Gather round — we’ve got a spooky story for you. Ever heard of ghost logins? It’s not a tale most IAM teams will tell you.

Ghost logins are forgotten local logins that enable attackers to get around your tightly controlled SSO login and circumvent MFA. With unprecedented levels of credential theft (enabled by infostealer attacks), these accounts are now much more likely to be taken over via credential stuffing attacks.

Learn more 👇 https://thn.news/ghost-logins-explained

🛡️ LottieFiles faced a supply chain attack compromising its npm package, affecting developers using the library—urgent update required.

Read: https://thehackernews.com/2024/10/lottiefiles-issues-warning-about.html

🛑 A new version of LightSpy #spyware targets iOS, expanding its capabilities with destructive features.

With the number of plugins increasing from 12 to 28, it can capture everything from Wi-Fi credentials to SMS messages and even delete data.

Read: https://thehackernews.com/2024/10/new-lightspy-spyware-version-targets.html

🛡️ New phishing kit "Xiū gǒu" targets multiple countries, including Australia and the U.S., with over 2,000 phishing sites.

It uses Golang and Vue.js to allow attackers to exfiltrate sensitive credentials via Telegram from fake sites.

Read: https://thehackernews.com/2024/11/new-phishing-kit-xiu-gou-targets-users.html

⚠️ Attackers are evolving!

Legacy security tools fail against new threats, with 70% of phishing pages bypassing detection. Explore insights from the "Enterprise Identity Threat Report 2024" on critical identity security risks.

Read: https://thehackernews.com/2024/10/enterprise-identity-threat-report-2024.html

Microsoft delays the launch of its Recall feature for Windows Copilot+ PCs, now set for December.

The Recall feature, which creates a comprehensive log of user activity, has faced scrutiny, leading to a redesign focused on privacy controls.

https://thehackernews.com/2024/11/microsoft-delays-windows-copilot-recall.html

🚨 Attention #Cybersecurity Professionals!

Cybercriminals are exploiting identity vulnerabilities, causing data breaches & financial losses.

Join our exclusive WEBINAR to learn key tactics for defending against advanced identity-based threats

Join: https://thehackernews.com/2024/11/stop-lucr-3-attacks-learn-key-identity.html

🚨 Microsoft identifies the Chinese threat actor Storm-0940 using the Quad7 botnet for sophisticated password spray attacks.

Find details here: https://thehackernews.com/2024/11/microsoft-warns-of-chinese-botnet.html

⚠️ Researchers have uncovered EMERALDWHALE, a massive campaign exploiting exposed Git configurations to siphon over 15,000 credentials and clone 10,000 private repositories.

Read: https://thehackernews.com/2024/11/massive-git-config-breach-exposes-15000.html

🚨Cybersecurity at the Olympics: A New Threat Emerges! Learn about the evolving tactics of cyber groups like Emennet Pasargad and their implications for cybersecurity strategies.

Read: https://thehackernews.com/2024/11/inside-irans-cyber-playbook-ai-fake.html

🚨 SaaS Misconfigurations Are a Major Threat!

With so many apps and integrations, the risk of data breaches has never been higher. Here are 5 common misconfigurations you need to address NOW!

Read: https://thehackernews.com/2024/11/5-saas-misconfigurations-leading-to.html

🚨 A new Android malware, FakeCall, has emerged, utilizing sophisticated voice phishing (vishing) techniques to deceive users.

This malware can capture SMS, contacts, and stream live video, redirecting calls to fraudulent sources.

Read: https://thehackernews.com/2024/11/new-fakecall-malware-variant-hijacks.html

Google's AI framework, 🤖 Big Sleep, discovers a zero-day vulnerability in the widely used SQLite database engine, demonstrating the future of automated vulnerability detection.

Learn more: https://thehackernews.com/2024/11/googles-ai-tool-big-sleep-finds-zero.html

🎄🎁🤖 As retail traffic surges this holiday season, AI-driven threats are expected to spike.

Discover how "Grinch bots" are impacting the retail industry and strategies to enhance bot detection for a seamless holiday shopping experience.

https://thehackernews.com/2024/11/cyber-threats-that-could-impact-retail.html

German law enforcement has disrupted the criminal service dstat[.]cc, enabling easy DDoS attacks for non-technical users.

Find details here: https://thehackernews.com/2024/11/german-police-disrupt-ddos-for-hire.html

⚠️ Six critical security flaws have been discovered in the Ollama AI framework, enabling potential model poisoning and theft. With a staggering number of unpatched instances, it’s crucial to filter internet-facing endpoints effectively.

Read: https://thehackernews.com/2024/11/critical-flaws-in-ollama-ai-framework.html

💻 Don't miss out on our latest #cybersecurity newsletter!

This week, we're diving into the chaos as hackers ramp up attacks, including North Korean ransomware collaboration and evasive password spraying tactics.

https://thehackernews.com/2024/11/thn-recap-top-cybersecurity-threats.html

Google warns of active exploitation of CVE-2024-43093 in Android.

This #vulnerability allows unauthorized access to critical directories, emphasizing the need for timely updates and patching processes.

https://thehackernews.com/2024/11/google-warns-of-actively-exploited-cve.html

Canadian authorities have arrested Alexander "Connor" Moucka, a suspect in the Snowflake data breach that impacted around 165 organizations, including major corporations like AT&T and Ticketmaster, some of which were extorted for large sums.

https://thehackernews.com/2024/11/canadian-suspect-arrested-over.html

Synology has released a patch for a critical zero-day vulnerability (CVE-2024-10443) affecting millions of NAS devices, which allows remote code execution without user interaction.

Read: https://thehackernews.com/2024/11/synology-urges-patch-for-critical-zero.html

🚨 Hundreds of typosquatted versions targeting npm developers are attempting to deliver cross-platform #malware by employing Ethereum smart contracts for command-and-control (C2) communications.

Read: https://thehackernews.com/2024/11/malware-campaign-uses-ethereum-smart.html