--- title: "Cybersecurity Updates For The Week 34 | Phish Protection" description: "Cybersecurity Updates For The Week 34: With rapid advancement globally, cyber-attacks on both individuals and enterprises are breaking new ground every day ." image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-34.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-34/" --- Quick Answer With rapid advancement globally, \_cyber-attacks on both individuals and enterprises are breaking new ground every day\_. In 2019, threat vectors are rapidly growing, and cybercriminals are leveraging new hacking techniques. The icing on the cake is that cybersecurity is rising to the challenge and putting up a noble fight. Here are the cybersecurity news updates for the past week. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-34%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2034&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-34%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-34%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-34%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2034 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2034&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-34%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2019/08/phishing-prevention-3695.jpg) With rapid advancement globally, _cyber-attacks on both individuals and enterprises are breaking new ground every day_. In 2019, threat vectors are rapidly growing, and cybercriminals are leveraging new hacking techniques. The icing on the cake is that cybersecurity is rising to the challenge and putting up a noble fight. Here are the cybersecurity news updates for the past week. ### Twenty-Three Texas Towns Hit By A Planned Cyber Attack In a recent coordinated ransomware attack, systems of as many as [twenty-three Texas towns got paralyzed](https://www.cnbc.com/2019/08/19/alarm-in-texas-as-23-towns-hit-by-coordinated-ransomware-attack.html). The primary victims of the attack were the small local governments. This attack happened within days after similar attacks disturbed activities in New York, Louisiana, Maryland, and Florida. The Department of Information Resources, Texas, announced that the attack began on the morning of 16 August 2019\. The Department refused to disclose the exact target areas, but it mentioned that the vast portion of affected areas were smaller local governments. Reportedly, _no systems and networks of the State of Texas were affected by the attack_. #### What Caused The Attack? _A particular threat vector is certainly behind all the 23 attacks, but the culprit has not been identified yet_. With the active assistance of federal and state agencies such as FEMA, the Department of Homeland Security, Texas A&M’s Information Technology and Electronic Crime Unit and the Texas Military Department, the investigations and the response and recovery measures continue. #### What Steps Were Taken to Control The Damage? The governor of Texas, Greg Abbott, initiated “**Level 2 Escalated Response**” immediately after the attack. This measure is one step below the highest level of alert, level 1, or “emergency” and constitutes a part of a four-step response protocol. The [anti-phishing solutions](/) adopted by the governor also include the employment of cybersecurity experts to analyze the damages caused by the attack. Additionally, the experts will assist the local governments to reinstate their systems. ### \*\* \*\*Cyber Attack Caused Huge Backlog For Eurofins Scientific The most prominent provider of forensic services in the UK, [Eurofins Scientific was a victim of a very sophisticated ransomware attack](https://www.bbc.com/news/uk-49361260) in June this year, which caused a backlog of 20,000 samples. Following the attack, the British Police snapped its association with the firm, but they have resumed work with Eurofins Scientific, three weeks ago. The functions of Eurofins include carrying out DNA testing, toxicology analysis, firearms testing, and computer forensics for police forces throughout the UK. _It handles over 70,000 criminal cases annually_. #### NPCC In A Damage Control Mode ![Phishing prevention](https://media.mailhop.org/phishprotection/images/2019/08/phishing-prevention-3695.jpg) The backlog containing blood and DNA specimens of victims and suspects have come down from 20,000 to 15,000\. It is the result of fast-tracking the cases by the National Police Chiefs’ Council (NPCC). The NPCC is very serious about [protection from phishing](/). It claimed that the majority of the cases involving suspect specimens and evidence from crime scenes would get clearance within two months. Eurofins paid a ransom to the attackers to restore access to its computer network, as per sources. ### Six-Month Old Cyber-Attack On ECB Finally Detected The European Central Bank (ECB) shut down its Integrated Reported Dictionary website when they identified that [the site was infiltrated by attackers](https://tech.newstatesman.com/security/ecb-cyber-attack) back in December 2018\. Thus, _the website remained compromised for over six months without the administration noticing anything unusual_. The **phishing attempt** included the injection of malware into the site, which was possibly capable of stealing email addresses, names, and titles of subscribers. Cyberattacks like these often go unnoticed by both the site owner and its users. The same happened with ECB for the initial six months, where hackers gained unauthorized access to the website. They were probably harvesting the details of the subscribers of ECB’s newsletter without any awareness on their part, whatsoever. #### What Measures Is ECB Undertaking? As a [phishing protection](/products/advanced-threat-defense/) measure, the ECB is now contacting people whose details they suspect got compromised in the attack. However, the bank claims that **no market-sensitive data** got compromised at the time of the attack on the website. ### Re-used Passwords Make Users More Vulnerable To Attacks Says Google Suppose a user re-uses breached and unsafe credentials for sensitive financial, government and email accounts. Then, his/her accounts are more prone to getting attacked by malicious