Cisco Talos researchers have found evidence that some cybercriminal affiliates of BlackMatter are now spreading BlackCat ransomware.

Details: https://thehackernews.com/2022/03/experts-find-some-affiliates-of.html

Google has uncovered a financially motivated "initial access broker" group that appears to be working with the Conti #ransomware gang.

Read details: https://thehackernews.com/2022/03/google-uncovers-initial-access-broker.html

⚡ Hackers have been spotted deploying a new rootkit targeting Oracle Solaris systems at Banks in an attempt to compromise the switching networks of ATMs (ATM) and perform unauthorized cash withdrawals.

Read: https://thehackernews.com/2022/03/hackers-target-bank-networks-with-new.html

Researchers uncover details of a hacking campaign by South Korean hacker group DarkHotel that targeted luxury hotels and resorts in Macau.

Read details: https://thehackernews.com/2022/03/south-korean-darkhotel-hackers-targeted.html

CryptoRom crypto scammers trick unsuspecting victims into installing fake apps by exploiting legitimate #iOS features like TestFlight and Web Clips.

Read details: https://thehackernews.com/2022/03/cryptorom-crypto-scam-abusing-iphone.html

Hackers use an open-source package installer to compromise French entities in the construction, real estate and government sectors with a new backdoor called "Serpent."

Read details: https://thehackernews.com/2022/03/new-backdoor-targets-french-entities.html

A researcher warns of a new "browser-in-the-browser" (BITB) technique that could allow attackers to spoof a legitimate domain to launch nearly undetectable phishing attacks and steal credentials.

Read details: https://thehackernews.com/2022/03/new-browser-in-browser-bitb-attack.html

A set of newly disclosed critical vulnerabilities in Dell BIOS software affect millions of Edge, Inspiron, Vostro, XPS, Latitude and Alienware series computers.

Read details: https://thehackernews.com/2022/03/new-dell-bios-bugs-affect-millions-of.html

Lapsus$ hacker group claim to have breached Microsoft & authentication company Okta and released 37 GB of data, including source code for Bing Search, Bing Maps and #Cortana, Microsoft's virtual assistant.

https://thehackernews.com/2022/03/lapsus-hackers-claim-to-have-breached.html

⚡ Microsoft and Okta confirm the breach after LAPSUS$ hackers posted stolen source code and screenshots online showing access to the company's internal systems.

Read details: https://thehackernews.com/2022/03/microsoft-and-okta-confirm-breach-by.html

More than 200,000 MicroTik routers worldwide are controlled by botnet malware, described by cybersecurity researchers as one of the largest botnet-as-a-service cybercrime operations in recent years.

Details: https://thehackernews.com/2022/03/over-200000-microtik-routers-worldwide.html

A new variant of Gimmick malware has been spotted that's designed to target Apple macOS systems.

Read details: https://thehackernews.com/2022/03/new-variant-of-chinese-gimmick-malware.html

Hackers from the Chinese cyberespionage group "Mustang Panda" deploying a new variant of the Korplug malware, dubbed Hodur.

Read details: https://thehackernews.com/2022/03/chinese-mustang-panda-hackers-spotted.html

VMware releases patches for critical vulnerabilities in Carbon Black App Control, including a command injection (CVE-2022-22951) and a file upload vulnerability (CVE-2022-22952).

Read details: https://thehackernews.com/2022/03/vmware-issues-patches-for-critical.html

Researchers identified over 200 malicious NPM packages distributed via official repositories that targeted Microsoft Azure developers.

Read: https://thehackernews.com/2022/03/over-200-malicious-npm-packages-caught.html

Researchers have traced the LAPSUS$ cyberattacks to a 16-year-old hacker in England.

Read details: https://thehackernews.com/2022/03/researchers-trace-lapsus-cyber-attacks.html

A 23-year-old Russian national has been indicted in the U.S. and added to the FBI's Cyber Most Wanted list for allegedly administering a cybercrime forum that sold stolen login credentials, personal and credit card data.

Read: https://thehackernews.com/2022/03/23-year-old-russian-hacker-wanted-by.html

At least 2 distinct groups of North Korean state- sponsored hackers exploited a ZERO-DAY (CVE-2022-0609) vulnerability in Google Chrome to launch cyberattacks on the fintech, IT, and media industries.

Read details: https://thehackernews.com/2022/03/north-korean-hackers-exploited-chrome.html

British police have arrested seven suspected members, aged 16 to 21, of the cyber extortion and hacking gang LAPSUS$, which attacked Okta, Microsoft, and Nvidia.

Read details: https://thehackernews.com/2022/03/7-suspected-members-of-lapsus-hacker.html

How to Build a Custom Malware Analysis Sandbox

https://thehackernews.com/2022/03/how-to-build-custom-malware-analysis.html