Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – July 6th 2021

Jul 6, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

 

Microsoft Edge

Microsoft released updates for its Edge browser to fix two security issues that could be exploited to inject arbitrary code. The Hacker News: https://thehackernews.com/2021/06/microsoft-edge-bug-couldve-let-hackers.html

 

Google Compute Engine

An unpatched security vulnerability in Google’s Compute Engine platform enables attackers to take over virtual machines over a network. The Hacker News: https://thehackernews.com/2021/06/unpatched-virtual-machine-takeover-bug.html

 

Windows

Researchers released a proof-of-concept remote code-execution exploit impacting Windows Print Spooler that was patched by Microsoft earlier this month — although the patch does not fully remediate the exploit. The Hacker News: https://thehackernews.com/2021/06/researchers-leak-poc-exploit-for.html

 

MonPass

One of Mongolia’s major certificate authorities experienced a supply-chain attack after hackers breached its website and installed backdoor software with Cobalt Strike binaries. The Hacker News: https://thehackernews.com/2021/07/mongolian-certificate-authority-hacked.html

 

LinkedIn

Data from about 700m LinkedIn users is up for sale on the dark web. The Microsoft-owned company is still investigating the issue, but said that the hackers scraped the information, and that it was not a breach at LinkedIn. Windows Central: https://www.windowscentral.com/details-over-700-million-linkedin-accounts-are-sale-following-data-breach

 

German banking system

German authorities stopped a cyberattack on a data-service provider used by federal agencies and banks. Bloomberg: https://www.bloomberg.com/news/articles/2021-06-30/russian-hackers-mounted-cyber-attack-on-german-banks-bild-says

 

University Medical Center, Las Vegas

The REvil ransomware gang hacked into the computer network of the University Medical Center and exfiltrated patient data. Infosecurity Magazine: https://www.infosecurity-magazine.com/news/data-breach-at-las-vegas-hospital/

 

EA

Gaming company EA is facing criticism after ignoring warnings from researchers that multiple vulnerabilities could enable hackers to take over its domains. So far the organization has done nothing to address the issues. ZDNet: https://www.zdnet.com/article/ea-ignored-domain-vulnerabilities-for-months-despite-warnings-and-breaches/

 

Navistar

Hackers leaked this US truck and military-vehicle manufacturer’s data on the dark web, exposing financial information. FreightWaves: https://www.freightwaves.com/news/navistar-data-leaked-on-auction-site-after-cyberattack

 

Coop Sweden

This supermarket chain was forced to close all its 800 stores after a ransomware attack on software vendor Kaseya disabled Coop’s cash registers and self-service checkouts. Reuters: https://www.reuters.com/technology/coop-other-ransomware-hit-firms-could-take-weeks-recover-say-experts-2021-07-05/ 

 

RPM

A security researcher discovered that RPM works with unauthorized RPM packages, and that unsigned packages signed with revoked keys could be updated without warning. ZDNet: https://www.zdnet.com/article/major-linux-rpm-problem-uncovered/

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.