Secret CISO 3/2: OpenAI Got 5 State-Backed Threats, Lexington Medical Center and Fairway Independent Mortgage Corporation Data Breaches, and Local Government Incident Response

Welcome to today's Secret CISO Newsletter, your daily dose of critical cybersecurity insights. In this edition, we spotlight recent data breaches impacting a range of sectors, from healthcare to banking, alongside emerging threats and strategic discussions shaping the security landscape.

Dive into the details of breaches at Lexington Medical Center, Fairway Independent Mortgage Corporation, Aspen Dental, Chunghwa Telecom, and Bank of America, each presenting unique challenges and implications for data protection.

We also explore advancements in energy security, the growing edge security market, AI threats identified by Microsoft and OpenAI, vulnerabilities in two-factor authentication, and the White House's latest take on software engineering and encryption. Stay ahead with these pivotal updates, essential for navigating today's complex cybersecurity environment. Enjoy your reading!

1. Lexington Medical Center Data Breach: Lexington Medical Center has experienced a data breach, potentially leaking patients' sensitive information. The hospital is currently facing a lawsuit due to this breach. Source: https://www.wistv.com/2024/03/02/data-breach-lexington-medical-center-hospital-says-patients-info-may-have-been-leaked/
2. Fairway Independent Mortgage Corporation Data Breach: The lending industry continues to face data breaches, with Fairway Independent Mortgage Corporation recently filing notice of an incident. The details of the breach have not been disclosed yet. Source: https://www.scotsmanguide.com/news/industry-watch-another-data-breach-rocket-shutters-rocket-pro-originate-program-and-more/
3. Aspen Dental Data Breach: A patient has filed a proposed class-action lawsuit against Aspen Dental following a cyberattack that allegedly resulted in the theft of her personal information. The extent of the breach is still under investigation. Source: https://news.bloomberglaw.com/business-and-practice/aspen-dental-sued-by-patient-in-class-action-over-data-breach
4. Chunghwa Telecom Data Breach: Taiwan's largest telecom company, Chunghwa Telecom, has been breached by suspected Chinese hackers. The stolen data, including government-related details, are reportedly up for sale on the Dark Web. Source: https://www.darkreading.com/cyberattacks-data-breaches/taiwan-telco-breached-data-sold-on-dark-web
5. Bank of America Data Breach: Bank of America has experienced a data breach affecting more than 57,000 consumers. The details of the breach and the extent of the damage are still under investigation. Source: https://www.americanbanker.com/list/bofa-data-breach-ai-importance-top-tech-news-for-february-2024

1. "Improving energy security with policies focused on demand-side solutions": Researchers at the International Institute for Applied Systems Analysis (IIASA) have proposed a new approach to energy security that focuses on demand-side solutions. They argue that by reducing energy demand and increasing energy efficiency, countries can improve their energy security and reduce their dependence on imports. Source: https://www.eurekalert.org/news-releases/1036095
2. "Global Edge Security Industry Research 2023-2030: Rising Adoption of Cloud-based": The global edge security market is expected to grow significantly between 2023 and 2030, driven by the increasing adoption of cloud-based solutions. The report highlights the importance of edge security in protecting data and applications in the era of digital transformation. Source: https://finance.yahoo.com/news/global-edge-security-industry-research-223000281.html
3. "5 'State-Backed AI Threat Actors' Identified by Microsoft & OpenAI": Microsoft and OpenAI have identified five state-backed AI threat actors that pose significant cybersecurity risks. These actors are using advanced AI techniques to launch sophisticated cyberattacks, highlighting the need for robust AI security measures. Source: https://www.techopedia.com/5-state-backed-ai-threat-actors-identified-by-microsoft-openai
4. "Hacker Exposes Leak of Two-Factor Authentication Codes": A security researcher has exposed a database leak that contained two-factor authentication codes for major companies. This incident underscores the vulnerabilities in two-factor authentication systems and the need for stronger security measures. Source: https://beincrypto.com/hacker-leaks-two-factor-authentication-codes/
5. "White House's Software Engineering Advice + Child Safety and Encryption Bans": The White House has released a report on software engineering, noting that software measurability is one of the hardest open research problems to address. The report also discusses the challenges of balancing child safety with encryption. Source: https://www.lawfaremedia.org/article/white-house's-software-engineering-advice-child-safety-and-encryption-bans

