Researchers discover additional infrastructure used by the SolarWinds hackers, suggesting they carefully planned to avoid creating patterns that would make them easy to detect, intentionally complicating forensic analysis.

Read: https://t.co/iKORVVGUgG

During an incident response engagement, CISA discovers that a separate group of hackers used the SUPERNOVA malware to backdoor SolarWinds Orion after gaining access to the network through Pulse Secure VPN.

Read: https://thehackernews.com/2021/04/hackers-exploit-vpn-flaw-to-deploy.html

Watch Out! Prometei cryptocurrency botnet is now hunting for unpatched Microsoft Exchange servers and exploiting ProxyLogon flaws to infiltrate networks and install malware.

Read: https://thehackernews.com/2021/04/prometei-botnet-exploiting-unpatched.html

Cybercriminals exploited 3 new security vulnerabilities affecting QNAP network attached storage (NAS) devices in recent ransomware attacks.

Read details: https://thehackernews.com/2021/04/new-qnap-nas-flaws-exploited-in-recent.html
QNAP is also urging users to install the latest software updates to prevent these attacks.

In a recent supply chain cyberattack, Passwordstate password manager's software update was hijacked to install backdoors on the computers of thousands of users.

Read: https://thehackernews.com/2021/04/passwordstate-password-manager-update.html
All Passwordstate users should reset their saved passwords immediately.

A critical vulnerability in Homebrew Package Manager for macOS and Linux could have allowed hackers to execute arbitrary code on users' machines remotely.

https://thehackernews.com/2021/04/critical-rce-bug-found-in-homebrew.html

Researchers analyzed one of the largest password dumps, containing over 3.2 BILLION usernames and plain-text passwords, and discovered 1.5 MILLION records associated with emails linked to government domains around the world.

Read: https://thehackernews.com/2021/04/32-billion-leaked-passwords-contain-15.html

Today the Emotet malware destroys itself!

As planned by law enforcement agencies, all infected computers around the globe receive a payload that automatically removes the virus from victims' Windows systems.
Details: https://thehackernews.com/2021/04/emotet-malware-destroys-itself-today.html

An unpatched vulnerability in Apple's offline file-sharing technology in iPhone and Macbook could allow anyone nearby to discover your personal information.

Read details: https://thehackernews.com/2021/04/apple-airdrop-bug-could-leak-your.html

Researchers from University of Minnesota apologized to #Linux Kernel Project maintainers for intentionally introducing insecure code, which led to the school being banned from further contributing to the open-source project.

Read: https://thehackernews.com/2021/04/minnesota-university-apologizes-for.html

FBI and U.S. CISA have released a new joint advisory to expose the tactics, techniques, and procedures (TTPs) used by Russian Intelligence hackers in cyberattacks against U.S. and foreign entities.

Read details: https://thehackernews.com/2021/04/fbi-cisa-uncover-tactics-employed-by.html

🔥 Watch Out! Hackers are exploiting a zero-day vulnerability flaw in Gatekeeper that permits unapproved software to run on Apple macbooks.

Read detail: https://thehackernews.com/2021/04/hackers-exploit-0-day-gatekeeper-flaw.html
Users are advised to install the latest updates to patch the issue.

Babuk ransomware gang compromises D.C. Police Department, Steals nearly 250 GB of data and is now threatening to expose police informants to criminal gangs if a ransom isn't paid.

https://thehackernews.com/2021/04/hackers-threaten-to-leak-dc-police.html

Attention, Android users! A banking malware capable of stealing sensitive information is spreading rapidly across Europe, with the U.S. likely to be the next target.

https://thehackernews.com/2021/04/attention-flubot-android-banking.html

F5's BIG -IP devices have been found vulnerable to the Kerberos KDC spoofing vulnerability that could allow attackers to bypass security policies and gain unfettered access to sensitive workloads.

Details: https://thehackernews.com/2021/04/f5-big-ip-found-vulnerable-to-kerberos.html
F5 is expected to roll out patches today.

Watch Out — Cybercriminals are heavily utilizing the Excel 4.0 macro documents to distribute malware.

Read details: https://thehackernews.com/2021/04/cybercriminals-widely-abusing-excel-40.html

Researchers have identified a stealthy Linux malware that had gone undetected for 3 years, allowing hackers to harvest and steal sensitive information from infected systems.

https://thehackernews.com/2021/04/researchers-uncover-stealthy-linux.html

Researchers have uncovered a new cyber espionage campaign by Naikon APT Chinese hackers targeting military organizations in Southeast Asia using two new backdoors—called "Nebulae" and "RainyDay"—to steal data.

Read details: https://thehackernews.com/2021/04/chinese-hackers-attacking-military.html

Researchers uncover new cyberattack activities, collectively named "EmissarySoldier," attributed to LuckyMouse, the APT hacking group that’s well-known for its watering hole attacks against government entities.

Read details: https://thehackernews.com/2021/04/luckymouse-hackers-target-banks.html

WATCH OUT!!!

A newly disclosed critical command injection vulnerability (CVE-2021-29472) in PHP composer (dependency management tools) could enable widespread supply-chain attacks.
https://thehackernews.com/2021/04/a-new-php-composer-bug-could-enable.html
Patch your PHP Packagist/Composer immediately.