This week, tech giants had multiple issues with zero-day vulnerabilities. Chrome and QNAP zero-day vulnerabilities were under heavy attack until they were patched. CISA added these vulnerabilities and some others to its catalog, urging federal agencies to apply the patches as soon as possible. Also, the WordPress team stated that there won’t be any more updates for versions older than WordPress 4.0. The team stated that backporting updates is a time-consuming process and less than 1% of users are currently using WordPress versions 3.7 through 4.0. And finally, Microsoft decided to stop accepting check payments. The check payment option will be removed from commerce invoices, starting on the 1st of October.
No more security updates for WordPress version 3.7 – 4.0
The WordPress security team announced that releasing security updates for WordPress versions 3.7 through 4.0 will be ceased. WordPress 3.7, released 9 years ago, introduced automatic background updates for security and minor releases. The team backports security fixes for the websites using older versions with the expectation the sites will be automatically updated. The team stated that backporting a security update to older versions is a time-consuming process and this effect compounds with each major release. The percentage of websites using versions between 3.7 and 4.0 is less than 1% of total installs now.
A new malware, Shikitega, targeting Linux
A new stealth Linux malware, named Shikitega, is targeting endpoints and IoT devices that run Linux operating systems. The new malware, Shikitega is delivered in a multistage infection chain where each module responds to a part of the payload and downloads and executes the next one. The malware enables attackers to gain full control of a system and execute cryptocurrency miners. The infection starts with a 370 bytes ELF file that contains the encoded shellcode. The malware uses a polymorphic XOR additive feedback encoder named Shikata Ga Nai. The commands sent by the C&C won’t be stored in the hard drive, instead will be executed from memory only.
Microsoft no longer accepts check payments
Microsoft announced that it will not be accepting checks in North America, effective October 1, 2022. The change only affects the United States (including Puerto Rico) and Canada. The check payment option will be removed from new commerce invoices and the instructions to pay by check will not be included on invoices from October 1st. The customers are required to update their accounts payable or procurement system to pay Microsoft through wire transfer or automated clearing house. The reason behind the decision is believed to be that checks require manual processing and it is a slower process than the alternatives.
200,000 The North Face customers’ information stolen
The North Face suffered a credential stuffing attack and approximately 200,000 accounts are hacked on the company’s official website. Users who are using the same username/email and password combination in multiple services are at extra risk. The attack started on the 26th of July, however, the admins could detect the unusual activity almost two weeks later, on August 11. Finally, the company managed to stop the attack on August 19. The attackers breached 195,095 accounts and stole customer information like full name, purchase history, billing and shipping address, telephone number, account creation date, gender, and XPLR Pass reward record. The company also confirmed that users’ credit card data are not at risk. The company’s parent firm, VF Corporation stated that they do not keep a copy of payment card details.
WP Super Cache joining Jetpack
The popular plugin, WP Super Cache has more than 2 million users for free over the last 15 years and will be a part of the Jetpack Family. The plugin was created in 2007 by Automattic and now the developer, Donncha Ó Caoimh is handing it to a new team. It is not an acquisition, the plugin is moving sideways in the company from one developer to a team. After the change, the company will be able to improve the solution faster than Ó Caoimh, since he is working on other projects and doesn’t have enough time to work on it. Jetpack announced that WP Super Cache will continue to speed up websites for free.
CISA adds 12 new vulnerabilities to catalog
CISA has added twelve new vulnerabilities to its Known Exploited Vulnerabilities Catalog, urging agencies to update their systems. One of the new vulnerabilities added to the list is Google Chrome‘s zero-day vulnerability, which was patched on September 2 with an emergency security update. Another vulnerability was found in QNAP NAS devices. The vulnerability was found in the Photo Station solution and tracked as CVE-2022-27593. Threat actors are targeting this vulnerability with widespread DeadBolt ransomware attacks. Binding Operational Directive 22-01 requires FCEB agencies to remediate identified vulnerabilities until September 29.
Google’s Equiano connects Western Europe to South Africa
Google has launched the 15,000 km subsea cable that connects Portugal to South Africa which is Africa’s highest capacity cable. The project was initially announced in 2019 and is fully funded by Google. Equiano features 12 fiber pairs with a capacity of 150 Tbps. The cable has nine branching points and lands in Melkbosstrand, north of Cape Town in early August. Equiano will create 1.8 million jobs by 2025 and will enable dropping data prices between 16-21% in the region. Telkom’s Openserve is teaming up with the internet giant as a landing partner in South Africa and will offer terrestrial services.