Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – May 3rd 2021

May 3, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

 

macOS malware

Researchers discovered a new vulnerability in macOS that enables hackers to break through most of its latest security protections. Apple pushed a patch for the vulnerability this week. TechCrunch: https://techcrunch.com/2021/04/26/shlayer-mac-malware-macos-security/

 

Linux kernel

Researchers from the University of Minnesota apologized to the Linux community after intentionally including vulnerabilities in the project’s code. The Hacker News: https://thehackernews.com/2021/04/minnesota-university-apologizes-for.html

 

BigBasket

A hacker leaked 20m user records containing personal information and hashed passwords belonging to this Indian online grocery-delivery company. BleepingComputer: https://www.bleepingcomputer.com/news/security/hacker-leaks-20-million-alleged-bigbasket-user-records-for-free/

 

Homebrew

Researchers discovered a security vulnerability in the Homebrew Cask repository that enables a hacker to execute arbitrary code on a user’s machine. The issue came from the way code-changes in its GitHub repository were handled. The Hacker News: https://thehackernews.com/2021/04/critical-rce-bug-found-in-homebrew.html

 

US soldiers

Employees of a US defense contractor discovered they could track US military operations through data generated by apps on soldiers’ mobile phones. The Wall Street Journal: https://www.wsj.com/articles/the-ease-of-tracking-mobile-phones-of-u-s-soldiers-in-hot-spots-11619429402

 

COMB21

A data dump on an online cybercrime forum exposed 3.28 billion passwords belonging to 2.18 billion unique government email addresses. The email addresses belong to domains in the US, UK, Australia, Brazil and Canada. The Hacker News: https://thehackernews.com/2021/04/32-billion-leaked-passwords-contain-15.html

 

Gyrodata

A US oil-drilling specialist suffered a ransomware attack that compromised current and former employee data. Infosecurity Magazine: https://www.infosecurity-magazine.com/news/us-drilling-giant-gyrodata/

 

DC police informants

Hackers compromised Washington, DC police networks and stole 250GB of unencrypted files. If the police do not pay a ransom, the hackers say they will expose police informants to criminal gangs. The Hacker News: https://thehackernews.com/2021/04/hackers-threaten-to-leak-dc-police.html

 

F5 Big-IP

Researchers discovered a new bypass vulnerability in the Kerberos Key Distribution Center security feature that impacts F5 Big-IP application-delivery services. The Hacker News: https://thehackernews.com/2021/04/f5-big-ip-found-vulnerable-to-kerberos.html

 

HashiCorp

HashiCorp disclosed a security breach that occurred due to the Codecov supply-chain attack. The company rotated the private key that it uses to sign and verify software releases as a precaution. Bleeping Computer:https://www.bleepingcomputer.com/news/security/hashicorp-is-the-latest-victim-of-codecov-supply-chain-attack/

 

Linux malware

Researchers discovered new Linux malware with backdoor capabilities that had managed to remain undetected for three years. The Hacker News: https://thehackernews.com/2021/04/researchers-uncover-stealthy-linux.html

 

Experian

Experian fixed a weakness in an API on a partner website that enabled anyone to look up the credit scores of millions of people. Krebs on Security: https://krebsonsecurity.com/2021/04/experian-api-exposed-credit-scores-of-most-americans/

 

Linux kernel

Hackers can exploit an information-disclosure vulnerability in the Linux kernel. The issue was discovered in a device running on Azure Sphere. ZDNet:https://www.zdnet.com/article/linux-kernel-vulnerability-exposes-stack-memory/

 

Post Rock Water District

A former employee of a water treatment plant in Kansas remotely accessed the plant’s computer system to shut down several processes. Security Boulevard:https://securityboulevard.com/2021/04/cyber-attack-haunts-a-public-water-supply-system-again/

 

DigitalOcean

This cloud-infrastructure company emailed customers to alert them of a data breach involving their billing data. The hackers gained access to customer account details through a flaw, which has since been fixed. TechCrunch: https://techcrunch.com/2021/04/28/digitalocean-customer-billing-data-breach/

 

Wyoming Department of Health

Wyoming Department of Health announced that someone accidentally uploaded the health information of more than 164,000 residents to a public online storage location on GitHub. Buckrail: https://buckrail.com/wdh-announces-data-breach-for-164021-wyomingites/

 

Reverb

This online musical instrument marketplace accidentally exposed users’ data. The Daily Swig: https://portswigger.net/daily-swig/musical-instrument-marketplace-reverb-suffers-data-breach

 

Whistler

Canada’s Whistler Resort Municipality experienced a cybersecurity incident, and suspended all online and some in-person services in response. CityNews 1130: https://www.citynews1130.com/2021/04/28/whistler-website-temporarily-down-following-cyber-security-incident/

 

AmeriTrust

A security incident at AmeriTrust, an insurance company, compromised customers’ personal loan information. The National Law Review: https://www.natlawreview.com/article/ameritrust-warns-customers-december-data-breach

 

FIVEHANDS ransomware

Hackers are using the SonicWall VPN vulnerability to deploy a new strain of ransomware called FIVEHANDS. The Hacker News: https://thehackernews.com/2021/04/hackers-exploit-sonicwall-zero-day-bug.html

 

PHP composer

The maintainers of the composer package manager for PHP patched a critical vulnerability that enabled hackers to execute arbitrary commands and backdoor every PHP package. The Hacker News: https://thehackernews.com/2021/04/a-new-php-composer-bug-could-enable.html

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.