🔥 Russian authorities have arrested members of the REvil ransomware gang responsible for several high-profile cyberattacks — and seized 426 million rubles in cash, $600,000 + €500,000 in cryptocurrency, computers and 20 luxury cars.

Details: https://thehackernews.com/2022/01/russia-arrests-revil-ransomware-gang.html

A new destructive malware—disguised as ransomware—is now targeting Ukrainian government, non-profit organizations and information technology companies amid brewing geopolitical tensions between the country and Russia.

Details: https://thehackernews.com/2022/01/a-new-destructive-malware-targeting.html

A new unpatched flaw in Apple Safari 15's implementation of the IndexedDB API could be exploited by online trackers to fingerprint users and track their online activities across websites.

Details: https://thehackernews.com/2022/01/new-unpatched-apple-safari-browser-bug.html

UniCC, the largest dark web marketplace for stolen credit and debit cards, is shutting down after earning $358 million in sales.

Read: https://thehackernews.com/2022/01/dark-webs-largest-marketplace-for.html

Zoho releases patch for a new authentication bypass vulnerability (CVE-2021-44757) in ManageEngine Desktop Central and Desktop Central MSP that a remote adversary could exploit to perform unauthorized actions in affected servers.

Read: https://thehackernews.com/2022/01/zoho-releases-patch-for-critical-flaw.html

Google Chrome is limiting websites from directly accessing endpoints on private networks as part of upcoming major security updates to prevent browser-based intrusions.

Details: https://thehackernews.com/2022/01/chrome-limits-websites-access-to.html

Hacker group 'Earth Lusca' has been observed attacking high-value targets in government and the private sector worldwide as part of an espionage campaign and an attempt to gain financial gain.

Read: https://thehackernews.com/2022/01/earth-lusca-hackers-aimed-at-high-value.html

Europol shuts down VPNLab, a secure VPN service that was used by a number of cybercriminals to distribute ransomware and facilitate other online crimes.

Details: https://thehackernews.com/2022/01/europol-shuts-down-vpnlab.html

Cybersecurity researchers have disclosed details of a bug in Box's multi-factor authentication (MFA) mechanism that could be abused to completely sidestep SMS-based login verification.

Read: https://thehackernews.com/2022/01/researchers-bypass-sms-based-multi.html

A malware distribution campaign is spreading DDoS IRC bot disguised as adult games through Korean #WebHard platforms.

Read details: https://thehackernews.com/2022/01/ddos-irc-bot-malware-spreading-through.html

Ukraine says recent coordinated cyberattacks on select government systems are part of a larger wave of malicious activity aimed at sabotaging the country's critical infrastructure.

Read: https://thehackernews.com/2022/01/ukraine-recent-cyber-attacks-part-of.html

Financially motivated hacking group FIN8 has resurfaced with a never-before-seen ransomware called "White Rabbit," which has been used in recent attacks.

Read details: https://thehackernews.com/2022/01/fin8-hackers-spotted-using-new-white.html

Russian hackers are heavily leveraging malicious Traffic Direction System (TSD) to spread several malware families, including Campo Loader, Hancitor, IcedID, QBot, Buer Loader, and SocGholish.

Read details: https://thehackernews.com/2022/01/russian-hackers-heavily-using-malicious.html

Microsoft has detected hackers exploiting a new zero-day vulnerability (CVE-2021-35247) in SolarWinds Serv-U software related to Log4j attacks.

Read: https://thehackernews.com/2022/01/microsoft-hackers-exploiting-new.html

Serv-U version 15.3 has been released to patch the issue.

Researchers warn of a new #malware specializes in gaining access to cryptocurrency wallets (Exodus, Ethereum, Bitcoin, Litecoin wallets) by exfiltrating content, passwords stored in the browser, and passphrases captured from the clipboard.

https://thehackernews.com/2022/01/new-bhunt-password-stealer-malware.html

Researchers reveal details about recent cyberattacks carried out by the Donot Hacking Team against government and military entities in South Asia.

https://thehackernews.com/2022/01/donot-hacking-team-targeting-government.html

An INTERPOL-led operation has led to the arrest of 11 members of a Nigerian cybercrime gang linked to Business Email Compromise (BEC) attacks targeting more than 50,000 victims in recent years.

Read: https://thehackernews.com/2022/01/interpol-busted-11-members-of-nigerian.html

Cisco has released a security patch for a critical vulnerability (CVE-2022-20649) affecting RCM for Cisco StarOS that could be weaponized by an unauthenticated remote attacker to execute arbitrary code & take over vulnerable machines.

Details: https://thehackernews.com/2022/01/cisco-issues-patch-for-critical-rce.html

U.S. has imposed sanctions on 4 current and former Ukrainian government officials for their involvement in a Russian-directed campaign to destabilize Ukraine.

Read details: https://thehackernews.com/2022/01/us-sanctions-4-ukrainians-for-working.html

Chinese APT41 hackers spotted using a previously undocumented "MoonBounce" firmware implant to maintain stealthy persistence during targeted cyber espionage campaigns.

Read details: https://thehackernews.com/2022/01/chinese-hackers-spotted-using-new-uefi.html

Researchers disclose two critical vulnerabilities in Control Web Panel—previously known as CentOS Web—that could be exploited as part of an exploit chain to achieve pre-authenticated RCE on affected Linux servers.

https://thehackernews.com/2022/01/critical-bugs-in-control-web-panel.html