Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – Sept. 13th 2021

Sep 13, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

 

Ghostscript

Researchers published a proof-of-concept exploit code for an unpatched Ghostscript vulnerability. Ghostscript is a library that enables applications to process PDFs and PostScript-based files. The Record:https://therecord.media/ghostscript-zero-day-allows-full-server-compromises/

 

Dotty’s

Fast-food and gambling chain Dotty’s experienced a cyberattack that exposed the personal data of customers. The Daily Swig: https://portswigger.net/daily-swig/data-breach-at-us-restaurant-and-gambling-chain-dottys-may-have-leaked-sensitive-customer-information

 

Howard University

Washington DC-based Howard University canceled classes after hackers deployed a ransomware attack against the school’s network. CNN: https://www.cnn.com/2021/09/07/politics/howard-university-ransomware-attack/index.html

 

France-Visas

France’s Ministry of Foreign Affairs and Ministry of the Interior announced that a cyberattack compromised the data of 8,700 people applying for visas via the France-Visas website. Infosecurity Magazine: https://www.infosecurity-magazine.com/news/french-visa-applicants-cyber-attack/

 

Coalinga State Hospital

The State Hospital Department of California announced a data breach at Coalinga State Hospital that exposed the personal information of 1,800 past and present patients. California News Times: https://californianewstimes.com/data-breach-at-coalinga-state-hospital-reveals-private-information-on-nearly-1800-patients/511216/

 

Jenkins project

The Jenkins infrastructure team identified a successful cyberattack against a deprecated Confluence service. They do not believe any releases, plugins or source code has been impacted. Jenkins: https://www.jenkins.io/blog/2021/09/04/wiki-attacked/

 

New Zealand financial institutions

The websites of several New Zealand financial institutions, the country’s postal service and several other organizations were briefly offline due to a DDoS attack. Reuters: https://www.reuters.com/world/asia-pacific/new-zealand-banks-post-office-hit-by-outages-apparent-cyber-attack-2021-09-08/

 

Fortinet FortiGate

Fortinet confirmed that a hacker disclosed VPN login names and passwords associated with 87,000 FortiGate devices. Credentials from unpatched systems may still be vulnerable. The Hacker News: https://thehackernews.com/2021/09/hackers-leak-vpn-account-passwords-from.html

 

United Nations

A hacker used stolen credentials to breach part of the UN’s network and steal critical data. Threatpost: https://threatpost.com/data-theft-united-nations/169357/

 

MyRepublic

Hackers compromised almost 80,000 mobile subscribers of this Singaporean telecoms company in a breach of a third-party data-storage platform. Straits Times: https://www.straitstimes.com/tech/tech-news/hackers-stole-personal-data-of-79400-myrepublic-customers-including-copies-of-nrics 

 

Yandex

Russian tech company Yandex announced that hackers hit its servers with one of the largest DDoS attacks in history this summer. RadioFreeEurope: https://www.rferl.org/a/russia-yandex-cyber-attack-/31453244.html

 

Meris botnet

KrebsOnSecurity also experienced a major DDoS attack from the same botnet that hit Yandex, but was only briefly impacted. KrebsOnSecurity: https://krebsonsecurity.com/2021/09/krebsonsecurity-hit-by-huge-new-iot-botnet-meris/

 

Fujitsu

Fujitsu, a Japanese technology company, said that data allegedly stolen from it and now being sold by hackers online does not belong to the firm, and is not related to a cyberattack on its systems. TechTimes: https://www.techtimes.com/articles/265244/20210910/fujitsu-confirms-stolen-data-marketed-cybercriminals-marketo-theirs.htm

 

Kiwibank

A New Zealand bank is still experiencing issues because of a cyberattack that took systems offline. Customers are still blocked from accessing their online accounts to make payments and transfers. NZ Herald: ??https://www.nzherald.co.nz/business/cyber-attack-kiwibank-customers-still-having-access-issues/ZSM7LVX6IJTZOWLG3KT5WYLQSY/

 

Wisconsin Dells casino

The Ho-Chunk Nation brought in security experts to investigate an incident that shut down the tribe’s computer systems at its Wisconsin Dells casino. Wisconsin State Journal: ??https://madison.com/wsj/news/local/ho-chunk-say-theyve-engaged-security-experts-to-probe-dells-casino-computer-system-failure/article_fab5ac4b-4abe-524d-a97b-722e2e16aeaa.html

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.