PlugX C2 server sinkholed – Kaiser Permanente data breach disclosed

April 27, 2024
1 min read




Article Summary

TLDR:

  • PlugX C2 server sinkholed.
  • Kaiser Permanente discloses data breach.

At a glance, researchers at Sekoia have sinkholed a command-and-control server used by the China-linked PlugX USB worm. The worm has infected systems in more than 170 countries, primarily those involved in China’s Belt and Road Initiative. Additionally, Kaiser Permanente has disclosed a data breach that may have affected 13.4 million Americans, involving personal information transmitted to third-party vendors. Furthermore, over 1,400 instances of the CrushFTP software are vulnerable to critical flaws. It is important for organizations to take steps to fortify their defenses and address vulnerabilities.


Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and