--- title: "Spanish Authorities Bust Phishing Syndicate, Sysco Alerts Data Breach, Linux Kernel Exploit – Cybersecurity News | Phish Protection" description: "Spanish Authorities Bust Phishing Syndicate, Sysco Alerts Data Breach, Linux Kernel Exploit – Cybersecurity News: Check out the latest cybersecurity." image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-19-of-2023.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-19-of-2023/" --- Quick Answer Check out the latest cybersecurity news worldwide to keep yourself safe with our latest Weekly Cybersecurity Bulletin! Spain’s National Police arrested two threat actors and 15 members of a cybercriminal organization, and 23 individuals involved in illegal financial operations and bank scams. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-19-of-2023%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Spanish%20Authorities%20Bust%20Phishing%20Syndicate%2C%20Sysco%20Alerts%20Data%20Breach%2C%20Linux%20Kernel%20Exploit%20%26%238211%3B%20Cybersecurity%20News&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-19-of-2023%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-19-of-2023%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-19-of-2023%2F&title=Spanish%20Authorities%20Bust%20Phishing%20Syndicate%2C%20Sysco%20Alerts%20Data%20Breach%2C%20Linux%20Kernel%20Exploit%20%26%238211%3B%20Cybersecurity%20News "Share on Reddit") [ ](mailto:?subject=Spanish%20Authorities%20Bust%20Phishing%20Syndicate%2C%20Sysco%20Alerts%20Data%20Breach%2C%20Linux%20Kernel%20Exploit%20%26%238211%3B%20Cybersecurity%20News&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-19-of-2023%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2023/05/anti-phishing-protection-2523.jpg) Check out the latest [cybersecurity](/content/cybersecurity-in-a-nutshell) news worldwide to **keep yourself safe** with our latest Weekly Cybersecurity Bulletin! ### Spanish Authorities Dismantle Crime Ring Connected to Phishing Operation Spain’s National Police arrested two threat actors and 15 members of a [cybercriminal](https://www.arabnews.com/node/2287521/business-economy) organization, and 23 individuals involved in **illegal financial** **operations** and bank scams. The threat actors were engaged in an **email and SMS-based** phishing campaign and scammed nearly 300,000 individuals making away with €700,000 ($768,000). The police[investigated](https://www.policia.es/%5Fes/comunicacion%5Fprensa%5Fdetalle.php?ID=15682)the campaign and all illegal activities of those arrested and found out that the members of the Trinitarios organization employed stolen credit cards to purchase crypto, which was exchanged with **fiat currencies** and sent to a standard box. These credit cards were stolen from the SMS phishing campaign victims via **fake bank portal** phishing pages. Threat actors and organized cybercriminal gangs are moving to cybercrimes and phishing for **new revenue streams**, and individuals should stay on their guard, keeping away from phishing or suspicious emails. ![Anti phishing protection](https://media.mailhop.org/phishprotection/images/2023/05/anti-phishing-protection-2523.jpg) ### \*\*\*\*Sysco, a Major Food Distributor, Issues Data Breach Warning Following Cyberattack One of the leading food distribution organizations worldwide, Sysco, confirmed that it was the victim of a **network breach** with the [threat actors](/phishing/threat-actors-target-western-digital-cripple-its-my-cloud-service) making away with sensitive business, customer, and employee data. Sysco sent data breach notification letters to some affected individuals outlining that Sysco identified the breach on 5 March 2023 , but the threat actor gained access to its systems **without authorization** on 14 January 2023, meaning they had a ton of time to steal precious information. The details of the breach were also[shared](https://otp.tools.investis.com/clients/us/sysco1/SEC/sec-show.aspx?Type=page&Outline=no&FilingId=16611993-291099-291922&CIK=0000096021&Index=12600)in a 10-Q quarterly report filed to the US SEC (Securities and Exchange Commission), and the investigation into the cybersecurity incident is ongoing. The details of what data was stolen have not been revealed, but Sysco says that **data stolen** relates to business operations, customers, and employees. The incident has not impacted any of Sysco’s business operations or services while Sysco **investigates** the breach. ### \*\*\*\*Attackers Exploit Netfilter Vulnerability in Linux Kernel, Gaining Root Privileges A [new flaw](https://cybersecuritynews.com/flaw-in-acer-laptops/) was discovered in the Linux NetFilter kernel that allows unprivileged local users to escalate privileges to the root level, gaining access and **control over a system**. Identified as[CVE-2023-32233](https://nvd.nist.gov/vuln/detail/CVE-2023-32233), the vulnerability has not