Cybersecurity News

Cybersecurity Roundup, June 17, 2021

Remember, the cyberspace does not have any boundaries and you’re always a target! A Chinese developer crawled billions of customer records from one of Alibaba’s shopping platforms. More threats came from an adversary group targeting several digital artists using malicious Non-Fungible Tokens (NFTs). Meanwhile, another dangerous ransomware group was dismantled in a crackdown by Ukraine. With this, let’s review the top ten cybersecurity feeds from the last 24 hours.

  1. Taobao inadvertently laid bare the personal data of over a billion customers in an eight-month-long coup by a Chinese software developer who kept scrapping data before getting noticed.
  2. Researchers uncovered a highly-targeted malware campaign aimed at stealing funds from multiple digital artists and creators of NFTs.
  3. Experts revealed that a suspected Chinese cyberespionage campaign targeting Pulse Connect Secure networking devices had impacted systems of Verizon, a water utility, and other U.S. entities than estimated earlier.
  4. South Korea’s national flagship carrier HMM was targeted in a cyberattack that disrupted its email systems. No information or data leakage was found.
  5. The CISA released a fact sheet that sheds light on directions and steps to mitigate ransomware threats to Operational Technology (OT) assets and Industrial Control Systems (ICS).
  6. Ukrainian police allegedly busted members of the Cl0p ransomware gang that extort money from foreign businesses, located specifically in the U.S. and South Korea.
  7. Kaspersky linked a malware campaign targeting South Korean organizations to a North Korean nation-state hacking group called Andariel.
  8. Researchers at the University of Rochester devised an approach called TimeCache that protects against side-channel attacks like evict+reload and Spectre, with a tiny performance impact.
  9. Web app and API protection startup ThreatX raises $10 million in its Series B funding led .406 Ventures, with participation from Access Venture Partners and Grotech Ventures.
  10. Forcepoint announced to acquire threat removal platform Deep Secure. The financial terms of the deal were not disclosed.