Warning for FatPipe administrators, BIOS alert for Intel processors and new website malware found.
Welcome to Cyber Security Today. It’s Friday November 19th. I’m Howard Solomon, contributing writer on cybersecurity for ITWorldCanada.com.
Attention network administrators: If you run the FatPipe MPVPN, Warp or IPVPN devices install the latest software updates. They patch a serious zero-day vulnerability. According to the FBI attackers have been exploiting it since at least May. They broke into the devices, got root access, elevated their access privileges and then moved deeper into the IT infrastructure. In most cases after the attack was finished the gang hid its activity but left the exploit available for future use. Fatpipe has issued an advisory with detailed mitigations.
Later today a cybersecurity expert and I will talk about zero-day exploits on my Week in Review podcast.
Another alert administrators have to pay attention to comes from Intel, which said there are potential security vulnerabilities in the BIOS firmware of a number of its processors. If an attacker has their hands on an affected computer or server they may be able to escalate their access privileges from a low level to high. Those with affected processors should watch for BIOS updates from motherboard manufacturers. However, the Bleeping Computer news site notes that some older motherboard makers may not still be updating those products.
An Ontario private healthcare provider has agreed to a proposed $3.4 million settlement of a breach of privacy class action lawsuit. CarePartners, based just outside of Toronto in Mississauga, faced the lawsuit after a 2018 data breach. The lawsuit alleges hackers told the company they copied virtually all of the firm’s data on 237,000 patients and 4,500 employees and contract workers dating back to 2010. The company refused to pay a ransom to the attackers to not post the data online. The suit alleges the victims weren’t told about the breach until it was reported by CBC News. The proposed agreement will come before a judge for approval in February.
Attention e-commerce website administrators: New malware has been found that is compromising Linux-based sites. A security firm called Sansec says it found an attacker found a vulnerability in a website plug-in and used that to upload a backdoor. Then the server’s code was changed to allow the interception of payment card data for purchases. The malware has been seen on servers in the U.S. and Europe. Anti-virus scanners may not detect this malware. At any rate, it’s important all website administrators have defences in place to make sure their sites’ code isn’t altered.
That’s it for this morning’s edition. Don’t forget later today the Week in Review podcast will be out. A cybersecurity expert and I will talk about the hack of an FBI web site and a serious vulnerability found in the memory chips in computers.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.