Welcome to today's edition of Secret CISO, your daily dose of the latest in cybersecurity news. Today, we're diving into a series of data breaches that have left millions at risk. First up, we're looking at a massive data leak from Pakistan's national database, putting the personal data of 2 million citizens at risk. The breach, which was jointly investigated by the Interior Ministry and the Pakistan Telecommunication Authority, is just the tip of the iceberg, with a total of 2.7 million Pakistani data compromised over the past five years. In other news, the HIPAA Journal reports on the growing threat of credential harvesting, a tactic that often precedes more extensive attacks. Meanwhile, cyber gang Qilin claims to have stolen 550 GB of company data from The Big Issue, and TransUnion faces an enforcement notice following a data breach. On the recovery front, gaming platform Munchables has managed to recover $62 million taken in a security breach. However, a flaw in the Ray AI framework potentially leaks sensitive data of workloads, highlighting the ongoing challenges in cybersecurity. We'll also be discussing the latest in cybersecurity research, from a new phishing attack delivering a keylogger disguised as a bank payment notice, to the surge in evasive malware as reported by the WatchGuard Threat Lab. Stay tuned for more updates on these stories and more, as we continue to keep you informed on the ever-evolving world of cybersecurity. Stay safe, stay secure.

Data Breaches

1. "Personal data of 2 million Pakistanis at risk after leak from national database": A joint investigation by the Interior Ministry, Pakistan Telecommunication Authority (PTA), and the Federal Investigation revealed a significant data breach, putting the personal data of 2 million Pakistanis at risk. The breach has raised serious concerns about the country's data security infrastructure. Source: Firstpost
2. "2.7 million Pakistani data compromised over five years": In a severe data breach, the personal information of 2.7 million Pakistanis was compromised from the national database over a period of five years. The breach has raised questions about the country's ability to protect its citizens' data. Source: Deccan Herald
3. "Qilin says it attacked The Big Issue, leaked sensitive data": Cybercriminal group Qilin claimed responsibility for a data breach at The Big Issue, stating they had stolen 550 GB of company data. The extent of the breach and the sensitivity of the data leaked is still under investigation. Source: The Register
4. "TransUnion faces enforcement notice from information regulator following data breach": Following a data breach on March 18, 2022, credit bureau TransUnion has received an enforcement notice from the Information Regulator. The breach's impact on consumers and the company's response are being closely monitored. Source: Teiss
5. "Munchables recovers $62 million taken in security breach": Gaming platform Munchables recovered $62 million in ETH following a major security incident. The breach highlights the ongoing security challenges faced by companies in the cryptocurrency sector. Source: The Block

Security Research

1. "Apple users targeted by 'Reset Password' attack": A persistent attack on Apple users, involving a 'Reset Password' prompt and a fake Apple Support call, has been identified by a security researcher. The attack lasted for several days and is considered incredibly annoying for the users. Source: Mashable
2. "AI framework vulnerability compromising enterprise servers (CVE-2023-48022)": A vulnerability in an AI framework has been exploited to compromise enterprise servers, according to Avi Lumelsky, a researcher at Oligo Security. The attack started 7 months ago and has affected hundreds of servers. Source: Help Net Security
3. "Binarly secures $10.5m to bolster software supply chain security efforts": Binarly, a company founded by former NVIDIA researcher Alex Matrosov, has secured $10.5 million to enhance its software supply chain security efforts. The company has quickly gained recognition in the vulnerability research field. Source: FinTech Global
4. "WatchGuard Threat Lab Analysis Shows Surge in Evasive Malware": WatchGuard Threat Lab researchers have detailed a surge in evasive malware in their latest security report. The report outlines the top malware trends and network and endpoint security threats. Source: IT Security Guru
5. "New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice": A new phishing attack that delivers a keylogger disguised as a bank payment notice has been discovered by security researcher Bernard. The loader used in the attack employs obfuscation and complex decryption methods to evade detection. Source: The Hacker News

Top CVEs

1. CVE-2023-48777: Elementor Website Builder suffers from an unrestricted file upload vulnerability, affecting versions 3.3.0 and later. This could allow an attacker to upload dangerous file types. Source: CVE-2023-48777
2. CVE-2023-47873: WP Child Theme Generator is vulnerable to unrestricted file upload, potentially enabling an attacker to upload malicious files. The affected versions are currently unspecified. Source: CVE-2023-47873
3. CVE-2023-47846: WP Githuber MD has an unrestricted file upload vulnerability, which could be exploited by an attacker to upload dangerous file types. The affected versions are currently unspecified. Source: CVE-2023-47846
4. CVE-2023-48275: Widgets for Google Reviews is vulnerable to unrestricted file upload, potentially allowing an attacker to upload malicious files. The affected versions are currently unspecified. Source: CVE-2023-48275
5. CVE-2023-47842: CataBlog suffers from an unrestricted file upload vulnerability, which could be exploited by an attacker to upload dangerous file types. The affected versions are currently unspecified. Source: CVE-2023-47842

Final Words

And that's a wrap for today's edition of Secret CISO. As we've seen, data breaches and security incidents continue to be a global concern, affecting millions of individuals and organizations. From Pakistan's national database leak to the credential harvesting mitigations shared by HHS, it's clear that we all need to stay vigilant and proactive in our cybersecurity efforts. Remember, security is not a one-time event but a continuous process. It's about creating a culture of security awareness and implementing robust security measures. If you found today's newsletter helpful, please consider sharing it with your friends and colleagues. They might find it useful too. And remember, knowledge is power, especially when it comes to cybersecurity. Stay safe, stay informed, and see you in the next edition of Secret CISO.