---
title: "Cybersecurity Updates For The Week 41 of 2020 | Phish Protection"
description: "Cybersecurity Updates For The Week 41 of 2020: Phishing prevention tips can be best utilized when you are abreast of the latest cyber headlines. Here are the."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-41-of-2020.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-41-of-2020/"
---

Quick Answer

\[Phishing prevention tips\](/content/phishing-prevention/) can be best utilized when you are abreast of the latest cyber headlines. Here are the latest \*\*cyber attacks\*\* from this past week

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-41-of-2020%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2041%20of%202020&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-41-of-2020%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-41-of-2020%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-41-of-2020%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2041%20of%202020 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2041%20of%202020&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-41-of-2020%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/10/multiple-spf-records-7523.jpg) 

[Phishing prevention tips](/content/phishing-prevention/) can be best utilized when you are abreast of the latest cyber headlines. Here are the latest **cyber attacks** from this past week

### Armenia-Azerbaijan War Exposes Navy Details

The recent warfare between Armenia and Azerbaijan for the Nagorno-Karabakh region has led to the leak of [18,872 entries](https://cybernews.com/news/nagorno-karabakh-war-azeri-navy-data-including-passports-numbers-leaked-on-russian-forums/?web%5Fview=true) belonging to **over 10,000 Azerbaijan Navy personnel**. The leaked database contained the full names and surnames, dates of birth, passport numbers, and expiry dates of Azeri navy sailors.

Luckily, some of these passports have already expired, but others remain valid up to 2025\. In addition to the personal details, headshots of the sailors were also available in the **leaked database**. Although the file was small (2GB), _it was protected with an obvious war-related password._

### Cyberattack on Universal Health Services

_The Universal Health Services underwent a significant cyberattack_ on the morning of 27th September 2020\. The [hospital system](https://edition.cnn.com/2020/09/29/health/uhs-cyberattack-ops-down/index.html?&web%5Fview=true) has been trying to re-establish its network and operations since then. Although some services have recovered, a lot still needs to be figured out.

Meanwhile, _the hospital has reverted to the offline mode of operation and relying on backups to keep functioning_. No patient or employee data was breached in the attack. The attack has certainly not affected the quality of patient care. However, the security incident and associated [phishing prevention best practices](/resources/phishing-prevention-best-practices/) have made life quite strenuous for the staff, doctors, and members.

### Ransomware Hits Ashtabula County Medical Center

In another **ransomware attack** on a healthcare facility, the Cleveland-area [Ashtabula County Medical Center](https://www.nbcnews.com/tech/security/cleveland-area-hospital-goes-offline-after-apparent-cyberattack-n1241408?&web%5Fview=true) has been a victim. The center is experiencing a downtown exceeding a week because of which all elective procedures have been postponed.

_Their computer systems have been down since 21st September_, but the emergency department has been operational. Besides adopting [phishing attack prevention](/) measures, the medical center ensures that services reach the needy and that emergencies are duly attended.

### Ransomware Hits Arthur J. Gallagher & Co.

_The global insurance brokerage firm Arthur J. Gallagher & Co. recently underwent a **ransomware attack**_, the impacts of which were luckily not adverse. Although the firm hasn’t disclosed any further details on the nature of the attack, the security researcher Troy Mursch states that AJG was using two F5 BIG-IP servers vulnerable to [CVE-2020-5902](https://securityaffairs.co/wordpress/108925/malware/ajg-ransomware-attack.html?web%5Fview=true), which was probably **exploited by the hackers**.

However, the firm was proactive in adopting [anti-phishing solutions](/products/advanced-threat-defense/) and immediately brought down its global systems. _They have also collaborated with cybersecurity and forensics professionals to investigate the attack_. Their operations revived soon after, and they don’t speculate any significant loss to business because of the attack.

### No Malware Impacts On CMA CGM Communications

The Container shipping group [CMA CGM](https://www.reuters.com/article/us-cmacgm-cyber/shipping-firm-cma-cgm-says-no-communications-breach-in-cyber-attack-idUSKBN26K386?&web%5Fview=true) recently underwent a **malware attack** that brought down its online systems. However, _the group has notified that no communications were affected in the cyber attack_. 

The group has adopted [phishing prevention](/) measures and offered alternatives to customers for uninterrupted services. _They have reassured stakeholders that all communications made to and from the CMA CGM Group are secure_. Also, it’s maritime and port operations are safe from the attack.

