Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – May 24th 2021

May 24, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

 

Microsoft Build Engine

Hackers are using MSBuild, an open-source build tool for .NET and Visual Studio, to filelessly deliver remote-access trojans and malware. The Hacker News:https://thehackernews.com/2021/05/hackers-using-microsoft-build-engine-to.html

 

Ardagh

This Luxembourg-based glass- and metal-packaging manufacturer announced that it had experienced a cyberattack and is working to bring its IT systems and applications back online. The Daily Swig: https://portswigger.net/daily-swig/packaging-vendor-ardagh-admits-cyber-attack-disrupted-operations

 

Apple

According to a report inThe New York Times, Apple’s privacy concessions make it nearly impossible for the company to stop the Chinese government from gaining access to the personal information of Chinese residents. The Hacker News: https://thehackernews.com/2021/05/how-apple-gave-chinese-government.html

 

National Library, Prague

A library spokesperson said that it had turned off IT and other critical systems following a cyberattack. Czech Radio: https://english.radio.cz/cyber-attack-targets-national-library-prague-8717956

 

European and South American banks

Hackers are using a previously unknown banking trojan known as “Bizarro” to steal credentials from customers of 70 banks in various European and South American countries. The Hacker News: https://thehackernews.com/2021/05/70-european-and-south-american-banks.html

 

Rocket.Chat

Developers at Rocket.Chat patched two remote code execution bugs in the open-source messaging platform. The Daily Swig: https://portswigger.net/daily-swig/nosql-injection-bugs-in-rocket-chat-left-servers-open-to-rce-attacks

 

DarkSide hackers

The hacking group behind the Colonial Pipeline attack received $90m in bitcoin payments from ransomware attacks over the last nine months. The Hacker News: https://thehackernews.com/2021/05/darkside-ransomware-gang-extorted-90.html

 

Air India

Hackers hit Air India’s customer database with a cyberattack and impacted the personal information of 4.5m customers. Times of India: https://timesofindia.indiatimes.com/business/india-business/air-india-hit-by-massive-data-breach-flyer-data-compromised/articleshow/82836734.cms

 

Android apps

Twenty-three misconfigured Android apps are leaking the sensitive information of more than 100m users. The Hacker News: https://thehackernews.com/2021/05/these-23-android-apps-expose-over.html

 

BtcTurk

One of the largest cryptocurrency exchanges in Turkey admitted to a data breach that occurred in 2018 and affected more than 500,000 users. The exchange initially denied the hack but had to come clean after hackers posted data they accessed. CoinGeek: https://coingeek.com/turkish-exchange-btcturk-admits-to-2018-data-breach-affecting-over-500k-users/

 

Oldsmar water plant

New information about the Oldsmar water-plant hack that occurred earlier this year revealed that an infrastructure contractor hosted malicious code on its website following a watering-hole attack. The Hacker News:https://thehackernews.com/2021/05/watering-hole-attack-was-used-to-target.html

 

Domain

Hackers targeted an Australian real-estate listing portal with a cyberattack to phish rental applicants requesting deposits to secure their preferred properties. 7 News: https://7news.com.au/business/domain-real-estate-cyber-attack-sees-rental-applicants-asked-to-pay-fake-deposits-by-third-party-c-2887780

 

Domino’s

A hacker allegedly leaked Domino’s customer data; the company admitted to a data breach but claimed that it had not impacted customers’ financial information. Live mint: https://www.livemint.com/companies/news/hacker-leaks-domino-s-customer-data-firm-says-financial-information-safe-11621729101700.html

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.