Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – Jun 22nd

Jun 22, 2020By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities



This set of vulnerabilities in a low-level TCP/IP software library could enable remote attackers to take control of targeted devices. The Hacker News: 


Oracle E-Business Suite

About half of Oracle EBS customers have not applied critical security patches to eliminate two critical vulnerabilities. The Hacker News:   



Parts of the British website of U.S. cosmetics company Avon went offline for more than a week after a ransomware attack on its IT systems. ComputerWeekly:



Hackers breached the website of fashion-accessory company Claire’s, along with one of its subsidiaries. Digital Journal:



Food delivery company Foodora experienced a data breach that exposed the data of 727,000 customers in 14 countries. CISOMag:



Online sports company Wiggle is investigating a possible cyberattack after receiving customer complaints that someone ordered items without their consent. Infosecurity:



South Africa’s Postbank is replacing 12m bank cards after an employee stole the 36-digit master key. Security Boulevard:


2016 CIA leak

According to an internal report, the theft of top-secret hacking tools from the CIA in 2016 was the result of a workplace culture where hackers “prioritized building cyber weapons at the expense of securing their systems.” The Washington Post:


Industrial control systems

Researchers discovered four new zero-day attacks aimed at these mostly old and highly insecure systems after hackers deployed them against honeypot systems they had created. ZDNet:



U.S. chipmaker MaxLinear disclosed that a “Maze” ransomware attack exposed certain proprietary information. Light Reading:


Amazon Web Services

Last week Amazon Web Services (AWS) announced that it had stopped one of the largest DDoS attacks in history. BBC:



This encrypted phone network says it is shutting down after police found that customers included hitmen and drug gangs across Europe. Vice:


Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.