The Hacker News Daily Updates

Update Chrome Browser now to patch zero-day flaw.

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 25 November 2022, 1932 UTC.  Content provided by email subscription to "The Hacker News Daily Updates."

Source:  https://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox/FMfcgzGrbHsLHslLMsMRcNGhvxghWBzg

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts)

The Hacker News Daily Updates

A Must-Have Checklist for Workplace Security and Protection What do a bustling workplace, happy employees, and secure equipment and data all have in common? Easy! To succeed, each one relies on a robust physical workplace security strategy. Download Now Sponsored

LATEST NEWS Nov 25, 2022

Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser. Tracked as CVE-2022-4135, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component. Clement Lecigne of Google's Threat Analysis Group (TAG) has been ... Read More

Dell, HP, and Lenovo Devices Found Using Outdated OpenSSL Versions An analysis of firmware images across devices from Dell, HP, and Lenovo has revealed the presence of outdated versions of the OpenSSL cryptographic library, underscoring a supply chain risk. EFI Development Kit, aka EDK, is an open source implementation of the Unified Extensible Firmware Interface ... Read More

U.K. Police Arrest 142 in Global Crackdown on 'iSpoof' Phone Spoofing Service A coordinated law enforcement effort has dismantled an online phone number spoofing service called iSpoof and arrested 142 individuals linked to the operation. The websites, ispoof[.]me and ispoof[.]cc, allowed the crooks to "impersonate trusted corporations or contacts to access sensitive ... Read More

Interpol Seized $130 Million from Cybercriminals in Global "HAECHI-III" Crackdown Operation Interpol on Thursday announced the seizure of $130 million worth of virtual assets in connection with a global crackdown on cyber-enabled financial crimes and money laundering. The international police operation, dubbed HAECHI-III, transpired between June 28 and November 23, 2022, resulting in the ... Read More

New RansomExx Ransomware Variant Rewritten in the Rust Programming Language The operators of the RansomExx ransomware have become the latest to develop a new variant fully rewritten in the Rust programming language, following other strains like BlackCat, Hive, and Luna. The latest version, dubbed RansomExx2 by the threat actor known as Hive0091 (aka DefrayX), is primarily ... Read More

Millions of Android Devices Still Don't Have Patches for Mali GPU Flaws A set of five medium-severity security flaws in Arm's Mali GPU driver has continued to remain unpatched on Android devices for months, despite fixes released by the chipmaker. Google Project Zero, which discovered and reported the bugs, said Arm addressed the shortcomings in July and August 2022. ... Read More

Boost Your Security with Europe's Leading Bug Bounty Platform As 2022 comes to an end, now's the time to level up your bug bounty program with Intigriti. Are you experiencing slow bug bounty lead times, gaps in security skills, or low-quality reports from researchers? Intigriti's expert triage team and global community of ethical hackers are enabling ... Read More

Bahamut Cyber Espionage Hackers Targeting Android Users with Fake VPN Apps The cyber espionage group known as Bahamut has been attributed as behind a highly targeted campaign that infects users of Android devices with malicious apps designed to extract sensitive information. The activity, which has been active since January 2022, entails distributing rogue VPN apps ... Read More

A Must-Have Checklist for Workplace Security and Protection What do a bustling workplace, happy employees, and secure equipment and data all have in common? Easy! To succeed, each one relies on a robust physical workplace security strategy.