received a security level but stems from the Netfilter nf\_tables. These tables can accept **invalid updates** to configuration, allowing specific scenarios where invalid batch requests can corrupt the internal state of the subsystem. The vulnerability was **discovered** by [security researchers](https://www.scmagazine.com/news/vulnerability-management/security-researchers-patch-vmware-esxi-servers) Patryk Sondej and Piotr Krysiuk, who shared it with the Linux kernel team, who are now collaborating to release a fix. The exploit details will be published on 14 May 2023 to keep systems safe until a **patch** is released. ### \*\*\*\*Five Eyes Neutralizes Russian Snake Malware Responsible for Data Theft Using Self-Destruct Command The Five Eyes member nations **took down** the Snake gang’s [cyber-espionage](https://www.malwarebytes.com/cybersecurity/business/what-is-cyber-espionage) infrastructure operated by the Russian FSB (Federal Security Service). The Snake malware was developed as “Uroburos” in 2003, and Russian **state hackers** used it in 2004 and beyond. The Justice Department and its international partner disrupted the global network of malware-infected systems that the Russian government has been using for the last **two decades**. Five Eyes issued a[joint advisory](https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-129a)on how the malware was disabled via a **self-destruct command** and how organizations and individuals can detect and remove the Snake malware. Affecting over 50 countries to gather intelligence and steal information, the Snake malware will **terrorize organizations** and individuals no more. ### \*\*\*\*Beware of QR Codes Used in Fraudulent Parking Tickets and Surveys to Steal Your Money With the rise in the usage of [QR codes](https://www.infosecurity-magazine.com/opinions/qr-codes-vulnerability-cybercrimes/), threat actors are also using the technology for **malicious** purposes. A Singapore-based woman lost $20,000 after she used a QR code at a bubble tea shop, and multiple individuals are becoming victims of **fake car parking citations** with malicious QR codes in the UK and the US. The 60-year-old woman scanned a QR code outside a tea shop, with which individuals could get a free cup of milk tea. However, she was **scammed** as the bogus survey application she downloaded using the[QR code stole $20,000](https://www.bleepingcomputer.com/news/security/qr-codes-used-in-fake-parking-tickets-surveys-to-steal-your-money/)from her bank account the same night. Individuals **should watch** for the QR codes they scan and the applications they download, as they may become victims of such scams. ![Anti phishing protection](https://media.mailhop.org/phishprotection/images/2023/05/anti-phishing-protection-2522.jpg) ### \*\*\*\*Advanced Cactus Ransomware Employs Self-Encryption to Evade Antivirus Detection A new [ransomware](/content/protection-against-ransomware/what-is-ransomware), the Cactus ransomware, was discovered that exploits **VPN appliances** to access networks of commercial organizations. The[Cactus ransomware](https://thehackernews.com/2023/05/new-ransomware-strain-cactus-exploits.html)has been active since March 2023 and looks for big payouts as the threat actor behind it is new and focuses on file encryption and **data theft**. However, researchers at Kroll corporate analyzed the latest ransomware and highlighted that Cactus sets itself apart from other operations as it uses **encryption** to protect the ransomware binary. The [malware](/content/protection-against-malware/what-is-malware)removes the original ZIP, and the binary is deployed with a flag, allowing it to execute to **prevent the detection** of the encryptor. Although the extensive details of the Cactus ransomware are unavailable, it’s important for both individuals and organizations to **remain alert** and implement effective [phishing protection](/) measures. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Spanish Authorities Bust Phishing Syndicate, Sysco Alerts Data Breach, Linux Kernel Exploit – Cybersecurity News","description":"Spanish Authorities Bust Phishing Syndicate, Sysco Alerts Data Breach, Linux Kernel Exploit – Cybersecurity News: Check out the latest cybersecurity.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-19-of-2023/","datePublished":"2023-05-08T05:11:39.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2023-05-08T05:11:39.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-19-of-2023/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":884,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2023/05/anti-phishing-protection-2523.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Spanish Authorities Bust Phishing Syndicate, Sysco Alerts Data Breach, Linux Kernel Exploit – Cybersecurity News","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-19-of-2023/"}]} ```