---
title: "Cybersecurity Updates For The Week 11 of 2021 | Phish Protection"
description: "Online phishing attacks are never going to stop, and their success rate will only increase if netizens continue to avoid basic cyber hygiene."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-11-of-2021.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-11-of-2021/"
---

Quick Answer

Three popular Android VPN services, namely, SuperVPN, GeckoVPN, and ChatVPN, were \_recently involved in a security incident leading to a leak of 21 million user records\_. The \[compromised details\](https://cybernews.com/security/one-of-the-biggest-android-vpns-hacked-data-of-21-million-users-from-3-android-vpns-put-for-sale-online/?&web\_view=true) include users' full names, usernames, email addresses, nationality, random password strings, payment details, etc. The seller also provides a country-wise categorization of data and suggests that the random password strings can lead to the victims' Google Play Store accounts.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-11-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2011%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-11-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-11-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-11-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2011%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2011%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-11-of-2021%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/03/what-is-phishing-5441.jpg) 

_Online phishing attacks are never going to stop_, and their success rate will only increase if netizens continue to avoid **basic cyber hygiene**. Hence it is essential to be abreast of the global phishing patterns so that suitable [phishing attack prevention](/) measures can be adopted before a malicious actor could wreak havoc on your digital assets. Here are the top phishing headlines from the bygone week:

### \*\*\*\* Three Android VPNs Leak 21M User Records

Three popular Android VPN services, namely, SuperVPN, GeckoVPN, and ChatVPN, were _recently involved in a security incident leading to a leak of 21 million user records_. The [compromised details](https://cybernews.com/security/one-of-the-biggest-android-vpns-hacked-data-of-21-million-users-from-3-android-vpns-put-for-sale-online/?&web%5Fview=true) include users’ full names, usernames, email addresses, nationality, random password strings, payment details, etc. The seller also provides a country-wise categorization of data and suggests that the random password strings can lead to the victims’ Google Play Store accounts.

A closer look at the data put up for sale indicates that the exposed data can be used to extract user device information such as Phone types and manufacturers, Device serial numbers, Device IDs, and Device IMSI numbers. _The adversaries claim that they exfiltrated the data from publicly available unprotected databases maintained by the three VPN providers_. If such negligence has happened at the end of SuperVPN, GeckoVPN, and ChatVPN, then it’s a serious issue they need to think about. _VPNs are the last services that are expected to disclose user identity_. VPN service providers must adopt necessary [anti-phishing protection](/products/advanced-threat-defense/) measures to prevent such attacks in the future.

![What is phishing](https://media.mailhop.org/phishprotection/images/2021/03/what-is-phishing-5441.jpg) 

### \*\*\*\* DDoSecrets Leaks 70GB Data Belonging To Gab.com

_Social network platform Gab.com recently underwent a security incident_, and the hacktivist group DDoSecrets has taken responsibility for it. However, the right-wing social network platform shared a post on its blog on 26th February denying the possibility of a data breach. Strangely, the company went offline a week ago and said that it was a **Bitcoin wallet spam** which caused temporary inactivity of a few accounts.

Andrew Torba (CEO of Gab) vigorously defends the company and says that there hasn’t been a breach. He also adds that they do not collect much personal information, suggesting that [anti-phishing solutions](/products/advanced-threat-defense/) aren’t necessary. _He calls on the reporters and blames them for spreading rumors to tarnish the reputation of Gab_. However, he does accept that their site was vulnerable to an [SQL injection attack](https://www.hackread.com/gab-hacked-ddosecrets-leak-profiles-posts-dms-passwords-online/?web%5Fview=true) which was patched last week. DDoSecrets, on the other hand, takes ownership of the attack much denied by Gab. It has **leaked a 70GB database** containing the public and private posts, hashed passwords, user profiles, and DMs of Gab under the name of GabLeaks.

### \*\*\*\* Ransomware Hits Food Products Wholesaler JFC International

_Famous Asian food wholesaler JFC International recently underwent a ransomware attack that affected some of JFC International’s IT systems in the Europe Group_. The [wholesaler is now](https://securityaffairs.co/wordpress/115150/malware/jfc-international-ransomware-attack.html?web%5Fview=true) employing [phishing protection](/) strategies and **investigating the breach** along with in-house and external cybersecurity experts. They hope that services in Europe will be up again soon. The company is cooperating with relevant authorities and has secured the affected servers.

Although the ransomware strain or hacker group behind the attack hasn’t been identified yet, JFC International is doing its part and has informed all business partners and employees about the breach.

### Data Breach At Malaysia Airlines

_Malaysia Airlines recently underwent a significant data breach that has compromised Enrich’s personal information_ (its frequent flyer program members). These details belong to members who registered between 2010 to June 2019\. However, the airline itself isn’t responsible for the breach, the attack originated from one of its third-party IT service providers.

