Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – August 17th

Aug 17, 2020By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

vBulletin

Researchers disclosed proof-of-concept exploit code for an unpatched zero-day remote code execution vulnerability in vBulletin online-forum software that is already being actively exploited in the wild. The Hacker News: https://thehackernews.com/2020/08/vBulletin-vulnerability-exploit.html 

 

Michigan State University

Hackers breached Michigan State University’s online store, gaining access to more than 2,600 customer credit-card numbers and other personal information. Detroit News: https://www.detroitnews.com/story/news/local/michigan/2020/08/11/hackers-breach-customer-data-michigan-state-online-store/113014252/

 

Walgreens

Walgreens reported a data breach affecting more than 180 US stores and 72,000 individuals containing healthcare information and customer records. Health Leaders Media: 

https://www.healthleadersmedia.com/innovation/walgreens-reports-data-breach-affecting-72k-individuals

 

Citrix Endpoint Management

Citrix released patches for security vulnerabilities that impact its Endpoint Management product, which helps companies to manage and secure employees’ mobile devices remotely. The Hacker News: https://thehackernews.com/2020/08/citrix-endpoint-management.html

 

SANS Institute

This U.S.-based institute, which trains cybersecurity professionals worldwide, was hacked, resulting in the compromise of 28,000 records of personally identifiable information, the organization said Tuesday. CyberScoop: 

https://www.cyberscoop.com/sans-institute-data-breach-pii/

 

Amazon Alexa

Researchers disclosed several security vulnerabilities in Amazon’s Alexa that could enable hackers to spy on users. The Hacker News: https://thehackernews.com/2020/08/amazon-alexa-hacking-skills.html

 

Xcode

Hackers are installing malware in projects using Xcode, an integrated development environment used to develop Apple-related software. The malware compromises Safari and other browsers. ZDNet: https://www.zdnet.com/article/mac-malware-spreads-through-xcode-projects-abuses-previously-unknown-vulnerabilities/

 

Brown-Forman

A cyberattack on this alcoholic-beverage manufacturer including Jack Daniels impacted employee data and other information. Forbes: https://www.forbes.com/sites/leemathews/2020/08/17/brown-forman-hacked-1tb-data-stolen/#2582509b4da0

 

ProctorU

This online exam-proctoring platform confirmed a data breach after a hacker released a stolen database of user information on a hacker forum. Bleeping Computer: https://www.bleepingcomputer.com/news/security/proctoru-confirms-data-breach-after-database-leaked-online/

 

Boston University and Emerson College

These schools notified students and alumni about a potential data breach at Blackbaud, one of their third-party technology vendors. Boston Globe: https://www.bostonglobe.com/2020/08/08/metro/hackers-access-personal-information-bu-emerson/

Like the report? Sign up below and get it in your inbox.

Products
Polymorphing - Linux
Polymorphic Build Farm - Open Source
Polyscripting
Polyscripting - WordPress
Solutions
Finance
Healthcare
Defense
DevSecOps
Embedded/IoT
HPC
Government
SUSE
Resources
Linux Weakness Report
Open Source Projects
Documentation
Resource Library
Webinars
Demos
Blogs
FAQ
Pricing
How to Buy
Partners
Free Trial
Get Demo
Company
About Us
Newsroom
Careers
Contact Us

10400 NE 4th St.
Suite 500
Bellevue, WA 98004

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.

polyverse small logo

© 2020 Polyverse

Terms of Use
Zerotect Terms and Conditions