--- title: "Cybersecurity Updates For The Week 13 of 2021 | Phish Protection" description: "Phishing is once again at the top of all cyber news, and there is nothing we can do to change that except taking phishing attack prevention measures." image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-13-of-2021.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-13-of-2021/" --- Quick Answer Phishing is once again at the top of all cyber news, and there is nothing we can do to change that except taking \[phishing attack prevention\](/) measures. The following top headlines from the cyber world prove just \_how crucial cyber hygiene is to keep your digital assets from falling into the hands of threat actors\_. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-13-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2013%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-13-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-13-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-13-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2013%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2013%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-13-of-2021%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/03/what-is-phishing-4211.jpg) Phishing is once again at the top of all cyber news, and there is nothing we can do to change that except taking [phishing attack prevention](/) measures. The following top headlines from the cyber world prove just _how crucial cyber hygiene is to keep your digital assets from falling into the hands of threat actors_. ### Premier Diagnostics In Utah Leaks Sensitive Patient Data Premier Diagnostics, a Utah-based COVID-19 testing facility, has been handling patients’ information carelessly. _The testing service has exposed the sensitive information of **over 52,000 people** by leaving it publicly available on two unprotected Amazon S3 buckets_. The compromised data includes the passports, medical insurance cards, driver’s licenses, etc., of patients and their names, addresses, age, photos, ID number, gender, etc. The affected people are likely to be from Nevada, Utah, and Colorado. The breach, however, did not leak any [COVID-19 test reports](https://www.hackread.com/us-covid-19-testing-service-exposes-patients-data/?web%5Fview=true). Those who are associated with Premier Diagnostics are advised to take measures to _protect themselves from phishing_, especially when it comes to unsolicited emails or emails from the testing service. ### Ransomware Hits Buffalo Public Schools _A **ransomware attack** on the Buffalo Public Schools has brought down its systems and delayed its plan for beginning remote and in-person classes_. The shift to in-person learning has been slow but consistent for the school so far, but the attack compelled the school to cancel all classes from Monday onwards. It is now focusing on identifying and removing the vulnerability leading to the attack. But the FBI and cybersecurity firm GreyCastle are working on the investigations. Though no teacher or [student information](https://www.cyberscoop.com/buffalo-public-schools-canceled-cyberattack-ransomware/) was leaked, it’s speculated that the ransom demanded will be **between $100,000 and $300,000**. The school system has shared no further details. As they take [phishing protection](/) measures, efforts continue to restore the school’s critical systems so that teaching and learning can be resumed at the earliest. ### Descartes Aljex Software Leaves AWS S3 Bucket Unsecured _The US-based software company Descartes Aljex Software was recently discovered **exposing 103 GB of data** through a misconfigured AWS S3 bucket_. Researchers at Website Planet found the breach and informed Descartes Alijex of the same. Aljex denied ownership of the bucket, but it was eventually secured, which means they probably took **anti-phishing measures**. ![What is phishing](https://media.mailhop.org/phishprotection/images/2021/03/what-is-phishing-4211.jpg) Over [4000 people](https://www.hackread.com/shipping-management-software-firm-data-online/?web%5Fview=true), including Alijex customers, sales representatives, employees, and third-party workers, were affected by the breach, which let anyone with the correct URL view, alter, use or misuse the data stored on the bucket. The compromised information includes the names, contact numbers, usernames, plaintext passwords, and users’ email addresses. The names, official email addresses, usernames, and IDs of sales representatives, along with shipment details, were also exposed in the breach. Since such _information can be misused for identity theft and other serious crimes_, Alijex, and its associates must take necessary measures to [prevent phishing](/) attacks. ### Major Ransomware Attack Hits The South And City College Birmingham After just a week of resuming offline classes, _the South and City College Birmingham and its eight sites were forced to shut their online systems by a major **ransomware attack**_. The attack is said to have _encrypted and disabled the college’s core IT systems_. As teachers and students go back to the [online classes](https://feweek.co.uk/2021/03/15/college-group-closes-all-campuses-for-a-week-following-major-cyber-attack/?web%5Fview=true), the