A newly discovered variant of the Ursnif malware has focused on ransomware and data theft extortion attacks instead of banking fraud.

Read: https://thehackernews.com/2022/10/latest-ursnif-variant-shifts-focus-from.html

Domestic Kitten hacking group has been spotted spying on Iranians using an updated version of FurBall Android malware.

Read: https://thehackernews.com/2022/10/hackers-using-new-version-of-furball.html

Around 20 million Android users have been infected with the Clicker #malware after installing 16 malicious apps from Google Play.

Read: https://thehackernews.com/2022/10/these-16-clicker-malware-infected.html

Brazilian police announced Wednesday that they have arrested a person suspected of belonging to the notorious LAPSUS$ hacking group.

Read: https://thehackernews.com/2022/10/brazilian-police-arrest-suspected.html

A Russian ransomware group dubbed "OldGremlin" has been attributed to 16 multi-million dollar campaigns targeting businesses in Russia.

Read: https://thehackernews.com/2022/10/oldgremlin-ransomware-targeted-over.html

Researchers have detected active exploitation attempts targeting the recently disclosed critical RCE vulnerability (CVE-2022-42889) in Apache Commons Text.

Read details: https://thehackernews.com/2022/10/hackers-started-exploiting-critical.html

Multiple malware campaigns are exploiting a vulnerability in VMware Workspace ONE Access to infect targeted systems with cryptocurrency miners and ransomware.

Details: https://thehackernews.com/2022/10/multiple-campaigns-exploit-vmware.html

Microsoft has confirmed that it inadvertently exposed data related to 65,000+ of customers following a security lapse that left an endpoint publicly accessible over the internet.

Details: https://thehackernews.com/2022/10/microsoft-confirms-server.html

Google has launched a new open-source initiative called Graph for Understanding Artifact Composition (GUAC) that aims to beef up the security for software supply chain.

Read: https://thehackernews.com/2022/10/google-launches-guac-open-source.html

Emotet botnet has been linked to a new wave of malspam campaigns that exploit self-unlocking password-protected archive files to drop CoinMiner and Quasar RAT on compromised systems.

Read: https://thehackernews.com/2022/10/emotet-botnet-distributing-self.html

U.S. cybersecurity and intelligence agencies warn of Daixin Team hackers attacking healthcare organizations with ransomware.

Read: https://thehackernews.com/2022/10/cisa-warns-of-daixin-team-hackers.html

SideWinder APT hackers compromised the official website of Pakistan's National Electric Power Regulatory Authority to deliver a new tailored malware called WarHawk.

Read: https://thehackernews.com/2022/10/sidewinder-apt-using-new-warhawk.html

Apple releases a security patch for a new, actively exploited iOS and iPadOS zero-day vulnerability (CVE-2022-42827) that allows malicious apps to execute arbitrary code with the highest privileges.

Read: https://thehackernews.com/2022/10/apple-releases-patch-for-new-actively.html

Hive ransomware hackers have claimed responsibility for the recent cyberattack on Tata Power, and the group has begun leaking stolen data as part of its double extortion scheme.

Read: https://thehackernews.com/2022/10/hive-ransomware-hackers-begin-leaking.html

A 22-year-old high-severity vulnerability has been reported in the widely used SQLite database library that could allow attackers to crash or control programs.

Read: https://thehackernews.com/2022/10/22-year-old-vulnerability-reported-in.html

Researchers uncover details of two Windows event log vulnerabilities, dubbed "LogCrusher" and "OverLog," the first of which is not yet fixed, and the second could be exploited to cause a denial-of-service.

Read: https://thehackernews.com/2022/10/researchers-detail-windows-event-log.html

Cybercriminals used two point-of-sale malware strains (POS) to steal the details of more than 167,000 credit cards worth nearly $3.34 million on underground forums.

Read: https://thehackernews.com/2022/10/cybercriminals-used-two-pos-malware-to.html

CISA warns of active exploitation attempts in the wild targeting two vulnerabilities in Cisco AnyConnect software and four flaws in GIGABYTE drivers.

Read: https://thehackernews.com/2022/10/hackers-actively-exploiting-cisco.html

Cybercrime group Vice Society has been linked to several ransomware and extortion campaigns targeting the education, government, and retail sectors.

Read: https://thehackernews.com/2022/10/vice-society-hackers-are-behind-several.html

VMware has released security updates to address a critical RCE vulnerability (CVE-2021-39144) affecting the VMware Cloud Foundation product.

Read: https://thehackernews.com/2022/10/vmware-releases-patch-for-critical-rce.html

Hackers behind the RomCom RAT malware have been observed using malicious versions of popular apps to attack Ukrainian military institutions.

Read: https://thehackernews.com/2022/10/romcom-hackers-circulating-malicious.html