Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – Jun 8th

Jun 8, 2020By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities


Researchers disclosed details of a vulnerability in VMware Cloud Director, a widely used deployment, automation and management software. The Hacker News:


SAP patched vulnerabilities in its Sybase Adaptive Server Enterprise after discovering the issues during a security test of the product. The Hacker News:


Researchers discovered this new Chinese APT that relies on USB media to exfiltrate data from air-gapped systems. The Hacker News:


The team behind this firm’s open-source content-management system announced a security breach. ZDNet:


Researchers found a misconfigured AWS S3 bucket exposed on the internet that belongs to this Spanish e-learning platform, used by hundreds of thousands of students globally. Security:

Bharat Interface for Money

A data breach at this Indian mobile-payment app exposed the personal and financial data of millions of users across the country. Infosecurity:

Westech International

Hackers stole confidential documents from this U.S. nuclear-missile contractor in a cyberattack. Infosecurity:


Amtrak disclosed a data breach that may have compromised personal information. ZDNet:


A recent study found that only one-third of users change their passwords following a data breach announcement. ZDNet:


Attackers unsuccessfully targeted 1.3m WordPress websites over the weekend in an attempt to download configuration files and database credentials. Threatpost:

San Francisco Employee’s Retirement System

The city workers’ pension fund reported a data breach that impacted 74,000 members. GovTech:

CPA Canada

Chartered Professional Accountants of Canada is notifying members of a data-security incident that affected personal information held by the organization. CPA Practice Advisor:

Digital Management

Ransomware gang DopplePaymer announced that it had breached a network belonging to Digital Management, an IT-service provider to NASA, among others. JDSupra:

Windows 10

A US-government cybersecurity agency is warning Windows 10 users that their systems are still vulnerable to a three-month-old security flaw. Forbes:

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.