Secret CISO 3/25: Education Sector's Data Security Posture, Cash Management Company Cyberattack, Star Casino Data Leak, Real Estate Cyber Threats, Fortinet Devices Breach, Data Security Trends 2024, Hotel Keycard Locks Vulnerability

Secret CISO 3/25: Education Sector's Data Security Posture, Cash Management Company Cyberattack, Star Casino Data Leak, Real Estate Cyber Threats, Fortinet Devices Breach, Data Security Trends 2024, Hotel Keycard Locks Vulnerability

Welcome to today's edition of Secret CISO, your daily dose of cybersecurity insights. Today, we delve into the realm of data security posture management in the education sector, exploring the urgent need for robust solutions to prevent data breaches. We'll also discuss the rising threat from nation-state actors and the importance of protecting data from keyboard to cloud. In the news, a cash management company has fallen victim to a cyberattack, exposing private insurance-related information. The Star casino's punters have also suffered a massive data breach, with their private details leaked on the dark web. We'll also look at the looming cyber threat in the real estate sector, where data breaches and ransomware assaults are targeting sensitive financial records and property management data. In the agribusiness sector, FPT and De Heus are partnering to elevate security operations, focusing on breach detection and defense measures. We'll also examine the link between compliance adherence and data breaches, the potential banning of TikTok due to data privacy concerns, and the rise of shadow, zombie, and rogue APIs. The global travel industry is facing a surge in data breaches, with a 157% increase from 2020 to 2023 in the U.S. Another company has succumbed to a phishing attack, and the UK electoral roll is under cyber-attack, allegedly linked to China. We'll also discuss the future of data privacy and compliance, the recent changes in Glassdoor's policy, and the implications of the EU's Artificial Intelligence Act. Finally, we'll highlight the latest research on small business cyber readiness, the activities of elite Russian hackers, and the latest vulnerabilities found in Apple's silicon and other platforms. Stay tuned for these stories and more in today's Secret CISO newsletter.

Data Breaches

  1. Twitter Data Breach: In a significant security incident, Twitter faced a major data breach that exposed sensitive user information. The breach was linked to shadow, zombie, and rogue APIs, highlighting the need for robust API security measures. Source: Sify
  2. Star Casino Data Hack: The Star Casino suffered a massive data breach that exposed the private details of its punters. Millions of documents were stolen, underscoring the growing threat of cyberattacks in the gambling industry. Source: Daily Mail
  3. Fortinet Devices Unauthorized Access: Cybercriminals claimed unauthorized access to Fortinet devices of many companies, highlighting the persistent threat to corporate security infrastructures. This breach underscores the importance of robust cybersecurity measures. Source: GBHackers
  4. Data Breach in Tourism Industry: The global travel industry has seen a surge in data breaches, with a notable 157% increase from 2020 to 2023 in the U.S. This underscores the urgent need for improved data security measures in the industry. Source: Travel and Tour World
  5. Insomniac Games Ransomware Attack: Insomniac Games was hit by a ransomware attack that led to a massive data breach, leaking 1.7 terabytes of data. The incident highlights the growing threat of ransomware attacks in the gaming industry. Source: The Sun

Security Research

  1. Cyber Wardens Research on Small Business Cyber Readiness: A survey by Cyber Wardens reveals that only half of the 2,100 small businesses surveyed consider cyber security a high-risk problem, indicating a significant gap in awareness and readiness. Source: CyberDaily.
  2. Elite Russian Hackers Targeting German Politicians: Google and Mandiant security researchers report that elite Russian hackers are targeting German politicians, highlighting the geopolitical implications of cyber threats. Source: iTnews.
  3. USENIX Security '23 Research: Researchers Jinwen Wang, Yujie Wang, Ao Li, Yang Xiao, Ruide Zhang, and Wenjing Lou present their research at USENIX Security '23, contributing to the ongoing discussions on cyber threats. Source: Security Boulevard.
  4. Unsaflok: A Hotel Keycard Hacking Method: Security researchers Ian Carroll and Lennert Wouters, along with their team, have discovered a method called Unsaflok that can open any of 3 million hotel keycard locks in seconds, raising serious security concerns in the hospitality industry. Source: Yahoo News Canada.
  5. Cisco Talos Research on TinyTurla-NG Implant: Cyber security researchers from Cisco Talos have discovered that a group is using the TinyTurla-NG (TTNG) implant for ongoing cyber attacks, underscoring the need for constant vigilance and updated security measures. Source: Cyber Security News.

Top CVEs

  1. CVE-2022-45352: A missing authorization vulnerability in Muffingroup Betheme allows unauthorized access to sensitive information. The issue affects all versions of Betheme. Users are advised to update to the latest version. Source: CVE-2022-45352
  2. CVE-2022-45851: ShareThis Dashboard for Google Analytics suffers from a missing authorization vulnerability. This issue affects all versions of the dashboard and could lead to unauthorized access to sensitive data. Users are advised to update to the latest version. Source: CVE-2022-45851
  3. CVE-2024-1564: The wp-schema-pro WordPress plugin before 2.7.16 does not validate post access, allowing a contributor user to access custom fields on any post regardless of post type or status. Users are advised to update to version 2.7.16 or later. Source: CVE-2024-1564
  4. CVE-2024-1962: The CM Download Manager WordPress plugin before 2.9.1 does not have CSRF checks in some places, which could allow attackers to make logged in admins edit downloads via a CSRF attack. Users are advised to update to version 2.9.1 or later. Source: CVE-2024-1962
  5. CVE-2024-29034: CarrierWave, a solution for file uploads for Rails, Sinatra and other Ruby web frameworks, has a vulnerability that allows for XSS attacks through the setting of a Content-Type value that is interpreted by browsers to be different from what's allowed by content_type_allowlist. Users are advised to update to version 3.0.7 or later. Source: CVE-2024-29034

Final Words

And that's a wrap for today's edition of Secret CISO. As we've seen, the world of data security is ever-evolving, with new threats and challenges emerging daily. From the education sector to the real estate industry, no sector is immune to the risk of data breaches. Remember, knowledge is power. By staying informed, we can all play a part in strengthening our data security posture and mitigating the risk of breaches. So, if you found today's newsletter helpful, why not share it with your colleagues and friends? Let's work together to create a safer digital world. Stay safe, stay informed, and see you in the next edition of Secret CISO.

Read more

Secret CISO 12/10: Unprecedented Data Breaches at HealthAlliance, Irish University, and Highgate Hotels; Deloitte and Cipla Deny Hacks; Research Reveals OpenWrt Vulnerability and Arctic Security Shifts

Secret CISO 12/10: Unprecedented Data Breaches at HealthAlliance, Irish University, and Highgate Hotels; Deloitte and Cipla Deny Hacks; Research Reveals OpenWrt Vulnerability and Arctic Security Shifts

Good morning, Secret CISO readers! Today's newsletter is packed with critical updates from the cybersecurity world. We're seeing a concerning trend of firms failing to grasp the financial impact of cyber breaches, with HealthAlliance paying a hefty $550,000 for neglecting a known vulnerability. In Ireland,

By Secret CISO