Welcome to today's edition of Secret CISO, your daily dose of the latest happenings in the world of cybersecurity. Today, we're diving into a series of data breaches that have impacted institutions across the globe. First on our list is the Stanford University data breach, where the ransomware group Akira compromised personal information of 27,000 individuals. Meanwhile, the Government Employees Pension Fund (GEPF) is grappling with a data leak from a ransomware attack, raising concerns about the security of pension funds. In a surprising turn of events, the Department of Personal Data Protection (JPDP) confirmed that there was no personal data breach following an alleged cyberattack on Maxis. However, the situation is not as rosy in South Africa, where a data leak from LockBit has exposed personal data of every South African, causing alarm in the GEPF. The Irish Health Service Executive also suffered a massive data leak, discovered by security researcher Aaron Costello. On the other side of the globe, Roku disclosed a data breach compromising over 15,000 accounts, with hackers selling credentials online. In legal news, UniCredit and NTT Data have been fined over a 2018 data breach due to their failure to adopt effective security measures. Meanwhile, Greenville business reports a security breach of patients' information, and Gibbs Law Group has filed a class action lawsuit on behalf of consumers affected by a data breach. In research news, critical security flaws have been uncovered in ChatGPT plugins, and Google has paid $10 million to security researchers in bug bounty in 2023. Stay tuned for more updates and remember, in the world of cybersecurity, staying informed is your first line of defense.

Data Breaches

1. Stanford University Data Breach: A ransomware group named Akira initiated a data breach at Stanford University, compromising a significant amount of personal information. The breach has impacted approximately 27,000 individuals. Source: The Cyber Express.
2. GEPF Pension Fund Data Leak: The Government Employees Pension Fund (GEPF) expressed concern over a data leak following a ransomware attack. The breach potentially exposed sensitive data from the pension fund. Source: TimesLIVE.
3. Roku Data Breach: Roku, the streaming platform, suffered a data breach compromising more than 15,000 accounts. The breach was not a direct hack on Roku but likely the result of hackers finding credentials exposed in other company data breaches. Source: Yahoo Movies UK.
4. Irish Health Service Executive Data Leak: A significant data leak was discovered in the Irish Health Service Executive. The breach followed an undisclosed cyber attack, exposing sensitive health data. Source: Cybernews.
5. UniCredit and NTT Data Breach: UniCredit and NTT Data were fined over a 2018 data breach. The Italian Data Protection Authority found that UniCredit failed to adopt technical and security measures capable of effectively countering cyberattacks. Source: Regulation Asia.

Security Research

1. 'New Research Exposes Security Risks in ChatGPT Plugins': Security researchers have found critical vulnerabilities in ChatGPT plugins that could allow attackers to take control of the system. These flaws pose a significant risk to user data and system integrity. Source: Infosecurity Magazine
2. 'Google paid $10 million to security researchers in bug bounty in 2023': Google has rewarded 632 researchers from 68 countries for identifying and reporting security issues in its products and services, totaling $10 million in bug bounties in 2023. This initiative underscores Google's commitment to improving its security posture. Source: Android Headlines
3. 'HSE computer glitch put Covid vaccine data of up to 1m people at risk': Security researcher Aaron Costello discovered a glitch in the Irish Health Service Executive's system in December 2021, potentially putting the Covid vaccine data of up to 1 million people at risk. This incident highlights the importance of robust security measures in healthcare data management. Source: BreakingNews.ie
4. 'Researchers Highlight Google's Gemini AI Susceptibility to LLM Threats': Researchers have identified vulnerabilities in Google's Gemini large language model that could lead to security breaches, including system prompts leakage and malicious content generation. This research underscores the need for rigorous security measures in AI systems. Source: The Hacker News
5. 'Security researchers demonstrate how Teslas can be stolen through phishing attacks': Two cybersecurity researchers have revealed a flaw in Tesla's security framework that could enable car theft through simple phishing attacks. This discovery underscores the need for robust security measures in the automotive industry. Source: Drive Tesla Canada

Top CVEs

1. CVE-2023-42789 - Fortinet FortiOS Out-of-Bounds Write: This vulnerability allows an attacker to execute unauthorized code or commands via specially crafted HTTP in various versions of Fortinet FortiOS and FortiProxy. Users are advised to update their systems to the latest versions to mitigate this risk. Source: CVE-2023-42789
2. CVE-2024-26198 - Microsoft Exchange Server Remote Code Execution: This vulnerability allows remote attackers to execute arbitrary code on the target system. Microsoft has released patches to address this vulnerability and users are advised to update their systems immediately. Source: CVE-2024-26198
3. CVE-2024-21408 - Windows Hyper-V Denial of Service: This vulnerability allows an attacker to cause a denial of service condition on Windows Hyper-V. Microsoft has released patches to address this vulnerability and users are advised to update their systems immediately. Source: CVE-2024-21408
4. CVE-2024-21435 - Windows OLE Remote Code Execution: This vulnerability allows remote attackers to execute arbitrary code on the target system via Windows OLE. Microsoft has released patches to address this vulnerability and users are advised to update their systems immediately. Source: CVE-2024-21435
5. CVE-2024-27758 - RPyC Remote Code Execution: This vulnerability allows a remote attacker to execute arbitrary code on the target system via a specially crafted class in RPyC before 6.0.0. Users are advised to update their systems to the latest versions to mitigate this risk. Source: CVE-2024-27758

Final Words

And that's a wrap for today's edition of Secret CISO. We hope you found these updates insightful and helpful in keeping your organization's data secure. Remember, the world of cybersecurity is ever-evolving, and staying informed is the first step in staying secure. If you found this newsletter valuable, we encourage you to share it with your friends and colleagues. They might find it just as useful as you do. Let's work together to create a safer digital world. Stay safe, stay informed, and see you in the next edition of Secret CISO.