A Singaporean commodity firm has had a narrow escape after police managed to intervene to recover nearly all of the $42.3m lost to fraudsters in a business email compromise (BEC) scam.

A class-action lawsuit is brewing over the cyber-heist of 2.9 billion personal records that were stolen from a Florida data broker, Jerico Pictures, doing business as National Public Data, and sold on the dark web.

The vulnerability, tracked as CVE-2018-0824, arises from the deserialization of untrusted data. Microsoft warns that this flaw could lead to remote code execution if exploited by a specially crafted file or script.

Attackers have developed multiple techniques to bypass reputation-based security controls like Windows Smart App Control, allowing them initial access to environments without triggering alerts.

Cybersecurity researchers have lifted the lid on a new technique adopted by threat actors behind the Chameleon Android banking trojan targeting users in Canada by masquerading as a Customer Relationship Management (CRM) app. “Chameleon was seen masquerading as a CRM app, targeting a Canadian restaurant chain operating internationally,” Dutch security outfit ThreatFabric said in a […]

Apple on Tuesday announced an update to its next-generation macOS version that makes it a little more difficult for users to override Gatekeeper protections. Gatekeeper is a crucial line of defense built into macOS designed to ensure that only trusted apps run on the operating system. When an app is downloaded from outside of the […]