--- title: "Cybersecurity Updates For The Week 12 of 2022 | Phish Protection" description: "Social engineering attacks are an ever-present problem, and organizations worldwide are struggling to secure their systems against phishing attacks." image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-12-of-2022.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-12-of-2022/" --- Quick Answer Social engineering attacks are an ever-present problem, and organizations worldwide are struggling to secure their systems against phishing attacks. Following are some of the most recent phishing headlines to help accelerate the process of ensuring phishing attack prevention for your organization. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-12-of-2022%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2012%20of%202022&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-12-of-2022%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-12-of-2022%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-12-of-2022%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2012%20of%202022 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2012%20of%202022&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-12-of-2022%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2022/03/phishing-attack-prevention-1231.jpg) Social engineering attacks are an ever-present problem, and organizations worldwide are struggling to secure their systems against phishing attacks. Following are some of the most recent phishing headlines to help accelerate the process of ensuring phishing attack prevention for your organization. ### Data Breach Hits South Denver Cardiology Associates On New Year’s Day, _South Denver Cardiology Associates (SDCA) was targeted by a cyberattack that was discovered_ only on 4th January 2022\. The initial investigation revealed that adversaries accessed the SDCA network between 2nd January and 5th January. Consequently, patients’ protected health information (PHI) was compromised. These included patients’ names, social security numbers, DOBs, drivers’ license numbers, health insurance information, patient account numbers, and other clinical details. In the [breach notification posted on its website](https://www.databreaches.net/287652-south-denver-cardiology-associates-patients-notified-of-breach/), SDCA announced that the patient portal remained unaffected by the breach along with patient medical records. SDCA believes that there has been no misuse of patient information so far. However, it has notified all the **287,652 affected patients** of the unfortunate incident and extended them free credit and identity services. It is unknown whether current or former patients’ data was exposed as the notice doesn’t specify these details. Further, details of [ransom demand](/resources/top-all-time-ransomware-demands-by-hackers/) have not been disclosed either. As SDCA’s investigations continue, _patients are advised to adopt measures to protect themselves from phishing_. ### LockBit Targets Bridgestone Americas The renowned manufacturer of tires, _Bridgestone Americas, was recently targeted by the LockBit ransomware gang_. With **55,000 employees** and 50 production facilities in the Americas, Bridgestone Americas serves as a good target for ransomware operators to steal data. The incident was first reported on 27th February when many Bridgestone employees at its LaVergne plant were [sent home due to a cyber attack](https://securityaffairs.co/wordpress/128957/cyber-crime/bridgestone-americas-lockbit-ransomware.html). Soon after detecting the attack, Bridgestone launched an investigation and hired external cybersecurity experts to evaluate the nature of the attack. Further, to ensure [protection against phishing](/), Bridgestone shut down its manufacturing and retreading facilities in North America and Latin America. In its public statement, Bridgestone mentioned that nothing could be said about the attack with certainty till all investigations were over. _The company is investing a lot of resources to stop such attacks in the future_. ![Phishing attack prevention](https://media.mailhop.org/phishprotection/images/2022/03/phishing-attack-prevention-1231.jpg) On the other hand, the operators of the deadly _Lockbit ransomware announced that all information stolen from Bridgestone would be released publicly on 15th March 2022_. It further cleared its intentions and mentioned that Lockbit is only interested in making money and has no political inclinations. It confirmed that it would never target the **critical infrastructures** of any country or participate in any international conflicts. No matter its intentions, Lockbit continues to be one of the most dangerous and active ransomware operations. ### Cyberattack Hits The Automotive Components Supplier Denso _The renowned global automotive components supplier Denso recently underwent a cyberattack_ that affected its German operations. Denso claims that its technologies are widely used in all vehicles worldwide, and this recent attack probably affected its technologies developed for connectivity, autonomous vehicle features, and mobility services. It reported annual sales of **$44.6 billion** in the 2020-2021 fiscal year, with Honda, Toyota, Ford, and General Motors as its top clients. [Denso announced](https://www.zdnet.com/article/automotive-giant-denso-reveals-hack-pandora-ransomware-group-takes-credit/#ftag=RSSbaffb68) on 14th March 2022 that it had discovered that an unauthorized third party was accessing its network on 10th March. While the intrusion was detected then, the adversaries might have been into Denso’s network from much before. Soon after noticing the attack, _Denso cut off the connection and launched an internal investigation_. So far, no other facilities have been affected, and the manufacturing schedules are on time with no disruption to production plants. Denso has informed the local authorities and hired external cyber forensic experts to investigate the incident as part of its measures to [prevent phishing attacks](/content/phishing-prevention/). Denso regretted the unfortunate incident and apologized to all clients and associates for the inconvenience caused. _The Pandora ransomware gang owned up to launching this attack on Denso_, and cybersecurity experts could trace **1.4 TB of data stolen** from Denso on Pandora’s leak site. ### Data Breach Hits South African Credit Bureau TransUnion _TransUnion is regarded as one of the top credit bureaus in South Africa, and the company recently underwent a data breach_. It announced that unauthorized third parties recently accessed its server by exploiting an authorized client’s credentials. On 11th March 2022, the