Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – June 29th 2021

Jun 29, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities



Microsoft confirmed distributing a signed malicious driver within gaming environments. The driver was a rootkit communicating with Chinese command-and-control IPs. Bleeping Computer:


Cosmolog Kozmetik

A leaky Amazon S3 bucket exposed the personal information of thousands of retail customers of a popular Turkis beauty products company. Infosecurity:


Korea Atomic Energy Research Institute (KAERI)

North Korean hackers used a vulnerability in a VPN to infiltrate South Korea’s state-run KAERI. The think tank blocked the attacker’s IP address and applied security patches to the vulnerable VPN. The Hacker News:


DarkRadiation ransomware

Researchers discovered a new ransomware strain implemented in Bash that targets Linux and Docker cloud containers while using Telegram for command-and-control communications. The Hacker News:



Graphics chip company NVIDIA released software updates to patch 26 vulnerabilities in its Jetson system-on-module series to enable an attacker to escalate privileges. The Hacker News:


San Francisco Bay Area water facility

NBC reported that an unidentified hacker used a former plant employee’s account to gain entry to a Bay Area water treatment facility. Industry Week:



A supermarket chain experienced a data breach due to two misconfigured cloud storage databases. The CyberWire:


Reproductive Biology Associates

A Georgia fertility clinic disclosed a data breach due to a ransomware attack where hackers stole files containing sensitive patient information. Bleeping Computer:


WorkForce West Virginia

West Virginia’s unemployment agency announced that it experienced a security breach and took its systems offline. WTRF:


Mercedes-Benz USA

Mercedes-Benz USA announced that sensitive personal information of almost 1,000 customers and interested buyers were accessible on a cloud storage platform. Reuters:


Western Digital

Hard drive company Western Digital urges users of MyBook network storage drives to disconnect them from the internet because of a critical flaw that can be triggered to wipe the drives remotely. Krebs on Security:



Nine months after researchers first published their findings on the BootHole vulnerability, there is renewed interest in GRUB2 and boot security. Eclypsium:



Microsoft announced that an attacker accessed one of its customer-service agents and used the information to launch hacking attempts on customers. Microsoft discovered the compromise while investigating the SolarWinds breach. Reuters:



A Taiwanese networking company is warning customers of ongoing attacks targeting its firewall and VPN servers. The Hacker News:

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.