Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – September 8th

Sep 8, 2020By Shaina Raskin

Thales Group

IBM security researchers discovered a potential vulnerability in IoT software made by a subsidiary of France’s Thales, and used in numerous internet-connected devices, including insulin pumps. Mass Device:



US technology conglomerate Cisco warned users of an active zero-day vulnerability that impacts any device running its IOS XR software. The Hacker News: 



Researchers discovered the first Mac malware accidentally notarized by Apple’s app-screening software. Tech Crunch:



Hackers are actively exploiting a vulnerability in WordPress websites running the File Manager plugin. Security firm Wordfence announced that it had blocked more than 450,000 exploits attempts in the past few days. Ars Technica:


Paytm Mall

A cybercrime group breached Paytm Mall’s databases, impacting all accounts and related information on this Indian e-commerce platform. Times of India:  



A cyberattack hit the Norwegian parliament, and several email accounts of elected officials were hacked. ZDNet: 


New South Wales drivers licenses

Hackers breached an unnamed commercial company in Australia, and stole thousands of New South Wales drivers’ personal information. ZDNet:



Researchers discovered that the Evilnum hacking group had updated its infection chain to deploy a Python RAT to gather information, capture keystroke data, open an SSH shell, and more. The Hacker News: 


Middle East and North Africa

A strain of Thanos ransomware hit government-run organizations in the Middle East and North Africa. Cyberscoop: 



A cyberattack hit Telmate, a prison phone service, exposing the contact and other data of millions of inmates. Endgadget: 


Excel malware

A new malware game uses malicious Excel files compiled with EPPlus, giving them a higher chance of evading security systems. ZDNet: 


Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.