Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – July 13th

Jul 13, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities



The REvil ransomware group targeted US IT company Kaseya with a zero-day vulnerability that deployed ransomware in a supply-chain attack that compromised thousands of businesses. BBC:


Android apps

Google removed nine apps that had been downloaded more than 5.8m times after it found that they stole Facebook login credentials. The Hacker News:


Microsoft Azure

Microsoft urged Azure users to update PowerShell to protect against a remote code execution vulnerability in .NET Core. The Hacker News:



Days after its launch, hackers scraped email addresses and other data from more than 90,000 GETTR users. GETTR is a new “social media platform” launched by one of Donald Trump’s former spokesmen. Vice:


Indian government

A cyber-espionage group known as SideCopy is targeting the Indian government and military with spear-phishing attacks to infect them with malware. The Record:


Philips Healthcare

Researchers disclosed multiple security vulnerabilities in the Philips Clinical Collaboration Platform Portal, used by hospitals and others for medical-image management. The flaws would enable hackers to take almost total control of any targeted system. The Hacker News:


Marsh McLennan

This global professional-services company experienced a data breach in April that enabled hackers to access Social Security numbers and other personal information of staff and clients. Business Insurance:


NSW Department of Education

Hackers hit Australia’s New South Wales Department of Education with a cyberattack. The Department took several internal systems offline as a precaution. ZDNet:


Morgan Stanley

Morgan Stanley disclosed that a data breach involving a third-party vendor enabled hackers to steal some of its corporate clients’ data. Reuters:



This medical-management company, which processes data, billing, and coding services for healthcare providers, notified 1.2m patients that their data had been stolen from its network. SC Magazine:



The German district of Anhalt-Bitterfeld experienced a cyberattack and declared a state of disaster after hackers infiltrated its computer systems. The district said it was “almost completely paralyzed.” DW:


Mint Mobile

US telecoms company Mint Mobile said it had experienced a data breach that enabled hackers to access customer phone numbers and subscriber data. Apple Insider:



A company that operates 120 gaming taverns in Nevada announced that it had experienced a cyberattack, and the hackers stole personal information.

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.