--- title: "Cybersecurity Updates For The Week 42 of 2020 | Phish Protection" description: "Cybersecurity Updates For The Week 42 of 2020: Cybersecurity can be ensured when netizens act proactively and take anti-phishing protection measures well in." image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-42-of-2020.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-42-of-2020/" --- Quick Answer Bangalore-based Indian ed-tech platform \[Edureka recently underwent a data breach\](https://inc42.com/buzz/edureka-suffers-server-breach-data-of-2-mn-users-exposed/?&web\_view=true) that has \_publicly exposed over two million users' details\_. The breach was due to an unprotected US-based Elasticsearch server left online for over a week. Security researchers from the SafetyDetectives first discovered the vulnerability on 1st August and approached Edureka regarding the same on 6th August. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-42-of-2020%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2042%20of%202020&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-42-of-2020%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-42-of-2020%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-42-of-2020%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2042%20of%202020 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2042%20of%202020&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-42-of-2020%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/10/phishing-prevention-4523.jpg) _Cybersecurity can be ensured when netizens act proactively and take [anti-phishing protection](/products/advanced-threat-defense/) measures well in advance_. The following headlines from the world of cybersecurity shall enable the reader to plan their [phishing prevention](/) measures better. ### \*\*\*\* Data Breach at Edureka Bangalore-based Indian ed-tech platform [Edureka recently underwent a data breach](https://inc42.com/buzz/edureka-suffers-server-breach-data-of-2-mn-users-exposed/?&web%5Fview=true) that has _publicly exposed over two million users’ details_. The breach was due to an unprotected US-based Elasticsearch server left online for over a week. Security researchers from the SafetyDetectives first discovered the vulnerability on 1st August and approached Edureka regarding the same on 6th August. Upon receiving no response from the company, they approached the Indian Computer Emergency Response Team (CERT-In), who then adopted [anti-phishing solutions](/) and secured the server on 13th August. Among the exposed information were the usernames, addresses, and phone numbers of the company’s customers, mostly based in India. However, _Eureka has denied the possibility of any personal information of users being compromised_. ### \*\*\*\* Data Breach at Gulf Coast State College The Gulf Coast State College [underwent a data breach](https://www.wjhg.com/2020/10/03/students-and-employees-notified-of-gulf-coast-state-college-data-breach/?&web%5Fview=true) recently, which has _exposed several employee email accounts to the adversaries_. Resultantly, some students’ and employees’ records may have been compromised. As a part of its **anti-phishing measures**, the college sent out emails to affected students on 28th September and provided a year of free credit monitoring to the victims. ![Phishing prevention](https://media.mailhop.org/phishprotection/images/2020/10/phishing-prevention-4523.jpg) _The social security number of victims too may have been compromised_. Hence, the college advises all students to keep monitoring their account statements and credit reports. The college I.T. Department was prompt to take [phishing attack prevention](/) measures, and the college also hired an independent forensic team. Although it isn’t sure whether any other personal information was accessed, the college nonetheless advises its staff and students to remain vigilant. ### POS Malware Attack On Two Merchant Using VISA The U.S. payments processor Visa recently disclosed that _malware had infected two unnamed North American hospitality merchants_ back in May and June. Strains of [point-of-sale (POS) malware](https://securityaffairs.co/wordpress/109072/cyber-crime/visa-hospitality-merchants-hack.html?web%5Fview=true) were detected by the Visa Payment Fraud Disruption (PFD) in the two North American merchants’ POS terminals. While _the first attack employed the malware variant TinyPOS, the second used a mix of RtPOS, MMon, and PwnPOS_. The technical details have been forwarded to both the merchants for further investigation and take [phishing protectio](/)n measures if the threat actors are found in their network. ### \*\*\*\* Salary Of Swiss University Employees Stolen Hacks on educational institutions aren’t uncommon, and _the recent hack targeted Switzerland’s [University of Basel](https://securityaffairs.co/wordpress/109100/hacking/swiss-universities-hacked.html?web%5Fview=true) along with at least two other universities_. The adversaries have succeeded in stealing employee salary payments at several Swiss universities and the amount thus transferred is a six figured number now moved into a foreign account. _The hackers first compromised the university systems and then hijacked the employee salary transfers by changing the beneficiaries’ accounts_. This hack serves as a lesson to all universities to strengthen their **anti-phishing tools**. The University of Zurich was vigilant enough to evade such a phishing attempt, but everyone else who fails to recognize suspicious activities is up for huge losses. ### \*\*\*\* Ransomware Hits Ardonagh Group A **ransomware attack** has compelled the Jersey-headquartered insurance company [Ardonagh Group to suspend](https://www.theregister.com/2020/10/06/ardonagh%5Fgroup%5Fransomware/?