Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – November 30th

Nov 30, 2020By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

Stantinko botnet

An adware and coin-miner botnet is targeting Linux servers, masquerading as HTTPd to fly under the radar. The Hacker News:



VMware released temporary workarounds to address a critical vulnerability (CVE-2020-4006) that impacts VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. The Hacker News:



The Drupal CMS software team patched a critical vulnerability in which attackers can add a second extension to a malicious file, upload it to a site, and have the file executed. ZDNet:



Liquid released a statement saying its domain-hosting provider, GoDaddy, incorrectly transferred control of Liquid’s account and domain to a malicious actor. Liquid:



A security researcher found a way to rewrite the firmware of Tesla key fobs via Bluetooth connection, lift an unlock code from the fob, and use it to steal a Model X. Wired:



Researchers discovered a significant security flaw in cPanel that enables attackers to bypass two-factor authentication for cPanel accounts. ZDNet:



A group of hackers breached Spotify’s systems and stole 350,000 account credentials in a credential-stuffing attack. Security researchers discovered the credentials in an unsecured database online. CNet:


US Fertility

This provider of IT services to numerous infertility clinics belatedly announced that a malware attack from August 2020 onwards had exposed individuals’ personal information. Herald-Mail:



Hackers exploited a vulnerability in the mobile-device security solutions offered by this U.S. firm, now owned by Utah-based Ivanti, to gain access to networks in government, healthcare and other industries. Information Security Buzz:


Sopra Steria

French IT-services company Sopra Steria said that the Ryuk ransomware attack that hit its network back in October would impact operating costs by €50m, due to the resulting unavailability of services and cost of remediation. Teiss:



Networking-equipment vendor Belden announced that hackers had gained access to a limited number of its file servers. ZDNet:



This U.K. cybersecurity company disclosed that unauthorized personnel had gained access to customer data after using a misconfigured tool to break into the systems. Tech Radar:


Banijay Group

Hackers hit this French-based multinational content production firm (whose shows include TV shows such as Masterchef and Big Brother) with DoppelPaymer ransomware, stealing sensitive employee and other commercial information. Bleeping Computer:


Baltimore County Schools

This Maryland, U.S. school district announced that its schools would be closed for students on Monday, Nov 30th, and Tuesday, Dec 1st because of a ransomware attack on its networks the previous week. CBS:

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.