incident with IT contractor CGI Federal. This breach highlights the vulnerabilities even within government institutions and raises questions about the safeguarding of sensitive information.

Read more: https://www.reuters.com/technology/us-government-accounting-office-says-it-was-notified-data-breach-by-it-2024-02-12/

Bank of America Notifies Consumers of Data Breach Stemming from Cyberattack at Infosys

A cyberattack on Infosys led to a data breach affecting Bank of America customers. Filed on February 6, 2024, this incident underscores the interconnected risks in the financial sector and the cascading effects of cybersecurity failures in vendor networks.

Read more: https://www.jdsupra.com/legalnews/bank-of-america-notifies-consumers-of-2237358/

State Street Files Notice of Data Breach Affecting Consumers' SSNs and Financial Info

State Street disclosed a data breach on February 5, 2024, that compromised Social Security numbers and financial information of consumers. This breach exemplifies the critical nature of securing financial institutions and the direct impact on consumer privacy and financial security.

Read more: https://www.jdsupra.com/legalnews/state-street-files-notice-of-data-7117046/

Integris Health Class Action Claims Data Breach Affects 2M Patients

A class action has been filed over a data breach at Integris Health, affecting nearly 2 million patients' personal information. This incident highlights the ongoing challenges in protecting health information and the significant consequences of breaches in the healthcare sector.

Read more: https://topclassactions.com/lawsuit-settlements/privacy/data-breach/integris-health-class-action-claims-data-breach-affects-2m-patients/

2. Top CVE

CVE-2022-34309 & CVE-2022-34310

IBM CICS TX Standard and Advanced Weak Cryptographic Algorithms These vulnerabilities in IBM CICS TX Standard and Advanced 11.1 reveal the use of weaker than expected cryptographic algorithms, potentially allowing attackers to decrypt highly sensitive information. Highlighting the importance of strong cryptographic standards, these issues underscore the risks associated with inadequate encryption practices in critical enterprise software.

Read more:https://www.ibm.com/support/pages/node/6832814

Read more:https://www.ibm.com/support/pages/node/6832924

CVE-2024-21762

Fortinet FortiOS & FortiProxy Out-of-Bounds Write Vulnerability. A critical out-of-bounds write vulnerability has been identified across multiple versions of Fortinet FortiOS and FortiProxy. This flaw could allow attackers to execute arbitrary code or cause a denial of service, pointing to the necessity for rigorous security in network infrastructure components and the prompt application of patches to mitigate potential exploitation.

Read more: https://www.fortiguard.com/psirt/FG-IR-24-015

CVE-2022-22506

IBM Robotic Process Automation Tenant User ID Exposure. A security flaw in IBM Robotic Process Automation 21.0.2 could lead to the exposure of user IDs across tenants. This vulnerability highlights concerns regarding data isolation and privacy in multi-tenant environments, emphasizing the need for stringent access controls and data protection measures in cloud-based and automated IT solutions.

Read more: https://exchange.xforce.ibmcloud.com/vulnerabilities/227293

CVE-2023-46615

Deserialization of Untrusted Data in Kalli Dan's KD Coming Soon Plugin. This deserialization vulnerability affects the KD Coming Soon plugin, illustrating the risks associated with deserializing untrusted data. It emphasizes the importance of secure coding practices and the potential for such vulnerabilities to compromise web applications, leading to unauthorized access or other security breaches.

Read more: https://patchstack.com/database/vulnerability/kd-coming-soon/wordpress-kd-coming-soon-plugin-1-7-php-object-injection-vulnerability?_s_id=cve

CVE-2024-0229

X.Org Server Out-of-Bounds Memory Access Flaw. An out-of-bounds memory access flaw in the X.Org server could lead to application crashes, local privilege escalation, or denial of service. This vulnerability highlights the challenges in securing foundational components of the Linux ecosystem and the potential repercussions of flaws in such critical infrastructure componen.

Read more: https://access.redhat.com/errata/RHSA-2024:0320

3. Security Research

Can a $10 Raspberry Pi Break Your PC's Disk Encryption?

This research by StackSmashing explores the potential of a low-cost Raspberry Pi to compromise Microsoft's BitLocker drive encryption. Highlighting the importance of physical security and the vulnerabilities in widely-used encryption technologies, this study underscores the evolving landscape of cybersecurity threats and the need for continuous vigilance in protecting sensitive data.

