A new malware campaign leveraging an exploit kit has been observed infecting victims' computers with the RedLine stealer trojan.

Read details: https://thehackernews.com/2022/04/new-rig-exploit-kit-campaign-infecting.html

Cybercriminals behind the BazaLoader and IcedID malware attacks now use a new multifunctional loader called Bumblebee that drops Cobalt Strike, shellcode, Sliver, and the Meterpreter backdoor on target computers.

Read: https://thehackernews.com/2022/04/cybercriminals-using-new-malware-loader.html

Twitter's new owner, Elon Musk wants to make the platform's direct messages (DM) end-to-end encrypted, like Signal Messenger, "so no one can spy on or hack your messages."

Read: https://thehackernews.com/2022/04/twitters-new-owner-elon-musk-wants-dms.html

Researchers detail three hacking teams working under the umbrella of the cyberespionage group TA410, named FlowingFrog, LookingFrog and JollyFrog, each with its own toolset and is known to target a variety of critical infrastructures.

Read: https://thehackernews.com/2022/04/experts-detail-3-hacking-teams-working.html

Indian government has issued new guidelines that make it mandatory for service providers, intermediaries, data centers, and government agencies to report cybersecurity incidents to CERT-In within 6 hours.

Read: https://thehackernews.com/2022/04/indian-govt-orders-organisations-to.html

A pair of security issues have been reported in the Microsoft Azure database for PostgreSQL Flexible Server that could have allowed unauthorized cross-account access to databases.

Read: https://thehackernews.com/2022/04/microsoft-azure-vulnerability-exposes.html

Russia has launched over 200 "destructive and relentless" cyberattacks on Ukraine since the war started, Microsoft says.

Read: https://t.co/1EyIw7acPJ

OpenSSF project has released a tool that scans popular open-source repositories for malicious packages. Named "Package Analysis," the tool identified more than 200 malicious packages in just one month of analysis.

Details: https://thehackernews.com/2022/05/heres-new-tool-that-scans-for-malicious.html

Google has officially released the first developer preview for the Privacy Sandbox on Android 13, offering an "early look" at the SDK Runtime and Topics API to improve users' privacy online.

Read: https://thehackernews.com/2022/05/google-releases-first-developer-preview.html

In a new campaign, Russian state-sponsored Cozy Bear (APT29) hackers have been spotted targeting diplomatic and government organizations in Europe, America, and Asia.

Read: https://thehackernews.com/2022/05/russian-hackers-targeting-diplomatic.html

Chinese state-sponsored "Override Panda" hackers have resurfaced in recent weeks with new #cyberespionage attacks aimed at stealing sensitive information.

Read: https://thehackernews.com/2022/05/chinese-override-panda-hackers.html

GitHub describes the recent cyberattack campaign involving the abuse of OAuth access tokens issued to Heroku and Travis-CI as "highly targeted" in nature.

Read: https://thehackernews.com/2022/05/github-says-recent-attack-involving.html

A newly discovered suspected espionage hacking group, dubbed UNC3524, is targeting the emails of employees involved in corporate development, mergers and acquisitions, and large corporate transactions.

Read: https://thehackernews.com/2022/05/new-hacker-group-pursuing-corporate.html

A newly discovered UNPATCHED vulnerability (CVE-2022-05-02) affects the DNS implementation of two popular libraries (Clibc and uClibc-ng) used in a number of IoT devices, allowing attackers to perform DNS poisoning attacks on targeted devices.

https://thehackernews.com/2022/05/unpatched-dns-related-vulnerability.html

China-aligned "Moshen Dragon" cyberespionage group has been caught using abusing popular antivirus products to sideload malware into telecommunications systems operating in Central Asia.

Read details: https://thehackernews.com/2022/05/chinese-hackers-caught-exploiting.html

Researchers have detected a new variant of AvosLocker ransomware that uses a legitimate driver file to disable antivirus solutions and evade detection.

Read: https://thehackernews.com/2022/05/avoslocker-ransomware-variant-using-new.html

Researchers analyze dozens of communications between Conti and Hive ransomware operators and victims, revealing the actors' communication style, persuasion tactics, ransom negotiation techniques, operational and targeting details, and more.

https://thehackernews.com/2022/05/experts-analyze-conti-and-hive.html

Researchers have discovered 5 new security vulnerabilities — dubbed TLStorm 2.0 — in multiple models of Aruba and Avaya network switches that could be exploited for remote access to enterprise networks and data theft.

Read: https://thehackernews.com/2022/05/critical-tlstorm-20-bugs-affect-widely.html

Google's Threat Analysis Group (TAG) says state-backed hackers and cybercriminals from China, Iran, North Korea and Russia are increasingly using Russian-Ukrainian War-themed documents as bait for phishing and malware campaigns.

Read: https://thehackernews.com/2022/05/ukraine-war-themed-files-become-lure-of.html

A critical RCE vulnerability (CVE-2022-26352) has been reported in the open-source dotCMS content management system, which is used by more than 10,000 customers in 70 countries, including Fortune 500 brands and mid-sized companies.

Read: https://thehackernews.com/2022/05/critical-rce-bug-reported-in-dotcms.html