Microsoft has released the November Patch Tuesday security update to fix 68 newly identified vulnerabilities, including 6 actively exploited zero-days.

Read: https://thehackernews.com/2022/11/install-latest-windows-update-asap.html

VMware has released patches for 5 new flaws affecting Workspace ONE Assist solution, 3 of which are rated CRITICAL (CVE-2022-31685, CVE-2022-31686, CVE-2022-31687) and could be exploited to bypass authentication and gain elevated privileges.

https://thehackernews.com/2022/11/vmware-warns-of-3-new-critical-flaws.html

Researchers find an updated version of an IceXLoader malware loader suspected of infecting thousands of home and corporate Windows machines around the world.

Read: https://thehackernews.com/2022/11/new-icexloader-malware-loader-variant.html

Researchers have linked the hacker group "Keksec" to a new campaign that uses malicious Chromium-based browser extensions to spy on machines compromised by the Cloud9 botnet.

Details: https://thehackernews.com/2022/11/experts-warn-of-browser-extensions.html

A number of recent phishing campaigns using the decentralized Interplanetary Filesystem (IPFS) network to host malware, phishing kit infrastructure and facilitate other attacks.

Details: https://thehackernews.com/2022/11/several-cyber-attacks-observed.html

Russia-linked APT29 hackers has been found leveraging a "lesser-known" Windows feature called "Credential Roaming" in its attack on an unnamed European diplomatic entity.

Details: https://thehackernews.com/2022/11/apt29-exploited-windows-feature-to.html

Researchers reported 3 new BIOS vulnerabilities discovered in the UEFI firmware of Lenovo notebook models, including Yoga, IdeaPad and ThinkBook.

Read: https://thehackernews.com/2022/11/new-uefi-firmware-flaws-reported-in.html

A new high-severity vulnerability has been discovered in a critical system used in oil and gas companies that could be exploited by an attacker to inject and execute arbitrary code.

Read: https://thehackernews.com/2022/11/high-severity-flaw-reported-in-critical.html

Citrix has released security updates to address 3 new flaws in Application Delivery Controller (ADC) & Gateway products, including a critical authentication bypass vulnerability that could be exploited to take control of affected systems.

https://thehackernews.com/2022/11/citrix-issues-patches-for-critical-flaw.html

A malicious package discovered on the Python Package Index (PyPI) has been found employing a steganographic trick to conceal malicious code within image files.

Read: https://thehackernews.com/2022/11/researchers-uncover-pypi-package-hiding.html

Google has awarded a researcher $70,000 for reporting a security vulnerability that can be exploited to bypass the lock screen on all Pixel smartphones.

Read details and watch demo: https://thehackernews.com/2022/11/hacker-rewarded-70000-for-finding-way.html

Researchers warn of massive malicious campaigns targeting customers of leading Indian banks with various banking malware, including Elibomi, FakeReward, AxBanker, IcRAT and IcSpy.

Read: https://thehackernews.com/2022/11/warning-this-widespread-malicious.html

Microsoft has attributed the recent wave of "Prestige" ransomware attacks on Ukraine and Poland to the Russia-sponsored hacking group Sandworm.

Read: https://thehackernews.com/2022/11/microsoft-blames-russian-hackers-for.html

U.S. Department of Justice has announced charges against a Russian-Canadian national for his alleged involvement in LockBit ransomware attacks around the world.

Read: https://thehackernews.com/2022/11/russian-canadian-national-charged-over.html

Researchers discover multiple high-severity flaws in the widely used OpenLiteSpeed Web Server and its enterprise variant that could be exploited for RCE attacks.

https://thehackernews.com/2022/11/multiple-high-severity-flaw-affect.html

RCE: CVE-2022-0073
Privilege Escalation: CVE-2022-0074
Directory Traversal: CVE-2022-0072

Two new malicious dropper apps distributed via Google Play Store have been caught infecting users' Android devices with Xenomorph banking malware.

Read: https://thehackernews.com/2022/11/these-two-google-play-store-apps.html

Two long-running surveillance campaigns have been discovered using Android spyware tools to monitor the Uyghur community in China and elsewhere to collect sensitive information and track their whereabouts.

Read: https://thehackernews.com/2022/11/experts-uncover-two-long-running.html

A recently discovered cyberespionage group dubbed Worok has been found abusing Dropbox API to exfiltrate data stolen by malware hiding in seemingly innocuous image files.

Read: https://thehackernews.com/2022/11/worok-hackers-abuse-dropbox-api-to.html

Researchers have discovered new "KmsdBot" malware leveraging weak SSH credentials to compromise systems with the goal of mining cryptocurrency and conducting targeted DDoS attacks.

Read: https://thehackernews.com/2022/11/new-kmsdbot-malware-hijacking-systems.html

A new malicious campaign has compromised over 15,000 WordPress websites in an attempt to redirect visitors to bogus Q&A portals as part of an SEO poisoning issue.

Read: https://thehackernews.com/2022/11/over-15000-wordpress-sites-compromised.html

Researchers have identified a previously undocumented subgroup of APT41 that has been targeting entities located in East and Southeast Asia and Ukraine with custom Cobalt Strike loader.

Read: https://thehackernews.com/2022/11/new-earth-longzhi-apt-targets-ukraine.html