--- title: "Cybersecurity Updates For The Week 12 of 2021 | Phish Protection" description: "Cybersecurity Updates For The Week 12 of 2021: Phishing incidents never stop making it to the news headlines, and this week is no exception. Phishing." image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-12-of-2021.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-12-of-2021/" --- Quick Answer The St. Cloud, Minnesota-based cloud hosting and IT services provider Netgain Technologies LLC, had been in the highlights in November last year due to a \*\*ransomware attack\*\* on its network. Netgain had warned customers of system slowdowns and outages soon after. Netgain reached out to Woodcreek Provider Service (one of its clients) on 3rd December and informed them that some of the protected Personally Identifiable Information (PII) of their patients, applicants, contractors, and employees stored in Netgain servers might have Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-12-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2012%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-12-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-12-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-12-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2012%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2012%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-12-of-2021%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/03/what-is-phishing-1231.jpg) _Phishing incidents never stop making it to the news headlines, and this week is no exception._ [Phishing prevention](/) isn’t a tangible goal, but it can be avoided to some extent with an **awareness** of the latest phishing schemes. The following are the top cyber news headlines from the past week ### \*\*\*\* Cyberattack Hits University Of Central Lancashire _University of Central Lancashire, Preston becomes the third university in the UK to be hit by a cyberattack in just one week_. The incident caused a short downtime with the university system, making it difficult for students to submit assignments. The other two universities with [similar incidents](https://www.bbc.com/news/uk-england-lancashire-56347708?&web%5Fview=true) are Queen’s University, Belfast, and the University of the Highlands and Islands, Scotland. _It is uncertain whether all three attacks are linked_, but the National Cyber Security Centre investigates the Central Lancashire University breach. A university spokesperson said that the university was quick to contain and rectify the error and has taken necessary [phishing attack prevention](/products/advanced-threat-defense/) measures. The university informed the police and shut down many of its systems, ensuring no data was lost. ### \*\*\*\* 210,000 More Americans Lose Data To The Netgain Ransomware Attack The St. Cloud, Minnesota-based cloud hosting and IT services provider Netgain Technologies LLC, had been in the highlights in November last year due to a **ransomware attack** on its network. Netgain had warned customers of system slowdowns and outages soon after. Netgain reached out to Woodcreek Provider Service (one of its clients) on 3rd December and informed them that some of the protected Personally Identifiable Information (PII) of their patients, applicants, contractors, and employees stored in Netgain servers might have been accessed by cyber adversaries. Resultantly, _the number of Americans affected by the Netgain attack has **increased by 210,000**_. After receiving a confirmed list of items compromised on 18th January 2021, Woodcreek released a statement for its stakeholders on 9th March informing them of the same. The [exposed information](https://www.infosecurity-magazine.com/news/woodcreek-netgain-ransomware-attack/?&web%5Fview=true) includes the names, addresses, DOBs, medical record numbers, social security numbers, health insurance policy numbers, insurance claims, clinical notes, explanation of benefits, laboratory reports, benefit and tax forms, and employee health information, among other details. As the notice goes out, Woodcreek is taking measures for [protection against phishing](/) and enhances its **cybersecurity practices**. _Woodcreek says that Netgain has assured them of protection from such attacks in the future_. ![What is phishing](https://media.mailhop.org/phishprotection/images/2021/03/what-is-phishing-1231.jpg) ### \*\*\*\* Florida Water Hack Leads To New Cybersecurity Legislation _The Florida water treatment facility was recently the unsuccessful target of a cyberattack_ which has triggered lawmakers to enforce stricter [anti-phishing protection](/) laws and schemes. The John Katko headed Department of Homeland Security (DHS) has provided the CISA with more autonomy after this security incident. CISA can now assist critical infrastructure groups while making it mandatory for its director to identify and tackle industrial control systems attacks. The CISA director will also be in charge of [collecting and distributing](https://thehill.com/policy/cybersecurity/542828-lawmakers-roll-out-bill-to-protect-critical-infrastructure-after-florida?