Microsoft researchers warn of an ongoing malware campaign (by DEV-0569) leveraging Google Ads to widely distribute various post-compromise payloads, including Royal ransomware.

Details: https://thehackernews.com/2022/11/microsoft-warns-of-hackers-using-google.html

Chinese Mustang Panda hackers have been linked to a spate of spear-phishing attacks targeting governments, educational institutions, and research facilities around the world.

Details: https://thehackernews.com/2022/11/chinese-mustang-panda-hackers-actively.html

Indian government has released a draft of the much-awaited "Digital Personal #DataProtectionBill 2022," marking the fourth such effort since July 2018.

Details: https://thehackernews.com/2022/11/indian-government-publishes-draft-of.html

Google researchers have identified 34 different cracked versions of the Cobalt Strike hacking toolkit in the wild that are being abused by hackers for malicious purposes.

Read: https://thehackernews.com/2022/11/google-identifies-34-cracked-versions.html

Google has won a lawsuit against two Russian nationals in connection with blockchain-based Glupteba botnet operations.

Read: https://thehackernews.com/2022/11/google-wins-lawsuit-against-russians.html

Daixin team ransomware claims to have compromised AirAsia airline and stolen personal data of 5 million passengers and all employees.

Read: https://thehackernews.com/2022/11/daixin-ransomware-gang-steals-5-million.html

Notorious Emotet malware has returned with renewed vigor as part of a large-volume malspam campaign, dropping payloads like IcedID and Bumblebee.

Details: https://thehackernews.com/2022/11/notorious-emotet-malware-returns-with.html

The U.S. Department of Justice has seized seven domain names linked to a "pig butchering" #cryptocurrency scam in which the fraudsters took more than $10 million from five victims.

Read: https://thehackernews.com/2022/11/us-authorities-seize-domains-used-in.html

Luna Moth gang has invested "significantly" in call centers to target businesses with callback phishing campaigns and extorted hundreds of thousands of dollars from multiple victims in the legal and retail sectors.

Read: https://thehackernews.com/2022/11/luna-moth-gang-invests-in-call-centers.html

Researchers have warned of an emerging Go-based malware called "Aurora Stealer" that is increasingly being used in campaigns to steal sensitive information from compromised hosts.

Read: https://thehackernews.com/2022/11/researchers-warn-of-cyber-criminals.html

Researchers warn against the Windows malware ViperSoftX, which infects users' Chromium-based web browsers with malicious extensions to steal login credentials, clipboard data, and cryptocurrencies.

Read: https://thehackernews.com/2022/11/this-malware-installs-malicious-browser.html

Nighthawk, a nascent and legitimate penetration testing framework with Cobalt Strike-like capabilities, is likely to become the hackers' next favorite post-exploitation tool.

Read: https://thehackernews.com/2022/11/nighthawk-likely-to-become-hackers-new.html

Microsoft warns of hackers exploiting now-discontinued Boa web server software used in IoT and OT environments to attack critical industries.

Read: https://thehackernews.com/2022/11/hackers-exploiting-abandoned-boa-web.html

Dozens of Russian hacker groups have infected over 890,000 devices with info-stealing #malware and stolen over 50 million passwords for Amazon, PayPal, crypto wallets and gaming accounts.

Read: https://thehackernews.com/2022/11/34-russian-hacker-groups-stole-over-50.html

Vietnam-based cybercrime operation DUCKTAIL has returned with new capabilities to run fraudulent ads via compromised business accounts.

Read: https://thehackernews.com/2022/11/ducktail-malware-operation-evolves-with.html

Black Basta ransomware gang is actively infiltrating U.S. companies with the Qakbot malware to create an initial entry point and move laterally into a company's network.

Read: https://thehackernews.com/2022/11/black-basta-ransomware-gang-actively.html

SharkBot Android banking fraud malware has resurfaced on the official Google Play Store and pretends to be a file manager in order to bypass the app marketplace restrictions.

Read: https://thehackernews.com/2022/11/this-android-file-manager-app-infected.html

Bahamut cyberespionage hacker group targeting Android users with fake VPN apps designed to extract sensitive information.

Read: https://thehackernews.com/2022/11/bahamut-cyber-espionage-hackers.html

A set of 5 vulnerabilities in Arm's Mali GPU driver has remained unpatched on millions of Android devices for months, despite the chip maker releasing fixes.

Read: https://thehackernews.com/2022/11/million-of-android-devices-still-dont.html

Researchers have discovered a new variant of RansomExx ransomware rewritten in the Rust #programming language.

Read: https://thehackernews.com/2022/11/new-ransomexx-ransomware-variant.html

INTERPOL arrested 975 suspected cybercriminals and seized $130 million in a global crackdown on voice phishing, romance fraud, sextortion, investment fraud, business email compromise, and money laundering.

Read: https://thehackernews.com/2022/11/interpol-seized-130-million-from.html