The SolarWinds supply chain attack became once again relevant after Autodesk disclosed that it was backdoored by Sunburst operators. In other news, a staffing and recruiting company headquartered in Los Angeles reported stolen files to the authorities. Once again, Bluetooth devices are at risk due to newly discovered flaws. Continue reading for today’s cybersecurity roundup from the last 24 hours.
- Autodesk revealed that one of its servers was infected with Sunburst malware. It further assured that no customer operations or Autodesk products were sabotaged during the attack.
- Around 50,000 individuals from Career Group Companies were notified of potential unauthorized access to the firm’s network that impacted their personal data, such as SSNs.
- Two UK VoIP operators, Voip Unlimited and Voiphone, are reportedly experiencing aggressive DDoS attacks—and held at a ransom—spurred by REvil group for at least the last two days.
- Sophos laid bare details about dropper-as-a-service that uses disguised legit or cracked applications on to the victim’s systems. Some services were charging just $2 for 1,000 malware installs via droppers.
- Academics discovered BrakTooth, a suite of 16 vulnerabilities, that impacts the Bluetooth software across billions of devices from Microsoft, Dell, and several Qualcomm-based smartphone models.
- Multiple bugs were spotted plaguing the default firmware and the web interface app of a TP-Link router model, putting thousands of owners at risk of man-in-the-middle and DoS attacks.
- A severe flaw in Atlassian’s Confluence Server and Confluence Data Center software was subjected to mass exploitation by hackers owing to the ease of developing a weaponized exploit.
- Researchers at the UK’s Liverpool Hope University developed a new device that acts as a gateway or barrier between a USB drive and a computer to scan for malicious software.
- Cybersecurity company XYPRO acquired HP’s Workload Aware Security, a platform for critical security and compliance monitoring for Linux and SAP HANA environments.
- SIEM provider LogPoint announced to acquire Tel Aviv-based SecBI, an XDR solution provider. The financial terms of the deal were not disclosed.