Crypto hacker offered reward after $600m heist

Cryptocurrency Fraud , Cybercrime , Cyberwarfare / Nation-State Attacks Magecart-Style Attacks Included Bitcoin-Grabbing Functionality, Group-IB Reports Mathew J. Schwartz (euroinfosec) • April 15, 2021     Fake payment form, which opens in an iFrame element, discovered in Magecart-style attacks attributed to Lazarus (Source: Group-IB) Hackers with apparent ties to North Korea that hit e-commerce shops…

Security researchers have reported a critical flaw affecting tens of millions of IoT devices. According to the researchers, a remote attacker could leverage the vulnerability to eavesdrop on live audio or take control of the device. The flaw was found in ThroughTek’s Kalay network, which is used in 83 million devices. The flaw also affects…

VMware has rolled out patches to address a critical security vulnerability in vCenter Server that could be leveraged by an adversary to execute arbitrary code on the server. Tracked as CVE-2021-21985 (CVSS score 9.8), the issue stems from a lack of input validation in the Virtual SAN (vSAN) Health Check plug-in, which is enabled by…

Intel issued 29 security alerts to correct some severe bios firmware flaws for Intel processors, as well as in its Bluetooth products, the NUC Mini PC line, and in its own security library. Jerry Bryant, Intel’s senior director of communications, says the company is investigating these issues internally through its own security teams, as well…

Fraud Management & Cybercrime , Fraud Risk Management , Next-Generation Technologies & Secure Development Company Will Join Microsoft’s Cloud and AI Division Doug Olenick (DougOlenick) • July 12, 2021     (Watch for updates on this developing story.) See Also: Live Panel | Zero Trusts Given- Harnessing the Value of the Strategy Microsoft announced…

CISA’s launches joint cyber defense effort By Chris Riotta Aug 06, 2021 The Joint Cyber Defense Collaborative, a new initiative launched Aug. 5 by the Cybersecurity and Infrastructure Security Agency, aims to help the U.S. defend against cyber threats to critical infrastructure. The JCDC plans to unify cyber defense by leading the development…