Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – October 5th

Oct 5, 2020By Shaina Raskin

Windows XP

The source code for Microsoft Windows XP and Windows server 2003 was leaked online, the first time the OS has been leaked to the public. The Hacker News: https://thehackernews.com/2020/09/windows-xp-source-code.html

 

Universal Health Services

A major hospital chain is experiencing one of the largest medical cyberattacks in U.S. history. Its hospitals have resorted to filing patient information with pen and paper. NBC News: https://www.nbcnews.com/tech/security/cyberattack-hits-major-u-s-hospital-system-n1241254

 

Operation SideCopy

Researchers discovered a cyber-espionage campaign targeting Indian defense units and armed forces. The Hacker News: https://thehackernews.com/2020/09/cyberattack-indian-army.html

 

Smart coffee machine

A security researcher discovered that he could hack a smart coffee machine without compromising the network or router it was connected to. Forbes: https://www.forbes.com/sites/daveywinder/2020/09/27/hacker-takes-coffee-machine-hostage-in-surreal-ransomware-attack/#4911b76e77f0

 

District of Columbia Bar

A security lapse by Washington DC’s bar association exposed lawyers’ application files, including government IDs and background checks. Tech Crunch: https://techcrunch.com/2020/09/30/district-columbia-bar-exposed-personal-data/

 

International Maritime Organization

This U.N. shipping agency announced that a cyberattack had disabled its website and intranet. gCaptain: https://gcaptain.com/international-maritime-organization-hit-by-cyber-attack/

 

Microsoft Digital Defense Report

Microsoft published a new report that found hackers can in some cases encrypt an entire network in less than 45 minutes. ZDNet: https://www.zdnet.com/article/microsoft-some-ransomware-attacks-take-less-than-45-minutes/

 

CMA CGM

Hackers hit this major French shipping company with a ransomware attack. The company managed to contain the attack before it spread throughout its entire network. gCaptain: https://gcaptain.com/shipping-giant-cma-cgm-hit-by-cyber-attack/

 

Cache Creek Casino Resort

A cyberattack shut down this Northern California casino and caused an internal system infrastructure failure. Security Infowatch: https://www.securityinfowatch.com/cybersecurity/news/21156746/northern-california-casino-shut-down-by-cyber-attack

 

Flight-tracking services

Several flight-tracking services experienced a cyberattack that disrupted functionality and rendered them unusable for several hours. Latest Hacking News:https://latesthackingnews.com/2020/10/01/real-time-flight-tracking-services-suffered-cyber-attack/

 

Ransomware gangs

According to new research, ransomware gangs are adding more sophisticated tools to their toolsets and increasing their ransom demands. ZDNet:https://www.zdnet.com/article/ransomware-gangs-are-shifting-targets-and-upping-their-ransom-demands/

 

Clark County, Nevada

Hackers published documents containing grades and social-security numbers of students from Clark County, Nevada, after school officials refused to pay ransom demands to unlock district computer servers. Wall Street Journal: https://www.wsj.com/articles/hacker-releases-information-on-las-vegas-area-students-after-officials-dont-pay-ransom-11601297930

 

Anthem data breach

America’s second-largest health insurer agreed to pay out $39.5m as part of a multi-state settlement in the wake of a cyberattack and data breach in 2014 that exposed the personal information of almost 80m Americans. Reuters:

https://www.reuters.com/article/us-anthem-cyber-idUSKBN26L2PW  

 

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.