Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – January 25th 2021

Jan 25, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities



Apple removed a feature that allowed its apps to bypass content filters, VPNs, and firewalls. The Hacker News:


Atlanta synagogue

An Atlanta synagogue’s website was the target of a cyberattack during its Martin Luther King Jr. Shabbat services. CNN:


UPS and Norfolk Southern

A data breach of a Virginia-based occupational healthcare provider exposed the medical records of truck drivers and rail workers working for UPS and Norfolk Southern. Freight Waves:



India’s largest airliner announced that some of its servers were hacked, and there is a possibility that hackers uploaded internal documents onto public websites. Hindustan Times:


FreakOut botnet

A new botnet is targeting unpatched applications running on top of Linux systems. The targets include data storage units and applications built on top of the Zend PHP Framework. ZDNet:



Researchers discovered a fourth SolarWinds malware strain used in the supply chain attack. Raindrop was used in the last stages of intrusion and deployed on select targets. ZDNet:


Signal, FB Messenger, JiChat, Google Duo

A Google Project Zero researcher discovered a vulnerability in popular video chat apps due to a logic bug in a calling state machine. The Hacker News:



The cybersecurity company announced that the SolarWinds hackers breached some of its emails. Reuters:



Aquaculture technology group AKVA detected a ransomware attack, which led to the shutdown of critical IT systems that are not yet back up and running. Fish Farmer Magazine:


Scottish Environment Protection Agency (SEPA)

A month after a ransomware attack, SEPA confirmed that hackers stole 1.2GB of data. SEPA is working to bring systems back online. ZDNet:



The maintainers of OpenWRT, an open-source project that provides free firmware for home routers, disclosed a security breach after a hacker accessed a forum administrator’s account. ZDNet:


MrbMiner malware

Researchers linked a new crypto-mining software that is infecting thousands of Microsoft SQL Server databases to a software development company based in Iran. The Hacker News:



A hacker posted 70 GB of stolen Bonobos customer data on a hacker forum. The data includes names, phone numbers, and the last four digits of credit card numbers. Tom’s Guide:



Intel released its Q4 earnings report early because a hacker illegally accessed earnings-related data. Dark Reading:



Hackers accessed the cybersecurity company’s internal systems after exploiting a zero-day flaw on its secure remote access products. CRN:



A hacker leaked a stolen database belonging to the Indian cryptocurrency exchange Buyucoin. The database contained tables for user records, trade transactions, linked bank account information, and more. Bleeping Computer:

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.