---
title: "Cybersecurity Updates For The Week 25 of 2021 | Phish Protection"
description: "Cybersecurity Updates For The Week 25 of 2021: In today"
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-25-of-2021.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-25-of-2021/"
---

Quick Answer

In today's times, \_it has become necessary to keep yourself abreast of the latest cyber-attacks\_, and various ways threat actors adopt to attack users and rob them of their monetary or digital assets. For instance, a \_mere click on the wrong link is enough for the threat to access your credentials and other critical information\_. Simply keeping yourself updated is one of the best \[phishing attack prevention\](/) strategies and can help you avoid the majority of \*\*phishing attacks\*\*. Here are

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-25-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2025%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-25-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-25-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-25-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2025%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2025%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-25-of-2021%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/06/stop-phishing-emails-3351.jpg) 

In today’s times, _it has become necessary to keep yourself abreast of the latest cyber-attacks_, and various ways threat actors adopt to attack users and rob them of their monetary or digital assets. For instance, a _mere click on the wrong link is enough for the threat to access your credentials and other critical information_. Simply keeping yourself updated is one of the best [phishing attack prevention](/) strategies and can help you avoid the majority of **phishing attacks**. Here are the latest headlines from this past week.

### Age Is No Bar To Be A Cybercriminal

When a forty-something-year-old lady with a degree in applied mathematics expresses her interest in computers and contemplates a career as a computer programmer, people don’t view it as a threat factor. However, _federal prosecutors suspect a Latvian citizen called Alla Witte to be an active member of the Trickbot gang_.

Witte, now 55, began her career as a [computer programmer](https://www.bloomberg.com/news/articles/2021-06-09/hacker-known-as-max-is-55-year-old-woman-from-russia-u-s-says) at 40, with the intent of helping clients. Instead, within six years, _she evolved from an amateur developer to a furious cybercriminal under the Trickbot gang_. She has been working under the pseudonym of Max ever since. Max (alias Witte) is now in Cleveland with six other Trickbot members, facing charges for her part in a major cyberattack in Russia, Belarus, and Ukraine. If Witte cooperates, then much of the Justice Department’s [anti-phishing protection](/) efforts will be rewarded.

![Stop phishing emails](https://media.mailhop.org/phishprotection/images/2021/06/stop-phishing-emails-3351.jpg) 

### Azusa Police Department Kept Ransomware Attack Private, Paid $65k

_The Azusa Police Department in California City recently reported a **ransomware attack** it experienced last year_. But it has been discovered that it hid another attack for three years. The department underwent a week’s downtime in 2018 because of an unreported cyberattack. _An unnamed cyber-criminal gang had attacked the Azusa police department in the fall of 2018_. The city’s cyber insurance provider had _paid $65,000 as ransom_ to regain access to ten of the department’s data servers.

As per the department’s statement, no data was compromised from these servers, but they were down for a week, and _the decryption key couldn’t be found without paying the ransom_. Azusa city took necessary measures to [prevent phishing](/) attacks back then but did not publicly report the attack since no data was compromised. The attack began when an employee opened an [unsolicited email](https://www.infosecurity-magazine.com/news/california-city-hid-cyberattack/) and clicked on an embedded link.

### Ransomware Hits Linestar, 70GB Of Internal Data Leaked

After the Colonial Pipeline **ransomware attack**, the adversaries have targeted another pipeline-focused business. LineStar is a Houston-based company providing pipeline customers with compliance, auditing, maintenance, and technology services. _A ransomware gang called Xing Team attacked LineStar last month and **stole 70 GB of internal files**_.

_Xing Team dumped all this stolen data on its data leak website, where DDoSecrets first spotted it_. The leaked data included 10 GB of human resources data, 19 GB of software code and data, and over 73,500 emails, contracts, and accounting files. The HR data also included copies of the Social Security cards and driver’s licenses of employees. While LineStar was [initially quiet](https://www.wired.com/story/linestar-pipeline-ransomware-leak/) about the incident, it later commented and accepted having undergone a **ransomware attack**. It said that _since there was no disruption in operations, the attack wasn’t publicly reported_. However, LineStar was taking measures for [protection against phishing](/) and had informed the FBI about the incident.

