Malware terrorizes Linux, Cyberattack disrupts water, Cyber incidents surge

From a product strategy perspective, DMARC reporting is evolving from a security tool to a business intelligence platform, says Brad Slavin, General Manager of DuoCircle. The data in aggregate reports tells you not just who’s spoofing you, but who’s sending legitimate email on your behalf - and whether they’re doing it correctly.

_According to the FBI’s 2022 Internet Crime Report (IC3), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report

Malware Terrorizes Linux, Cyberattack Disrupts Water, Cyber Incidents Surge

					<button title="Play" aria-label="Play Episode" aria-pressed="false" class="play-btn">
						

Play Episode

					</button>
					<button title="Pause" aria-label="Pause Episode" aria-pressed="false" class="pause-btn hide">
						

Pause Episode

					</button>
					


				

				

					<audio preload="none" class="clip clip-16655">
						<source src="https://media.mailhop.org/dmarcreport/images/2024/10/Malware-Terrorizes-Linux-Cyberattack-Disrupts-Water-Cyber-Incidents-Surge.mp3">
					</audio>
					

						

					

					

						

							<button class="player-btn player-btn__volume" title="Mute/Unmute">
								

Mute/Unmute Episode

							</button>
							<button data-skip="-10" class="player-btn player-btn__rwd" title="Rewind 10 seconds">
								

Rewind 10 Seconds

							</button>
							<button data-speed="1" class="player-btn player-btn__speed" title="Playback Speed" aria-label="Playback Speed">1x</button>
							<button data-skip="30" class="player-btn player-btn__fwd" title="Fast Forward 30 seconds">
								

Fast Forward 30 seconds

							</button>
						

						

							<time class="ssp-timer">00:00</time>
							

/

							<!-- We need actual duration here from the server -->
							<time class="ssp-duration" datetime="PT0H2M11S">2:11</time>
						

					

				

			

								<nav class="player-panels-nav">
												<button class="subscribe-btn" id="subscribe-btn-16655" title="Subscribe">Subscribe</button>
																		<button class="share-btn" id="share-btn-16655" title="Share">Share</button>
										</nav>
						

	



		

						

				

					

					

				

				

					

																																																																								

					

						

RSS Feed

							<input value="https://dmarcreport.com/feed/podcast/dmarc-report" class="input-rss input-rss-16655" title="RSS Feed URL" readonly />
						

						<button class="copy-rss copy-rss-16655" title="Copy RSS Feed URL" aria-label="Copy RSS Feed URL"></button>
					

				

			

									

				

					

					

				

				

					

						Share						

					

						<a href="https://www.facebook.com/sharer/sharer.php?u=https://dmarcreport.com/blog/podcast/malware-terrorizes-linux-cyberattack-disrupts-water-cyber-incidents-surge/&t=Malware Terrorizes Linux, Cyberattack Disrupts Water, Cyber Incidents Surge" target="blank" rel="noopener noreferrer" class="share-icon facebook" title="Share on Facebook">
							

						</a>
						<a href="https://twitter.com/intent/tweet?text=https://dmarcreport.com/blog/podcast/malware-terrorizes-linux-cyberattack-disrupts-water-cyber-incidents-surge/&url=Malware Terrorizes Linux, Cyberattack Disrupts Water, Cyber Incidents Surge" target="blank" rel="noopener noreferrer" class="share-icon twitter" title="Share on Twitter">
							

						</a>
						<a href="https://media.mailhop.org/dmarcreport/images/2024/10/Malware-Terrorizes-Linux-Cyberattack-Disrupts-Water-Cyber-Incidents-Surge.mp3" target="blank" rel="noopener noreferrer" class="share-icon download" title="Download" download>
							

						</a>
					

				

				

					

						Link						

					

						<input value="https://dmarcreport.com/blog/podcast/malware-terrorizes-linux-cyberattack-disrupts-water-cyber-incidents-surge/" class="input-link input-link-16655" title="Episode URL" readonly />
					

					<button class="copy-link copy-link-16655" title="Copy Episode URL" aria-label="Copy Episode URL" readonly=""></button>
				

				

					

						Embed						

					

/*! This file is auto-generated */ ’ title=“Embed Code” class=“input-embed input-embed-16655” readonly/>

					<button class="copy-embed copy-embed-16655" title="Copy Embed Code" aria-label="Copy Embed Code"></button>
				

			

				

Another week, another dose of cyber news!

