Secret CISO 4/14: Roku's Double Trouble, AT&T's 51M Breach, Microsoft's Federal Exposure, Agribusiness Under Attack

Secret CISO 4/14: Roku's Double Trouble, AT&T's 51M Breach, Microsoft's Federal Exposure, Agribusiness Under Attack

Good morning, Secret CISO readers! Today's newsletter is packed with crucial updates from the world of cybersecurity. We start with a shocking revelation about Shohei Ohtani's interpreter who allegedly stole $16 million from his bank account. This incident serves as a stark reminder of the importance of securing our financial assets. Next, we delve into the rising threat against agribusinesses, with hackers exploiting vulnerabilities and causing significant financial damage. The average cost of a data breach globally in 2020 was a staggering $3.86 million. In other news, the recent Microsoft breach has exposed federal agencies to potential hacking, and the DOJ has confirmed that personal and Medicare information of around 340,000 individuals was likely affected. We also bring you updates on the increasing frequency of cyberattacks in Clark County, with data breaches and ransomware attacks becoming a cost of doing business. In the streaming world, Roku has reported a second security breach this year, compromising about 576,000 accounts. AT&T is offering its 51 million data breach victims a free year of credit monitoring with $1 million identity theft insurance. We also cover the latest data breaches affecting Wells Fargo, Greylock McKinnon Associates, and Canadian retail chain Giant Tiger. Finally, we discuss the critical bug found in thousands of LG Smart TVs and the emergence of GenAI, which poses new challenges for your company's security posture. Stay tuned for more updates and remember, knowledge is the first line of defense. Stay safe, stay informed.

Data Breaches

  1. Shohei Ohtani's Interpreter Alleged Fraud: Shohei Ohtani's interpreter is accused of stealing $16 million from his bank account, highlighting the importance of personal financial security. The case underscores the need for robust security measures even in personal transactions. Source: WSIL
  2. Agribusinesses Under Cyber Threat: Hackers are increasingly targeting agribusinesses, with the average cost of a data breach globally reaching $3,860,000. The sector's growing reliance on technology makes it a lucrative target for cybercriminals. Source: The National Law Review
  3. Microsoft Breach Exposes Federal Agencies: A recent Microsoft data breach has exposed federal agencies to potential hacking. The breach reportedly affected 340,000 individuals, compromising personal and Medicare information. Source: [H]ard|Forum
  4. Roku Cyberattack: Roku has reported a cyberattack compromising about 576,000 accounts. This is the second security breach for the streaming service this year, highlighting the need for stronger security measures. Source: WSVN 7News
  5. AT&T Data Breach: AT&T is offering free protection for 12 months to the 51 million customers affected by a recent data breach. The breach underscores the need for robust security measures in the telecom industry. Source: PhoneArena

Security Research

  1. BMC flaw left unchecked for 6 years hits Intel and Lenovo servers: A vulnerability in the Baseboard Management Controller (BMC) that has been left unchecked for six years has been discovered by security researchers at Binarly. This flaw affects multiple products from Intel and Lenovo. Source: Yahoo News Singapore
  2. Critical bug found in thousands of LG Smart TVs: Security researcher Alexandru Lazăr has discovered four vulnerabilities within WebOS, the software developed by LG that powers its Smart TVs. LG TV users are urged to act immediately to secure their devices. Source: GB News
  3. The Emergence Of GenAI: Friend Or Foe For Your Company's Security Posture?: The rise of GenAI poses both opportunities and threats to companies' security postures. Companies are advised to actively collaborate with industry peers, security researchers, and government agencies to share best practices and threat intelligence. Source: Inc42
  4. How to Reduce the Risk of Using External AI Models in Your SDLC: The use of external AI models in the Software Development Life Cycle (SDLC) poses certain risks. This article delves into the discoveries of the JFrog security research team regarding malicious models in Hugging Face and offers advice on mitigating these risks. Source: Security Boulevard
  5. NVD's Backlog Triggers Public Response from Cybersec Leaders: The backlog in the National Vulnerability Database (NVD) has triggered a public response from cybersecurity leaders. Led by Chainguard CEO Dan Lorenc, a team of security researchers and practitioners have authored an open letter to Congress. Source: Security Boulevard

Top CVEs

  1. CVE-2024-26817 - Linux Kernel Vulnerability: A vulnerability in the Linux kernel has been resolved, specifically in the amdkfd function. The issue was an integer overflow that could occur due to the use of kzalloc instead of calloc. This has now been addressed by using calloc, which avoids the multiplication that might lead to the overflow. Source: Vulners
  2. CVE-2024-2583 - WP Shortcodes Plugin Vulnerability: A vulnerability has been identified in the WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin versions prior to 7.0.5. The plugin did not properly escape some of its shortcodes attributes before they were echoed back to users, potentially allowing users with the contributor role to conduct Stored XSS. This issue has now been addressed. Source: Vulners
  3. CVE-2023-51499 - WooCommerce Shipping Per Product Vulnerability: A Missing Authorization vulnerability has been discovered in WooCommerce's Shipping Per Product feature. The details of the vulnerability and its impact are yet to be disclosed. Source: Vulners
  4. CVE-2023-51515 - Undsgn Uncode Core Vulnerability: A Missing Authorization vulnerability has been found in Undsgn's Uncode Core, potentially leading to Privilege Escalation. Further details are yet to be disclosed. Source: Vulners
  5. CVE-2023-52211 - Automattic WP Job Manager Vulnerability: A Missing Authorization vulnerability has been discovered in Automattic's WP Job Manager. The details of the vulnerability and its impact are yet to be disclosed. Source: Vulners

Final Words

And that's a wrap for today's edition of Secret CISO. From interpreters allegedly stealing millions to the increasing threat to agribusinesses, we've covered a lot of ground. But remember, knowledge is power. The more we know about these threats, the better we can protect ourselves and our organizations. As we've seen with the recent Microsoft breach, no one is immune. But with vigilance, we can minimize the impact. Whether it's a personal data breach or a massive cyberattack on a streaming service, we need to stay informed and prepared. So, let's continue to learn from each other and share our experiences. If you found today's newsletter helpful, please share it with your friends and colleagues. Let's work together to create a safer cyberspace for all. Stay safe, stay informed, and see you in the next edition of Secret CISO.

Read more

Secret CISO 12/10: Unprecedented Data Breaches at HealthAlliance, Irish University, and Highgate Hotels; Deloitte and Cipla Deny Hacks; Research Reveals OpenWrt Vulnerability and Arctic Security Shifts

Secret CISO 12/10: Unprecedented Data Breaches at HealthAlliance, Irish University, and Highgate Hotels; Deloitte and Cipla Deny Hacks; Research Reveals OpenWrt Vulnerability and Arctic Security Shifts

Good morning, Secret CISO readers! Today's newsletter is packed with critical updates from the cybersecurity world. We're seeing a concerning trend of firms failing to grasp the financial impact of cyber breaches, with HealthAlliance paying a hefty $550,000 for neglecting a known vulnerability. In Ireland,

By Secret CISO