third parties. Google highlighted this vital thing in one of its [recent blog posts](https://economictimes.indiatimes.com/magazines/panache/google-reveals-users-risk-safety-by-re-using-unsafe-passwords-for-financial-email-accounts/articleshow/70701935.cms). It also added that attackers usually attempt to infiltrate user accounts using details exposed by third-party breaches. _People are more likely to re-use breached passwords on platforms other than the most popular web sites_. Hence, their accounts stand a higher risk of getting attacked by cybercriminals. In such a situation, setting **strong and unique passwords** for every online account or website is the most feasible means of assuring [phishing prevention](/office-365-phishing-protection/). #### The Password Checkup Extension By Google _Google incorporated a Password Checkup extension for Chrome in February this year which prompts people on the hackability of their chosen password_. In the first month of this Password Checkup extension coming into effect, Google **scanned 21 million** usernames and passwords and marked more than **3, 16, 000 accounts as unsafe**. And this was 1.5 percent of the sign-ins examined by the extension. Google has two new features for its Password Checkup extension: - A direct feedback mechanism which allows users to inform Google about any issues they face. - The provision of opting out of the anonymous telemetry gives users an extra assurance of maintaining secrecy. ### \*\* \*\*Number Of Cyber Attacks Rise Massively In India: A Downside Of Digitalization Prayukth K.V, the head of IoT marketing at Subex, made a remarkable observation about the [increasing trend of cyberattacks in India](https://www.news18.com/news/tech/cyber-attacks-on-india-rose-sharply-within-20-minutes-during-indo-pak-border-conflict-2273911.html). Particularly during the twenty minutes preceding India’s conflicts with its neighbour Pakistan. _These cyberattacks are rapidly rising and becoming all the more sophisticated_. Prayukth said that there were increased cyber-attacks on IoT deployments in the defense space and attacks in general, ever since the gunshots began at the war field. He added that specially **mobilized cyber-attacks** only go on to prove that the adversaries can strike at any moment they wish. However, tracking these attacks becomes extremely difficult because criminals use disguised or impersonated geographical identities. Thus, _preparedness is a crucial concern for cyber guardians_. #### Escalating Numbers, A Cause Of Concern _Cyber-attacks on the nation rose significantly with a scaring upsurge by 22 percent_. Speaking in terms of figures, attacks in the previous quarter numbered 800,000, but they **total 1.1 million** in the immediate next quarter. The country is taking its own protective and precautionary measures. The managing director and chief executive of Subex, Vinod Kumar, said that the Indian government is having internal discussions about this matter. Additionally, it is also taking the necessary steps to ensure [anti-phishing protection](/products/malware-and-ransomware-protection/). ### \*\* \*\*Barracuda Reports That 1 Out Of 7 Enterprises Undergo Lateral Phishing Attacks _Lateral phishing attacks usually attain more success rates than other types of cybercrimes_. These emails impersonate valid email addresses (who happen to know the sender directly or indirectly) and hence, victims do not doubt their authenticity. [Barracuda Networks released its cybersecurity report](https://economictimes.indiatimes.com/tech/internet/1-in-7-businesses-experienced-lateral-phishing-attacks-report/articleshow/70736753.cms) recently. It mentioned that one in every seven enterprises across the globe claimed to have undergone at least some lateral phishing attempt in the past seven months. Following are some of the discoveries from Barracuda’s report: - The lateral phishing emails are hard to be traced via anti-phishing tools because these emails originate from legitimate accounts. Therefore, _they effortlessly con the email protection systems and unsuspecting recipients_. - In the Barracuda report titled, “**Spear Phishing**: Top Threats and Trends Vol. 2″, over 55% of the recipients of **lateral phishing email attacks** claimed to have either some personal or professional association with the compromised email account. - The attackers have put in extra effort in 37% of the cases to produce customized email content for specific organizations. Thus, by updating the technical know-how, hackers can enhance the credibility of their fraudulent emails. - Another factor lending these emails credibility is the time of the day. The criminals are cautious enough to send lateral phishing emails only during the regular workweek and working hours, thus killing all scopes of suspicion. ### Freely Available Trojan Malware Might Be Increasing Cyber Attacks Adding to the already brimming inventory of malicious resources, a new and [powerful trojan malware is being available on the dark web free of cost](https://www-zdnet-com.cdn.ampproject.org/c/s/www.zdnet.com/google-amp/article/cybersecurity-this-trojan-malware-being-offered-for-free-could-cause-hacking-spike/). It might be the beginning of an upsurge in cyberattacks in the coming days and months. A trojan called NanoCore RAT that earlier fetched an insignificant amount of $25 was causing many grievances to victims since its release in 2013\. But, there is a **free version available** on the dark web now, much to the benefit of the cybercriminals. #### What Is Trojan NanoCore v1.2.2? Researchers first identified the Trojan NanoCore v1.2.2 at LMNTRIX Labs. _This Trojan can steal passwords, perform keylogging, and also secretly record audio and video footage using the webcam_. It gets structured in such a way that it can avoid detection while using the webcam, by auto disabling the recording light. The light gets emitted when the user is recording something. It is also capable of shutting down or restarting systems and eventually gives full access of the system to the attacker. NanoCore is relatively easy to use, and even less proficient criminals put it to malicious use. #### How To Protect Oneself? The best