The Hacker News Daily Updates

Over 15K Wordpress sites compromised in malicious SEO campaign.

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 14 November 2022, 1938 UTC.  Content provided by email subscription to "The Hacker News Daily Updates."

Source:  https://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox/FMfcgzGqRZfCTCRmzSHDKxFWxDsGTQbd

Please click link or scroll down to read your selections.  Thanks for joining us today.

The Hacker News Daily Updates

Securing the Modern Enterprise: Protecting the New Edge Available On-Demand | Sponsored by Fortinet Download Now Sponsored

LATEST NEWS Nov 14, 2022

New "Earth Longzhi" APT Targets Ukraine and Asian Countries with Custom Cobalt Strike Loaders Entities located in East and Southeast Asia as well as Ukraine have been targeted at least since 2020 by a previously undocumented subgroup of APT41, a prolific Chinese advanced persistent threat (APT). Cybersecurity firm Trend Micro, which christened the espionage crew Earth Longzhi, said the ... Read More

Over 15,000 WordPress Sites Compromised in Malicious SEO Campaign A new malicious campaign has compromised over 15,000 WordPress websites in an attempt to redirect visitors to bogus Q&A portals. "These malicious redirects appear to be designed to increase the authority of the attacker's sites for search engines," Sucuri researcher Ben Martin said in a report ... Read More

What is an External Penetration Test? A penetration test (also known as a pentest) is a security assessment that simulates the activities of real-world attackers to identify security holes in your IT systems or applications.  The aim of the test is to understand what vulnerabilities you have, how they could be exploited, and what the ... Read More

New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks A newly discovered evasive malware leverages the Secure Shell (SSH) cryptographic protocol to gain entry into targeted systems with the goal of mining cryptocurrency and carrying out distributed denial-of-service (DDoS) attacks. Dubbed KmsdBot by the Akamai Security Intelligence Response Team ... Read More

Worok Hackers Abuse Dropbox API to Exfiltrate Data via Backdoor Hidden in Images A recently discovered cyber espionage group dubbed Worok has been found hiding malware in seemingly innocuous image files, corroborating a crucial link in the threat actor's infection chain. Czech cybersecurity firm Avast said the purpose of the PNG files is to conceal a payload that's used to ... Read More

Experts Uncover Two Long-Running Android Spyware Campaigns Targeting Uyghurs Two long-running surveillance campaigns have been found targeting the Uyghur community in China and elsewhere with Android spyware tools designed to harvest sensitive information and track their whereabouts. This encompasses a previously undocumented malware strain called BadBazaar and updated ... Read More

Malicious Google Play Store App Spotted Distributing Xenomorph Banking Trojan Google has removed two new malicious dropper apps that have been detected on the Play Store for Android, one of which posed as a lifestyle app and was caught distributing the Xenomorph banking malware. "Xenomorph is a trojan that steals credentials from banking applications on users' devices," ... Read More

VPN vs. DNS Security When you are trying to get another layer of cyber protection that would not require a lot of resources, you are most likely choosing between a VPN service & a DNS Security solution. Let's discuss both.  VPN Explained VPN stands for Virtual Private Networks and basically hides your IP and provides ... Read More

Securing the Modern Enterprise: Protecting the New Edge Available On-Demand | Sponsored by Fortinet Download Now Sponsored