SharkBot Android banking fraud malware has resurfaced on the official Google Play Store and pretends to be a file manager in order to bypass the app marketplace restrictions.

Read: https://thehackernews.com/2022/11/this-android-file-manager-app-infected.html

Bahamut cyberespionage hacker group targeting Android users with fake VPN apps designed to extract sensitive information.

Read: https://thehackernews.com/2022/11/bahamut-cyber-espionage-hackers.html

A set of 5 vulnerabilities in Arm's Mali GPU driver has remained unpatched on millions of Android devices for months, despite the chip maker releasing fixes.

Read: https://thehackernews.com/2022/11/million-of-android-devices-still-dont.html

Researchers have discovered a new variant of RansomExx ransomware rewritten in the Rust #programming language.

Read: https://thehackernews.com/2022/11/new-ransomexx-ransomware-variant.html

INTERPOL arrested 975 suspected cybercriminals and seized $130 million in a global crackdown on voice phishing, romance fraud, sextortion, investment fraud, business email compromise, and money laundering.

Read: https://thehackernews.com/2022/11/interpol-seized-130-million-from.html

A coordinated law enforcement effort has dismantled an online phone number spoofing service called "iSpoof" and arrested 142 people connected to the operation.

Read: https://thehackernews.com/2022/11/uk-police-arrest-142-in-global.html

Devices from Dell, HP and Lenovo have been found to use outdated versions of the OpenSSL cryptographic library, which are known to contain at least 10 critical vulnerabilities.

Read: https://thehackernews.com/2022/11/dell-hp-and-lenovo-devices-found-using.html

Google has released an update for the Chrome browser to patch a new, actively exploited zero-day vulnerability (CVE-2022-4135) that resides in the GPU component.

Read: https://thehackernews.com/2022/11/update-chrome-browser-now-to-patch-new.html

Researchers warn of new "RansomBoggs" ransomware attacks targeting organizations in Ukraine and linked to the Russia-based Sandworm nation-state hacking group.

Read:https://thehackernews.com/2022/11/russia-based-ransomboggs-ransomware.html

U.S. regulators have imposed a ban on Chinese telecommunications and video surveillance equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua, classifying them as "unacceptable" threats to national security.

Read: https://thehackernews.com/2022/11/us-bans-chinese-telecom-equipment-and.html

Elon Musk has confirmed that #Twitter 2.0 - The Everything App - will bring end-to-end #encryption (E2EE) for direct messages and long-form tweets to the platform.

Read: https://thehackernews.com/2022/11/elon-musk-confirms-twitter-20-will.html

Over a dozen new vulnerabilities have been discovered in the firmware of Lanner's Baseboard Management Controller (BMC) that could leave OT and IoT networks vulnerable to remote attacks.

Read: https://thehackernews.com/2022/11/over-dozen-new-bmc-firmware-flaws.html

Researchers have reported a cross-tenant vulnerability in Amazon Web Services (AWS) that exploits #AWS AppSync and allows an attacker to infiltrate a victim organization and access resources in those accounts.

Read: https://thehackernews.com/2022/11/researchers-detail-appsync-cross-tenant.html

CISA has added a critical vulnerability affecting Oracle Fusion Middleware to the Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation.

Read: https://thehackernews.com/2022/11/cisa-warns-of-actively-exploited.html

Ireland's data regulator has fined Facebook €265 million ($277 million) for failing to protect the personal data of more than half a billion users of its social media platform.

Read: https://thehackernews.com/2022/11/irish-regulator-fines-facebook-277.html

Researchers have reported a new vulnerability (CVE-2022-4020) in Acer laptops that could be potentially weaponized to disable UEFI Secure Boot protection.

Read: https://thehackernews.com/2022/11/new-flaw-in-acer-laptops-could-let.html

A hacking group with suspected ties to China has been linked to a series of cyber espionage attacks in the Philippines, mainly using USB devices as the initial infection vector.

Read: https://thehackernews.com/2022/11/chinese-cyber-espionage-hackers-using.html

Researchers have disclosed details of three new security vulnerabilities affecting Operational Technology (OT) products from CODESYS and Festo.

Read: https://thehackernews.com/2022/11/3-new-vulnerabilities-affect-ot.html

Australian government has passed a new bill that significantly increases penalties (up to $50 million) for companies affected by serious or repeated data breaches.

Read: https://thehackernews.com/2022/11/australia-passes-bill-to-fine-companies.html

French data protection watchdog has fined the country's largest electricity provider Electricité de France (EDF) €600,000 for using insecure MD5 hash algorithm to store its customers' passwords.

Read: https://thehackernews.com/2022/11/french-electricity-provider-fined-for.html

A malicious Android app distributed through the Google Play Store secretly collected users' text messages in order to create accounts on various platforms, including Facebook, Google, and WhatsApp.

https://thehackernews.com/2022/11/this-malicious-app-abused-hacked.html