&web%5Fview=true) details about **system vulnerabilities** among operators and owners. _The new CISA roles get announced when it is already handling two severe cyberattacks involving Chinese and Russian attackers_. Katko believes that a more **robust and centralized cybersecurity** domain can be created with CISA at its center. Such legislation would strengthen CISA’s role in protecting critical national infrastructure (such as industrial control systems) from cyber adversaries. ### \*\*\*\* Another Attack On Norwegian Parliament’s Computer Systems _The Norwegian parliament recently underwent a second cyberattack in six months_, and as per claims, this attack was fiercer. The Norwegian parliament’s computer systems were hacked to extract sensitive data, just months ahead of a parliamentary election and a time when the parliament is dealing with a pandemic. The parliament says that the attack was triggered by a _vulnerability in Microsoft’s Exchange software_, and hence is a [global problem](https://www.reuters.com/article/us-norway-cyber/norways-parliament-hit-by-new-hack-attack-idUSKBN2B21TX?&web%5Fview=true). Tone Wilhelmsen Troen, the parliament President, says that this incident represents an attack on the Norwegian democracy. Hence, the government is adopting the [phishing prevention best practices](/resources/phishing-prevention-best-practices/) and investigating the attack. _Russian hackers are suspected of being responsible for the previous attack on Norway_; however, Moscow denies all allegations. It is too soon to tell if both these attacks are connected. ### \*\*\*\* Vulnerabilities Found In Some Schneider Electric Products Widely used provider of revenue and power quality meters, _PowerLogic was recently found with vulnerabilities in some of its PowerLogic ION and PM series smart meters_. These vulnerabilities tagged as CVE-2021-22714 and CVE-2021-22713 have been rated as **critical and high severity**, respectively. If exploited, they let an attacker send specially crafted TCP packets to victim devices. The flaws allow adversaries to send crafted requests while the main state machine engages in the packet-parsing process. _Detection can be easily avoided because the request gets fully parsed before authentication checks are held_. While CVE-2021-22714 is a DoS condition that allows attackers to cause meter reboot and arbitrary code execution, the CVE-2021-22713 has limited power and can only force the device to reboot. While some of the vulnerable PowerLogic ION device models had [patches released](https://www.securityweek.com/serious-vulnerabilities-found-schneider-electric-power-meters?&web%5Fview=true) in July 2020, others were patched in January and March this year; still, others are unlikely to get patches as they aren’t supported now. All Schneider Electric products with the PowerLogic ION and PM series smart meters should consider getting the patches to ensure [protection from phishing](/) attacks. ### \*\*\*\* A Third Of Office Workers Reprimanded Globally For Inappropriate Data Handling A Veritas Technologies poll among 12,500 white-collar workers in the US, Europe, APAC, and the Middle East has revealed that almost a third of office workers globally get their superiors’ reprimand for sharing sensitive official files on non-approved online channels. While most of the respondents said they share business-related and sensitive PI only on IM, Teams, or Zoom, others were admonished for sharing such sensitive files on unofficial chatting forums. _This is because sharing files on such platforms isn’t secure (despite end-to-end encryption) and may lead to compliance issues_. ![Phishing prevention tips](https://media.mailhop.org/phishprotection/images/2021/03/phishing-prevention-tips-1231.jpg) _The vast majority admitted to sharing business-critical data (71%) and sensitive personal information (75%) via IM or online collaboration apps like Teams and Zoom_. About 23% of the UK workers, 39% in the US, 40% in S. Korea, and 80% of workers in China have been warned by their bosses for **inappropriate data sharing**. The [data shared](https://www.infosecurity-magazine.com/news/third-office-workers-share-data/?&web%5Fview=true) in such a manner include client details, corporate passwords, banking, salary information, business plans, card details, and even COVID-19 and other medical details. It’s disheartening to know that **almost 79%** of the respondents say they would continue sharing confidential information in such a careless manner despite the warnings. This echoes out to the bosses to change their approach to this **security issue** which can lead to possible cyberattacks. Small steps like this play a pivotal role in the battle to [prevent phishing](/) attacks. ### \*\*\*\* Cyberattack Hits Molson Coors _A recent cybersecurity incident at the Chicago-based company Molson Coors has disrupted its beer-making operations_. Shipments and productions remain interrupted because of the attack which brought [down its systems](https://edition.cnn.com/2021/03/11/tech/molson-coors-cybersecurity-hack/index.html?&web%5Fview=true). However, the company is taking proactive **anti-phishing measures** to restore its systems at the earliest. An expert forensic IT firm’s investigation is ongoing, and the results would be shared as soon as something concrete is found. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 12 of 2021","description":"Cybersecurity Updates For The Week 12 of 2021: Phishing incidents never stop making it to the news headlines, and this week is no exception. Phishing.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-12-of-2021/","datePublished":"2021-03-18T10:50:00.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-03-18T10:50:00.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-12-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1194,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/03/what-is-phishing-1231.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 12 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-12-of-2021/"}]} ```