--- title: "Cybersecurity Updates For The Week 36 of 2020 | Phish Protection" description: "Cybersecurity Updates For The Week 36 of 2020: The cybersecurity industry continues to be the most volatile sector of the 21st century . Every day, hundreds." image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-36-of-2020.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-36-of-2020/" --- Quick Answer The silver lining is that the Brookfield Residential took immediate \[phishing protection\](/) measures after discovering the breach and restored all affected systems. They have also notified affected individuals (mostly their employees) and are implementing additional security measures. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-36-of-2020%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2036%20of%202020&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-36-of-2020%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-36-of-2020%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-36-of-2020%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2036%20of%202020 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2036%20of%202020&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-36-of-2020%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/09/how-to-prevent-phishing-0763.jpg) _The cybersecurity industry continues to be the most volatile sector of the 21st century_. Every day, hundreds of individuals and organizations become **victims of cyber-attacks** globally, resulting in substantial financial and data losses. The only way to reduce the intensity of these attacks is by adopting apposite [anti-phishing solutions](/products/advanced-threat-defense/). However, knowledge of recent cyberattacks is essential to know which [phishing prevention](/) measure is suitable. Here are the recent cyber headlines from this past week ### New Ransomware Darkside Targets Brookfield Residential _DarkSide is a ransomware that emerged recently_, and one of its first victims is the North American land developer and homebuilder [Brookfield Residential](https://www.bleepingcomputer.com/news/security/darkside-ransomware-hits-north-american-real-estate-developer/?&web%5Fview=true) which is owned by Brookfield Asset Management. _DarkSide breaks into a network and eventually spreads into other connected devices, while also stealing unencrypted data_. DarkSide creates an entry for each victim on their data leak site and publicly accessible **stolen data**. However, DarkSide operators confused the names and listed the data of Brookfield Residential as that of Brookfield Asset Management. The silver lining is that the Brookfield Residential took immediate [phishing protection](/) measures after discovering the breach and restored all affected systems. They have also notified affected individuals (mostly their employees) and are implementing additional security measures. ### \*\*\*\* Malware Attack Hits Rialto Unified School District The [Rialto Unified School District](https://www.infosecurity-magazine.com/news/cyberattack-on-rialto-school/?&web%5Fview=true) was recently hit by a **malware attack** that _disrupted the virtual classes for all the 25,000+ students_ from its adult education school, three high schools, five middle schools, and 19 elementary schools. The attack is now being investigated, and the schools shall remain closed until further notice. In these challenging times, _the IT staff at RUSD is working hard to ensure [protection from phishing](/) and resume teaching_. The district has urged students to use a particular device for the district server and abstain from using it till things get better. _They are also taking back school-issued gadgets for examination_. ![How to prevent phishing](https://media.mailhop.org/phishprotection/images/2020/09/how-to-prevent-phishing-0763.jpg) ### Second Consecutive Attack On NZX Exchange Once again, _the Wellington-based [NZX exchange](https://www.theguardian.com/technology/2020/aug/26/new-zealand-stock-exchange-hit-by-cyber-attack-for-second-day?&web%5Fview=true) became dysfunctional yesterday because of a sophisticated DDoS attack_. As a result, the NZX main board, NZX debt market, and Fonterra shareholders market were affected. The authorities at the NZX exchange hold foreign **hackers responsible** for this disruption. Just when their operations were to get restored, this second attack came as a full stop to many of their systems and revealed the hitherto undisclosed aspect of the exchange’s [anti-phishing services](/products/advanced-threat-defense/). ### \*\*\*\* 90 Japanese VPN Authentication Items Breached Nine hundred authentication items for [VPN server access](https://www.japantimes.co.jp/news/2020/08/25/business/authentication-data-38-japanese-firms-stolen-amid-surge-teleworkers/?