Hackers behind RomCom RAT attacks are using rogue versions of popular software such as SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro to spread the malware.

Read: https://thehackernews.com/2022/11/hackers-using-rogue-versions-of-keepass.html

A new analysis of the hacking tools employed by the Black Basta ransomware operation has revealed its links to FIN7 (aka Carbanak) hacker group.

Details: https://thehackernews.com/2022/11/researchers-find-links-bw-black-basta.html

U.S. cybersecurity agency CISA has warned of new, multiple vulnerabilities in software from ETIC Telecom, Nokia and Delta Industrial Automation.

Read: https://thehackernews.com/2022/11/cisa-warns-of-critical-vulnerabilities.html

Researchers detail a new malware campaign by Pakistani hackers targeting Indian government organizations, revealing their tactics, techniques, and procedures (TTPs) and new hacking tools.

Read: https://thehackernews.com/2022/11/researchers-detail-new-malware-campaign.html

A new report from Microsoft warns that nation-states and criminals are increasingly exploiting publicly disclosed zero-day vulnerabilities for target breaches.

Read: https://thehackernews.com/2022/11/microsoft-warns-of-uptick-in-hackers.html

Researchers have discovered 29 packages in the Python Package Index (PyPI) repository that aim to infect developers' machines with a malware called W4SP Stealer.

Read: https://thehackernews.com/2022/11/researchers-uncover-29-malicious-pypi.html

Robin Banks phishing-as-a-service (PhaaS) platform is back after moving its attack infrastructure to Russian bulletproof hosting service DDoS-Guard.

Read: https://thehackernews.com/2022/11/robin-banks-phishing-service-for.html

Security researchers are warning of "a trove of sensitive information" leaking through "urlscan," a web-based scanner for suspicious and malicious URLs.

Read: https://thehackernews.com/2022/11/experts-find-urlscan-security-scanner.html

Facebook appears to have silently made a tool available that allows users to remove their contact information, such as phone numbers and email addresses, uploaded by others.

Read: https://thehackernews.com/2022/11/this-hidden-facebook-tool-lets-users.html

Australian health insurer Medibank confirmed today that ransomware hackers accessed the personal data of 9.7 million of its customers, but the company will not pay a ransom.

Read: https://thehackernews.com/2022/11/medibank-refuses-to-pay-ransom-after-97.html

U.S. authorities have seized more than 50,000 bitcoin worth $3.36 billion from a person who stole them from the SilkRoad website and stored them on a circuit board hidden in a popcorn tin.

Read: https://thehackernews.com/2022/11/us-seizes-over-50k-bitcoin-worth-33.html

A new analysis shows that the Amadey malware is being used to install the LockBit 3.0 ransomware on compromised systems.

Details: https://thehackernews.com/2022/11/amadey-bot-spotted-deploying-lockbit-30.html

A new clipper malware strain known as Laplas is targeting cryptocurrency users via another malware called SmokeLoader.

Read: https://thehackernews.com/2022/11/new-laplas-clipper-malware-targeting.html

Microsoft has released the November Patch Tuesday security update to fix 68 newly identified vulnerabilities, including 6 actively exploited zero-days.

Read: https://thehackernews.com/2022/11/install-latest-windows-update-asap.html

VMware has released patches for 5 new flaws affecting Workspace ONE Assist solution, 3 of which are rated CRITICAL (CVE-2022-31685, CVE-2022-31686, CVE-2022-31687) and could be exploited to bypass authentication and gain elevated privileges.

https://thehackernews.com/2022/11/vmware-warns-of-3-new-critical-flaws.html

Researchers find an updated version of an IceXLoader malware loader suspected of infecting thousands of home and corporate Windows machines around the world.

Read: https://thehackernews.com/2022/11/new-icexloader-malware-loader-variant.html

Researchers have linked the hacker group "Keksec" to a new campaign that uses malicious Chromium-based browser extensions to spy on machines compromised by the Cloud9 botnet.

Details: https://thehackernews.com/2022/11/experts-warn-of-browser-extensions.html

A number of recent phishing campaigns using the decentralized Interplanetary Filesystem (IPFS) network to host malware, phishing kit infrastructure and facilitate other attacks.

Details: https://thehackernews.com/2022/11/several-cyber-attacks-observed.html

Russia-linked APT29 hackers has been found leveraging a "lesser-known" Windows feature called "Credential Roaming" in its attack on an unnamed European diplomatic entity.

Details: https://thehackernews.com/2022/11/apt29-exploited-windows-feature-to.html

Researchers reported 3 new BIOS vulnerabilities discovered in the UEFI firmware of Lenovo notebook models, including Yoga, IdeaPad and ThinkBook.

Read: https://thehackernews.com/2022/11/new-uefi-firmware-flaws-reported-in.html