---
title: "Cybersecurity Updates For The Week 24 of 2020 | Phish Protection"
description: "The cyberspace withstands serious threats every instant. These cyber-attacks are manageable with the right phishing prevention measures."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-24-of-2020.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-24-of-2020/"
---

Quick Answer

The domain of the Japanese cryptocurrency exchange \[Coincheck underwent a hack\](https://hotforsecurity.bitdefender.com/blog/coincheck-cryptocurrency-exchange-targeted-by-hackers-customer-emails-exposed-23439.html?web\_view=true) recently, which has probably compromised the details of \*\*over 200 of its customers\*\*. The hack happened earlier this week, where the adversaries accessed the DNS records for the coincheck.com domain and changed the files to redirect incoming emails to the hackers' inbox.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-24-of-2020%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2024%20of%202020&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-24-of-2020%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-24-of-2020%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-24-of-2020%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2024%20of%202020 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2024%20of%202020&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-24-of-2020%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/06/what-is-a-zero-day-attack-7510.jpg) 

_The cyberspace withstands serious threats every instant_. These cyber-attacks are manageable with the right [phishing prevention](/) measures. However, along with an appropriate **anti-phishing service**, one must also have a profound knowledge of recent cyberattacks to have a better idea about what really is going on out there. Therefore we bring you the latest security headlines as nothing can be as informative as firsthand accounts of cyber attack survivors.

### \*\*\*\* Coincheck Email Hacked

The domain of the Japanese cryptocurrency exchange [Coincheck underwent a hack](https://hotforsecurity.bitdefender.com/blog/coincheck-cryptocurrency-exchange-targeted-by-hackers-customer-emails-exposed-23439.html?web%5Fview=true) recently, which has probably compromised the details of **over 200 of its customers**. The hack happened earlier this week, where the adversaries accessed the DNS records for the coincheck.com domain and changed the files to redirect incoming emails to the hackers’ inbox.

All emails received by Coincheck between 31st May and 1st June are vulnerable. The details compromised in the attack include the sender’s email address, name, registered address, date of birth, phone number, ID Selfie, among other information. _Coincheck is taking measures to **prevent phishing attacks** and has already changed the domain records since the attack_.

![What is a zero day attack](https://media.mailhop.org/phishprotection/images/2020/06/what-is-a-zero-day-attack-7510.jpg) 

### DopplePaymer breaches NASA files

Defying [phishing protection](/) measures of even NASA, the notorious ransomware [DopplePaymer](https://www.zdnet.com/article/ransomware-gang-says-it-breached-one-of-nasas-it-contractors/?&web%5Fview=true) recently announced that _it had infected the network of NASA’s IT contractor_, Digital Management Inc. (DMI). DMI provides IT services to many Fortune 100 companies and government agencies.

The ransomware could exfiltrate files from DMI’S NASA-related infrastructure and _have posted 20 archive files on the dark web to extort NASA into paying them a ransom_. It has also published a list of **2,583 servers** and workstations that are part of DMI’s internal network.

### Over 100,000 Indian IDs For Sale On Dark Web

Attackers have recently released over [100,000 scanned copies of IDs](https://ciso.economictimes.indiatimes.com/news/over-1-lakh-national-ids-of-indians-put-on-dark-net-for-sale-cyber-intelligence-firm/76177587) belonging to Indians in the dark market. These documents include their Aadhaar, PAN card and Passport. _Researchers found that no government system is responsible for this breach_. They assume that it’s some third party asking people to update their KYC whose network has been compromised.

_The hacker claims to possess IDs belonging to Indians from different parts of the country_. People are advised to monitor their bank accounts and protect themselves from phishing strictly.

### Seven-Year-Old LG Vulnerability

The smartphone manufacturer has finally released a patch (LVE-SMP-200006) in his May 2020 security update for a [vulnerability (CVE-2020-12753)](https://www.zdnet.com/article/new-cold-boot-attack-affects-seven-years-of-lg-android-smartphones/?&web%5Fview=true) that has been present in its Android smartphones for **seven years** now.

CVE-2020-12753 affected the bootloader (a firmware specific to each smartphone vendor) of LG smartphones. _It was discovered by US software engineer Max Thomas in March 2020_.

All LG smartphones utilizing QSEE (Qualcomm Secure Execution Environment) chips and running Android 7.2 and the later versions are advised to take [phishing attack prevention](/) measures and immediately get the patch updated.

### Sodinokibi’s auction site for stolen data

To add to the woes of **ransomware attacks** and extortion campaigns, REvil (Sodinokibi) has recently launched an [eBay-like auction site to trade in stolen data](https://www.zdnet.com/article/revil-ransomware-gang-launches-auction-site-to-sell-stolen-data/?&web%5Fview=true). _The data that was previously released for free as revenge against companies that refuse to pay a ransom shall now be auctioned_.

REvil has already put up the details of a recently hacked Canadian agricultural company for sale at a starting price of **$50,000 in Monero cryptocurrency**. [Protection from phishing](/) is no longer the only concern for firms with evil actors like Sodinokibi in the picture.

### Lawsuit Filed Against Aveanna Healthcare

A lawsuit has been filed against the Atlanta-based pediatric home healthcare provider, [Aveanna Healthcare for mishandling a data breach](https://www.govinfosecurity.com/data-breach-lawsuit-filed-against-pediatric-care-provider-a-14372?&web%5Fview=true) that took place between 9th July 2019 and 24th August 2019\. _This attack compromised the details of over 166,000 individuals_.

Aveanna Healthcare notified about the attack only on 18th February 2020 and took inadequate email [phishing prevention](/) measures, which infuriated its customers. Compromised details include social security numbers, dates of births, bank account and credit card details, passport numbers, driver’s license numbers, medical record numbers, patient account numbers, diagnosis information, and treatment type of individuals. _People are now demanding compensation for their losses_.

### \*\*\*\* Data breach at 8Belts

Spanish e-Learning platform [8Belts underwent a data breach](https://www.hackread.com/8belts-exposes-data-of-100000-e-learners/?web%5Fview=true) recently which has compromised the details of over **100,000 e-learners**. The affected data includes users’ national identity numbers, full names, email IDs, among other information. _Researchers say that the breach initiated because 8Belts stored its data on a misconfigured Amazon Web Services (AWS) S3 bucket_.

All e-learners using 8Belts are advised to take measures to ensure [protection from phishing](/products/advanced-threat-defense/) attacks, particularly those in Spanish-speaking countries.

### Ransomware Hits NFN

The [Nipissing First Nation underwent a ransomware attack](https://www.bleepingcomputer.com/news/security/ransomware-locks-down-the-nipissing-first-nation/?&web%5Fview=true) recently, which affected all its departments. But _the breach was well managed by NFN, and it couldn’t change their network much_.

NFN’s staff took the right measures for **protection against phishing** and could successfully stop the attack. They collaborated with an independent security firm and found that no personal or confidential information has been released in the attack.

### India’s BHIM App Undergoes Breach

A **significant data breach** recently compromised [7.26 million records from an Indian e-Governance website](https://cyware.com/news/data-breach-in-an-indian-e-governance-website-leaks-data-of-726-million-users-54a99a3d). The breach happened through a misconfigured Amazon Web Services (AWS) S3 storage bucket. The details compromised belonged to users of the BHIM app.

The app notified people that it takes all [anti-phishing protection](/products/advanced-threat-defense/) measures and that they have nothing to be afraid of because the app hasn’t been breached. Users should remain vigilant and adopt [phishing prevention best practices](/content/phishing-prevention/phishing-prevention-best-practices/).

![What is a zero day attack](https://media.mailhop.org/phishprotection/images/2020/06/what-is-a-zero-day-attack-7511.jpg) 

### Data Breach at Joomla

In yet another breach through Amazon Web Services S3 bucket, Joomla open source content management system **risked the privacy** of [over 2,700 of its users](https://www.zdnet.com/article/joomla-team-discloses-data-breach/?&web%5Fview=true). The data left online included the full name, business address, business email address, business phone number, company URL, password (hashed), IP address of users.

Joomla team is adopting [anti-phishing solutions](/products/advanced-threat-defense/) and asking JRD users to **change their passwords** and to look out for any unusual activity in their accounts. Although the risk factor is low for this attack and Joomla authorities claim that the exposed information was already public, _nothing justifies the careless act of leaving hashed passwords and IP addresses open_.

In its defense, Joomla said that they conducted a full **security audit** of the JRD portal immediately after discovering the breach.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 24 of 2020","description":"The cyberspace withstands serious threats every instant. These cyber-attacks are manageable with the right phishing prevention measures.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-24-of-2020/","datePublished":"2020-06-11T19:44:40.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-06-11T19:44:40.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-24-of-2020/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1037,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/06/what-is-a-zero-day-attack-7510.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 24 of 2020","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-24-of-2020/"}]}
```