Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – December 14th

Dec 14, 2020By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities


US Treasury and SolarWinds

Russian hackers have been monitoring internal email traffic at the US Treasury and Commerce departments, and potentially other organizations. The intruders tampered with software updates released by SolarWinds, a cybersecurity firm whose products monitor the health of IT networks. It is used by organizations as diverse as governments and multinationals. Krebs on Security: 


Global GDP

According to a new study, worldwide losses from cybercrime total more than $1 trillion a year, equivalent to over 1% of global GDP. Infosecurity:


RMD Kwikform

This British engineering-services firm is investigating a security breach that occurred in November. BBC:



Israeli insurance-company Shirbit experienced a data breach, and the hackers have already released documents containing personal information on Shirbit employees and customers. So far the company has refused to pay the $1m bitcoin ransom demand. I24:


Ransomware tactics

Some ransomware gangs are now cold-calling their victims if they suspect the hacked entity might restore from a backup and avoid paying ransom demands. ZDNet:


D-Link VPN routers

Some D-Link VPN router models are vulnerable to three high-severity security vulnerabilities. The Hacker News:


Microsoft Teams

A no-click remote code execution bug in Microsoft Teams desktop apps enables hackers to execute arbitrary code by sending a specially-crafted chat message. The Hacker News:



A well-known cybersecurity company that works with government agencies and companies worldwide announced that it had been hacked, and the (probably Russian) nation-state actors had taken red-team pentest tools that can mount sophisticated new attacks. New York Times:


Zebrocy malware

A Russian hacker is leveraging COVID for phishing lures to deliver a Go version of Zebrocy malware. The Hacker News:



Researchers discovered 33 vulnerabilities in TCP/IP stacks that could impact millions of IoT and embedded devices. The Hacker News:



One of the world’s leading recruitment agencies fell victim to a ransomware attack, and the hackers accessed sensitive data. Graham Cluley:



Hackers hit electronics manufacturer Foxconn with DoppelPaymer ransomware last month. The hackers are demanding $34m in ransom. Hot for Security:



Critical flaws in a core networking library in Valve’s Steam online-gaming platform could enable hackers to crash games and take over third-party game servers remotely. The Hacker News:



Brazilian airplane maker Embraer experienced a ransomware attack last month. The hackers leaked private files after the company refused to negotiate and instead restored systems from backups. ZDNet:


Long Beach, NY

Hackers targeted the city of Long Beach with a cyberattack that forced the city to shut down its computer network. Patch:


Cisco Jabber

Cisco fixed four previously disclosed bugs in its Jabber video-conferencing app that were inadequately addressed the first time. The Hacker News:


APT32 hackers

Researchers from Facebook linked the activities of a Vietnamese hacker to an IT company in the country. The criminal  is part of a hacking group that has been running espionage campaigns since 2012. The Hacker News:



More than 85,000 MySQL databases are on sale on the dark web for $550 per database. The hacked databases are a part of a ransom scheme where hackers download tables, delete the originals, and leave ransom notes behind. ZDNet:



Hackers are targeting users of the Ledger cryptocurrency wallet with fake data-breach notifications to steal cryptocurrency from their victims. Bleeping Computer:



A startup that makes robotics automation software is emailing users about a security incident that exposed their personal information online. ZDNet:

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.