The airline is now taking measures for [protection against phishing](/) and has notified all Enrich members about the breach. The **leaked details** include names, DOBs, contact details, frequent flyer data number, status, tier level, etc., of members. Malaysia Airlines has ensured that [no travel-related data](https://www.zdnet.com/article/malaysia-airlines-suffers-data-security-incident-spanning-nine-years/?&web%5Fview=true) or internal infrastructure information has been affected in the breach.

_Although members are encouraged to change their passwords and adopt [anti-phishing solutions](/products/advanced-threat-defense/)_, there is no evidence of any misuse of personal data so far. No formal public statement has been released, but the airlines did confirm the breach on Twitter.

### \*\*\*\* CallX Leaves Misconfigured Bucket Unprotected Online

_Noam Rotem-led cybersecurity team recently discovered a misconfigured AWS S3 bucket online_, which exposed thousands of CallX customers’ details. CallX is a US telemarketing [company popular](https://www.infosecurity-magazine.com/news/telemarketing-biz-exposes-114000/?&web%5Fview=true) among clients for its analytics services, with Liberty Mutual Insurance, Lendingtree, and Vivint as its customers.

_Around 114,000 files were left publicly available_, including recordings of phone conversations between CallX clients and customers and 2,000 text chats. The personally identifiable information (PII) compromised in the incident includes the full names, phone numbers, home addresses, etc., of victims. These many details are sufficient to launch **phishing or vishing attacks**. CallX clients must adopt the [phishing prevention best practices](/resources/phishing-prevention-best-practices/) because the misconfigured bucket remains open and unprotected.

### \*\*\*\* Ursnif Has Attacked Over 100 Italian Banks

_Cybersecurity firm Avast has found the Ursnif Trojan responsible for attacks on over a hundred Italian banks_. Avast argues that Ursnif has always had an interest in Italian targets and the vast expanse of [credentials and financial gains](https://www.zdnet.com/article/ursnif-trojan-has-targeted-over-100-italian-banks/?&web%5Fview=true) they make out of these institutions.

More than **1,700 stolen credentials** were found with an unnamed payment processor, and that’s just one instance. The recovered details include the usernames, passwords, banking, and payment information that appears to be of customers.

Ever since its inception in 2007, _Ursnif has used phishing emails to steal data_. Avast has asked the victim banks to stay cautious and take necessary measures for protection from future **phishing attacks**.

![What is a zero day attack](https://media.mailhop.org/phishprotection/images/2021/03/what-is-a-zero-day-attack-5441.jpg) 

### \*\*\*\* Ransomware Hits Rehoboth Hospital

**Ransomware attacks** on hospitals aren’t new, but the recent attack on the rural, _not-for-profit Rehoboth hospital has caused much damage to the Navajo Nation members_. The adversaries stole sensitive employee files and job applications before **deploying the ransomware** and have now leaked the files.

However, the hospital remained silent about the breach and refrained from notifying doctors or other associates about the security incident. It’s quite usual for adversaries to [steal data and extort](https://www.nbcnews.com/tech/security/ripe-extortion-navajo-nation-hospital-targeted-large-scale-ransomware-hack-n1259457?&web%5Fview=true) victims in a ransomware attack. It’s unclear whether the hospital paid the ransom and reconciled with the attackers, but _the threat actors have removed the Rehoboth files from their website_. Patients, doctors, and hospital employees are advised to follow [phishing prevention tips](/content/phishing-prevention/) to stay safe from threat actors.

### \*\*\*\* Data Breach Hits Cybercriminal Forum Maza

The cybercriminal forum for Russian-speaking threat actors, _Maza recently underwent a data breach that exposed users’ personal information_. The [compromised details](https://www.zdnet.com/article/maza-russian-cybercriminal-forum-suffers-data-breach/?&web%5Fview=true) include the usernames, user IDs, messenger app links (Skype, Aim, and MSN), email addresses, and passwords (both hashed and obfuscated).

After hacking Maza, the attackers posted a warning message on the forum saying that their data has been hacked. The attack exposed details from **nearly 2,000 accounts**. When asked about their strategies to [prevent phishing](/) attacks, some users said they would shift to another forum, while others said that the data was old and incomplete.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 11 of 2021","description":"Online phishing attacks are never going to stop, and their success rate will only increase if netizens continue to avoid basic cyber hygiene.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-11-of-2021/","datePublished":"2021-03-08T10:11:12.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-03-08T10:11:12.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-11-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1177,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/03/what-is-phishing-5441.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 11 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-11-of-2021/"}]}
```