FBI warns against the BlackCat ransomware-as-a-service (RaaS), which has victimized at least 60 companies worldwide since it emerged last November ( as of March 2022).

Details: https://thehackernews.com/2022/04/fbi-warns-of-blackcat-ransomware-that.html

A new variant of an IoT botnet called BotenaGo has emerged in the wild, specifically targeting Lilin security camera DVR devices to infect them with Mirai malware.

https://thehackernews.com/2022/04/new-botenago-malware-variant-targeting.html

A new vulnerability has been disclosed in the web version of the Ever Surf wallet for Everscale blockchain that could allow a hacker to gain complete control over a victim's cryptocurrency wallet.

https://thehackernews.com/2022/04/critical-bug-in-everscale-wallet.html

Iran-linked Rocket Kitten hackers have been exploiting the recently disclosed RCE vulnerability in VMware Workspace ONE Access and Identity Manager to access unpatched systems and deploy CORE IMPACT backdoor.

https://thehackernews.com/2022/04/iranian-hackers-exploiting-vmware-rce.html

Researchers have uncovered a recent hacking campaign by a North Korean-backed hacking group that targeted journalists. The group attempted to install backdoors in the Windows systems of journalists covering the country.

Read: https://thehackernews.com/2022/04/north-korean-hackers-target-journalists.html

Emotet botnet, which relied largely on malicious Word documents with embedded macros to infect victims' systems, is now testing new methods to spread malware after Microsoft disabled VBA macros by default.

Details: https://thehackernews.com/2022/04/emotet-testing-new-delivery-ideas-after.html

Microsoft discovers a set of two new root privilege escalation vulnerabilities affecting Linux systems — tracked as CVE-2022-29799 & CVE-2022-29800; and collectively called "Nimbuspwn," that can be exploited to perform malicious actions.

Read: https://thehackernews.com/2022/04/microsoft-discovers-new-privilege.html

A "logical flaw" has been disclosed in the NPM package manager that allowed attackers to pass off malicious libraries as legitimate by adding notable developers as contributors without their knowledge, tricking unsuspecting devs into installing them.

https://thehackernews.com/2022/04/npm-bug-allowed-attackers-to-distribute.html

Google introduces a new "Data Safety" section for Android apps in the Play Store to highlight the type of data that is collected and shared with third-parties.

Read details: https://thehackernews.com/2022/04/googles-new-safety-section-shows-what.html

WATCH OUT!!!

QNAP advises NAS device users to immediately mitigate new remote hacking flaws until patches are available.

Read details: https://thehackernews.com/2022/04/qnap-advises-to-mitigate-remote-hacking.html

CloudFlare thwarts yet another record HTTP distributed denial-of-service (DDoS) attack, peaking at 15.3 million requests per second.

Read details: https://thehackernews.com/2022/04/cloudflare-thwarts-record-ddos-attack.html

U.S. cybersecurity agency CISA has published a list of top 15 software vulnerabilities that were routinely exploited in 2021.

Read Details: https://thehackernews.com/2022/04/us-cybersecurity-agency-lists-2021s-top.html

A new malware campaign leveraging an exploit kit has been observed infecting victims' computers with the RedLine stealer trojan.

Read details: https://thehackernews.com/2022/04/new-rig-exploit-kit-campaign-infecting.html

Cybercriminals behind the BazaLoader and IcedID malware attacks now use a new multifunctional loader called Bumblebee that drops Cobalt Strike, shellcode, Sliver, and the Meterpreter backdoor on target computers.

Read: https://thehackernews.com/2022/04/cybercriminals-using-new-malware-loader.html

Twitter's new owner, Elon Musk wants to make the platform's direct messages (DM) end-to-end encrypted, like Signal Messenger, "so no one can spy on or hack your messages."

Read: https://thehackernews.com/2022/04/twitters-new-owner-elon-musk-wants-dms.html

Researchers detail three hacking teams working under the umbrella of the cyberespionage group TA410, named FlowingFrog, LookingFrog and JollyFrog, each with its own toolset and is known to target a variety of critical infrastructures.

Read: https://thehackernews.com/2022/04/experts-detail-3-hacking-teams-working.html

Indian government has issued new guidelines that make it mandatory for service providers, intermediaries, data centers, and government agencies to report cybersecurity incidents to CERT-In within 6 hours.

Read: https://thehackernews.com/2022/04/indian-govt-orders-organisations-to.html

A pair of security issues have been reported in the Microsoft Azure database for PostgreSQL Flexible Server that could have allowed unauthorized cross-account access to databases.

Read: https://thehackernews.com/2022/04/microsoft-azure-vulnerability-exposes.html

Russia has launched over 200 "destructive and relentless" cyberattacks on Ukraine since the war started, Microsoft says.

Read: https://t.co/1EyIw7acPJ

OpenSSF project has released a tool that scans popular open-source repositories for malicious packages. Named "Package Analysis," the tool identified more than 200 malicious packages in just one month of analysis.

Details: https://thehackernews.com/2022/05/heres-new-tool-that-scans-for-malicious.html

Google has officially released the first developer preview for the Privacy Sandbox on Android 13, offering an "early look" at the SDK Runtime and Topics API to improve users' privacy online.

Read: https://thehackernews.com/2022/05/google-releases-first-developer-preview.html