Hello people! We are back again with our weekly cyber news bulletin. This time, we will discuss a massive malware attack on Linux servers. Also, the disruption of the US water supply because of a cyberattack is a matter of concern. Lastly, our focus will be on the sudden spike in cyberattacks across the Middle East region.

The purpose of this weekly bulletin is to educate you about the **latest trends around cybersecurity and spread awareness about highly sophisticated scams and attacks .

Without much ado, let’s get started!

Mysterious malware dropper terrorizes millions of Linux servers across the globe!

Millions of Linux servers worldwide are on the radar of this mysterious malware known as Perfctl. So far, the malware dropper has infected over thousands of Linux users with proxyjacking and cryptomining malware. A recent analysis has exposed Perfctl and its collection of humongous exploit paths that it leverages to attack its targets. News of Linux server attacks is coming from all around the world– Russia, the USA, Indonesia, Germany, Spain, Korea, and China.

There are **forum posts and blogs all over the internet talking about this attack, and they have been published for the last 3 or 4 years. This article focuses on how ‘killing Perfctl seems nearly impossible because the malware seems extremely persistent in nature.

Perfctl keeps an eye on **misconfigurations and vulnerabilities so that it can exploit and acquire initial access. It is literally impossible to keep your Linux server safe from Perfctl at this moment.

Experts believe that the possibility of Linux server misconfiguration by Perfectl is massive.

Linux users must take immediate remedial steps to safeguard their **data and devices from Perfectl attacks. Here are a couple of expert tips you can keep in mind to prevent such malware attacks:

• Implementation of stringent privilege management - Restricting file execution

• Disabling services that are no longer in use

• Deployment of runtime protection

• Network segmentation

USA water supply disrupted after a cyberattack!

USA’s largest publicly traded water utility services, American Water, was required to take their operations offline briefly on Tuesday morning. People were not able to access its **telecommunications system and website for a long time. The reason behind this radio silence is a cyberattack that forced the company to disconnect its online systems.

American Water is a reputed name across the USA as it caters to over **14 million users across 18 military installations and 14 states. There are more than 6500 employees who work at the American Water facilities. On Tuesday morning, the water supply giant realized that there had been an “unauthorized activity within its computer networks and systems.” Immediately, American Water got in touch with the US Securities and Exchange Commission and reported the cyber incident in a Form 8-K filing.

American Water was quick to take remedial steps and took no time to activate the incident-response protocols. It also got in touch with third-party **cybersecurity experts to minimize the impact of the attack. As a result, the public water utility company disconnected and deactivated some of its systems in order to protect its data.

Allegedly, the cyberattack has affected the **customer-facing sites and customer portals of the American Water. An attendant shared that the telecommunications system was also down, and as a result, it was impossible for American Water to get in touch with its media relations team.

There is no clarity on whether or not the **wastewater or water facilities were impacted by the cyberattack.

Steep rise in cyber incidents across the Middle East and Turkey!

The United Arab Emirates, Saudi Arabia and Turkey experienced 10 plus attacks on average in the past year. IT experts and **business professionals believe that 2025 is going to be worse in terms of cyber incidents.

In a survey that covered around 1000 security professionals, only 46% felt **safe and prepared against future cyberattacks. With the rise in volume and frequency of cyberattacks in the Middle East, the cybersecurity landscape is getting more intricate and complicated.

Cyber incidents are becoming the new normal in this region. DDoS attacks have witnessed a hike of 70% in the UAE and Saudi Arabia . 

Businesses and organizations in **Turkey and the Middle East are planning to increase their cybersecurity budget. With this, they aim to simplify and uncomplicate the cybersecurity landscape. Irrespective of all the prep-ups, many feel that they are not prepared enough to combat the attack.

According to experts, industries like finance, IT, and service-based businesses are the primary targets of cyber attackers. Media and telecom, as well as the gaming sector too, are on the rade of threat actors.

At present, the requirement is to fortify the current cybersecurity mechanism**, and train more and more people and prepare them for potential cyberattacks. To enhance email security and prevent phishing attacks in the face of rising cyber threats, organizations must implement SPF, DKIM, and DMARC protocols to ensure the authenticity of their communications.