🚨 A new Android malware, FakeCall, has emerged, utilizing sophisticated voice phishing (vishing) techniques to deceive users.

This malware can capture SMS, contacts, and stream live video, redirecting calls to fraudulent sources.

Read: https://thehackernews.com/2024/11/new-fakecall-malware-variant-hijacks.html

Google's AI framework, 🤖 Big Sleep, discovers a zero-day vulnerability in the widely used SQLite database engine, demonstrating the future of automated vulnerability detection.

Learn more: https://thehackernews.com/2024/11/googles-ai-tool-big-sleep-finds-zero.html

🎄🎁🤖 As retail traffic surges this holiday season, AI-driven threats are expected to spike.

Discover how "Grinch bots" are impacting the retail industry and strategies to enhance bot detection for a seamless holiday shopping experience.

https://thehackernews.com/2024/11/cyber-threats-that-could-impact-retail.html

German law enforcement has disrupted the criminal service dstat[.]cc, enabling easy DDoS attacks for non-technical users.

Find details here: https://thehackernews.com/2024/11/german-police-disrupt-ddos-for-hire.html

⚠️ Six critical security flaws have been discovered in the Ollama AI framework, enabling potential model poisoning and theft. With a staggering number of unpatched instances, it’s crucial to filter internet-facing endpoints effectively.

Read: https://thehackernews.com/2024/11/critical-flaws-in-ollama-ai-framework.html

💻 Don't miss out on our latest #cybersecurity newsletter!

This week, we're diving into the chaos as hackers ramp up attacks, including North Korean ransomware collaboration and evasive password spraying tactics.

https://thehackernews.com/2024/11/thn-recap-top-cybersecurity-threats.html

Google warns of active exploitation of CVE-2024-43093 in Android.

This #vulnerability allows unauthorized access to critical directories, emphasizing the need for timely updates and patching processes.

https://thehackernews.com/2024/11/google-warns-of-actively-exploited-cve.html

Canadian authorities have arrested Alexander "Connor" Moucka, a suspect in the Snowflake data breach that impacted around 165 organizations, including major corporations like AT&T and Ticketmaster, some of which were extorted for large sums.

https://thehackernews.com/2024/11/canadian-suspect-arrested-over.html

Synology has released a patch for a critical zero-day vulnerability (CVE-2024-10443) affecting millions of NAS devices, which allows remote code execution without user interaction.

Read: https://thehackernews.com/2024/11/synology-urges-patch-for-critical-zero.html

🚨 Hundreds of typosquatted versions targeting npm developers are attempting to deliver cross-platform #malware by employing Ethereum smart contracts for command-and-control (C2) communications.

Read: https://thehackernews.com/2024/11/malware-campaign-uses-ethereum-smart.html

The Android banking malware "ToxicPanda" has infected over 1,500 devices, facilitating fraudulent transactions by bypassing security measures.

It disguises itself as legitimate apps and intercepts OTPs for unauthorized access.

Read: https://thehackernews.com/2024/11/new-android-banking-malware-toxicpanda.html

Explore how Zero Trust security transforms #cybersecurity by eliminating implicit trust, scrutinizing access requests, and continuously monitoring users to mitigate insider threats and enhance security posture.

Read: https://thehackernews.com/2024/11/leveraging-wazuh-for-zero-trust-security.html

The FBI is seeking public assistance to identify those behind cyber intrusions linked to Chinese APT groups that have exploited vulnerabilities in edge devices and networks for cyber espionage against critical infrastructure.

Learn more: https://thehackernews.com/2024/11/fbi-seeks-public-help-to-identify.html

Google Cloud will enforce mandatory multi-factor authentication (MFA) for all users by the end of 2025

Learn more: https://thehackernews.com/2024/11/google-cloud-to-enforce-multi-factor.html

South Korea fined Meta $15.67 million for sharing sensitive data from 980,000 users with advertisers without proper consent.

Learn more: https://thehackernews.com/2024/11/south-korea-fines-meta-1567m-for.html

INTERPOL has taken down over 22,000 malicious servers in its Operation Synergia II, targeting phishing, ransomware, and malware.

Learn more: https://thehackernews.com/2024/11/interpols-operation-synergia-ii.html

Continuous Threat Exposure Management (CTEM) is no longer optional—it's essential!

As threats evolve, CTEM empowers organizations to proactively identify and mitigate vulnerabilities before they lead to costly breaches. 🔗

Read the full article to discover how to keep CTEM on your 2025 budget radar: https://thehackernews.com/2024/11/9-steps-to-get-ctem-on-your-2025.html

🚨 Warning: New Winos 4.0 malware is targeting users through 🎮 gaming applications. This advanced framework can take control of compromised systems and harvest sensitive data, targeting educational organizations and cryptocurrency wallets.

Read: https://thehackernews.com/2024/11/new-winos-40-malware-infects-gamers.html

🔥 Did you know? Advanced threat actors can breach identity systems in days.

Learn about SaaS and cloud vulnerabilities. Join our LIVE WEBINAR to learn crucial strategies for securing your identity infrastructure.

👉 Join now: https://thehacker.news/identity-based-attacks

🔒 Canada orders TikTok to shut down operations over national security concerns.

Read more here: https://thehackernews.com/2024/11/canada-orders-tiktok-to-shut-down.html