Researchers uncover seven custom backdoors used by Polonium APT hackers in targeted attacks on Israeli entities to take screenshots, log keystrokes, spy via webcam, open reverse shells and exfiltrate files.

Read: https://thehackernews.com/2022/10/researchers-uncover-custom-backdoors.html

Watch Out! An unofficial modified version of the popular WhatsApp messaging app called "YoWhatsApp" has been caught infecting users' Android devices with the Triada malware.

Read: https://thehackernews.com/2022/10/modified-whatsapp-app-caught-infecting.html

Researchers have published technical details and a PoC exploit for a recently disclosed critical vulnerability (CVE-2022-40684) affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager.

Read: https://thehackernews.com/2022/10/poc-exploit-released-for-critical.html

Tata Power, India's largest integrated power company, has been hit by a cyberattack.

Read: https://thehackernews.com/2022/10/indian-energy-company-tata-powers-it.html

Interpol has announced the arrest of 75 people as part of a coordinated global operation against an organized cybercrime syndicate called "Black Axe."

Read: https://thehackernews.com/2022/10/interpol-led-operation-takes-down-black.html

Zimbra has finally released security patches for an actively exploited RCE vulnerability (CVE-2022-41352) in its Enterprise Collaboration Suite that could be used to upload arbitrary files to vulnerable instances.

Read: https://thehackernews.com/2022/10/zimbra-releases-patch-for-actively.html

Microsoft warns about a newly discovered ransomware campaign called "Prestige" that targets companies in the transportation and related logistics industries in Ukraine and Poland.

Read: https://thehackernews.com/2022/10/new-prestige-ransomware-targeting.html

New research has uncovered a security weakness in Microsoft 365 that could be exploited to determine the content of encrypted messages due to the use of a broken cryptographic algorithm.

Read: https://thehackernews.com/2022/10/researchers-claim-microsoft-office-365.html

Hackers behind the Black Basta ransomware attacks have been observed using the Qakbot trojan to deploy the Brute Ratel C4 framework as a second-stage payload in recent attacks.

Read: https://thehackernews.com/2022/10/black-basta-ransomware-hackers.html

Police in Europe have arrested members of a cybercrime ring that used a hacking tool to steal cars without a physical key fob.

Read: https://thehackernews.com/2022/10/european-police-arrest-gang-that-hacked.html

Operation CuckooBees: A Chinese-aligned espionage hacking group is targeting government organizations in Hong Kong.

Read: https://thehackernews.com/2022/10/chinese-spyder-loader-malware-spotted.html

A critical RCE vulnerability has been discovered in the popular Cobalt Strike exploitation framework that could allow an attacker to take control of the target system.

Read: https://thehackernews.com/2022/10/critical-rce-vulnerability-discovered.html

HelpSystems releases an out-of-band patch update to fix the issue.

Chinese APT hackers, codenamed DiceyF, have been linked to a string of attacks aimed at online casinos in Southeast Asia for years.

Read: https://thehackernews.com/2022/10/chinese-hackers-targeting-online.html

Security researchers warn of a new, stealthy PowerShell backdoor that disguises itself as a Windows update process.

Details: https://thehackernews.com/2022/10/experts-warn-of-stealthy-powershell.html

CISA has published two Industrial Control Systems (ICS) advisories warning of serious security vulnerabilities in Advantech R-SeeNet and Hitachi Energy APM Edge appliances.

Details: https://thehackernews.com/2022/10/cisa-warns-of-critical-flaws-affecting.html

Researchers have disclosed more details about a now-patched vulnerability in Azure Service Fabric Explorer (SFX) that could allow an attacker to gain administrative privileges on the cluster.

Read: https://thehackernews.com/2022/10/researchers-detail-azure-sfx-flaw-that.html

A newly discovered variant of the Ursnif malware has focused on ransomware and data theft extortion attacks instead of banking fraud.

Read: https://thehackernews.com/2022/10/latest-ursnif-variant-shifts-focus-from.html

Domestic Kitten hacking group has been spotted spying on Iranians using an updated version of FurBall Android malware.

Read: https://thehackernews.com/2022/10/hackers-using-new-version-of-furball.html

Around 20 million Android users have been infected with the Clicker #malware after installing 16 malicious apps from Google Play.

Read: https://thehackernews.com/2022/10/these-16-clicker-malware-infected.html

Brazilian police announced Wednesday that they have arrested a person suspected of belonging to the notorious LAPSUS$ hacking group.

Read: https://thehackernews.com/2022/10/brazilian-police-arrest-suspected.html