&web%5Fview=true) 200 of its internal accounts with admin privileges. The attack at this time when Ardonagh Group had just announced a **loss of approx. £94 million** is not a good sign, but the firm has been proactive in taking measures for [protection against phishing](/). Although they haven’t disclosed details about the attack, the firm has mentioned its routine comprehensive monitoring, which helped identify the attack. They are now executing their Business Continuity Plans and have collaborated with third-party forensic and I.T. experts for further investigation. ![Phishing prevention tips](https://media.mailhop.org/phishprotection/images/2020/10/phishing-prevention-tips-7631.jpg) ### \*\*\*\* Bazaloader Exploits Trump’s COVID Diagnosis Hackers have used U.S. President Donald Trump’s COVID-19 diagnosis to launch an [email phishing scam](https://www.cyberscoop.com/trump-coronavirus-sickness-hacking-virus/) that fools people in clicking a **malware-infected link**. _This is an old and effective technique that the adversaries have employed to exploit the COVID 19 anxieties_ among people for the nth time. Several U.S. and Canadian organizations have become victims of this latest email campaign that sends emails with subject lines like “Recent materials pertaining to the president’s illness.” Within the email rests a hyperlink to an attached document which downloads a corrupt Excel spreadsheet unto the users’ device. This sheet **installs BazaLoader** (a trojan linked to the TrickBot hacking tool) on the device designed to take over corporate networks. [Phishing email prevention](/) is a primary cybersecurity measure that ought to be deployed by every individual and organization. ### \*\*\*\* Ricoh Acquires MTI Technology In a recent acquisition, ownership of Japanese firm MTI Technology has been transferred to Ricoh. CEO Scott Haddow believes that this move shall strengthen its I.T. capabilities across Europe while still sustaining its brand identity. Adopting the [phishing prevention best practices](/resources/phishing-prevention-best-practices/) doesn’t always imply investing in tools or infrastructure; it sometimes comes in the form of a merger with bigger and better brands that can enrich one’s I.T. systems and _aid customers experience a higher level of security and privacy_. Ricoh has expressed its plans regarding MTI and says that [MTI customers shall only benefit](https://www.channelweb.co.uk/news/4021275/mti-acquired-ricoh?&web%5Fview=true) from their global reach. The acquisition seems like a win-win for all as MTI gets to keep its leadership team intact, and Ricoh gains an efficient group of leaders. ### \*\*\*\* Hackers Impersonate FINRA U.S. government authorized NPO Financial Industry Regulatory Authority (FINRA) has notified members to watch out for [email phishing attacks](https://www.bleepingcomputer.com/news/security/us-brokerage-firms-warned-of-widespread-survey-phishing-attacks/?&web%5Fview=true) that employ surveys to harvest information from member brokerage firms. They have notified members of a fake FINRA domain that is asking member firms to fill a survey before 13th October so that FINRA can update its so-called “conduct and supervisory rules.” FINRA has asked all members who clicked on any link or image embedded in the email to take necessary **security measures** in its [phishing prevention tips](/content/phishing-prevention/). The NPO has also approached NameCheap (the platform used by adversaries to register the fake FINRA domain) and urged them to suspend the fake domain. ### \*\*\*\* Hackers Target Wisepay The online payment website Wisepay used extensively by guardians of U.K. school and college students to top their accounts for meals, or school trips, has been down since Sunday. [Wisepay has shut its website](https://www.theregister.com/2020/10/07/wisepay%5Foutage%5Fwas%5Fcyber%5Fattack/?&web%5Fview=true), _citing ‘maintenance’ to stop the adversaries from spoofing its card payment page_. The website has approached the U.K. Information Commissioner’s Office and collaborated with a cyber forensic agency to investigate the **malicious URL** manipulation attempt. Although much inconvenience has been caused to the parents, this move was taken to ensure [protection from phishing](/) attacks. While it seeks alternative payment options, the Monk’s Walk School (a customer of Wisepay) has instructed parents to monitor their account statement if they used the Wisepay between the 2nd and 5th of October. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 42 of 2020","description":"Cybersecurity Updates For The Week 42 of 2020: Cybersecurity can be ensured when netizens act proactively and take anti-phishing protection measures well in.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-42-of-2020/","datePublished":"2020-10-20T19:54:22.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-10-20T19:54:22.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-42-of-2020/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1142,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/10/phishing-prevention-4523.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 42 of 2020","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-42-of-2020/"}]} ```