### Security Bug Detected In Hyperkitty

_Private mailing lists on the Mailman newsletter management service -Hyperkitty were publicly visible because of a **security vulnerability**_. Hyperkitty is a popular open-source mailing list that made it to the headlines for a security bug that keeps private mailing list archives open to public access while importing them. Amir Sarabadani (a software engineer at Wikimedia Deutschland) first discovered this vulnerability while upgrading Wikimedia’s test mailing lists. He said that the list was private and would become [private after the upgrade](https://portswigger.net/daily-swig/security-vulnerability-in-hyperkitty-could-expose-private-data), but during the upgrade, it was public.

Upgrades usually last for more than an hour. _If private mailing lists remain public for that duration, a lot of publicly identifiable information can be compromised and misused_. While Hyperkitty fixed the vulnerability in its latest version, the bug was categorized with a 7.5 severity score. Unfortunately, such **software vulnerabilities** aren’t uncommon, so taking [phishing prevention](/) measures is always advisable.

### FINRA Warns Of Ongoing Phishing Campaign

Phishing campaigns use the same few techniques to trick people, and this time it’s FINRA that they are using to get victims. The adversaries have created a fake domain name called @gateway-finra.org, and they are using it to impersonate FINRA and trick their clients.

_FINRA has issued a notice warning all member firms to watch out for **phishing email**s from this fake domain_. A typical email asks the recipient to complete or view a request by clicking on embedded links. These emails instill the fear of attracting penalties on late submission, which seems to work for recipients almost all the time. _FINRA urges all firms to **refrain from clicking** on images and links that come embedded in emails from this domain_, delete all such spam emails and report the same to their [anti-phishing solutions](/products/advanced-threat-defense/) provider. In addition, in an abundance of caution, FINRA has asked the Internet [domain registrar](https://www.finra.org/rules-guidance/notices/21-20?) to suspend services for the fake domain, @gateway-finra.org.

![Stop phishing emails](https://media.mailhop.org/phishprotection/images/2021/06/stop-phishing-emails-3552.jpg) 

### Cyberattack Hits Spanish Ministry Of Labor And Social Economy

Just three months ago, _the Spanish Servicio Público de Empleo Estatal (SEPE) underwent a ransomware attack_. Now, an attack has brought down the Spanish Ministry of Labor and Social Economic Systems (MITES). MITES supervises and coordinates Spain’s social economy, employment, and corporate social responsibility policies. Unfortunately, its computer systems were recently **hit by a cyberattack**, impacting its multimedia and communications office.

The Ministry’s [technical managers](https://www.bleepingcomputer.com/news/security/spains-ministry-of-labor-and-social-economy-hit-by-cyberattack/) and the National Cryptologic Center are working on restoring the systems at the earliest. In addition, they have adopted necessary measures to ensure [protection from phishing](/) attacks. However, the MITES website, the Electronic Office, the State Public Employment Service, and some other services continue to operate uninterruptedly.

### Ragnar Locker Attacks Storage Manufacturer ADATA

One of the top SSD and DRAM manufacturers from Taiwan, _ADATA, recently underwent a **ransomware attack**_. The company had to bring down its systems to contain the spread of the malware and experienced some downtime before operations were finally restored. _ADATA informed all concerned international authorities and stakeholders about the breach soon after detecting it on 23rd May 2021_.

ADATA did not mention anything about the threat actor, but _it is suspected that the Ragnar Locker ransomware gang is responsible for the attack_. The ransomware gang has already [claimed ownership](https://www.techradar.com/news/adata-struck-by-ragnar-locker-ransomware-attack) of the attack on the dark web. It also claims to have **stolen 1.5 TB** worth of sensitive data from ADATA’s systems. A screenshot of files stolen from ADATA accompanies Ragnar Locker’s post on the attack. While ADATA has not specified whether it plans to pay (or has already paid) the demanded ransom, its business operations are working now. Currently, the manufacturer is engaged in adopting [anti-phishing services](/) and restoring the affected devices. However, whether the business operations are back on track because of ADATA’s internal efforts or owing to the ransom payment remains unknown.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 25 of 2021","description":"Cybersecurity Updates For The Week 25 of 2021: In today's times, it has become necessary to keep yourself abreast of the latest cyber-attacks , and various.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-25-of-2021/","datePublished":"2021-06-17T06:40:43.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-06-17T06:40:43.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-25-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1196,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/06/stop-phishing-emails-3351.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 25 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-25-of-2021/"}]}
```