Researchers provide a detailed technical analysis of the PYSA ransomware group primarily striking government, healthcare, and education sectors.

Read details: https://thehackernews.com/2022/04/researchers-share-in-depth-analysis-of.html

Github's security team has notified users/organizations whose private data was downloaded with stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI.

Details: https://thehackernews.com/2022/04/github-notifies-victims-whose-private.html

U.S. government has issued a new warning about North Korean state-sponsored hackers targeting blockchain companies, including cryptocurrency exchanges, DeFi protocols, trading firms, venture capital funds, and individuals holding NFTs.

Read: https://thehackernews.com/2022/04/fbi-us-treasury-and-cisa-warns-of-north.html

A previously unknown zero-click exploit for Apple's iMessage was used to install spyware from NSO Group and Candiru on 65 people as part of a "multi-year clandestine operation."

Read details: https://thehackernews.com/2022/04/experts-uncover-spyware-attacks-against.html

Researchers discover multiple UEFI firmware vulnerabilities in various Lenovo laptop models that allow malicious actors to install and execute firmware implants on the affected devices.

Read details: https://thehackernews.com/2022/04/new-lenovo-uefi-firmware.html

CISA has issued a new warning that hackers are exploiting a recently reported vulnerability in the Windows Print Spooler, as well as two other vulnerabilities in Zimbra and WhatsApp that are being exploited.

Read: https://thehackernews.com/2022/04/hackers-exploiting-recently-reported.html

Okta said it concluded its investigation into the breach of a third-party vendor by the LAPSUS$ extortionist gang in late January 2022 and determined only two customers were affected.

Read details: https://thehackernews.com/2022/04/okta-says-security-breach-by-lapsus.html

Researchers disclose details about a now-patched vulnerability in the Snort Intrusion Detection and Prevention System that could allow attackers to render it powerless against malicious traffic.

Read details: https://thehackernews.com/2022/04/researchers-detail-bug-that-could.html

Google Project Zero called 2021 a "record year for in-the-wild 0-days," as 58 security vulnerabilities were detected and disclosed during the course of the year.

Details: https://thehackernews.com/2022/04/google-project-zero-detects-record.html

Five Eyes nations have released a joint cybersecurity advisory warning of an increase in malicious attacks by Russian state-sponsored actors and criminal groups on critical infrastructure amid the ongoing military siege of #Ukraine.

Read: https://thehackernews.com/2022/04/five-eyes-nations-warn-of-russian-cyber.html

Researchers have published a new incident report revealing how hackers exploited "ProxyShell" vulnerabilities in Microsoft Exchange to encrypt companies' networks with Hive ransomware.

Read details: https://thehackernews.com/2022/04/new-incident-report-reveals-how-hive.html

Researchers have found three vulnerabilities in the audio decoders of Qualcomm and MediaTek Android mobile chips that, if exploited, could allow hackers to remotely access media and audio conversations on affected devices.

Read: https://thehackernews.com/2022/04/critical-chipset-bug-opens-millions-of.html

A new unpatched vulnerability has been disclosed in the RainLoop webmail client that could allow hackers to remotely access the victim's inbox by sending a specially crafted email.

Read details: https://thehackernews.com/2022/04/unpatched-bug-in-rainloop-webmail-could.html

Cisco has released security updates to address three high-severity vulnerabilities in its TelePresence, RoomOS and Umbrella VA products that could be exploited to conduct DoS attacks and take control of affected systems.

Read: https://thehackernews.com/2022/04/cisco-releases-security-patches-for.html

QNAP has issued a notice recommending users update firmware for network-attached storage (NAS) appliances to fix two vulnerabilities affecting the Apache HTTP component.

Read: https://thehackernews.com/2022/04/qnap-advises-users-to-update-nas.html

Cybersecurity researchers warn of LemonDuck cryptocurrency mining botnet targeting Docker and TeamTNT hacker group attacking #Kubernetes and public cloud providers to mine cryptocurrencies.

Read details: https://thehackernews.com/2022/04/watch-out-cryptocurrency-miners.html

A critical authentication bypass vulnerability (CVE-2022-0540 and CVSS 9.9) has been discovered in Seraph affecting #Atlassian Jira and Jira Service Management.

Read details: https://thehackernews.com/2022/04/atlassian-drops-patches-for-critical.html

T-Mobile admits that the Lapsus$ hackers gained access to the company's internal tools and source code in March prior to the arrest of its seven members.

Read details: https://thehackernews.com/2022/04/t-mobile-admits-lapsus-hackers-gained.html

FBI warns against the BlackCat ransomware-as-a-service (RaaS), which has victimized at least 60 companies worldwide since it emerged last November ( as of March 2022).

Details: https://thehackernews.com/2022/04/fbi-warns-of-blackcat-ransomware-that.html

A new variant of an IoT botnet called BotenaGo has emerged in the wild, specifically targeting Lilin security camera DVR devices to infect them with Mirai malware.

https://thehackernews.com/2022/04/new-botenago-malware-variant-targeting.html

A new vulnerability has been disclosed in the web version of the Ever Surf wallet for Everscale blockchain that could allow a hacker to gain complete control over a victim's cryptocurrency wallet.

https://thehackernews.com/2022/04/critical-bug-in-everscale-wallet.html