TLDR:
- PlugX C2 server sinkholed.
- Kaiser Permanente discloses data breach.
At a glance, researchers at Sekoia have sinkholed a command-and-control server used by the China-linked PlugX USB worm. The worm has infected systems in more than 170 countries, primarily those involved in China’s Belt and Road Initiative. Additionally, Kaiser Permanente has disclosed a data breach that may have affected 13.4 million Americans, involving personal information transmitted to third-party vendors. Furthermore, over 1,400 instances of the CrushFTP software are vulnerable to critical flaws. It is important for organizations to take steps to fortify their defenses and address vulnerabilities.