Cyber Security Today, Sept. 12, 2022 – A vulnerability found in the BackupBuddy WordPress plugin, a new Linux malware discovered, and more

Share post:

A vulnerability found in the BackupBuddy WordPress plugin, a new Linux malware discovered, and more.

Welcome to Cyber Security Today. It’s Monday, September 12th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Threat actors continue to use flaws in WordPress plugins to get into services hosted by the content manager. The latest example is a backup utility called BackupBuddy. According to researchers at Wordfence, the vulnerability makes it possible for unauthenticated users to download files stored in WordPress. BackupBuddy users may have had their WordPress sites attacked as early as August 26th. Administrators should be running version 8.7.5 of BackupBuddy. They should also be looking for signs of possible compromise.

Attention Linux administrators: New malware targeting devices of all kinds running Linux has been discovered. Researchers at AT&T call the malware Shikitega. They call it that because of the similar name of the encoder the package uses. Researchers don’t say how devices get initially infected. But a successful attacker can gain full control of the infected system, including depositing a cryptocurrency miner. This malware can attack anything running Linux, including desktops, servers, sensors and industrial control systems. Linux administrators are urged to protect systems against infection by keeping software patched with security updates and installing antivirus or endpoint detection and response software on all endpoints.

More than US$30 million in cryptocurrency stolen by North Korean-based threat actors has been seized by law enforcement agencies. That’s according to blockchain provider Chainalysis. It worked with several companies and unnamed police departments who were able to freeze digital currencies taken from online exchanges, games and businesses that use cryptocurrencies. With the funds frozen the thieves can’t cash out. The investigation started after the theft in March of more than US$600 million in cryptocurrency from the Ronin Network, a cryptocurrency bridge used for a blockchain-based game. Some of that money was laundered through a service called Tornado Cash. Shortly after that theft Tornado Cash was sanctioned by the U.S. Treasury Department for being abused by threat actors trying to cash out cryptocurrency.

Last week the Coinbase cryptocurrency exchange said it is funding a legal challenge to the sanctioning of Tornado Cash. It argues the government should go after bad individuals, not a technology.

Attention medical IT specialists: If you have Baxter Sigma Spectrum Infusion Pumps in your environment watch for security updates and mitigations from the company. This comes after the discovery by researchers at Rapid7 of vulnerabilities in the devices and the battery units they use that connect to a Wi-Fi network. One mitigation is to restrict physical access to these infusion pumps. Another is to monitor network traffic connected to these pumps for unauthorized activity.

Finally, the U.S. Treasury Department has added Iran’s intelligence minister and the country’s Ministry of Intelligence and Security to its sanctions list for being behind cyber attacks against the United States and its allies. This comes after threat actors believed to be sponsored by the ministry disrupted Albanian government computer systems. That government was forced to suspend online public services for its citizens. The U.S. says the Iranian intelligence ministry supports a threat group known to security researchers as MuddyWater and a group dubbed APT39. The sanctions mean that all property and interests of the minister and his department that are subject to U.S. jurisdiction are blocked.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, Sept. 12, 2022 – A vulnerability found in the BackupBuddy WordPress plugin, a new Linux malware discovered, and more first appeared on IT World Canada.

Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

40 thousand routers compromised: Hashtag Trending for Wednesday, March 27th, 2024

A new cyberthreat is taking down home routers. Germany passes a law insisting on end to end encryption. Reports expose the craziness of tech hiring practices, the US government has had it with SQL injection attacks and Elon Musk gets a smackdown from a federal judge as we see more from the X files –

Cyber Security Today, March 27, 2024 – A botnet exploits old routers, a new malware loader discovered, and more warnings about downloading code from...

This episode reports on a new network of 40,000 infected small and home office routers and other devices that are part of a criminal botnet

Apple gets hammered by the EU again: Hashtag Trending for Tuesday, March 26, 2024

Apple gets hammered by the EU once again while there’s a threat in the US of breaking up the big tech giants. Google appears to have another problem AI implementation, Steve Wozniak is back as an unlikely critic of the TikTok ban, a new open source AI that runs on your computer an an Amazon

CIOs complain of “application sprawl” – Hashtag Trending, Monday March 25th, 2024

Apple may get an unexpected penalty from the US Governments new lawsuit, survey of CIOs complains of application sprawl but proposes that the way to get out of it is “more applications”, 1% of employees cause 89% of data loss events and information surfaces about some potentially enormous developments in AI in the coming months.

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways