---
title: "Cybersecurity Updates For The Week 21 of 2020 | Phish Protection"
description: "Cybersecurity Updates For The Week 21 of 2020: Every second, 44 cyber attacks are being launched across the world . This terrorizing threat concerns all."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-21-of-2020.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-21-of-2020/"
---

Quick Answer

The Fortune 500 Company Magellan Health Inc. detected a \[ransomware attack\](https://cyware.com/news/magellan-health-hit-by-ransomware-7f691866) on one of its servers recently that \_compromised personal details of employees\_. The compromised data includes names, employee IDs, addresses, and W-2 or 1099 tax form details.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-21-of-2020%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2021%20of%202020&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-21-of-2020%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-21-of-2020%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-21-of-2020%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2021%20of%202020 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2021%20of%202020&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-21-of-2020%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/05/phishing-email-prevention-2407.jpg) 

_Every second, 44 cyber attacks are being launched across the world_. This terrorizing threat concerns all internet users, and hence keeping abreast of the latest happenings in cybersecurity is imperative for [phishing prevention](/). Following are the top headlines from the past week

### Ransomware Hits Magellan Health Inc.

The Fortune 500 Company Magellan Health Inc. detected a [ransomware attack](https://cyware.com/news/magellan-health-hit-by-ransomware-7f691866) on one of its servers recently that _compromised personal details of employees_. The compromised data includes names, employee IDs, addresses, and W-2 or 1099 tax form details.

To ensure **protection against phishing**, Magellan Health hired the cybersecurity firm Mandiant immediately. _They are also working closely with the FBI_. Magellan Health is offering [identity theft protection](/products/email-impersonation-protection/) to affected customers.

However, no signs of unauthorized intrusion have been recorded since the **ransomware attack**.

### US Warns Of New Malware

The US government has recently published details of [three new malware strains](https://thehackernews.com/2020/05/fbi-north-korean-malware.html?web%5Fview=true&m=1) that are allegedly used by **state-sponsored North Korean hackers**. These new ones come as an addition to Lazarus Group’s other malware samples like Bistromath, Slickshoes, Hoplight, and Electricfish.

To ensure [anti-phishing protection](/products/advanced-threat-defense/), the US govt has released the following information about the three malware strains, namely, Copperhedge, Taintedscribe, and Pebbledash:

**Copperhedge** is a Remote Access Tool (RAT) designed to run arbitrary commands, perform system reconnaissance, and exfiltrate data. _Six versions of Copperhedge are in circulation to attack cryptocurrency exchanges_.

**Taintedscribe** is a Trojan impersonating Microsoft’s Narrator screen reader utility and **downloads malicious payloads** from a command-and-control server, upload, and execute files, and even create and terminate processes.

**Pebbledash,** too, is a Trojan that downloads, uploads, deletes, and executes files. _It enables Windows CLI access, creates and terminates processes, and performs target system enumeration_.

![Phishing email prevention](https://media.mailhop.org/phishprotection/images/2020/05/phishing-email-prevention-2407.jpg) 

### Attack on WA’s Major Daily Newspaper

The adversaries attacked [West Australia’s major daily newspaper](https://www.theage.com.au/national/western-australia/hackers-target-wa-s-major-daily-newspaper-putting-data-of-subscribers-at-risk-20200513-p54sql.html?&web%5Fview=true) on March 23, but it was discovered only on April 21\. Soon after, an investigation was launched. _The hackers were impersonating the administrator of the mailbox and sending out **phishing emails** to subscribers_.

Used for communication between the masthead, its subscribers, and small business distribution partners, the mailbox contains the names, home addresses, phone numbers, and emails of anyone who has contacted The West Australian via the email channel, [subscriptions.admin@wanews.com.au](mailto:subscriptions.admin@wanews.com.au).

The masthead advises all readers to subscribe to [anti-phishing services](/). _They have also reported the breach to the Australian Privacy Commissioner._

### 9.1K Attacks On India In 3 Months

_Using the COVID 19 crisis to their benefit, cyber attackers are terrorizing the world_. **9100 such attacks** have been registered [in India](https://ciso.economictimes.indiatimes.com/news/9100-coronavirus-themed-cyberattacks-witnessed-in-india-between-feb-2-may-2-microsoft/75712570) between February 2 and May 2, according to a Microsoft executive, Ann Johnson.

Johnson added that India had some [phishing protection](/) tools in place. Still, the Coronavirus outbreak had made employees an easy target of phishing attacks.

To protect oneself from phishing, _Johnson advises organizations to provide employees with the necessary tools and education_.

### Data Breach at Bhinneka.com

Reports suggest that the consumer electronics e-commerce platform Bhinneka.com is one of the [prime targets of data theft](https://www.thejakartapost.com/news/2020/05/13/e-commerce-platform-bhinneka-com-reported-to-be-latest-target-of-data-theft.html) in recent times. _Data belonging to over **1.2 million Bhinneka.com users** are selling for **US$1,200 on the dark market**_. The hacker group ShinyHunters is behind the breach.

Bhinneka.com is working with the National Cyber and Encryption Agency to ensure [protection from phishing](/). It is also implementing a **global data security standard** called TUV Rheinland’s Payment Card Industry Data Security Standard (PCI DSS) to protect its customers.

Although the company keeps customer **passwords encrypted**, they advise people to change their passwords nonetheless.

### INTERPOL Proposes Anti-Ransomware Day

_The ransomware WannaCry came up in 2017 and had been traumatizing the world ever since it marked its third anniversary on May 12, 2017_. The International crime-fighting organization INTERPOL, in collaboration with the cybersecurity firm Kaspersky has declared this day as “[Anti-Ransomware Day](https://www.infosecurity-magazine.com/news/interpol-declares-antiransomware/?&web%5Fview=true).”

This Anti-Ransomware Day shall raise awareness on the need to have backups of data and [anti-phishing solutions](/) for organizations. _Kaspersky’s research reveals that encryptors attacked 767,907 users in 2019_. On average, victim **organizations lost $1.46m** in October 2019 alone.

Since a lot of people remain oblivious of ransomware, the director of INTERPOL Cybercrime Directorate, Craig Jones feels that _the Anti-Ransomware Day shall motivate people to maintain cyber hygiene_.

### Unsafe Android Apps

Security researcher Bob Diachenko from Security Discovery recently uncovered over [4,000 Android apps](https://thehackernews.com/2020/05/android-firebase-database-security.html?&web%5Fview=true) that are unknowingly **compromising sensitive information** of users. These apps use Google’s cloud-hosted Firebase to store user data such as email addresses, usernames, passwords, phone numbers, full names, chat messages, and location data.

Vulnerable apps relate to gaming, education, entertainment, and business categories. They have been installed by Android users more than **4.22 billion times**. Hence _it’s quite probable that an Android user’s privacy has been compromised by at least one of these apps at some point._

Google was notified of these findings on April 22, and it has approached the affected developers to ensure [protection from phishing attacks](/products/advanced-threat-defense/).

### Malware Hits Stadler Rail

Switzerland-based railway rolling stock manufacturer [Stadler Rail recently underwent a malware attack](https://www.securityweek.com/railway-vehicle-maker-stadler-hit-malware-attack?&web%5Fview=true). _The adversaries are now demanding money from Stadler by threatening to publish their stolen data_. The company is taking necessary measures to [prevent phishing attacks](/) and has engaged an external team to investigate the matter.

Meanwhile, _the affected systems are being rebooted, and backup systems remain operational_.

![Phishing email prevention](https://media.mailhop.org/phishprotection/images/2020/05/phishing-email-prevention-2408.jpg) 

### Flaws in Thunderbolt

Certain flaws in Intel’s hardware interface Thunderbolt allow [Thunderspy to attack](https://cyware.com/news/thunderbolt-flaws-open-the-floodgates-for-hackers-772a505c) a user’s system. _The vulnerability exists in all Thunderbolt-equipped devices manufactured before 2019_. What makes [phishing attack prevention](/) difficult is the fact that _no **security practices** can ensure protection from Thunderspy._

The only way to stop Thunderspy attacks is by disabling Thunderbolt ports from a system manually.

### Ransomware Hits Texas Court Systems

The [Texas judicial system](https://thehill.com/policy/cybersecurity/497154-texas-court-systems-hit-by-cyberattack?&web%5Fview=true) underwent a **ransomware attack** recently, _which brought down all its websites and legal proceedings_. However, there is no evidence of compromise of sensitive information, and emails, too, remain unaffected for the court system.

As an [anti-phishing measure](/products/advanced-threat-defense/), they are now working with law enforcement and the Texas Department of Information Resources to get to the roots of the attack **without paying any ransom**.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 21 of 2020","description":"Cybersecurity Updates For The Week 21 of 2020: Every second, 44 cyber attacks are being launched across the world . This terrorizing threat concerns all.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-21-of-2020/","datePublished":"2020-05-21T06:42:02.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-05-21T06:42:02.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-21-of-2020/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1019,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/05/phishing-email-prevention-2407.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 21 of 2020","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-21-of-2020/"}]}
```