“More details on the major hack”
In an update posted to its security breach website, Equifax announced that hackers used an Apache Struts security bug to breach its servers and later steal data on over 143 million customers, from both the US and the UK. At the time it was discovered, in March 2017, the Apache Struts CVE-2017-5638 vulnerability was a zero-day — a term used to describe security bugs exploited by attackers but which vendors are not aware of or have a patch released. Equifax did not reveal the exact date when the security breach occurred, but only when it became aware of it — July 29, 2017. It is unclear if Equifax was breached before the Struts zero-day became public, or months after Apache made a patch available.
“Malicious kernel extensions allow security evasion”
A new security feature added in macOS High Sierra (10.13) named “Secure Kernel Extension Loading” can be bypassed to allow the loading of malicious kernel extensions. Just like Linux and Windows, macOS allows applications to load third-party kernel extensions whenever they need to perform actions that require access to lower levels of the operating system.
“Malware updated in plugin”
Wordfence reports that around 200,000 WordPress websites were impacted after a plugin they were using was updated to include malicious code. Dubbed Display Widgets, the plugin was sold by its original author to a third-party developer on May 19, 2017, for $15,000. Roughly one month after that, the plugin was updated by its new owner and started displaying malicious behavior.
— Wordfence (@wordfence) September 12, 2017
Surprising almost no one, another batch of Android malware has found its way onto Google Play. Researchers from Check Point have claimed to have found the second-biggest outbreak to ever hit Google’s platform, with as many as 21.1 million infections from one malware family.
Enjoy your read? Check out our other content here.