A new phishing campaign targets e-commerce shoppers in Europe and the U.S. with fake discounts, using SEO poisoning and typosquatting to steal payment details via fake sites.

Learn more: https://thehackernews.com/2024/11/fake-discount-sites-exploit-black.html

Google is developing a Shielded Email feature, allowing users to create email aliases for signing up online, keeping their real addresses private.

Details: https://thehackernews.com/2024/11/shielded-email-googles-latest-tool-for.html

Compliance-driven pen tests may not keep up with evolving threats. Automated testing slashes costs by 60%, making frequent tests feasible.

Want real-time testing? Learn more about automated solutions: https://thehackernews.com/2024/11/beyond-compliance-advantage-of-year.html

Every day, new tactics and threats emerge, from exploiting hidden tech flaws to tricking people with clever scams. In this week’s Cybersecurity Recap, we break down the trends shaping the threat landscape and share insights to help you strengthen your defenses.

Dive into this week’s must-know updates: https://thehackernews.com/2024/11/thn-recap-top-cybersecurity-threats_18.html

🚨 SaaS Security is Facing New Threats – With a growing number of unauthorized apps and the surge of Generative AI tools, businesses are under increased risk.

One in four SaaS apps used by organizations is unauthorized—this “Shadow SaaS” creates a massive blind spot, expanding attack surfaces.

Failure to secure these apps exposes businesses to data breaches, compliance violations, and even total system compromise

Learn how to safeguard your organization’s SaaS environment and stay ahead of emerging risks in the State of SaaS Security 2024 report.

Don’t miss these critical insights. Read Now: https://thehackernews.com/expert-insights/2024/11/state-of-saas-security-report-bold.html

🚨 New stealth #malware "BabbleLoader" is bypassing AI detection with a slew of evasive tricks, making it one of the most sophisticated threats in the wild.

Learn how BabbleLoader works and how to defend against it: https://thehackernews.com/2024/11/new-stealthy-babbleloader-malware.html

Major security flaws in Progress Kemp LoadMaster (CVE-2024-1212) and VMware vCenter Server (CVE-2024-38812 and CVE-2024-38813) are actively being exploited.

Learn how to mitigate this flaw and secure your system before it’s too late – Read more: https://thehackernews.com/2024/11/cisa-alert-active-exploitation-of.html

T-Mobile confirmed being targeted in a Chinese cyber espionage campaign alongside other telecom giants like AT&T, Verizon, and Lumen Technologies.

The attack, attributed to Salt Typhoon, aims to harvest sensitive communications from high-value intelligence targets.

Explore the full analysis of this widespread cyber threat and its potential consequences: https://thehackernews.com/2024/11/chinese-hackers-exploit-t-mobile-and.html

A new variant of the Helldown ransomware is now targeting #Linux and virtualized infrastructures via VMware, broadening its attack surface to industries like #healthcare, manufacturing, and IT services.
With evolving tactics, this marks a major shift in ransomware strategies, now focusing on virtual machines and cloud-based infrastructures.

Learn how Helldown is evolving — https://thehackernews.com/2024/11/new-helldown-ransomware-expands-attacks.html

⚡️ Attention: Palo Alto Networks has released patches for actively exploited PAN-OS vulnerabilities—make sure to apply them ASAP!

Find UPDATE here: https://thehackernews.com/2024/11/pan-os-firewall-vulnerability-under.html

🔎 Can You See the Attack Before It Happens?

In this new eBook, "11 Attack Stories Prevented by XM Cyber", we reveal real-world examples of how attackers exploit security gaps to reach critical assets—and how XM Cyber stops them in their tracks.

Don’t wait—get ahead of the next attack. Download the eBook today: https://thn.news/preemptive-attack-stories

Ngioweb malware is fueling a massive proxy service, NSOCKS, with 80% of its bots coming from vulnerable IoT devices like routers and cameras.

This botnet runs a daily average of 35,000 active bots, with some remaining in operation for over a month.

Learn how this botnet operates — https://thehackernews.com/2024/11/ngioweb-botnet-fuels-nsocks-residential.html

A new attack is hijacking misconfigured Jupyter Notebooks to fuel illegal live sports streaming. These systems, used for data science, are now prime targets for malicious actors.



Learn how this attack works & what it means for your security measures — https://thehackernews.com/2024/11/hackers-hijack-unsecured-jupyter.html

🛑 Urgent Alert: A high-severity vulnerability in Oracle's Agile PLM Framework is actively being exploited.

No username or password required, CVE-2024-21287 could leak sensitive data without any authentication.

Read the full advisory — https://thehackernews.com/2024/11/oracle-warns-of-agile-plm-vulnerability.html

⚠️ Apple has released urgent security updates for iOS, iPadOS, macOS, and Safari, addressing two critical zero-day vulnerabilities actively exploited in the wild.

Update now to protect your Apple devices.

Find details here: https://thehackernews.com/2024/11/apple-releases-urgent-updates-to-patch.html

UPDATE: Cybercriminals are leveraging security flaws in enterprise products to gain access and deploy deadly backdoors. One of the most concerning threats is NOOPDOOR, a new implant that uses dual-mode encryption and independent backdoor commands.

Read: https://thehackernews.com/2024/11/china-aligned-mirrorface-hackers-target.html

PAM alone can't stop advanced threats like APTs & zero-day attacks.

The solution? Enhance PAM with continuous monitoring & real-time enforcement to close security gaps. Learn how to secure privileged access beyond PAM.

Read more: https://thehackernews.com/2024/11/privileged-accounts-hidden-threats-why.html

New China-linked cyber espionage group, Liminal Panda, targets telecom giants in South Asia & Africa for intelligence gathering.

Their custom malware toolkit, including tools like SIGTRANslator and PingPong, is designed for deep access into telecom networks and mobile data interception.

Dive into the details of these high-stakes espionage tactics: https://thehackernews.com/2024/11/china-backed-hackers-leverage-sigtran.html

🔒 Decade-old vulnerabilities in Ubuntu Server’s needrestart package allow local attackers to gain root privileges with no user interaction.

If you’re using Ubuntu Server, these vulnerabilities could give attackers complete control over your system.

Learn more about how these flaws work: https://thehackernews.com/2024/11/decades-old-security-vulnerabilities.html

The ANY.RUN sandbox now lets you automatically detonate the latest multi-stage malware and phishing attacks.

Stages may include email attachments, URLs in QRs, rewritten links, redirects, etc.

See how it works and try it yourself ⬇️ https://thn.news/automated-interactivity-stage-tel