A critical vulnerability (CVE-2022-36537) has been reported and patched in ConnectWise R1Soft Server Backup Manager software that could lead to remote code execution and supply chain attacks.

Read: https://thehackernews.com/2022/11/critical-rce-vulnerability-reported-in.html

Chinese state-sponsored hackers have been observed employing a new stealthy infection chain in their LODEINFO malware attacks targeting Japanese entities.

Read: https://thehackernews.com/2022/11/chinese-hackers-using-new-stealthy.html

Researchers reveal details of a critical authentication bypass vulnerability in Jupyter Notebooks for Microsoft Azure Cosmos DB, which could have allowed attackers to achieve remote code execution on containers.

Read: https://thehackernews.com/2022/11/researchers-disclose-details-of.html

Nothing CRITICAL this time!

OpenSSL has released patches for 2 new high-severity flaws (CVE-2022-3786 / CVE-2022-3602).

https://thehackernews.com/2022/11/just-in-openssl-releases-patch-for-2.html

CVE-2022-3602 has been downgraded from CRITICAL to HIGH as it cannot be exploited in most widely used architectures and platforms.

File hosting service Dropbox fell victim to a phishing campaign that allowed unknown hackers gained unauthorized access to 130 of its source code repositories on GitHub.

Read: https://thehackernews.com/2022/11/dropbox-breach-hackers-unauthorizedly.html

Researchers warn of booby-trapped VPN applications infecting Android devices with new SandStrike spyware.

Read: https://thehackernews.com/2022/11/experts-warn-of-sandstrike-android.html

As part of an adware and information theft campaign, four Android apps from the same developer directed victims to malicious websites.

Read: https://thehackernews.com/2022/11/these-android-apps-with-million-play.html

Inside Raccoon Stealer V2

Read: https://thehackernews.com/2022/11/inside-raccoon-stealer-v2.html

TikTok has revised its privacy policy for European users to explicitly clarify that some employees from around the world, including China, may access users' data.

Details: https://thehackernews.com/2022/11/new-tiktok-privacy-policy-confirms.html

Hackers behind RomCom RAT attacks are using rogue versions of popular software such as SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro to spread the malware.

Read: https://thehackernews.com/2022/11/hackers-using-rogue-versions-of-keepass.html

A new analysis of the hacking tools employed by the Black Basta ransomware operation has revealed its links to FIN7 (aka Carbanak) hacker group.

Details: https://thehackernews.com/2022/11/researchers-find-links-bw-black-basta.html

U.S. cybersecurity agency CISA has warned of new, multiple vulnerabilities in software from ETIC Telecom, Nokia and Delta Industrial Automation.

Read: https://thehackernews.com/2022/11/cisa-warns-of-critical-vulnerabilities.html

Researchers detail a new malware campaign by Pakistani hackers targeting Indian government organizations, revealing their tactics, techniques, and procedures (TTPs) and new hacking tools.

Read: https://thehackernews.com/2022/11/researchers-detail-new-malware-campaign.html

A new report from Microsoft warns that nation-states and criminals are increasingly exploiting publicly disclosed zero-day vulnerabilities for target breaches.

Read: https://thehackernews.com/2022/11/microsoft-warns-of-uptick-in-hackers.html

Researchers have discovered 29 packages in the Python Package Index (PyPI) repository that aim to infect developers' machines with a malware called W4SP Stealer.

Read: https://thehackernews.com/2022/11/researchers-uncover-29-malicious-pypi.html

Robin Banks phishing-as-a-service (PhaaS) platform is back after moving its attack infrastructure to Russian bulletproof hosting service DDoS-Guard.

Read: https://thehackernews.com/2022/11/robin-banks-phishing-service-for.html

Security researchers are warning of "a trove of sensitive information" leaking through "urlscan," a web-based scanner for suspicious and malicious URLs.

Read: https://thehackernews.com/2022/11/experts-find-urlscan-security-scanner.html

Facebook appears to have silently made a tool available that allows users to remove their contact information, such as phone numbers and email addresses, uploaded by others.

Read: https://thehackernews.com/2022/11/this-hidden-facebook-tool-lets-users.html

Australian health insurer Medibank confirmed today that ransomware hackers accessed the personal data of 9.7 million of its customers, but the company will not pay a ransom.

Read: https://thehackernews.com/2022/11/medibank-refuses-to-pay-ransom-after-97.html

U.S. authorities have seized more than 50,000 bitcoin worth $3.36 billion from a person who stole them from the SilkRoad website and stored them on a circuit board hidden in a popcorn tin.

Read: https://thehackernews.com/2022/11/us-seizes-over-50k-bitcoin-worth-33.html

A new analysis shows that the Amadey malware is being used to install the LockBit 3.0 ransomware on compromised systems.

Details: https://thehackernews.com/2022/11/amadey-bot-spotted-deploying-lockbit-30.html