--- title: "Cybersecurity Updates For The Week 10 of 2020 | Phish Protection" description: "Cybersecurity Updates For The Week 10 of 2020: The digital world struggles to ensure phishing prevention at every step. While some attacks get withstood." image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-10-of-2020.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-10-of-2020/" --- Quick Answer The digital world struggles to ensure \[phishing prevention\](/) at every step. While \_some attacks get withstood, most attacks are successful and rob organizations of their time, resources, and money\_. Following headlines describe such attacks from the past week: Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-10-of-2020%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2010%20of%202020&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-10-of-2020%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-10-of-2020%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-10-of-2020%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2010%20of%202020 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2010%20of%202020&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-10-of-2020%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/03/what-is-spear-phishing-7765.jpg) The digital world struggles to ensure [phishing prevention](/) at every step. While _some attacks get withstood, most attacks are successful and rob organizations of their time, resources, and money_. Following headlines describe such attacks from the past week: ### Saudi On Guard Against Cyber Attacks A good number of the [CEOs from Saudi Arabia fear that cyber-attacks](https://cyware.com/news/businesses-in-saudi-see-cybersecurity-risks-as-biggest-threat-c069d1d7) will pose a serious **security threat** for them shortly and hence are already taking [anti-phishing protection](/products/advanced-threat-defense/) measures. They are doing all that is within their capacity to evade such attacks and to strengthen their network and security infrastructure. The KPMG CEO Outlook survey marks a **16% increase** in the number of businesses who view security as a vulnerable aspect in Saudi Arabia. Some of the measures taken by them include: - Hiring skilled people. - Collaborating with cybersecurity providers. - Training 800 youth via their program called CyberPro. - They also propose to introduce a cybersecurity scholarship in association with the Ministry of Education. ### Ransomware DoppelPaymer Up With A New Scheme _Earlier attackers used to blackmail victims for ransom and sell their data on the dark web in retaliation_. But the latest trick is called ‘name-and-shame.’ The masterminds behind **DoppelPaymer ransomware** are now keen on harming the reputation of victim organizations. They have launched a site called ‘**Dopple Leaks**‘ that[ will leak files and shame victims](https://cyware.com/news/doppelpaymer-ransomware-operators-launch-dopple-leaks-website-to-name-and-shame-victims-39d95769) who refuse to pay the ransom. All sensitive information of the victims will be out in the open on the Dopple Leaks site. They are currently targeting four companies, but such malicious tactics can be avoided by taking proper **phishing attack prevention** measures. ![What is spear phishing](https://media.mailhop.org/phishprotection/images/2020/03/what-is-spear-phishing-7765.jpg) ### Researcher Finds A Security Flaw In iPhone German researcher Tommy Mysk recently discovered a [flaw in the Cut-and-Paste feature in iOS devices](https://cyware.com/news/attention-iphone-users-rogue-klipboardspy-app-can-snoop-on-your-personal-data-by-exploiting-cut-and-paste-feature-3cb4270a). _The vulnerability lets an attacker access the private information of users such as GPS coordinates, passwords, and banking data, among other details_. Mysk created a PoC app, KlipboardSpy and an iOS widget, KlipSpyWidget, which indicates the number of **malicious apps** on iOS devices. KlipboardSpy and KlipSpyWidget exploit any cut-and-paste data temporarily stored in an iPhone or iPad’s memory. To ensure [protection from phishing](/office-365-phishing-protection/), Mysk seeks the introduction of new permissions by the app enabling users to allow access to the pasteboard data. The auto-deletion of location information from photos after copying them to the pasteboard is another safety measure he suggests for the operating systems. ### Transavia Leaks Passenger Data _80,000 Transavia passengers suddenly get notified after five years that authorized people may have accessed their travel details_. The low-cost Dutch airline [Transavia recently announced about the breach](https://simpleflying.com/transavia-data-breach/?&web%5Fview=true) that was caused by “unwanted access” of passenger details stored in an email inbox. These details include the date of birth, luggage reservations, and special assistance required by passengers. The breach affects all those people who traveled with the airline from January 21st to January 31st, 2015 but doesn’t include passengers who flew to Egypt, the Canary Islands, or Lapland in Finland. Although _Transavia hasn’t disclosed the purpose of storing details dating back to five years_, they did mention focusing on their [anti-phishing solutions](/products/advanced-threat-defense/) as one of their immediate goals. In its defense, the airline claims that no significant **cyber attack** can be possibly launched with details as minimal as names, dates of birth, and flight data of passengers. ### Security Breach At Ordnance Survey The U.K. based mapping agency Ordnance Survey recently [underwent a security breach](https://www.infosecurity-magazine.com/news/ordnance-survey-breach-hits/?