---
title: "Cybersecurity Updates For The Week 13 of 2020 | Phish Protection"
description: "It is of utmost importance for you to stay abreast of the latest hacking plots if you want to keep your devices safe from the latest attacks happening around."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-13-of-2020.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-13-of-2020/"
---

Quick Answer

It is of utmost importance for you to \_stay abreast of the latest hacking plots if you want to keep your devices safe from the latest attacks happening around the world\_. The following headlines serve this purpose of providing \[phishing prevention\](/) tips:

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-13-of-2020%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2013%20of%202020&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-13-of-2020%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-13-of-2020%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-13-of-2020%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2013%20of%202020 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2013%20of%202020&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-13-of-2020%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/03/protection-from-phishing-1321.jpg) 

It is of utmost importance for you to _stay abreast of the latest hacking plots if you want to keep your devices safe from the latest attacks happening around the world_. The following headlines serve this purpose of providing [phishing prevention](/) tips:

### Nefilim Ransomware Proves A Threat

Newly discovered [ransomware Nefilim](https://cyware.com/news/newly-found-nefilim-ransomware-borrows-code-from-nemty-25-ransomware-e0357674) that uses a combination of AES-128 and RSA-2048 algorithms is causing much havoc by threatening to release stolen data. Spreading through exposed remote Desktop Services, _Nefilim removes the Ransomware-as-a-Service (RaaS) component and depends on emails for payments rather than a Tor payment site_.

Like its counterparts, Nefilim is on to continue the ‘Name and Shame’ game of attackers, but with the right measures, **protection against an attack** of this kind can be achieved.

### New Vulnerability In Intel Processors

A new variant of Snoop-assisted L1 Data Sampling with a CVSS score of 5.6 is posing a [threat to Intel processors](https://cyware.com/news/after-lvi-lfb-intel-processors-affected-by-new-snoop-vulnerability-7fcb947e). _The vulnerability can leak data from the CPU’s internal memory by exploiting CPU mechanisms_ such as multiple cache levels, cache coherence, and bus snooping.

Assigned CVE-2020-0550, _the vulnerability is believed to be a variant of a domain-bypass transient execution attack_

However, **security solutions** have been deployed by the CPU maker. They have released patches in August 2018, which can fix the issue, although retrieving lost data remains a challenge.

### Data Breach At DuPage College

The College of DuPage recently notified it of having [undergone a cyber attack](https://www.infosecurity-magazine.com/news/illinois-college-suffers-data/?&web%5Fview=true), which has compromised the personal and tax information of 1,755 of its present and former staff members. _Although they didn’t mention any of the intricate details of the attack_, they apologized for any loss caused to anybody and are offering free credit monitoring to over 1,700 current and former employees.

Brian Caputo, _the College president notified that the lost data also included 2018 W-2 tax forms and could be possibly used by attackers for frauds_. The college is now being extra cautious and adopting measures to safeguard their interests.

![Protection from phishing](https://media.mailhop.org/phishprotection/images/2020/03/protection-from-phishing-1321.jpg) 

### Covid-19 Related Cyber Scams On Rising

_The people have been warned ample times to stay on guard for Corona Virus related security scams_. The Chartered Trading Standards Institute (CTSI) says that the [attackers are exploiting grievances](https://uk.news.yahoo.com/tax-rebate-scam-emails-target-135623277.html) of households with fake [emails impersonating](/products/email-impersonation-protection/) the Government, offering them the tax rebate. _The counterfeit emails lure people with temptations and manipulate them into clicking links to receive the money_.

Clicking the link needs you to enter your personal and bank details, which are all that hackers need. There are also fake smartphone apps, such as CovidLock, which _demand ransom to unlock a user’s phone_. To **protect yourself from phishing**, stay vigil, and prepare for increased remote working.

### Data Breach At European Union

Bob Diachenko led security team of Comparitech discovered a database hosted by Amazon Web Services [left unprotected online](https://www.scmagazine.com/home/security-news/8-million-eu-retail-sales-records-exposed-on-aws-mongodb/?web%5Fview=true), which exposed around **eight million retail sales records** from the European Union. The exposed MongoDB database included customer names, email addresses, shipping addresses, purchases, and the last four digits of credit card numbers.

Although the exposed details are not enough to launch a full-fledged attack, they are still an **asset for the attackers**. This is an indication for people to strengthen their [phishing email prevention](/products/email-fraud-protection/) measures. The database owner, too, has been notified to shut it down immediately.

