Five Eyes nations have released a joint cybersecurity advisory warning of an increase in malicious attacks by Russian state-sponsored actors and criminal groups on critical infrastructure amid the ongoing military siege of #Ukraine.

Read: https://thehackernews.com/2022/04/five-eyes-nations-warn-of-russian-cyber.html

Researchers have published a new incident report revealing how hackers exploited "ProxyShell" vulnerabilities in Microsoft Exchange to encrypt companies' networks with Hive ransomware.

Read details: https://thehackernews.com/2022/04/new-incident-report-reveals-how-hive.html

Researchers have found three vulnerabilities in the audio decoders of Qualcomm and MediaTek Android mobile chips that, if exploited, could allow hackers to remotely access media and audio conversations on affected devices.

Read: https://thehackernews.com/2022/04/critical-chipset-bug-opens-millions-of.html

A new unpatched vulnerability has been disclosed in the RainLoop webmail client that could allow hackers to remotely access the victim's inbox by sending a specially crafted email.

Read details: https://thehackernews.com/2022/04/unpatched-bug-in-rainloop-webmail-could.html

Cisco has released security updates to address three high-severity vulnerabilities in its TelePresence, RoomOS and Umbrella VA products that could be exploited to conduct DoS attacks and take control of affected systems.

Read: https://thehackernews.com/2022/04/cisco-releases-security-patches-for.html

QNAP has issued a notice recommending users update firmware for network-attached storage (NAS) appliances to fix two vulnerabilities affecting the Apache HTTP component.

Read: https://thehackernews.com/2022/04/qnap-advises-users-to-update-nas.html

Cybersecurity researchers warn of LemonDuck cryptocurrency mining botnet targeting Docker and TeamTNT hacker group attacking #Kubernetes and public cloud providers to mine cryptocurrencies.

Read details: https://thehackernews.com/2022/04/watch-out-cryptocurrency-miners.html

A critical authentication bypass vulnerability (CVE-2022-0540 and CVSS 9.9) has been discovered in Seraph affecting #Atlassian Jira and Jira Service Management.

Read details: https://thehackernews.com/2022/04/atlassian-drops-patches-for-critical.html

T-Mobile admits that the Lapsus$ hackers gained access to the company's internal tools and source code in March prior to the arrest of its seven members.

Read details: https://thehackernews.com/2022/04/t-mobile-admits-lapsus-hackers-gained.html

FBI warns against the BlackCat ransomware-as-a-service (RaaS), which has victimized at least 60 companies worldwide since it emerged last November ( as of March 2022).

Details: https://thehackernews.com/2022/04/fbi-warns-of-blackcat-ransomware-that.html

A new variant of an IoT botnet called BotenaGo has emerged in the wild, specifically targeting Lilin security camera DVR devices to infect them with Mirai malware.

https://thehackernews.com/2022/04/new-botenago-malware-variant-targeting.html

A new vulnerability has been disclosed in the web version of the Ever Surf wallet for Everscale blockchain that could allow a hacker to gain complete control over a victim's cryptocurrency wallet.

https://thehackernews.com/2022/04/critical-bug-in-everscale-wallet.html

Iran-linked Rocket Kitten hackers have been exploiting the recently disclosed RCE vulnerability in VMware Workspace ONE Access and Identity Manager to access unpatched systems and deploy CORE IMPACT backdoor.

https://thehackernews.com/2022/04/iranian-hackers-exploiting-vmware-rce.html

Researchers have uncovered a recent hacking campaign by a North Korean-backed hacking group that targeted journalists. The group attempted to install backdoors in the Windows systems of journalists covering the country.

Read: https://thehackernews.com/2022/04/north-korean-hackers-target-journalists.html

Emotet botnet, which relied largely on malicious Word documents with embedded macros to infect victims' systems, is now testing new methods to spread malware after Microsoft disabled VBA macros by default.

Details: https://thehackernews.com/2022/04/emotet-testing-new-delivery-ideas-after.html

Microsoft discovers a set of two new root privilege escalation vulnerabilities affecting Linux systems — tracked as CVE-2022-29799 & CVE-2022-29800; and collectively called "Nimbuspwn," that can be exploited to perform malicious actions.

Read: https://thehackernews.com/2022/04/microsoft-discovers-new-privilege.html

A "logical flaw" has been disclosed in the NPM package manager that allowed attackers to pass off malicious libraries as legitimate by adding notable developers as contributors without their knowledge, tricking unsuspecting devs into installing them.

https://thehackernews.com/2022/04/npm-bug-allowed-attackers-to-distribute.html

Google introduces a new "Data Safety" section for Android apps in the Play Store to highlight the type of data that is collected and shared with third-parties.

Read details: https://thehackernews.com/2022/04/googles-new-safety-section-shows-what.html

WATCH OUT!!!

QNAP advises NAS device users to immediately mitigate new remote hacking flaws until patches are available.

Read details: https://thehackernews.com/2022/04/qnap-advises-to-mitigate-remote-hacking.html

CloudFlare thwarts yet another record HTTP distributed denial-of-service (DDoS) attack, peaking at 15.3 million requests per second.

Read details: https://thehackernews.com/2022/04/cloudflare-thwarts-record-ddos-attack.html