21-May-24: In Security News Today

2.4 Million Impacted by WebTPA Data Breach

WebTPA, a health insurance administrator, has reported a data breach that exposed the personal information of 2.4 million individuals. The compromised data includes names, dates of birth, Social Security numbers, and health plan information, posing significant risks for identity theft and fraud. WebTPA has notified affected individuals and is offering credit monitoring services while cooperating with authorities to investigate the incident​.

Aston Villa Football Club (AVFC) Left a Publicly Leaking AWS S3 Bucket Containing PII of 135,770 Individuals

Aston Villa Football Club (AVFC) exposed the personally identifiable information of 135,770 individuals due to a publicly accessible Amazon Web Services (AWS) S3 bucket. The leaked data includes full names, dates of birth, home addresses, phone numbers, email addresses, membership details, and purchase information, putting fans at risk of spear phishing, social engineering attacks, and identity theft. The security gap has since been closed, but the incident underscores significant information security risks for the club’s fans​.

Authorities Arrest $100m Incognito Drugs Market Suspect

A Taiwanese national, Rui-Siang Lin, was arrested in New York for allegedly operating the successful dark web marketplace, Incognito Market, which sold over $100m of illicit drugs. The marketplace mimicked legitimate e-commerce sites and had its own bank for transactions. Lin faces multiple life sentences for drug-related charges, money laundering, and conspiracy.

RCE Vulnerability Found in Fluent Bit Utility Used by Major Cloud, Tech Companies

A vulnerability in Fluent Bit, a logging and data collection utility widely used by major cloud and technology companies, has been discovered. This flaw could allow attackers to execute arbitrary code or cause a denial of service, posing significant risks to cloud environments relying on Fluent Bit for log management. Users are advised to update to the latest version to mitigate potential exploitation​.

Semiconductor Manufacturing Giant OmniVision Technologies Says Personal Information Stolen in Ransomware Attack

OmniVision Technologies recently disclosed a ransomware attack that resulted in the theft of personal information from its employees. The stolen data includes names, addresses, Social Security numbers, and financial information. The company has initiated an investigation and is working with cybersecurity experts to address the breach and enhance their security measures.

Zoom Adds Post-quantum End-to-End Encryption to Video Meetings

Zoom has introduced post-quantum end-to-end encryption (E2EE) for its video meetings, with plans to extend it to Zoom Phone and Zoom Rooms. The addition of Kyber768 quantum-resistant encryption ensures data security against advanced quantum computers. This move addresses concerns of future decryption threats and positions Zoom as a leader in secure video conferencing.

GitHub Warns of SAML Auth Bypass Flaw in Enterprise Server

GitHub has patched a critical authentication bypass vulnerability (CVE-2024-4985) in GitHub Enterprise Server (GHES) impacting instances using SAML single sign-on (SSO) authentication, allowing attackers to gain administrator privileges without authentication. The flaw affects instances with SAML SSO and encrypted assertions enabled, protecting against man-in-the-middle attacks. GitHub released fixes for the vulnerability in GHEL versions 3.12.4, 3.11.10, 3.10.12, and 3.9.15, addressing the issue but also highlighting known issues with the update that users should be aware of.

Western Sydney University Data Breach Exposed Student Data

Western Sydney University experienced a data breach where threat actors accessed its Microsoft 365 and Sharepoint environment, compromising email accounts and SharePoint files. Approximately 7,500 individuals were impacted, with investigations ongoing. The University has taken steps to prevent similar incidents and has obtained an injunction to prevent the dissemination of stolen data.

New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks

A new Wi-Fi vulnerability known as SSID Confusion attack, tracked as CVE-2023-52424, allows attackers to trick victims into connecting to a less secure network, enabling eavesdropping on network traffic. This vulnerability impacts all operating systems and Wi-Fi clients, including home and mesh networks, by exploiting a design flaw in the IEEE 802.11 Wi-Fi standard. Mitigations proposed include updating the Wi-Fi standard to incorporate the SSID in the 4-way handshake and avoiding credential reuse across SSIDs.

MediSecure Data Breach Impacts Patient and Healthcare Provider Information

MediSecure recently experienced a data breach that exposed sensitive information belonging to both patients and healthcare providers. The compromised data includes names, addresses, medical records, health insurance details, and other personal identifiers. MediSecure is working with cybersecurity experts to investigate the breach and enhance their security measures to prevent future incidents.

Disclaimer: Titles and summaries are AI-generated. Please refer to the linked content for more details.

Leave a Reply

Your email address will not be published. Required fields are marked *