Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – Sept. 27th 2021

Sep 27, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

 

Adobe ColdFusion

Despite being patched by Adobe a decade ago, two old ColdFusion vulnerabilities were recently exploited by hackers to deploy ransomware. Security Week:https://www.securityweek.com/decade-old-adobe-coldfusion-vulnerabilities-exploited-ransomware-gang

 

Suex cryptocurrency exchange

The US Treasury Department is sanctioning Russia’s Suex cryptocurrency exchange for its role in laundering ransoms from cyberattacks. CNBC: https://www.cnbc.com/2021/09/21/us-treasury-sanctions-cryptocurrency-exchange-suex.html

 

VoIP.ms

This Quebec-based provider of VoIP services was hit by a DDoS cyberattack that is disrupting phone calls and other services. Ars Technica: https://arstechnica.com/gadgets/2021/09/canadian-voip-provider-hit-by-ddos-attack-phone-calls-disrupted/?comments=1

 

21c Museum Hotels

A Louisville-based hotel chain informed employees of a data breach that impacted their email and personal information. The Business Journals: https://www.bizjournals.com/cincinnati/news/2021/09/20/louisville-hotel-chain-reports-data-breach.html

 

Marketron

A Russian hacking group launched a cyberattack on Marketron, a company that helps companies automate their advertising campaigns. The attack impacted thousands of Marketron’s customers, including several radio stations in Vermont. WCAX3: https://www.wcax.com/2021/09/21/vermont-radio-stations-victims-cyber-attack/

 

Simon Eye

This US chain of optometry clinics reported a data breach that impacted more than 144,000 patients. The attackers “attempted to engage in wire transfer and invoice manipulation attacks” against the company. The Daily Swig: https://portswigger.net/daily-swig/us-optometry-provider-simon-eye-hit-by-data-breach-impacting-144-000-patients

 

Marcus & Millichap

This California-based commercial real-estate brokerage said that it had been hit by a cyberattack, but doesn’t believe that a breach occurred. The Real Deal:https://therealdeal.com/2021/09/20/marcus-millichap-says-it-was-the-target-of-a-cyber-attack/

 

Voicenter

Israeli communications company Voicenter announced that a cyberattack paralyzed several of its customers’ communications systems. Ynetnews: https://www.ynetnews.com/business/article/rjieci8xt

 

macOS

Researchers disclosed a vulnerability in macOS Finder that enables an attacker to run commands on Macs running any version up to the latest Big Sur release. Bleeping Computer: https://www.bleepingcomputer.com/news/apple/new-macos-zero-day-bug-lets-attackers-run-commands-remotely/

 

iCloud Private Relay

A weakness in Apple’s iCloud Private Relay function could be used to leak IP addresses from iOS devices running the latest version of the operating system. The Hacker News: https://thehackernews.com/2021/09/apples-new-icloud-private-relay-service.html

 

The Port of Houston

Hackers targeted the Port of Houston with a cyberattack on a password-management program. The port says it successfully defended itself, and no operations data or systems were impacted. The Hill: https://thehill.com/homenews/state-watch/573749-major-us-port-target-of-attempted-cyber-attack

 

Ursa Farmers Cooperative

Hackers demanded $6m in ransom from a cyberattack that targeted a farming cooperative in Iowa. The cooperative experienced a similar attack in 2018. WGEM: https://wgem.com/2021/09/23/farmers-coop-reacts-to-cyber-threat/

 

Debt-IN Consultants

A ransomware attack on a debt-recovery service potentially exposed more than one million South Africans’ personal data. The attack occurred in April but was only confirmed this week. The Daily Swig: https://portswigger.net/daily-swig/millions-of-south-africans-caught-up-in-security-incident-after-debt-recovery-firm-suffers-significant-data-breach

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.