Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – Oct. 11th

Oct 11, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

 

Apache Airflow

Researchers discovered exposed instances of Apache Airflow leaking sensitive information from well-known tech companies. Airflow is an open-source workflow management platform. Bleeping Computer: https://www.bleepingcomputer.com/news/security/misconfigured-apache-airflow-servers-leak-thousands-of-credentials/

 

Sandhills Global

Sandhills Global, which hosts a range of online entities from publications to auction sites, experienced a ransomware attack last week, taking its systems and operations offline. Agweb: https://www.agweb.com/news/business/technology/popular-online-farm-equipment-and-land-auction-service-sites-crippled

 

Apache webserver

The Apache Software Foundation released a security patch to address a zero-day vulnerability in its HTTP Web Server project. The Record: https://therecord.media/apache-fixes-actively-exploited-web-server-zero-day/

 

UEFI bootkit

Researchers discovered a new bootkit malware that can be traced back to 2012. The malware roots in the EFI System Partition and persists through a patch in the Windows Boot Manager. ZDNet: https://www.zdnet.com/article/meet-especter-a-new-uefi-bootkit-for-cyber-spying/

 

Twitch

A hacker published 125GB of source-code repositories, creator payouts, proprietary software-development kits, and other internal data from Twitch, a video-game streaming company owned by Amazon. Tech Crunch:https://techcrunch.com/2021/10/06/hacker-leaks-twitch-source-code-and-creator-payout-data/

 

Several days after the cyberattack was made public, hackers adorned Twitch users’ screens with a picture of Amazon founder Jeff Bezos. GeekWire:https://www.geekwire.com/2021/twitch-got-e-vandalized-overnight-photos-jeff-bezos-amid-fallout-data-breach/

 

Gustafson & Co

A Portland, Oregon, accounting firm settled with the state after a 2020 data breach compromised the personal and financial information of 1,900 Oregonians. The Oregonian: https://www.oregonlive.com/silicon-forest/2021/10/portland-accounting-firm-will-pay-50000-for-failing-to-disclose-data-breach-as-digital-intrusions-spike.html

 

Lodi Unified School District

A cybersecurity incident took down the network, computers and phone lines of this California school system. The district has not confirmed whether it was a ransomware attack. CBS Sacramento: https://sacramento.cbslocal.com/2021/10/05/lodi-schools-hit-with-district-wide-cyber-security-incident/

 

State-backed hacks

Microsoft said that Russia accounted for 58% of the state-sponsored hacking it had detected over the past year; other major attackers include North Korea, Iran, China, Turkey and Vietnam. The hacks targeted government agencies, think tanks and NATO members, among others. The Register: https://www.theregister.com/2021/10/08/microsoft_digital_defence_report/NY1:

 

FontOnLake malware

Researchers found a new malware campaign targeting entities in Southeast Asia with Linux malware engineered to enable remote access. The Hacker News:https://thehackernews.com/2021/10/researchers-warn-of-fontonlake-rootkit.html

 

Weir

Hackers hit one of Scotland’s biggest engineering firms with a ransomware attack, forcing it to shut down some operations. The company estimates that the incident will cost it up to £5m. BBC: https://www.bbc.com/news/uk-scotland-scotland-business-58801753

 

Harvard-Westlake

Hackers exposed students’ and alumnis’ confidential academic files from Los Angeles private school Harvard-Westlake. The students include children of billionaires, influential political donors, and well-known actors. The Hollywood Reporter: https://www.hollywoodreporter.com/lifestyle/lifestyle-news/data-hack-alumni-harvard-westlake-private-school-1235028877/

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.