Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – Jun 15th

Jun 15, 2020By Shaina Raskin


A snapshot of last week’s reported cybersecurity breaches and vulnerabilities


The Indian government announced that it had addressed a critical security vulnerability in secure document wallet service Digilocker. The Hacker News:


Emergency Services

Hackers belonging to the Magecart group are leveraging misconfigured AWS S3 buckets to drop malware into emergency service-related websites. The Hacker News:


BellTroX InfoTech Services

An Indian IT company targeted government officials in Europe as well as investors in the United States via a range of cybersecurity attacks. Reuters:



Researchers released a new security bug known as CrossTalk that impacts Intel’s mobile, desktop and server CPUs.



As a result of a continuing investigation, Nintendo almost doubled its estimate of the number of user accounts compromised by hackers from 160,000 to 300,000. TechCrunch:


Babylon Health

Babylon, a British telehealth start-up, confirmed that a “software error” in an audio and video feature caused a “small number” of UK users to see other users’ sessions. TechCrunch:


Fitness Depot

Canadian retailer Fitness Depot told customers that their personal and financial information was stolen following a breach that affected the company’s e-commerce platform last month. Bleeping Computer:



The Japanese car maker announced that a cyberattack had disrupted internal networks and brought some of its global assembly plants to a standstill. BBC:


Florence Alabama

In May, KrebsOnSecurity alerted local-government officials in Florence, Alabama, that hackers had broken into their IT systems — a warning that was ignored. Last Friday, the hackers deployed ransomware and demanded $300,000 in Bitcoin. KrebsOnSecurity:


Facebook Messenger for Windows

Researchers disclosed details of a vulnerability in Facebook Messenger for Windows. The Hacker News: 



This Australian beverage company announced that a cyberattack had taken systems offline, and the company is still recovering from the attack. Food and Drink Business:


Enel Group

This European energy company experienced a ransomware attack that impacted its internal network. BleepingComputer:


City of Knoxville 

The city of Knoxville shut down its entire computer network after a ransomware attack targeted city offices. BleepingComputer:


Windows 10

Windows 10 admins are reporting that Microsoft’s most recent “Patch Tuesday” updates caused problems with a range of enterprise printers. ZDNet:


Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.