&web%5Fview=true) that affected **1000 of its employees**. They believe that _the attackers employed a phishing scam to get into the CFO’s email account_. Although this attack compromised no customer information, it did affect the agency’s employees who are now being trained to ensure **protection against phishing**. _Ordnance Survey was quick to take anti-phishing measures and also got the privacy watchdog ICO involved_. They claim that their preventive measures are sound enough and do not plan to take any further action. ### Data Breach At Transmit Security Security provider [Transmit Security recently underwent a data breach](https://www.vice.com/en%5Fus/article/wxepb4/transmit-security-authentication-banks-hacked?&web%5Fview=true) that affected email addresses, passwords, phone numbers, and other sensitive information of customers. Initially, _it was notified that more than a thousand clients were affected_, but later, the firm announced that passwords weren’t compromised in the breach. Transmit Security has an association with several large banks such as T.D. Bank and the First International Bank of Israel. The breach was identified by a researcher who informed customers about it. He claimed that _the adversaries exploited NextCloud to steal data_. Among compromised information are also the source code, binaries, and communications between Transmit Security and clients. However, Transmit security’s head for field engineering, Craig Currim denied the breach source code in the attack. ### Skimmers Steal Reprint Mint Photo Card Data For over 2.5 years, [attackers have been secretly infecting Reprint Mint photo](https://www.bleepingcomputer.com/news/security/18-sniffers-steal-payment-card-data-from-print-store-customers/?&web%5Fview=true) store with skimmers or sniffers, _scripts that steal card details of customers_. Eighteen skimmers or sniffers, scripts have been identified since August 2017 on Reprint Mint photo store with multiple skimmers working on the site on several occasions. Sanguine Security found a skimmer on the Mint photo store that **ran for 1.5 years** before being replaced by another script on February 1st, 2019\. Yet another skimmer was seen on August 1st, 2019\. _Six different scripts were identified by December 2019_. It is unsure whether the store is deploying **anti-phishing tools** as two malicious scripts continue to remain active even today. ### Ransomware Hits U.S. Electricity Provider The U.S. electricity provider Reading Municipal Light Department (RMLD) was [hit by a ransomware attack](https://www.infosecurity-magazine.com/news/ransomware-attack-at-us-power/?&web%5Fview=true) last Friday. Although they didn’t disclose how the attack happened or the amount of ransom demanded, the RMLD authorities **refused to succumb** to the demands. They are instead using [anti-phishing services](/products/advanced-threat-defense/) and collaborating with an external I.T. consultant to recover their files. _The attack did not interrupt power supply, and neither has it compromised financial data of customers._ They informed customers about the attack via Twitter. The issue has now been resolved, and nothing beyond a customer’s name, address, email address, and power consumption details are likely to have been affected. ![Phishing prevention](https://media.mailhop.org/phishprotection/images/2020/03/phishing-prevention-7765.jpg) ### Australian Banks Receive Ddos Attack Threatening In line with the recent attacks on Australian organizations, their banks, and the [financial sector recently received threatening DDoS](https://www.zdnet.com/article/australian-banks-targeted-by-ddos-extortionists/?&web%5Fview=true) on non-payment of a ransom in Monero. _The attackers are emailing victims to propagate their attack_. Meanwhile, the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is taking every possible [phishing protection](/) measure. ACSC has extended a **security threat advice** requesting organizations to take steps to **prevent phishing attacks** so that their operations continue uninterrupted even if there is a DDoS attack. ### Corona 19 Real-Time Status Scam _Attacks once again use CoronaVirus to install malware on users’ devices_. This time the malware is an executable program (EXE) with file names like ‘Corona’s domestic status’ or ‘Corona’s real-time corona status.’ On the surface, the [file shows actual statistics related to patient](https://securityaffairs.co/wordpress/98420/malware/south-korea-corona-19.html?web%5Fview=true) information such as release, death, and under test. But in the background, _it automatically installs malicious code in the user’s device_. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 10 of 2020","description":"Cybersecurity Updates For The Week 10 of 2020: The digital world struggles to ensure phishing prevention at every step. While some attacks get withstood.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-10-of-2020/","datePublished":"2020-03-07T06:27:26.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-03-07T06:27:26.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-10-of-2020/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1177,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/03/what-is-spear-phishing-7765.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 10 of 2020","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-10-of-2020/"}]} ```