![Multiple spf records](https://media.mailhop.org/phishprotection/images/2020/10/multiple-spf-records-7523.jpg) 

### Indian Defense Force Targeted By APT Group

_The Indian defense forces and armed forces personnel have been the targets of an APT group for quite some time now._ The adversaries were working on a campaign called [Operation Sidecopy](https://cyware.com/news/operation-sidecopy-targets-defense-forces-in-india-211170f6), which was evading the [anti-phishing tools](/products/malware-and-ransomware-protection/) of security researchers by copying tactics, techniques, and procedures of the Sidewinder APT group.

While no concrete proof exists, it is suspected that the Operation Sidecopy campaign has links with Pakistan’s Transparent Tribe (APT36) group. These threat actors continually evolve and use a **template injection attack** and exploit the CVE-2017-11882 vulnerability as the initial infection vector. _They also use data exfiltration tricks and the DLL sideloading technique for their intelligence collection operations_.

### Flight Tracking Websites Hacked

Cyber Attackers temporarily disrupted the services of the two famous [flight tracking websites](https://www.hackread.com/major-flight-tracking-services-hit-cyberattacks/?web%5Fview=true), Flightradar24 and PlaneFinder recently. _While Flightradar24 was attacked three times in two days, PlaneFinder was subjected to multiple attacks_. Because of the episode, PlaneFinder users were unable to access live feeds as the website. On its part, PlaneFinder requested users to remain patient as they work on restoring their systems.

Flightradar24, too struggled to revive its services after three consecutive attacks. However, both platforms adopted [anti-phishing protection](/products/advanced-threat-defense/) measures and could successfully restore their services by 29th September.

### Cyberattack Hits Cryptocurrency Exchange Kucoin

_The cryptocurrency exchange KuCoin was robbed of [around $150 Million](https://www.zdnet.com/article/kucoin-cryptocurrency-exchange-hacked-for-150-million/?&web%5Fview=true) from its hot wallets in a recent cyberattack_. The hack was detected when KuCoin noticed some large withdrawals on 26th September. Soon after, KuCoin took [phishing protection](/) measures and initiated a **security audit**. The research revealed that the adversaries stole Bitcoin assets and ERC-20-based tokens, among other tokens.

![Kitterman spf](https://media.mailhop.org/phishprotection/images/2020/10/kitterman-spf-5421.jpg) 

As deposits and withdrawals remain inactive, _KuCoin has assured users of reimbursing their lost funds_.

### Cyberattack On Scouts Victoria

The Australian company Scouts Victoria [underwent a phishing attack](https://www.zdnet.com/article/scouts-victoria-phished-for-data-treasure-trove-including-tfns-and-bank-account-history/?&web%5Fview=true) in late July and early August this year. Recently, they sent out emails to the affected people. _The adversaries got access to two staff email accounts_ and a shared dropbox because of which a plethora of private information belonging to their customers was compromised. These details included their names, email addresses, driver’s licenses, residential addresses, medicare details, passport numbers, tax file numbers, signatures, bank account, criminal history information, parenting orders, etc.

Scouts Victoria has notified the Office of the Australian Information Commissioner (ATO), and the ATO has taken necessary measures for [protection from phishing](/). The Human Services Department has also been contacted to protect the affected people from any Medicare-related fraud. _They advise people to refrain from opening any email attachments from suspicious senders_.

### The Penalty For Hacking, Nikulin’s Story

_The United States has convicted Russian Yevgeniy Aleksandrovich Nikulin to 88 months in prison [for hacking](https://www.securityweek.com/russian-sentenced-prison-hacking-linkedin-dropbox?&web%5Fview=true)_ LinkedIn, Dropbox, and Formspring in 2012\. Nikulin was also responsible for the 2013 **cryptocurrency theft** from BitMarket.eu. He has stolen credentials from an estimated **117 million Americans** and _earned over $6,200 by selling these credentials on the dark forum_.

After the hearing, he was sentenced to 88 months in prison and three years of supervised release. He has also been ordered to pay $514,000, $1 million, $20,000, and $250,000 to Dropbox, LinkedIn, Formspring, and WordPress, respectively, as compensation.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 41 of 2020","description":"Cybersecurity Updates For The Week 41 of 2020: Phishing prevention tips can be best utilized when you are abreast of the latest cyber headlines. Here are the.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-41-of-2020/","datePublished":"2020-10-09T09:07:20.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-10-09T09:07:20.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-41-of-2020/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1054,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/10/multiple-spf-records-7523.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 41 of 2020","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-41-of-2020/"}]}
```