Week 46, November 14-20, 2022

Week 46, November 14-20, 2022. Cybersecurity Weekly Updates.

This week in the world of cybersecurity:

A new “Earth Longzhi” APT has emerged, specifically targeting Ukraine and Asian countries, using custom Cobalt Strike Loaders to infiltrate systems. On the online platform front, a vast number of WordPress sites, totaling over 15,000, have fallen victim to a malicious SEO campaign, highlighting the dangers even for well-established platforms. The music streaming giant Spotify has had its own brush with vulnerability, as a critical RCE flaw was discovered in its Backstage Software Catalog and Developer Platform, urging users and developers to be cautious. China’s state-backed hackers are making headlines again, this time for a significant breach of a Digital Certificate Authority, a matter of great concern given the trust placed in these entities. Lastly, shedding light on the global magnitude of cyber threats, Hive Ransomware attackers have reportedly extorted an astonishing $100 million from over 1,300 companies globally, a testament to the ever-increasing financial risks of cyber attacks.

That’s a wrap on this week’s edition of the Cyber-Security Update. Remember, the cyber-security landscape is ever-changing, and staying informed is your primary defense. Hopefully, the insights and information shared today will assist in navigating this complex domain and in strengthening defenses against potential threats. Stay vigilant, stay informed, and look forward to more insights into the world of cyber-security in next week’s edition.

To stay in sync with the weekly cyber-security roundups, remember to subscribe to the newsletter and follow on social media platforms. If there are any questions or specific topics you’d like to see covered, don’t hesitate to get in touch.