Cybersecurity News

Cybersecurity Roundup, July 14, 2021

The threat landscape for academic researchers and think tanks is complicated and goes beyond just financially-motivated attacks. A sophisticated cyber-espionage attack was recently spotted targeting University of London scholars. SolarWinds is reportedly scrambling to contain a new security threat. Meanwhile, European authorities dismantled a cybercrime gang that scored millions out of unsuspecting shoppers. On that note, join in to know all about the top headlines in the cybersecurity space from the past 24 hours.

  1. Iranian state-aligned threat actor TA453 hacked a website pertaining to the University of London, to steal information of journalists, professors, and think tanks, under a campaign dubbed SpoofedScholars.
  2. Fashion retailer Guess was targeted by a ransomware actor that leaked personal information, including SSNs, drivers’ license numbers, and passport and account data of around 1,300 individuals.
  3. SolarWinds has been notified by Microsoft of a critical zero-day vulnerability in its Serv-U product line. The research found a limited number of impacted customers.
  4. Nepal Telecom experienced a massive cyberattack, by Chinese hackers who allegedly infiltrated its Oracle GlassFish Server to steal users’ personal data.
  5. The CISA and ACSC warned organizations in the U.S. and Australia about the exploitation of a patched vulnerability in ForgeRock Access Management.
  6. Bitdefender noted a surge in Trickbot’s command-and-control centers, deployed globally, with new functionalities for monitoring and intelligence gathering.
  7. Jen Easterly, a two-time recipient of the Bronze Star, became the new head of the DHS‘s cybersecurity division after being nominated by President Joe Biden.
  8. Under a Eurojust operation, Romanian and Greek authorities busted a $2.4 million phishing scam that duped online shoppers with fictitious advertisements, payment sites, and delivery partners.
  9. Arctic Wolf, an MDR service provider, raised $150 million in Series F round led by Viking Global Investors, Owl Rock, and other existing investors.
  10. The St. Petersburg-based cybersecurity startup Code-X raised $5 million in Series A round led by By Light Professional IT Services, with participation from Fama Ventures.