Crypto hacker offered reward after $600m heist

Crooks stole driver’s license numbers from Geico auto insurer | IT Security News 20. April 2021 Car insurance provider Geico has suffered a data breach, attackers have stolen the driver’s licenses for policyholders for several weeks. Geico, the second-largest auto insurer in the U.S., has suffered a data breach, threat actors exploited a now-fixed bug in…

The United States and its allies accused China of a global cyberespionage campaign, mustering an unusually broad coalition of countries to publicly call out Beijing for hacking. The United States was joined by NATO, the European Union, Britain, Australia, Japan, New Zealand and Canada in condemning the spying, which US Secretary of State Antony Blinken…

Autodesk has confirmed that it was also targeted by the Russian state hackers behind the large-scale SolarWinds Orion supply-chain attack, almost nine months after discovering that one of its servers was backdoored with Sunburst malware. The US software and services company provides millions of customers from the design, engineering, and construction sectors with CAD (computer-aided design),…

Suspected Chinese hackers are targeting online gambling companies in China with a new remote access trojan (RAT) that abuses Open Broadcaster Software (OBS) Studio live streaming software to record victims’ screens. Dubbed ‘BIOPASS RAT’ by researchers at Trend Micro who discovered this new threat, the malware spreads via a watering hole attack, in which unsuspecting…

Application Security , Endpoint Security , Incident & Breach Response Pen Test Partners: Millions Could Have Had Data Exposed Marianne Kolbasuk McGee (HealthInfoSec) • May 6, 2021     Photo: Peloton Security researchers say API flaws could have exposed the private data of millions of Peloton fitness equipment online service users for months before they…

Forensics , Next-Generation Technologies & Secure Development , Security Operations CEO Sudhakar Ramakrishna Says Clues Come From Analysis of Virtual Builds Jeremy Kirk (jeremy_kirk) • May 20, 2021     At the RSA Conference, SolarWinds CEO Sudhakar Ramakrishna said intruders were in the company’s systems in January 2019, eight months earlier than originally believed. (Photo:…