Malware terrorizes Linux, Cyberattack disrupts water, Cyber incidents surge
Another week, another dose of cyber news!
Hello people! We are back again with our weekly cyber news bulletin. This time, we will discuss a massive malware attack on Linux servers. Also, the disruption of the US water supply because of a cyberattack is a matter of concern. Lastly, our focus will be on the sudden spike in cyberattacks across the Middle East region.
The purpose of this weekly bulletin is to educate you about the latest trends around cybersecurity and spread awareness about highly sophisticated scams and attacks.
Without much ado, let’s get started!
Mysterious malware dropper terrorizes millions of Linux servers across the globe!
Millions of Linux servers worldwide are on the radar of this mysterious malware known as Perfctl. So far, the malware dropper has infected over thousands of Linux users with proxyjacking and cryptomining malware. A recent analysis has exposed Perfctl and its collection of humongous exploit paths that it leverages to attack its targets. News of Linux server attacks is coming from all around the world– Russia, the USA, Indonesia, Germany, Spain, Korea, and China.
There are forum posts and blogs all over the internet talking about this attack, and they have been published for the last 3 or 4 years. This article focuses on how ‘killing Perfctl seems nearly impossible because the malware seems extremely persistent in nature.
Perfctl keeps an eye on misconfigurations and vulnerabilities so that it can exploit and acquire initial access. It is literally impossible to keep your Linux server safe from Perfctl at this moment.
Experts believe that the possibility of Linux server misconfiguration by Perfectl is massive.
Linux users must take immediate remedial steps to safeguard their data and devices from Perfectl attacks. Here are a couple of expert tips you can keep in mind to prevent such malware attacks:
- Implementation of stringent privilege management
- Restricting file execution
- Disabling services that are no longer in use
- Deployment of runtime protection
- Network segmentation
USA water supply disrupted after a cyberattack!
USA’s largest publicly traded water utility services, American Water, was required to take their operations offline briefly on Tuesday morning. People were not able to access its telecommunications system and website for a long time. The reason behind this radio silence is a cyberattack that forced the company to disconnect its online systems.
American Water is a reputed name across the USA as it caters to over 14 million users across 18 military installations and 14 states. There are more than 6500 employees who work at the American Water facilities. On Tuesday morning, the water supply giant realized that there had been an “unauthorized activity within its computer networks and systems.” Immediately, American Water got in touch with the US Securities and Exchange Commission and reported the cyber incident in a Form 8-K filing.
American Water was quick to take remedial steps and took no time to activate the incident-response protocols. It also got in touch with third-party cybersecurity experts to minimize the impact of the attack. As a result, the public water utility company disconnected and deactivated some of its systems in order to protect its data.
Allegedly, the cyberattack has affected the customer-facing sites and customer portals of the American Water. An attendant shared that the telecommunications system was also down, and as a result, it was impossible for American Water to get in touch with its media relations team.
There is no clarity on whether or not the wastewater or water facilities were impacted by the cyberattack.
Steep rise in cyber incidents across the Middle East and Turkey!
The United Arab Emirates, Saudi Arabia and Turkey experienced 10 plus attacks on average in the past year. IT experts and business professionals believe that 2025 is going to be worse in terms of cyber incidents.
In a survey that covered around 1000 security professionals, only 46% felt safe and prepared against future cyberattacks. With the rise in volume and frequency of cyberattacks in the Middle East, the cybersecurity landscape is getting more intricate and complicated.
Cyber incidents are becoming the new normal in this region. DDoS attacks have witnessed a hike of 70% in the UAE and Saudi Arabia.
Businesses and organizations in Turkey and the Middle East are planning to increase their cybersecurity budget. With this, they aim to simplify and uncomplicate the cybersecurity landscape. Irrespective of all the prep-ups, many feel that they are not prepared enough to combat the attack.
According to experts, industries like finance, IT, and service-based businesses are the primary targets of cyber attackers. Media and telecom, as well as the gaming sector too, are on the rade of threat actors.
At present, the requirement is to fortify the current cybersecurity mechanism, and train more and more people and prepare them for potential cyberattacks. To enhance email security and prevent phishing attacks in the face of rising cyber threats, organizations must implement SPF, DKIM, and DMARC protocols to ensure the authenticity of their communications.
