The new service, known as the Fraud and Cyber Crime Reporting and Analysis System (FCCRAS), will enhance the reporting process by allowing users to upload additional information like metadata, screenshots, and images.

An unnamed media organization in South Asia was targeted in November 20233 using a previously undocumented Go-based backdoor called GoGra. “GoGra is written in Go and uses the Microsoft Graph API to interact with a command-and-control (C&C) server hosted on Microsoft mail services,” Symantec, part of Broadcom, said in a report shared with The Hacker […]

A recent analysis using HYAS Insight threat intelligence revealed a trend in dynamic DNS registrations originating from Turkey in 2024, with DarkComet malware representing over 50% of the malicious domains identified.

Cybersecurity company CrowdStrike has published its root cause analysis detailing the Falcon Sensor software update crash that crippled millions of Windows devices globally. The “Channel File 291” incident, as originally highlighted in its Preliminary Post Incident Review (PIR), has been traced back to a content validation issue that arose after it introduced a new Template […]

A Singaporean commodity firm has had a narrow escape after police managed to intervene to recover nearly all of the $42.3m lost to fraudsters in a business email compromise (BEC) scam.

A class-action lawsuit is brewing over the cyber-heist of 2.9 billion personal records that were stolen from a Florida data broker, Jerico Pictures, doing business as National Public Data, and sold on the dark web.

The vulnerability, tracked as CVE-2018-0824, arises from the deserialization of untrusted data. Microsoft warns that this flaw could lead to remote code execution if exploited by a specially crafted file or script.

Attackers have developed multiple techniques to bypass reputation-based security controls like Windows Smart App Control, allowing them initial access to environments without triggering alerts.