Secret CISO 6/20: Snowflake and AMD Breaches continues, Cyera's Data Response Service, Apple and Accenture Hacks, Kraken's Security Flaw Exploited by Researchers

Secret CISO 6/20: Snowflake and AMD Breaches continues, Cyera's Data Response Service, Apple and Accenture Hacks, Kraken's Security Flaw Exploited by Researchers

Welcome to today's issue of Secret CISO. We're diving into the world of data breaches, security, and the evolving landscape of cyber threats. From the lessons learned from the Snowflake breaches to the investigation of AMD's data breach, we're covering it all. We'll also be discussing the launch of Cyera's data incident response service and how it's bringing speed and focus to security investigations. Plus, we'll be looking into the recent data breaches at Apple and Accenture, and the impact of these incidents on their businesses.

In other news, we'll be exploring the concept of 'Privacy by Design' and its impact on security and GRC. We'll also be discussing the recent data breach at the Post Office and the lawsuit faced by Panera due to a data breach in March 2024. On the technical side, we'll be delving into the role of security researchers in identifying and addressing security flaws. From the drama at Kraken to the use of AI in reporting malicious emails, we're covering the latest in security research. Stay tuned for all this and more in today's issue of Secret CISO.

Data Breaches

  1. Lessons Learned from the Snowflake Breaches: Snowflake's recent data breaches highlight the importance of fine-grained data activity monitoring for proactive defense against evolving cyber threats. Source: Security Boulevard
  2. AMD Investigating Data Breach: Advanced Micro Devices (AMD) is probing a potential data breach after data appeared for sale on a Darknet forum. AMD has stated that the potential data leak is not as damaging as initially suspected. Source: Spiceworks, Tom's Hardware
  3. Apple Source Code Breach: A hacker has posted source code claiming to be from a new breach of Apple, marking a significant data breach for the tech giant. Source: Forbes
  4. Accenture Employee Data Leak: A hacker known as "888" has leaked a file containing the contact and personal details of 32,828 current and former employees of Accenture. Source: Hackread
  5. Panera Data Breach: Panera faces a class action lawsuit following a significant data breach in March 2024 that impacted current and former employees. Source: ClassAction.org

Security Research

  1. Microsoft Corporate Email Spoofing Bug: A security researcher has discovered a flaw that allows threat actors to spoof Microsoft corporate emails, potentially enabling phishing attacks. Microsoft initially dismissed the disclosure, highlighting the importance of ethical conduct in cybersecurity research. Source: Computing UK
  2. LevelBlue Labs' Evasive Loader Research: LevelBlue Labs, a managed security services provider, has released new research on an evasive loader targeting Chinese-speaking victims. The threat actor behind this has not yet been classified as an advanced persistent threat (APT). Source: Dallas Innovates
  3. Chrome 126 Update Patches Vulnerability: Google's Chrome 126 update patches a vulnerability that was exploited at a hacking competition. The security defects were reported by a security researcher known as 'wgslfuzz'. Source: TechRadar
  4. CVE-2023-48759 - Missing Authorization in Crocoblock JetElements For Elementor: This vulnerability affects JetElements For Elementor, where an attacker can exploit missing authorization checks. Users are advised to update to the latest version. Source: SC Magazine
  5. CVE-2023-47770 - Missing Authorization in Muffin Group Betheme: Betheme by Muffin Group has a missing authorization vulnerability. Users are recommended to update to the latest version to mitigate this vulnerability. Source: Security Magazine

Top CVEs

  1. CVE-2023-48759 - Missing Authorization in Crocoblock JetElements For Elementor: A vulnerability has been identified in JetElements For Elementor, where an attacker can exploit missing authorization checks. Users are advised to update to the latest version. Source: CVE-2023-48759
  2. CVE-2023-47770 - Missing Authorization in Muffin Group Betheme: Betheme by Muffin Group has a missing authorization vulnerability. Users are recommended to update to the latest version to mitigate this vulnerability. Source: CVE-2023-47770
  3. CVE-2023-47771 - Missing Authorization in ThemePunch OHG Essential Grid: Essential Grid by ThemePunch OHG is affected by a missing authorization vulnerability. Users are advised to update to the latest version. Source: CVE-2023-47771
  4. CVE-2023-47681 - Missing Authorization in QuadLayers WooCommerce Checkout Manager: QuadLayers WooCommerce Checkout Manager has a missing authorization vulnerability. Users are recommended to update to the latest version to mitigate this vulnerability. Source: CVE-2023-47681
  5. CVE-2023-45658 - Missing Authorization in POSIMYTH Nexter: Nexter by POSIMYTH has a missing authorization vulnerability. Users are advised to update to the latest version. Source: CVE-2023-45658

API Security

  1. Kiuwan API Endpoint Access Control Vulnerability (CVE-2023-49112): Kiuwan's API endpoint /saas/rest/v1/info/application lacks proper access control mechanisms, allowing authenticated users to read information about applications without necessary rights. This issue affects Kiuwan. Source: CVE-2023-49112
  2. Password Hash Exposure in mintplex-labs/anything-llm (CVE-2024-5213): In mintplex-labs/anything-llm versions up to and including 1.5.3, the password hash of a user is returned in the response after login and account creations. This could potentially lead to sensitive information exposure. Source: CVE-2024-5213
  3. SQL Injection in WP Hotel Booking Plugin (CVE-2024-3605): The WP Hotel Booking plugin for WordPress is vulnerable to SQL Injection via the 'room_type' parameter of the /wphb/v1/rooms/search-rooms REST API endpoint due to insufficient escaping and lack of sufficient preparation on the existing SQL query. Source: CVE-2024-3605

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. We've delved into the lessons learned from the Snowflake breaches, the ongoing investigation into AMD's data breach, and the innovative approach of Cyera's data incident response service. We've also touched on the alleged breaches at Apple and Accenture, and the impact of privacy by design on security and GRC.

Remember, staying informed is the first step in protecting your systems and data. Share this newsletter with your colleagues and friends, and let's foster a culture of cybersecurity awareness together. Stay safe, stay secure. See you in the next edition of Secret CISO.

Read more

Secret CISO 10/7: Comcast, Truist, T-Mobile Breaches, Dutch Police Data Exposed, CISA Warning, Matru Poshan App Breach, USAA System Error, Cybersecurity Misconceptions Debunked

Secret CISO 10/7: Comcast, Truist, T-Mobile Breaches, Dutch Police Data Exposed, CISA Warning, Matru Poshan App Breach, USAA System Error, Cybersecurity Misconceptions Debunked

Welcome to today's issue of Secret CISO, your daily dose of cybersecurity insights. Today, we navigate the fallout of recent data breaches and the essential steps healthcare companies should take to bolster their security programs. We'll delve into the FBCS breach that impacted Comcast and Truist,

By Secret CISO
Secret CISO 10/5: China-linked breach hits U.S. wiretap systems, Hezbollah data breach tops cybersecurity events, Google's Pixel 9 Pro XL privacy flaws under scrutiny

Secret CISO 10/5: China-linked breach hits U.S. wiretap systems, Hezbollah data breach tops cybersecurity events, Google's Pixel 9 Pro XL privacy flaws under scrutiny

Good morning, Secret CISO readers! Today's newsletter is packed with some serious security breaches and data leaks that have been making headlines. Starting off with a major security breach linked to China, U.S. wiretap systems have been targeted, compromising the networks of U.S. broadband providers. This

By Secret CISO