Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – September 21st

Sep 21, 2020By Shaina Raskin

Cybersecurity companies

According to a new study, 97% of cybersecurity companies have data leaks and other security issues that result in sensitive information being exposed on the Dark Web. The Hacker News: https://thehackernews.com/2020/09/dark-web-cybersecurity-report.html

 

Department of Veterans Affairs

A cybersecurity breach at the Department of Veterans Affairs has potentially exposed the personal information of 46,000 veterans. FederalNewsNetwork:

https://federalnewsnetwork.com/veterans-affairs/2020/09/va-data-breach-exposes-personal-information-for-46000-veterans/

 

Greenville Technical College

Greenville Technical College in South Carolina discovered malware-infected files on its systems that impacted its ability to access those systems. WSPA:https://www.wspa.com/news/local-news/greenville-technical-college-releases-information-about-data-breach/

 

Dunkin’ Donuts Settlement

New York Attorney General Letitia James announced a settlement with Dunkin’ Brands, resolving a lawsuit over its failure to respond to successful cyberattacks that compromised tens of thousands of customers’ online accounts. SecurityMagazine: https://www.securitymagazine.com/articles/93393-dunkin-donuts-settles-data-breach-lawsuit

 

First death caused by ransomware

For the first time, a hospital patient’s death has been linked directly to a cyberattack. Police have launched a “negligent homicide” investigation after ransomware disrupted emergency care at Düsseldorf University Hospital in Germany. TechnologyReview:

https://www.technologyreview.com/2020/09/18/1008582/a-patient-has-died-after-ransomware-hackers-hit-a-german-hospital/

 

Android malware

An Iranian hacker group developed Android malware to steal two-factor-authentication SMS codes. The malware could steal codes for Google accounts and contained some functionality to do the same for Telegram and various social networks. ZDNet: https://www.zdnet.com/article/iranian-hacker-group-developed-android-malware-to-steal-2fa-sms-codes/

 

Mailfire

A company that provides online marketing tools left an Elasticsearch server unprotected online, exposing the personal data of hundreds of thousands of users who signed up for online dating sites. ZDNet: https://www.zdnet.com/article/leaky-server-exposes-users-of-dating-site-network/

 

Equinix

Hackers hit California-based Equinix, one of the US’s largest datacenter providers, with a ransomware attack and demanded $4.5m in ransom. The Windows Club: https://news.thewindowsclub.com/equinix-data-centers-hit-by-ransomware-incident-investigation-on-102990/

 

Manitoulin Transport

Following a ransomware attack on this large Canadian trucking company in July, hackers posted a cache of stolen data online. CDLLife: https://cdllife.com/2020/hackers-post-stolen-data-from-prominent-trucking-company-following-cyber-attack/

 

Like the report? Sign up below and get it in your inbox.

Products
Polymorphing - Linux
Polymorphic Build Farm - Open Source
Polyscripting
Polyscripting - WordPress
Solutions
Finance
Healthcare
Defense
DevSecOps
Embedded/IoT
HPC
Government
SUSE
Resources
Linux Weakness Report
Open Source Projects
Documentation
Resource Library
Webinars
Demos
Blogs
FAQ
Pricing
How to Buy
Partners
Get Demo
Company
About Us
Newsroom
Careers
Contact Us

10400 NE 4th St.
Suite 500
Bellevue, WA 98004

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.

polyverse small logo

© 2021 Polyverse

Terms of Use
Zerotect Terms and Conditions