Secret CISO 6/3: Newfoundland TV Station Ransomware Attack, BBC Pension Scheme Data Exposed, and Latest Research on Cyber Resilience in Healthcare

Secret CISO 6/3: Newfoundland TV Station Ransomware Attack, BBC Pension Scheme Data Exposed, and Latest Research on Cyber Resilience in Healthcare

Subject: Secret CISO Daily: Ticketmaster's Nightmare continues and More Hello there, In today's edition of Secret CISO, we're diving into the recent data breach that has hit Ticketmaster, affecting millions of users worldwide. The breach has exposed personal data, including names, addresses, phone numbers, and even credit card details. As investigations continue, we'll explore how this breach occurred and what steps Ticketmaster is taking to rectify the situation. But that's not all. We'll also be looking at another data breach that has hit a Newfoundland TV station, resulting in a ransomware attack. Plus, we'll discuss the recent data security incident affecting the BBC Pension Scheme, where personal information was compromised.

In other news, we'll delve into the latest updates from HHS regarding UnitedHealth Group's Change Healthcare cyberattack, including breach notifications and more. We'll also touch on the recent data breach involving the Telangana Police App, which exposed the personal details of lakhs of users. Finally, we'll take a look at the controversial Windows 11 Recall feature that could potentially help hackers steal your passwords, and we'll discuss the latest research that reveals the 25 most hacked pop culture passwords. Stay tuned for all this and more in today's Secret CISO newsletter. Stay safe, [Your Name]

Data Breaches

  1. Newfoundland TV Station Ransomware Attack: A Newfoundland TV station has been hit by a ransomware attack, resulting in a significant data breach. The extent of the breach is currently under investigation. Source: canadianunderwriter.ca
  2. BBC Pension Scheme Data Breach: The BBC Pension Scheme has suffered a data security incident, compromising personal information of its members. The details of the breach are yet to be disclosed. Source: spiceworks.com
  3. Telangana Police App Breach: The Telangana Police crime reporting app, Hawk Eye, has suffered a data breach, exposing personal details of its users, including location data. The breach occurred in May and is currently under investigation. Source: medianama.com
  4. Hugging Face Security Breach: AI company Hugging Face has reported a security breach, advising its community members to refresh access tokens or switch to safer ones to protect against the attack. The extent of the breach is currently unknown. Source: csoonline.com

Security Research

  1. Controversial Windows 11 Recall feature could help hackers steal your passwords: A security researcher has discovered that the encrypted database of Windows 11's Recall feature is easily accessible while the PC is in use, potentially allowing hackers to steal user passwords. Source: Android Authority
  2. Snowflake Data Breach Impacts Ticketmaster, Other Organizations: Security researcher Kevin Beaumont has highlighted a significant security incident where an employee's account was not properly secured, leading to a data breach impacting Ticketmaster and other organizations. Source: SecurityWeek
  3. Research discovers the 25 most hacked pop culture passwords: A study analyzing over 300 million exposed passwords from the Pwned database has identified the top 25 most hacked pop culture passwords. Source: Security Magazine
  4. Researcher Uncovers Flaws in Cox Modems, Potentially Impacting Millions: Security researcher Sam Curry has uncovered significant flaws in Cox modems that could potentially impact millions of users. Source: The Hacker News
  5. MIT researchers ordered and combined parts of the 1918 pandemic influenza virus. Did they expose a security flaw?: Researchers at MIT conducted a "red team" test of industry safety measures by ordering and combining parts of the 1918 pandemic influenza virus, potentially exposing a security flaw. Source: The Bulletin

Top CVEs

  1. CVE-2022-25037: This CVE has been reserved by an organization or individual for future use when announcing a new security problem. The details for this candidate will be publicized once the candidate has been announced. Source: Vulners.
  2. CVE-2024-35196: This CVE has been reserved by an organization or individual for future use when announcing a new security problem. The details for this candidate will be publicized once the candidate has been announced. Source: Vulners.
  3. CVE-2024-37031: This CVE has been reserved by an organization or individual for future use when announcing a new security problem. The details for this candidate will be publicized once the candidate has been announced. Source: Vulners.
  4. CVE-2024-4330: This CVE has been reserved by an organization or individual for future use when announcing a new security problem. The details for this candidate will be publicized once the candidate has been announced. Source: Vulners.
  5. CVE-2024-4990: This CVE has been reserved by an organization or individual for future use when announcing a new security problem. The details for this candidate will be publicized once the candidate has been announced. Source: Vulners.

API Security

  1. FreePBX 16 Remote Code Execution: A critical vulnerability has been discovered in FreePBX 16, which could allow remote code execution. This flaw could potentially allow an attacker to execute arbitrary commands on the server, compromising the security of the system. Users are advised to update their systems to the latest version to mitigate this risk. Source: vulners.com
  2. SQL Injection in Harbor scan log API: An SQL Injection vulnerability has been identified in the Harbor scan log API. This flaw could be exploited by a user with administrator, project_admin, or project_maintainer role to execute any Postgres function or extract sensitive information from the database. Harbor versions >=v2.8.1, >=2.9.0, >=2.10.0 are impacted and patches are available in Harbor v2.8.6, v2.9.4, v2.10.2. Source: vulners.com
  3. Sensitive Data Disclosure Vulnerability in Connection Configuration Endpoints: A sensitive data disclosure vulnerability has been found in the Fides webserver's Connection Configuration endpoints. This flaw could expose sensitive data like passwords and private keys in plaintext to API clients. The vulnerability is due to a bug in the function that masks sensitive fields. The developers have been alerted and are working on a fix. Source: vulners.com

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. As we've seen, the digital landscape is a battlefield, with breaches and hacks becoming all too common. But remember, knowledge is power. By staying informed and vigilant, we can all play a part in safeguarding our data.

If you found this newsletter helpful, why not share it with your friends and colleagues? Let's spread the word and help each other stay one step ahead of the cyber threats. Until next time, stay safe and secure.

Read more

'Secret CISO 7/12: AT&T's Massive Data Breach Impacts Nearly All Customers, Ticketmaster's Data Breach Affects Credit Card Info, Research on Optimizing Data Security in Medical Field, 10 Billion Passwords Stolen in Cyber Attack'

'Secret CISO 7/12: AT&T's Massive Data Breach Impacts Nearly All Customers, Ticketmaster's Data Breach Affects Credit Card Info, Research on Optimizing Data Security in Medical Field, 10 Billion Passwords Stolen in Cyber Attack'

Welcome to today's issue of Secret CISO. We're diving into the deep end of data breaches, with AT&T making headlines as their massive data breach impacts nearly all customers. This breach has exposed customer call and text records, leaving millions of users vulnerable. But

By Secret CISO