Cyber Security Today, March 31, 2023 – World Backup Day advice, new malware targeting Linux and more

/in


World Backup Day advice, new malware targeting Linux and more

Welcome to Cyber Security Today. It’s Friday, March 31st, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Today is World Backup Day. I have a long story on ITWorldCanada.com which is tailored for IT department leaders in mid-to-large firms, so on this podcast I want to address IT leaders in small businesses. The good news is backup and recovery should be easier because your environment will be simpler compared to a multi-million dollar retailer. Still, some of the same rules apply: First, decide what data needs to be backed up, giving priority to sensitive information and how often it needs to be backed up. Second, make sure data is backed up off-site as well as on-site. And for extra protection, it should be encrypted. Third, make sure the off-site backup can’t be compromised by a hacker. One of the biggest failures of IT is to protect off-site backup from being encrypted, ruining any chance of data restoration. Fourth, document your backup procedures so when staff leave the knowledge doesn’t go with them. And last, have IT staff regularly practice restoring a backup. You’ll need that experience in a crisis.

Attention Linux administrators: New malware targeting Linux servers has been discovered. Researchers at the French firm Exatrack call it Melofee, and believe it was created by a group based in China. It drops a rootkit and a server implant. The implant can update itself, create a new socket for interaction, search for system information, read and write files and more. The implant hasn’t been widely seen, suggesting the attacker uses it only to go after high value targets.

University researchers say there’s a fundamental flaw in the Wi-Fi protocol that could affect devices running Linux, FreeBSD, Android and iOS. In a summary of the report, the Hacker News notes that the flaw could be used to hijack TCP connections or intercept client and web traffic. The power-save mechanisms in endpoint devices could trick access points into leaking data frames in plaintext.

Cisco Systems said attacks could be successful against its Wireless…

Source…