Cybersecurity Bi-weekly Roundup: Week of 15th December
A cybersecurity Bi-weekly roundup of the latest cybersecurity news and research!
Halfway down the week and we’ve got you covered till the weekend about all the nitty-gritty in the world of cybersecurity!
1.6 Million WordPress Sites Under Cyberattack From Over 16,000 IP Addresses
Yet again a significant wave of an attack originating from 16,000 IP addresses and targeting over 1.6 million WordPress sites was noticed. WordPress safety firm Wordfence has surged attacks within the final 36 hours, exploiting safety bugs in 4 WordPress plugins and 15 Epsilon Framework themes, permitting risk actors to replace any choice on weak websites.
We strongly recommend ensuring that any sites running one of these plug-ins or themes has been updated to the patched version. Simply updating the plug-ins and themes will ensure that your site stays safe from compromise against any exploits targeting these vulnerabilities.
Google Takes Down Glupteba Botnet; Files Lawsuit Against Operators
Botnets use your devices to scam other people or cause disruptions all without your consent. Botnets are designed in such a way that they can easily grow, automate, and speed up a hacker’s ability to carry out massive attacks. Google announced that it has taken legal action against the Glupteba botnet that now controls more than 1 Mn Windows PCs around the world, and continues to infect new devices each day.
What makes Glupteba unique is it uses blockchain technology as a resiliency mechanism and its decentralized nature allows it to quickly recover from attacks making it difficult to shut down. Glupteba has been targeting Windows devices worldwide since 2011, the areas that were affected were the US, India, Brazil, and countries from Southeast Asia.
Pegasus Spyware Infects U.S. State Department iPhones
Recently, Reuters has told, it was found that the iPhones of at least nine US State Department employees have been infected with Pegasus spyware. The intrusions are said to be the widest known hacks of U.S. officials through Pegasus, the infamous spyware developed by Israel-based NSO technology. While the sources could not identify the culprit, it is believed the threat actors were customers of NSO Group. Pegasus mere installation can track the user’s location, activate their microphone, steal data, and more.
US food importer Atalanta admits ransomware attack
In 2021 alone, we saw a rapid increase in ransomware attacks. An estimated $20 billion damage caused a whopping 570% increase from 2015 and we are sure these numbers will keep on increasing. US food importer Atalanta recently admitted that they went through a ransomware attack. Atalanta released a statement on Wednesday (December 8) detailing its incident response since the late July attack. Though the company rapidly took actions regarding the investigation and identification of the individuals whose information was possibly involved, they also implemented additional security measures to further safeguard the systems and processes.
Threat actors stole $120 M in crypto from BadgerDAO DeFi platform
Someone successfully drained funds from multiple cryptocurrency wallets connected to the decentralized finance platform BadgerDAO. BadgerDAO is a distributed autonomous organization (DAO) that allows customers to bridge the user’s bitcoin with other blockchains. Though the attackers played it well and managed to infiltrate a malicious script into the user interface of the BadgerDAO website that further allowed them to intercept and hijack Web3 transactions. The funds were then snatched into a wallet controlled by the attackers.
Nine Popular WiFi Routers Used by Millions Were Affected by 226 Flaws
Here is a quick question for you, did you notice something suspicious with your wifi router? Because 9 popular wifi routers were affected by 226 flaws which were used by millions and maybe yours is one of them. Once again, easy passwords are a big no-no as some vendors were using simple default passwords on routers that made them easy to guess. Some users are known to use routers with their default credentials, which makes them really easy targets for attackers. Pro Tip: Users should update the firmware of their WiFi routers as soon as possible to apply the latest fixes and stay clear of any potential attacks.
Here is the end of Cybersecurity Bi-weekly with SAMA CSF compliance: 4 effective domains
In today’s time, everyone wants flawless customer service, continuous availability of services, and effective protection of sensitive data. There are a lot of established regulatory compliance frameworks that can help your organization to establish and maintain industry requirements, specifications, and also government legislation. SAMA created a framework by the amalgamation of best practices from a variety of other government frameworks such as NIST CSF, PCI DSS, and a few others. Adoption of the framework is a vital step for Saudi Arabian government so that they can manage and properly withstand if not all but most cyber threats.
