Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – March 15th 2021

Mar 15, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities


Microsoft Exchange

The White House is warning organizations that they have “hours, not days” to fix Microsoft Exchange’s vulnerabilities. CNN:


University of the Highlands and Islands

IT engineers are working to isolate and minimize the extent of a cyberattack’s damage that disrupted 13 colleges and research institutions. BBC:


Benefit Recovery Specialists

A Texas Medicaid contractor ended its relationship with its billing and collection provider following a cyberattack that exposed the personal information of 275,000 patients. Beckers Hospital Review:



Researchers discovered a new SolarWinds malware strain on servers backdoored in the SolarWinds hack. The strain is known as SUNSHUTTLE and is written in Go. The Register:


BADHATCH malware

The FIN8 hacking group is back after a year and a half break with a new backdoor tool that steals payment card data from PoS systems. The Hacker News:



A security startup that provides cloud-based security camera services suffered a major security breach. Hackers accessed over 150,000 cameras, including those in Tesla factories, Cloudflare offices, Equinox gyms, and more. The Verge:



F5 published an advisory warning for four critical vulnerabilities that impact multiple products and could result in remote code execution on target networks. The Hacker News:



A fire destroyed an OVHCloud datacenter and damaged other server buildings. OVHCloud is the largest European cloud provider, and government hackers and sophisticated criminal groups used several of the destroyed servers. Vice:


Molson Coors

Brewing company Molson Coors disclosed that it experienced a cyberattack that disrupted operations and beer production. ZDNet:



Hackers used a zero-day security vulnerability in the Plus Addons for Elementor plugin to remotely take over a website. Threatpost:



In July 2020, a collaborative crypto-trading platform experienced a cyberattack where hackers stole 114 BTC and 281 ETH worth 1.18m Euros. 2gether announced that it is compensating users to give back the cryptocurrency stolen from their accounts. HackerNoon:


Norwegian Parliament

The Norwegian Parliament announced a cyberattack hit IT systems six months after the previous one was publicized. Reuters:


Saint Alphonsus Health System

An Idaho-based health system began notifying patients of an email hacking incident that exposed their personal information. Some letters mailed to victims mistakenly said they were dead. Beckers Hospital Review:



Researchers discovered a new malware written in Nim, a relatively unknown programming language. The Hacker News:


Fastway Couriers

Fastway Couriers confirmed that one of its IT systems experienced a cyberattack in February. The compromise impacted The personal information of over 446,000 package deliveries in Ireland. SiliconRepublic:


ZHtrap botnet

A new botnet is infecting routers, DVRs, and UPnP network devices and turning them into honeypots to help find other targets. Bleeping Computer:


Linux kernel

Researchers discovered three vulnerabilities in the Linux kernel that have been in the code since 2006. SCMagazine:



A Dutch e-ticketing platform experienced a data breach after a hacker stole a database of 1.9m email addresses from an unsecured staging server. Digital Journal:

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.