Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Polyverse Weekly Breach Report – Sept. 3

Sep 3, 2019By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities


Web-hosting provider Hostinger suffered a data breach after attackers found an authorization token on one of the company’s servers, and used it to gain access to an internal system API. Hostinger ring-fenced the vulnerable system and reset 14m customer passwords. To read more:


The cryptocurrency exchange Binance confirmed that know-your-customer images that hackers leaked online earlier this month came from a third-party vendor. Some of the leaked images matched actual accounts while others did not. The investigation is still ongoing. To read more:

Nemty ransomware

Researchers found new ransomware that they named Nemty after the extension it adds to files after encrypting them. The malware is supposedly deployed via compromised remote desktop connections. To recover their data, victims are asked to pay approximately $1,000. To read more:


Cybersecurity company Imperva alerted customers to a data breach that exposed email addresses, scrambled passwords, API keys and more for some of its firewall users. The exposure was limited to its Cloud WAF product. To read more:

RETADUP malware

French law enforcement announced that it had taken down the RETADUP botnet malware, remotely disinfecting more than 850,000 computers worldwide by causing the malware to self-destruct. To read more:


Apple announced that it will no longer retain audio recordings of Siri interactions by default. To read more:


Researchers discovered 80 Magecart-compromised e-commerce websites that are stealing credit-card information from victims. To read more:

Check out Have I Been Pwned to see if any of your accounts have been exposed by the above breaches.


Project Zero announced a new iPhone-hacking campaign that is able to install malware on iOS devices if victims simply visit an infected website. To read more:

Ransomware payments

Ransomware continues to spread through American city governments, schools and police departments. The role that the insurance industry is playing in the crisis is often overlooked. While insurers do not release information about ransom payments, they often pay the demands even if alternatives exist. To read more:

Dental data

DDS Safe, an online backup system used by dental offices specifically to protect their data from ransomware, fell victim to ransomware. The backend system was hit with what is likely the Sodinokibi malware. How the attackers managed to compromise the company’s infrastructure is unclear. To read more:

Capital One hacker

The woman arrested last month in connection with a large Capital One data breach has now been accused of hacking more than 30 other companies. She is indicted for mining cryptocurrency in addition to stealing data. To read more:

Russell Stover Chocolates

Russell Stover Chocolates announced that a data breach potentially affected customer credit- and debit-card information. To read more:

Foxit Software

PDF-software company Foxit disclosed a data breach that enabled third-parties to access it customers’ personal information. Foxit has more than 525m users worldwide. To read more:

Jack Dorsey Twitter

The founder of Twitter had his account hacked last week. Twitter said its own systems were not compromised. To read more:


A security researcher found a Starbucks subdomain had a DNS pointer that was accidentally abandoned. By claiming the Azure resource name an attacker could use the subdomain to carry out cross-site scripting attacks. To read more:

Want to learn more?

Sign up below and receive these reports and more, directly in your inbox.

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.