Good morning, Secret CISO readers. Today's newsletter is packed with critical updates from the cybersecurity world. We start with the massive data breach that hit Helsinki, affecting personnel, students, and guardians. The breach was reportedly due to an unpatched network server flaw. Meanwhile, Banco Santander has issued a warning about a data breach in Spain and South America, affecting both customers and employees. In a similar vein, the City of Helsinki has admitted to insufficient security measures leading to the theft of student and personnel information. In Australia, a mortgage lender has suffered a hack, with credit card details published on the dark web.

The Tory party in the UK has referred itself to the watchdog over an alleged data breach, while the City of Helsinki is dealing with the fallout of a data breach affecting up to 120,000 individuals. In the legal realm, a student loan servicer is facing a lawsuit over a tax form data breach. We also have news about a crowd showing up to support a Michigan lawyer and ex-clerk facing charges over a voter data breach. In the world of research, we have insights on the high cost of data breaches, the role of AI in mitigating these costs, and the key to bringing more diversity into the tech sector.

Finally, we have a slew of new CVEs to keep an eye on. Stay safe and informed, and remember, knowledge is power in the fight against cyber threats.

Data Breaches

1. Massive Data Breach Hits Helsinki Personnel, Students, and Guardians: A significant data breach has impacted the city of Helsinki, affecting personnel, students, and guardians. The breach was reportedly due to an unpatched network server flaw. The city has since taken measures to enhance its security protocols. Source: Bitdefender
2. Banco Santander Warns of Data Breach in Spain, South America: Banco Santander has reported a data breach affecting its customers in Spain, Chile, and Uruguay, as well as its current and former employees. The bank has not yet disclosed the extent of the breach. Source: Morningstar
3. Mortgage lender suffers hack, credit card details published on dark web: An unidentified mortgage lender has suffered a significant data breach, with credit card details of its customers being published on the dark web. The exact number of affected customers is yet to be disclosed. Source: SMH
4. Tory party refers itself to watchdog over alleged data breach: The Tory party has reported itself to the Information Commissioner's Office over an alleged data breach. The party reportedly copied in more than 300 email addresses in an appeal to supporters to sign up for a conference. Source: The Guardian
5. Dell hacker says they were able to directly attack company servers to scrape data: A threat actor claiming responsibility for a recent Dell data breach has stated that they managed to steal the data of 49 million customers by brute-forcing a server. Dell has yet to confirm the extent of the breach. Source: TechRadar

Security Research

1. 'RBC customer's cheque was cashed twice. He says his bank shouldn't have let it happen': A security expert has highlighted the risks associated with the increasing use of mobile apps for depositing paper cheques. The expert suggests that it's more cost-effective for banks to reimburse clients than to enhance their security measures. Source: CBC News
2. 'Global Change Research for a More Secure World - Eos.org': This research emphasizes the need to align global change science with national security issues. This approach will help develop interventions that promote social stability. Source: Eos.org
3. 'MITRE EMB3D Threat Model Officially Released - SecurityWeek': MITRE, in collaboration with cybersecurity and industrial sector partners, has developed EMB3D. This threat model aims to enhance security measures in various sectors. Source: SecurityWeek
4. 'Expert Insight: What's the key to bringing more diversity into the tech sector? - IT Security Guru': Melissa Bischoping, Director, Endpoint Security Research at Tanium, explores how organizations can retain talent and why women are being forced out of the tech sector. Source: IT Security Guru
5. 'Apple warns about iOS zero-day exploit - Cybernews': Apple has warned about a logic bug discovered by security researcher Mickey Jin. This bug could have allowed apps to access user-sensitive data. Source: Cybernews

Top CVEs

1. CVE-2024-27789: This CVE has been reserved for a future security problem. Once the details are publicized, they will be available for review. For now, it remains a potential threat. Source: vulners.com
2. CVE-2024-27804: Another reserved CVE, indicating a potential future security issue. The details will be released once the issue has been publicized. Keep an eye on this for future updates. Source: vulners.com
3. CVE-2024-4761: This CVE is currently reserved for a future security problem. The details will be publicized once the issue is ready to be announced. It's important to monitor this for any updates. Source: vulners.com
4. CVE-2024-27818: This is a reserved CVE for a future security problem. Once the issue has been publicized, the details will be available. Stay alert for any updates regarding this CVE. Source: vulners.com
5. CVE-2024-34459: This CVE has been reserved for a future security problem. The details will be publicized once the issue is ready to be announced. It's crucial to keep an eye on this for future updates. Source: vulners.com

API Security

1. Exploit for CVE-2024-26026: A significant API security vulnerability has been identified in BIG-IP's Next Central Manager. The flaw, CVE-2024-26026, allows for unauthenticated SQL injection, posing a serious risk to data integrity and confidentiality. Users are advised to apply patches and updates as soon as they become available to mitigate this threat. Source: Vulners.
2. @valtimo/components exposes access token to form.io: A critical security issue has been discovered in Valtimo's API, where the user's access token (JWT) is exposed to api.form.io via the x-jwt-token header. This vulnerability could allow an attacker to retrieve personal information from the token or use it to execute requests to the Valtimo REST API on behalf of the logged-in user. Patches have been released in versions 10.8.4, 11.1.6, and 11.2.2. Source: Vulners.

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. We've covered a lot of ground, from the massive data breach in Helsinki to the unpatched network server flaw that led to the breach. We've also discussed the data breach at Banco Santander and the stolen student and personnel information in the City of Helsinki cyberattack. Remember, in the world of cybersecurity, knowledge is power. The more informed you are, the better you can protect yourself and your organization from potential threats. So, don't keep this valuable information to yourself.

Share Secret CISO with your friends and colleagues, and help them stay one step ahead of the cybercriminals.

Stay safe, stay informed, and see you in the next edition of Secret CISO.