way to save yourself from these trojans is to incorporate [phishing protection software](/products/email-impersonation-protection/). Additionally, one must ensure that the systems get regularly updated for patches and newer versions that are less vulnerable to hackers’ attempts. ### 68 Lakh Records Stolen From Indian Healthcare Website The US-based cybersecurity firm FireEye recently revealed that [hackers attacked a leading Indian healthcare website](https://health.economictimes.indiatimes.com/news/industry/hackers-attack-indian-healthcare-website-steal-68-lakh-records/70781751). It led to a massive data breach involving the details of over **68 lakh patients and doctors**. Although the website’s name was kept hidden, the security firm said that the cybercriminals involved in the breach are mostly from China. _The attackers are selling stolen data from various healthcare organizations and web portals across the world_, and India is another nation on their hit list. #### A Rising Threat For The Healthcare Sector _There is a considerable rise in the number of medical databases that are up for sale in the dark market_, as per the anti-phishing firm, FireEye’s observation. Notably, the healthcare sector witnessed a multitude of data breaches by the Chinese nation. A notable thing about all these China-based attacks is that they steal large sets of personally identifiable information (PII) and Protected Health Information (PHI) every time. ### Over 30,000 Cyber Attacks On US Federal Agencies In 2018 The FISMA FY 2018 Annual Report found out that the [US government organizations dealt with 31,107 cyberattacks](https://gdpr.report/news/2019/08/22/privacy-federal-agencies-in-the-us-experienced-over-30000-cyber-security-attacks-last-year/) in the financial year 2018\. This figure marked a 12% decline in attacks as compared to the previous fiscal year of 2017(35,277 assaults in 2017). Although the report stated that no significant attacks hit any federal agency in 2018, yet the _federal government continues to face challenges mitigating underlying security vulnerabilities_. According to the report, the US government spent around **$15 billion on cyber-security** measures in 2018. The key takeaways from the FISMA FY 2018 Annual Report are: ![Phishing prevention tips](https://media.mailhop.org/phishprotection/images/2019/08/phishing-prevention-tips-2365.jpg) - Though not indicated in figures, email-based threats continue to exist, and hence, [email phishing protection](/) becomes an issue of concern for the US government. - The Department of Homeland Security stated that 6,930 phishing incidents occurred in 2018. - About 27% of all cyberattacks lacked an identified medium giving the hacking element access to computer infrastructures. - Improper usage led to about 9,674 cyber-security incidents in 2018, and another 2,552 cyber-security problems were a result of loss or theft of organization equipment. ### Data Breach At Adult Website Distresses Millions Luscious, the adult website recently [underwent a data breach](https://www.itpro.co.uk/data-breaches/34239/adult-site-luscious-data-breach-affects-more-than-a-million-users) which exposed the personal information and real identity of **over 1.195 million** of its users. The lost data consisted of the usernames, personal email accounts, locations, gender, and activity logs, and in some cases, full names of the users. Discovered last week by vpnMentor, the breach led to the compromise of 800,000 official accounts and actively used emails accounts. _This attack would have life-changing implications on the personal life of affected users_. However, _the thin silver lining here is the fact that 20% of the total accounts used fake email addresses_. The victims of the breach hail from France, Germany, Russia, Brazil, Italy, Canada and Poland and among the exposed user activity were videos, user IDs, followers, accounts followed and blog posts. The risks are higher with this breach because many of the victims had their official email addresses involved. _It means that the entire organization now becomes prone to such cyber attacks_. #### What Can Be Done? Although the security flaw was taken care of, the following measures can help safeguard against such threats: - Organizations must employ [anti-phishing services](/) and implement severe measures restricting the online activities of the employees. They should make employees refrain from using their official email addresses for any personal work. - Users must regularly change their login details to avoid the vulnerability of becoming prey to such types of cyber-attacks. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Cybersecurity ](/tags/cybersecurity/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 3m 13,000 Singapore-based students affected as a threat actor hacked into their devices! Aug 16, 2024 ](/blog/13000-singapore-based-students-affected-as-a-threat-actor-hacked-into-their-devices/)[ Intermediate 3m The 2024 Multi-Nation Elections Need to Steer Clear of Highly Potent Cyber Menaces May 9, 2024 ](/blog/2024-multi-nation-elections-cyber-threats-stay-vigilant/)[ Intermediate 6m 7 Commonly Overlooked But Crucial Security Threats That You Might be Ignoring Feb 6, 2023 ](/blog/7-commonly-overlooked-but-crucial-security-threats-that-you-might-be-ignoring/)[ Intermediate 17m 9+ Cybersecurity Software Solutions For Businesses To Use May 30, 2022 ](/blog/9-cybersecurity-software-solutions-businesses/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 34","description":"Cybersecurity Updates For The Week 34: With rapid advancement globally, cyber-attacks on both individuals and enterprises are breaking new ground every day .","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-34/","datePublished":"2019-08-26T07:51:28.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2019-08-26T07:51:28.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-34/"},"articleSection":"intermediate","keywords":"Cybersecurity","wordCount":2197,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2019/08/phishing-prevention-3695.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 34","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-34/"}]} ```