Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – April 5th

Apr 5, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

 

OpenSSL

OpenSSL, a software library for applications that secure communications over computer networks, patched a high-severity vulnerability that made it simple for hackers to shut down large numbers of servers. The bug causes servers to crash if they receive a maliciously crafted request from an unauthenticated user. Ars Technica: https://arstechnica.com/gadgets/2021/03/openssl-fixes-high-severity-flaw-that-allows-hackers-to-crash-servers/

 

Spectre

Researchers disclosed two new vulnerabilities in Linux that could enable hackers to circumvent mitigations for attacks such as Spectre, and obtain information from kernel memory. The Hacker News: https://thehackernews.com/2021/03/new-bugs-could-let-hackers-bypass.html

 

PHP

Hackers pushed two malicious commits to this scripting language’s source repository that could install a backdoor on vulnerable systems. Vice: https://www.vice.com/en/article/xgzne4/hackers-backdoor-php-source-code

 

Apple

Apple released updates for iPhone, iPad and Watches to patch a security vulnerability actively under attack. Researchers at Google’s Project Zero discovered the vulnerability. TechCrunch: https://techcrunch.com/2021/03/27/apple-releases-iphone-ipad-watch-security-patch-to-fix-zero-day-bug-under-active-attack/

 

Japanese companies

Researchers disclosed details of a hacking campaign that deploys malicious backdoors to steal sensitive information from a range of Japanese industrial sectors. The Hacker News: https://thehackernews.com/2021/03/hackers-are-implanting-multiple.html

 

Kansas water facility

The Department of Justice indicted a 22-year-old man from Kansas on charges of accessing a public water facility’s computer system and jeopardizing local residents’ safety. The Hacker News: https://thehackernews.com/2021/04/22-year-old-charged-with-hacking-water.html

 

SecuriElite

A North Korean-backed hacking campaign targeting cybersecurity researchers with malware is using new social engineering tactics. The hackers set up a fake security company and try to trick researchers into visiting its website. The Hacker News: https://thehackernews.com/2021/03/hackers-set-up-fake-cybersecurity-firm.html

 

Microsoft Background Intelligent Transfer Service

Hackers are using Microsoft’s Background Intelligent Transfer Service, which helps transfer files between machines, to deploy malicious payloads on Windows machines, evading firewalls. The Hacker News: https://thehackernews.com/2021/04/hackers-using-windows-os-feature-to.html

 

Nine Network Australia

Channel Nine suffered a cyberattack that took its Sydney television and digital production systems offline for more than 24 hours, and forced the channel to transfer operations to its Melbourne studios. The National Law Review: https://www.natlawreview.com/article/even-best-fall-down-sometimes-nine-network-suffers-large-scale-cyber-attack

 

Ubiquiti

A whistleblower accused the secure-router company of covering up a “catastrophic” security breach. The company has since issued a statement that does not deny the claims. The Verge: https://www.theverge.com/2021/3/31/22360409/ubiquiti-networking-data-breach-response-whistleblower-cybersecurity-incident

 

MobiKwik

This Indian payment-services provider has denied a report that a data breach jeopardized millions of its customers. The Daily Swig: https://portswigger.net/daily-swig/indian-payment-provider-mobikwik-denies-8-2-tb-data-breach

 

Wake Forest Baptist Health

This North Carolina hospital is notifying patients that their personal information was exposed in a security breach at a former vendor, Healthgrades. Becker’s Health IT: https://www.beckershospitalreview.com/cybersecurity/wake-forest-baptist-hospital-patients-records-exposed-in-healthgrades-data-breach.html

 

Stanford and University of California

These US universities warned users that a nationwide cyberattack had affected their computer systems. The universities were part of the breach involving the Accellion file-sharing system. San Francisco Chronicle:https://www.sfchronicle.com/crime/article/Stanford-UC-warn-of-massive-data-breach-16074735.php

 

Facebook

A hacking forum published the personal data of more than 533m Facebook users from 106 countries. Facebook claimed that the data is old and came from a patched 2019 vulnerability. Business Insider: https://www.businessinsider.com/stolen-data-of-533-million-facebook-users-leaked-online-2021-4

 

Med-Data

Several healthcare entities are reporting data breaches after a Med-Data employee accidentally uploaded patient data to GitHub. GovInfoSecurity: https://www.govinfosecurity.com/vendor-breach-involved-phi-exposure-on-github-a-16332

 

Vhive

This Singapore furniture retailer announced that hackers had broken into its servers and posted customers’ personal information online. The Straits Times: https://www.straitstimes.com/singapore/police-probe-data-breach-at-furniture-retailer-vhive

 

Scottish Environment Protection Agency (SEPA)

On Christmas Eve hackers stole more than 4,000 digital files from SEPA. Four months later, the agency has spent almost £800,000 ($1.1m) responding to the attack. BBC: https://www.bbc.com/news/uk-scotland-56612867

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.