adversaries demanded a **ransom of $15 million**, which the company has no plans of paying. A [South African news site](https://www.cyberscoop.com/south-africa-transunion-data-breach/), ITWeb, mentioned that a Brazilian threat actor group called N4aughtysecTU is taking responsibility for the attack on TransUnion. _The N4ughtySec hacker said on a Telegram chat with ITWeb that it has been attacking TransUnion South Africa since 2012_. The group further mentioned that TransUnion used weak passwords on its network, making intrusion easier. The adversaries claimed to have access to more than **4TB of customer data** belonging to TransUnion. Reportedly, this data covers over 200 corporate companies. _The news site reported that the threat actors demanded bitcoin worth about 223 million_ (close to **$15 million**). TransUnion has notified authorities and is closely associated with law enforcement and regulators as part of its [phishing prevention measures](/content/phishing-prevention/phishing-attack-prevention/). In addition, the company addressed customer queries regarding the breach on its FAQ page in the form of Q&A. ### Conti’s Source Code Leaked, Revealing Vital Information Many pertinent details about Conti Ransomware’s organization structure and operational mechanism were revealed in a recent leak of its chat logs, source code, and other sensitive data. _Cybersecurity experts from various organizations are now finding more details about Conti from this leak_. Security researchers from BreachQuest have reported some [details about Conti’s operators](https://cyware.com/news/conti-leaks-exposes-its-organizational-structure-source-code-and-operational-details-404e024e) and their levels of functioning. They report that someone named Stern is the ‘big boss’ and a certain Salamandra works in HR and takes care of the recruitment processes. The other important figures in Conti’s operations include Mango (team lead), Bio (blogger/negotiator), Revers (tech lead), Twin (training), and Bentley (system admin). _Conti was the top gainer for ransomware operations in 2021_, with an **estimated $180m**. Conti mainly targets financial documents, clients, accounting, and projects. It usually looks for backup servers within the compromised network and encrypts them. A source code analysis conducted by CyberArk concluded that organizations could use the leaked Conti data to ensure [phishing protection](/) for themselves. The leaked data included **12 Git repositories** of internal Conti software, and most of these appeared to be open-source software. _The Conti leak is a rich resource for cybersecurity researchers to track down the group and its operators_. ### Mobile Apps Leaking Sensitive User Data _A misconfiguration of back-end cloud databases has caused several mobile applications with millions of downloads to leak sensitive user data_. The security vendor, Check Point, conducted a three-month study and found that over 2100 mobile applications had their [Firebase back-end exposed](https://www.infosecurity-magazine.com/news/thousands-mobile-apps-expose-data/) owing to misconfigurations. The investigation began with a query on VirusTotal for mobile apps communicating with the Firebase cloud database (as listed on the malware scanning service). ![Phishing prevention software](https://media.mailhop.org/phishprotection/images/2022/03/phishing-prevention-software-1231.jpg) _Check Point explained the vulnerability and said that developers often overlook cloud database configuration_ in their endeavor to harden applications against attacks. This leaves real-time databases exposed and open to anyone to access and exploit. The study found several applications guilty of cloud database misconfiguration. These include a logo design application and a South American e-commerce app, with **over 10 million** downloads each. They exposed the personal details of users and API gateway credentials, respectively. Some other applications found revealing user details were a bookkeeping app, a social audio platform (over five million downloads), and a dating app. Cloud misconfigurations are a sign of inadequate policies, lack of awareness, [security training](/products/phishing-awareness-training/), and [anti-phishing solutions](/content/anti-phishing/anti-phishing-solutions/). While these lousy security practices can cause immense loss to an organization and its users, these misconfigurations can be remediated by a few clicks. ### FTC Asks CafePress to Pay $500,000 to Victims of 2019 Breach _The customized merchandise platform CafePress underwent a data breach in 2019_, which exposed millions of users’ email addresses and passwords. The adversaries had used this stolen information to trace **180,000 unencrypted** social security numbers, some of which were eventually found on the dark web. While the data breach and its after-effects seem quite typical, CafePress’s [anti-phishing protection](/products/advanced-threat-defense/) measures were inadequate. Because of that, the Federal Trade Commission (FTC) has recently [asked the platform](https://www.cyberscoop.com/ftc-cafepress-breach-settlement/) to **pay $500,000** as redressal to all the victims of the attack. Reportedly, _CafePress had known and ignored the security threats which triggered the 2019 breach_. Further, the company had quietly patched the vulnerability and notified customers only a month later when the breach was publicly reported. FTC remarked that despite knowing that customers’ login credentials were highly unfit for use after the breach, _CafePress did not ask its consumers to change passwords and facilitated login with the same hacked credentials_. Interestingly, this wasn’t the first time CafePress hid a security incident from its customers. This, and several other security noncompliances over the years have risked the customers of CafePress. The FTC’s charges on the company aim to compensate users for this loss of personal property. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 12 of 2022","description":"Social engineering attacks are an ever-present problem, and organizations worldwide are struggling to secure their systems against phishing attacks.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-12-of-2022/","datePublished":"2022-03-25T05:08:49.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2022-03-25T05:08:49.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-12-of-2022/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1515,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2022/03/phishing-attack-prevention-1231.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 12 of 2022","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-12-of-2022/"}]} ```