Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – Sept. 20th 2021

Sep 20, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

 

iMessage hack

Apple released an emergency patch to fix a vulnerability in iMessage that hackers had been using to target iPhone users. Vice: https://www.vice.com/en/article/3aq9q3/apple-patches-zero-click-imessage-hack-used-by-nso

 

Azure Open Management Infrastructure

Researchers discovered a series of vulnerabilities in the Open Management Infrastructure agent in Microsoft’s Azure. When users set up a Linux VM the agent is automatically deployed. Wiz: https://www.wiz.io/blog/secret-agent-exposes-azure-customers-to-unauthorized-code-execution

 

South African agencies

The Department of Justice and South African National Space Agency were targeted by hackers who encrypted their networks. GRC World Forums: https://www.grcworldforums.com/security-threats/two-south-african-government-agencies-hit-in-cyber-attacks/2606.article

 

Travis CI

Travis CI, a service used to build and test software projects, patched a security flaw that exposed API keys, access tokens and credentials of organizations that use public source repositories. The Hacker News:https://thehackernews.com/2021/09/travis-ci-flaw-exposes-secrets-of.html

 

Walgreens

The COVID test registration system of pharmacy giant Walgreens Boots Alliance exposed the data of millions of people, including their phone numbers, email addresses, names and birth dates. In some cases test results were also visible. Reuters: https://www.reuters.com/technology/walgreens-covid-19-test-registration-system-left-patient-data-unprotected-recode-2021-09-13/

 

Alaska Department of Health

Alaska’s Department of Health and Social Services announced that a cyberattack may have exposed residents’ personal and financial information. The Daily Swig: https://portswigger.net/daily-swig/alaska-department-of-health-reveals-data-breach-potentially-exposing-residents-financial-health-information

 

German election authority

Germany’s Federal Returning Officer, the authority running the country’s September 26th general election, is looking into cyberattacks against lawmakers during the campaign. Expatica: https://www.expatica.com/de/uncategorized/german-election-authority-confirms-likely-cyber-attack-336124/

 

Epik

Hackers released 180 gigabytes of user registration and domain information belonging to this controversial web registrar, which hosts extreme-right groups and individuals. Gizmodo: https://gizmodo.com/epik-was-warned-about-a-large-security-flaw-before-its-1847699550

 

TTEC

This US firm, which provides customer-sales-and-support services to numerous large and other companies, announced a ransomware attack that encrypted some of its data and severely disrupted services to its clients. Krebs on Security: https://krebsonsecurity.com/2021/09/customer-care-giant-ttec-hit-by-ransomware/ 

 

Zoho password manager

CISA issued a warning that a vulnerability in Zoho’s password manager and single-sign-on solution is being actively exploited in the wild. Zoho fixed the bug and is urging users to deploy the patch. The CyberWire: https://thecyberwire.com/newsletters/daily-briefing/10/180

 

DDoS-for-hire

A California jury reached a guilty verdict for a man charged in 2018 with operating two DDoS-for-hire services that enabled customers to launch DDoS attacks against websites. Krebs on Security: https://krebsonsecurity.com/2021/09/trial-ends-in-guilty-verdict-for-ddos-for-hire-boss/

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.