Read more: https://arstechnica.com/gadgets/2024/02/raspberry-pi-bitlocker-hack-is-a-new-spin-on-a-years-old-well-documented-exploit/

Ivanti Connect Secure Threat Activity Continues

Researchers have identified additional flaws in Ivanti Connect Secure, signaling ongoing susceptibility to suspected nation-state cyberattacks. This development emphasizes the critical nature of software security in the face of sophisticated threat actors and the importance of rapid response and remediation efforts to protect organizational assets and information.

Read more: https://www.cybersecuritydive.com/news/ivanti-threat-researchers-flaws/707261/

How Secure is Your Security Camera?

New research from Northeastern University reveals significant security gaps in security cameras, potentially allowing hackers to spy through them. This study raises critical questions about the security infrastructure of common surveillance technologies and highlights the need for robust security measures to protect privacy and prevent unauthorized access.

Read more: https://techxplore.com/news/2024-02-camera-hackers-spy-cameras-walls.html

CISA Releases 2024 Priorities for the Joint Cyber Defense Collaborative

This report outlines the strategic direction for enhancing national cybersecurity resilience, reflecting on the current state of security researcher engagement. It underscores the importance of collaboration across sectors to strengthen defenses against cyber threats and enhance the overall security posture of critical infrastructure and organizations.

Read more: https://cyberscoop.com/cisa-jcdc-2024-priorities/

Ovrdrive USB: The Self-Destructing Pendrive

Created by security researcher Ryan Walker, Ovrdrive USB introduces a novel security feature by self-destructing under certain conditions, emulating a James Bond gadget. This research highlights innovative approaches to data protection and the potential for new security technologies to safeguard sensitive information in a highly interconnected and digital world.

Read more: https://www.gearrice.com/update/ovrdrive-usb-the-pendrive-that-self-destructs-in-true-james-bond-style/

4. CISO Jobs

CISO Risk Officer C13

This position offers a competitive salary range of $125.8K to $188.6K per year for a VP-level role, highlighting the critical importance of risk management and cybersecurity leadership within the organization. The hybrid work model provides flexibility, catering to modern work preferences while ensuring effective risk oversight and strategic cybersecurity leadership.

Read more: https://www.linkedin.com/jobs/view/3828189854

Director Information Security at Locke and McCloud

Offering a salary range of $170K to $210K, this remote role emphasizes the growing demand for high-level cybersecurity expertise across geographical boundaries. The role underscores the importance of strategic information security management in protecting organizational assets in a predominantly digital landscape.

Read more: https://www.linkedin.com/jobs/view/3827664432

CISO at Serotonin

This remote Chief Information Security Officer position reflects the high stakes of cybersecurity leadership in today's digital age, requiring a strategic approach to managing cyber risks and ensuring the security of information assets in a dynamic and evolving threat environment.

Read more:https://www.linkedin.com/jobs/view/3823708380

Executive Director, Information Security- Governance, Risk and Compliance at BioSpace

This role focuses on the critical areas of governance, risk, and compliance within information security, indicating the importance of a holistic approach to cybersecurity that encompasses policy, procedures, and compliance with regulatory requirements to protect sensitive data and systems.

Read more:https://www.linkedin.com/jobs/view/3828182383

Director, Cybersecurity and Emerging Tech Policy at Microsoft

With a wide salary range of $124.8K to $264K, this position highlights the significance of policy development in cybersecurity and emerging technologies. It underscores the need for strategic leadership in shaping policies that address the challenges and opportunities presented by new technologies, ensuring that cybersecurity measures evolve in tandem with technological advancements.

Read more:https://www.linkedin.com/jobs/view/3825585682

Final Words

Thank you for reading Secret CISO #15!

We hope you found the insights valuable and the highlighted positions reflective of the critical and dynamic nature of the cybersecurity field. As we continue to navigate these challenging digital landscapes together, your support and engagement are greatly appreciated. Please consider sharing this newsletter with friends and colleagues who share our passion for cybersecurity. As a token of our gratitude, we're sharing a digital gift with you - a cyber lizard, symbolizing adaptability and resilience in the ever-evolving digital ecosystem. Stay safe, stay informed, and let's continue to strengthen our cyber defenses together.

Thank you again for your time and interest in our newsletter!

Always with you in all the cyber challenges, Secret CISO Team.