1. CVE-2024-20328: A local attacker could exploit a vulnerability in ClamAV's VirusEvent feature to inject arbitrary commands with the privileges of the application service account. This is due to unsafe handling of file names. ClamAV has released software updates to address this vulnerability. Source: https://vulners.com/cve/CVE-2024-20328?utm_source=rss&utm_medium=rss&utm_campaign=rss
2. CVE-2023-52497: A vulnerability in the Linux kernel has been resolved that previously allowed for EROFS data corruption on new Intel x86 processors. The issue was due to the uncertain relative order of two individual virtual buffers. The decompressed buffer is now strictly used for lz4 inplace decompression. Source: https://vulners.com/cve/CVE-2023-52497?utm_source=rss&utm_medium=rss&utm_campaign=rss
3. CVE-2024-27355: An issue in phpseclib versions before 1.0.23, 2.0.47, and 3.0.36 could lead to a denial of service (CPU consumption) when processing the ASN.1 object identifier of a certificate. A sub identifier may be provided that triggers this vulnerability. Source: https://vulners.com/cve/CVE-2024-27355?utm_source=rss&utm_medium=rss&utm_campaign=rss
4. CVE-2024-27354: A vulnerability in phpseclib versions before 1.0.23, 2.0.47, and 3.0.36 could allow an attacker to cause a denial of service (CPU consumption) by constructing a malformed certificate containing an extremely large prime. This issue was introduced when attempting to fix a previous vulnerability. Source: https://vulners.com/cve/CVE-2024-27354?utm_source=rss&utm_medium=rss&utm_campaign=rss
5. CVE-2024-25552: A local attacker can gain administrative privileges by inserting an executable file in the path of the affected system. This vulnerability allows for unauthorized access and control over the system. Source: https://vulners.com/cve/CVE-2024-25552?utm_source=rss&utm_medium=rss&utm_campaign=rss

1. Chief Information Security Officer at AEG, Los Angeles, CA (On-site): AEG is offering a remarkable opportunity in the heart of Los Angeles with a salary range of $340K to $360K, plus medical benefits. This role calls for a visionary leader ready to steer the cybersecurity helm at a leading entertainment and sports company. Source: https://www.linkedin.com/jobs/view/3825381607
2. Chief Information Security Officer at Northwest Bank, Columbus, OH: Northwest Bank is seeking a CISO to safeguard its financial services in Columbus. This role is pivotal for those looking to impact the banking sector's cybersecurity strategies profoundly. Source: https://www.linkedin.com/jobs/view/3809554186
3. Deputy Chief Information Security Officer at American Credit Acceptance, Spartanburg, SC (On-site): American Credit Acceptance is on the hunt for a Deputy CISO in Spartanburg. This position offers a unique chance to play a critical role in shaping the cybersecurity landscape of the finance industry. Source: https://www.linkedin.com/jobs/view/3826184567
4. Chief Information Security Officer (CISO)/Head of Enterprise IT at Stitch Fix, United States (Remote): Stitch Fix is revolutionizing the retail space and is in search of a CISO/Head of Enterprise IT. Offering a remote work setup with a salary of $345K/yr, this role is ideal for leaders passionate about combining cybersecurity with cutting-edge technology in the retail industry. Source: https://www.linkedin.com/jobs/view/3843543995
5. Deputy Chief Information Security Officer at Dice, Washington, DC (On-site): Dice is seeking a Deputy CISO in the dynamic setting of Washington, DC. Positioned within a leading technology job board, this on-site role challenges a cybersecurity professional to defend against the latest cyber threats. It’s a pivotal opportunity for those eager to drive cybersecurity initiatives in a vibrant tech environment. Source: https://www.linkedin.com/jobs/view/3821090617

Thanks for catching up with today's key cybersecurity updates. Your insights make our community stronger. If you found this newsletter valuable, please share it with peers who can benefit from staying on top of these critical developments.

Let's keep the conversation going and work together towards a more secure digital world. Share today, secure tomorrow.