college computer forensic specialists are working to fix the issue. The Information Commissioner’s Office and government have been informed as well. The college announced the attack on its website and Twitter page on 13th March, along with the adversaries’ threatening of decrypting systems only when the ransom is paid. Students are requested to be patient and cooperative as the college figures what needs to be done next. _They have already recovered some data from their servers and removed several systems from the network_. Since the email system remains unaffected, students and teachers have been asked to continue with online classes. The college IT experts are taking [phishing prevention](/) measures to investigate the attack and restore systems at the earliest. ### Are Users Of The Japanese Messaging App Line Safe? Japanese privacy regulations state that no company can share user information with third parties overseas without the user’s prior consent. But the _Japanese messaging app Line was recently found sharing sensitive information of users with four Chinese engineers_ (in charge of Line’s system maintenance) at a Shanghai-based Company. These engineers had access to [Line’s servers](https://ciso.economictimes.indiatimes.com/news/japan-messenger-app-line-let-engineers-in-china-access-user-data-without-consent-report/81562102) from 2018 and could view users’ names, contact numbers, and email addresses. Line says that it hasn’t done anything to defy legal or regulatory boundaries and take measures for [protection from phishing](/). It is cooperating and corresponding with authorities as well. Line has restricted the Chinese affiliate’s access to user data and ensured that the messages sent on Line are secured with end-to-end encryption. ![Phishing definition](https://media.mailhop.org/phishprotection/images/2021/03/phishing-definition-4211.jpg) ### Beware Of CopperStealer Hacks _Proofpoint researchers have found a new malware strain in the family of the Chinese malware Silent Fade_ (first reported in 2019 by Facebook). CopperStealer is believed to be a previously undocumented malware that steals the passwords to Instagram, Facebook, Google, and other social media accounts. _The compromised accounts are then used for running malicious ads and spreading malware_. The current targets of CopperStealer are the users of the social media and search engine giants. Hence, users are advised to [enable MFA](https://www.darkreading.com/attacks-breaches/new-copperstealer-malware-hijacks-social-media-accounts/d/d-id/1340454?&web%5Fview=true) on all their online accounts and take adequate [phishing prevention](/blog/phishing-prevention-email-providers-arent-helping-any/) measures. Researchers were first made aware of CopperStealer in January 2021\. They then found the malware sample in other major service providers such as Apple, Facebook, Instagram, Google Tumblr, PayPal, Twitter, Amazon, etc. ### New Office 365 Phishing Scams To Look Out For C-suite executives, their assistants, and financial department employees are becoming the target of a sophisticated Microsoft [Office 365 phishing campaign](/office-365-phishing-protection/). _The attackers presumably made their way into the organization’s email system via an initial attack and then targeted these C-level executives_. Since December last year, this attack campaign is believed to be in action with the use of phishing kits and other techniques at the adversaries’ disposal. Most of the **phishing emails** are sent from addresses with Microsoft-themed sender domains. The emails are constructed with fake alert messages like Important Security Policy Update or Important Service Changes, giving them the look of official company emails. These fake emails lead victims to a rough, spoofed Microsoft-themed notice and a fake Office 365 login page. Entering your email ID in such pages lets attackers verify whether it’s a valid [Office 365 address](https://www.helpnetsecurity.com/2021/03/18/office-365-phishing-executives/?web%5Fview=true). Such attacks are widespread these days, mainly because people are unlikely to invite a noncompliance issue by being unresponsive to a seemingly real official email. Hence, employees, particularly those at executive levels, must be critical in evaluating emails (even from official domains) and adopt necessary [anti-phishing solutions](/products/advanced-threat-defense/) for enhanced online security. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 13 of 2021","description":"Phishing is once again at the top of all cyber news, and there is nothing we can do to change that except taking phishing attack prevention measures.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-13-of-2021/","datePublished":"2021-03-24T10:42:32.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-03-24T10:42:32.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-13-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1126,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/03/what-is-phishing-4211.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 13 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-13-of-2021/"}]} ```