### Email Phishing Rises At SLC

More than 5 million **email phishing attacks** were launched on the Student Loans Company (SLC) in 2019, _91% of which was blocked by the firm_. This speaks of the **vulnerability level** of the UK based fund providing body. [SLC is a lucrative target for attackers](https://www.infosecurity-magazine.com/news/student-loans-company-54-million?&web%5Fview=true) because a successful attack would give them access to the personal and financial information of millions of UK students.

In such a case, [employee awareness training](/blog/in-honor-of-cybersecurity-awareness-month-heres-the-only-fact-you-need-to-know/) and technology filters are the only ways to ensure email [phishing prevention](/).

### Corona Virus, The Ransomware

As the world struggles with the Corona Virus, _hackers use the fear endlessly to launch cyber attacks_, the most recent [being named after the virus itself](https://www.hackread.com/fake-wisecleaner-website-coronavirus-ransomware/?web%5Fview=true)! Distributed as an **infected website** that impersonating a WiseCleaner ad, Corona Virus (the ransomware) infects a device and injects the information-stealing tool Khalesi or Kpot trojan.

The Corona Virus **ransomware** is a wiper and downloads additional files from a remote website, once installed. It is capable of stealing web browser data, email, instant messengers, VPN, cryptocurrency, RDP, FTP, gaming software, and account information, along with secretly taking screenshots of the desktop and targeting crypto wallets stored on the device.

### Data Breach At Truefire

Florida based online guitar lesson provider [TrueFire discovered a data breach](https://www.infosecurity-magazine.com/news/guitar-tuition-website-suffers?&web%5Fview=true) in its system on 10th January 2020\. The company provides online guitar lessons to millions of students globally. However, _it is only after two months that the company decided to let the public know about a breach in its system_ that went on for six months before detection. 

TrueFire’s Chief Customer Officer Ren Wright, in a data breach notification letter on 9th March 2020, notified users who made purchases between 3rd August 2019, and 14th January 2020, of a possible **compromise of their data**. This data includes their names, addresses, payment card account numbers, card expiration date, and security codes.

The company has neither taken any [anti-phishing protection](/products/advanced-threat-defense/) measures nor extended free credit monitoring to affected customers. _It has merely advised customers to review their credit and debit card statements and check for any unusual activity_. 

![Email phishing protection](https://media.mailhop.org/phishprotection/images/2020/03/email-phishing-protection-1321.jpg) 

### Security Breach At Open Exchange Rates

Currency Data Provider, Open Exchange Rates, notified of a [data breach last week](https://securityaffairs.co/wordpress/99715/data-breach/open-exchange-rates-breach.html?web%5Fview=true). _They discovered the violation while trying to solve a network issue_. Their research revealed that the **attacker gained access** to their database on 9th February 2020\. The exposed information includes names, email addresses, encrypted/hashed passwords, App IDs associated with users’ accounts, IP addresses, personal and business names and addresses for some users, including the country of residence.

To ensure [protection against phishing](/), Open Exchange Rates has forced a password reset for all accounts created before 2nd March 2020 and has advised users to generate new API IDs using the account dashboard to access the service.

### Beware Of MonitorMinor

The [stalkerware MonitorMinor](https://securityaffairs.co/wordpress/99730/malware/monitorminor-super-stalkerware.html?web%5Fview=true) can **track user activity** of Gmail, WhatsApp, Instagram, Facebook, LINE: Free Calls & Messages, Zalo, Video Call, Kik, Hangouts, Viber, Hike News & Content, Skype, Snapchat, JusTalk, and BOTIM users.

_MonitorMinor is commercial monitoring software or spyware and is considered to be more powerful than all existing stalkerware_. It can gather the victim’s current geolocation, intercept SMS and call data, and implement geofencing features. It also allows spying on other communication channels such as instant messaging applications.

_It is all the more dangerous as victims cannot remove the spying software using regular OS tools_. The highest installation of MonitorMinor has been in India and Mexico, followed by Germany, Saudi Arabia, and the UK. Evidence also hints towards the Indian origin of the stalkerware.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 13 of 2020","description":"It is of utmost importance for you to stay abreast of the latest hacking plots if you want to keep your devices safe from the latest attacks happening around.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-13-of-2020/","datePublished":"2020-03-27T11:20:28.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-03-27T11:20:28.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-13-of-2020/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1156,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/03/protection-from-phishing-1321.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 13 of 2020","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-13-of-2020/"}]}
```