&web%5Fview=true#.X0ieLsgzbIU) provided by Pulse Secure LLC were **breached and stolen** recently. As many as 90 of these items were linked to Japan affecting Sumitomo Forestry Co., Hitachi Chemical Co., and 36 other Japanese companies in the process. While companies encourage VPN usage, it would be wise if these Japanese corporations took additional [anti-phishing protection](/products/advanced-threat-defense/) measures to _prevent hackers from illegally accessing their firms’ internal networks_. Although no damage has been reported so far, it’s high time for these Japanese firms to update the patches released by Pulse Secure back in April 2019. ### \*\*\*\* India’s RailYatri Exposes 37 Million User Records Leading Indian travel booking site backed with Government influence and over 10 million downloads on Google Play, _[RailYatri was exposing](https://www.infosecurity-magazine.com/news/travel-site-exposed-37m-records/?&web%5Fview=true) 43 GB data amounting up to 37 million records linked to over 700,000 unique users_. However, this **data was deleted** by the notorious attacker Meow, leaving just 1 GB of the data available online. When the unprotected database was found online, the IT team at RailYatri took measures for [protection against phishing](/), but they were a little too late. By this time, the Meow bot had done its job, posing a plethora of **security threats** for the multitude of travelers associated with RailYatri. The compromised details include a user’s full name, age, gender, physical and email address, phone numbers, booking details, GPS location, and names/first and last four payment card numbers. With these many credentials, an attacker can easily launch customized **phishing attacks** against the victims! ### \*\*\*\* Ransomware Hits Canada’s Canpar Express Leading Canadian shipping company [Canpar Express](https://www.theregister.com/2020/08/24/in%5Fbrief%5Fsecurity/?&web%5Fview=true) recently underwent a **ransomware attack**, which brought down its website for several days. The episode also affected the package tracking and pickup scheduling facilities of Canpar Express, much to clients’ inconvenience. _The shipping company is trying its best to ensure [phishing attack prevention](/) and meet customer shipping needs_. They haven’t detected any incidents of misuse of client information so far and hope to restore all operations as soon as they can. ![Phishing prevention](https://media.mailhop.org/phishprotection/images/2020/09/phishing-prevention-4236.jpg) ### Utah University Succumbs To Ransom Demands, Probably Of Netwalker _The University of Utah underwent a ransomware attack on 19th July 2020_. Though the university hasn’t disclosed who the attackers were, it is suspected that Netwalker was behind the attack. The [university was mostly successful](https://www.zdnet.com/article/university-of-utah-pays-457000-to-ransomware-gang/) in evading the attack, and _only 0.02% of the data was affected in the incident_. They had initially decided to restore the systems using their back up. However, _the ransomware actors threatened to release the encrypted student data_, which forced the university to rethink their stance on the matter. They approached their cyber insurance provider and paid a portion of the ransom, **$457,059 to protect** their students’ identity and interests. Though the university acted proactively and adopted [phishing prevention best practices](/resources/phishing-prevention-best-practices/), these negotiations with hackers who agree to delete files after receiving the ransom are seldom effective. There is every possibility that the hackers won’t delete the stolen files and use them later for **spear phishing attacks** or demanding more ransom. ### \*\*\*\* Cheap Androids Come With Hidden Malware Chinese manufacturer of [cheap Android phones, Transsion](https://www.hackread.com/nasty-malware-duo-pre-installed-cheap-android-phones/?web%5Fview=true), has launched their Tecno W2 handset, which _comes with a preloaded malware hidden to the user’s eye_. The malware (identified as Triada and xhelper) _works discreetly and subscribes to services without the user’s permission_. **Over 19.2 million** suspicious transactions from more than 200,000 used or new phones have been carried out. These smartphones were selling in Ethiopia, Egypt, South Africa, and Ghana, regions where users look for affordable phones with basic functionalities. _It’s tragic that the malware secretly breaches the privacy of these naïve and hapless users_. _Triada malware works as a software backdoor and spreads malicious code while being undercover_. It becomes difficult to protect yourself from phishing when malware comes free with a newly bought phone and remains invisible to the naked eye. One can only imagine its impact on unsuspicious users who barely have access to education, let alone cyber awareness! ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 36 of 2020","description":"Cybersecurity Updates For The Week 36 of 2020: The cybersecurity industry continues to be the most volatile sector of the 21st century . Every day, hundreds.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-36-of-2020/","datePublished":"2020-09-05T17:29:00.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-09-05T17:29:00.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-36-of-2020/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1086,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/09/how-to-prevent-phishing-0763.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 36 of 2020","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-36-of-2020/"}]} ```