---
title: "Cybersecurity Updates For The Week 45 of 2020 | Phish Protection"
description: "Cybersecurity Updates For The Week 45 of 2020: The world has been a busy place in the past week. There have been many activities in the cybersecurity domain."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-45-of-2020.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-45-of-2020/"
---

Quick Answer

The world has been a busy place in the past week. There have been many activities in the cybersecurity domain, with \_newer methods being deployed to counter old schemes\_. The virtual world is rife with exploits and counter exploits; Let's look at some of the cybersecurity headlines from this past week.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-45-of-2020%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2045%20of%202020&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-45-of-2020%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-45-of-2020%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-45-of-2020%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2045%20of%202020 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2045%20of%202020&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-45-of-2020%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/11/phishing-prevention-tips-7452.jpg) 

The world has been a busy place in the past week. There have been many activities in the cybersecurity domain, with _newer methods being deployed to counter old schemes_. The virtual world is rife with exploits and counter exploits; Let’s look at some of the cybersecurity headlines from this past week.

### Maze Keeps It Going: Old Tactics In A New Bottle

The ransomware Maze has been around for a long time now. However, _what technology could not do, a lowly virus did_. There has been news that **Maze ransomware** would be shutting its operations down for at least six weeks.

_It is currently trying to squeeze in the last penny from its existing ransomware victim_, but the future looks uncertain. According to an associated threat actor involved in the earlier maze **ransomware attacks**, Maze is shutting its operations down. This has come as a relief to every cybersecurity unit around the world.

However, [Maze](https://cyware.com/news/maze-actors-square-off-amid-speculation-of-quitting-bf0bd18a) has been hitting parting shots. It recently dumped **9GB of confidential data** of Toledo Public Schools, hacked Fairfax County Public schools’ systems, and took off with employee data and other confidential information.

The shutting down of Maze may be a relief to cybersecurity specialists, but it merely seems the lull before the storm. _Maze affiliates have already moved on to a newer system called Egregor, which has the same capabilities as Maze_.

_The end of one of the vicious ransomware does not mean the end of any threat_. It merely suggests that a newer version is ready to be launched.

### DDoS Attacks Which Made Headlines In Quarter 3, 2020

This quarter has been a relatively quiet one. There have been no major **DDoS attacks** that would plunge the world into a crisis. This would in no way mean that the virtual world had suddenly turned saintly. Perpetrators have been busy developing newer skills though there has been no news regarding any earth-shattering cyber innovations.

However, it wasn’t all silence as one might expect. There was an attack on the [Docker environment](https://securelist.com/ddos-attacks-in-q3-2020/99171/?web%5Fview=true), where another DDoS bot had joined the party. To those who wouldn’t understand the meaning of a DDoS, it is a distributed denial-of-service where there is a malicious attempt to disrupt the normal flow of information. It is usually done by targeting the major protocols (namely TCP, UDP, ICMP, HTTP) through **phishing emails** and spoofing the traffic source’s IP address.

Some of these attacks have resembled the **Mirai attack** that had used the vulnerabilities of Comtrend VR-3033 routers.

Other than this, there were a few ransomware attacks where extortion attacks were made for demands ranging from 5BTC to 20BTC, along with the caveat to increasing the intensity of the DDoS attacks.

### Password Spray Attacks And Microsoft’s New Machine Learning Model To Counter It

As part of the [National Cyber Security Awareness Month](https://www.neowin.net/news/microsoft-develops-new-machine-learning-model-to-detect-password-spray-attacks?&web%5Fview=true) (NCSAM) in October, _Microsoft has been urging member nations and organizations to improve their cybersecurity standards and invest more in fixing cyber vulnerabilities_. **Anti-phishing** mechanisms have to be restructured since spamming and **phishing attempts** are becoming more sophisticated.

![Phishing prevention tips](https://media.mailhop.org/phishprotection/images/2020/11/phishing-prevention-tips-7452.jpg) 

It did also announce the introduction of a new machine learning model that improved the last model and performed better in identifying sources of malicious intent about **password spray attacks**.

The earlier model was more of a heuristic apparatus which depended on the core failure mechanism while the new one depends on a list of factors:

- IP Reputation
- Unfamiliar log in properties
- Account deviations

The company has claimed that its new system has **98% precision**.

### Chinks In The Links: Privacy At Stake

Billions of links are passed on in millions of messages among telephone numbers all over the world. However, _a new study revealed that this might have serious security ramifications_. These links are usually intended for the recipient and contain sensitive information like financial transactions, bills, and medical records.

[Apps](https://thehackernews.com/2020/10/mobile-messaging-apps.html?&web%5Fview=true) generally rely on the servers to generate link previews. That is a gross **violation of privacy**, warns cybersecurity specialists, many apps do not provide link previews, which is a concern for everybody.

Some of the offenders are Threema, TikTok, and WeChat, which do not provide any link review. As of now, trust is the only thread that holds this premise. But the cyber world is a den of malice, and one can never anticipate the opportunities malicious actors could find in incidences like this to launch **phishing campaigns** against unsuspecting users.

### Mobileiron: A Saga Of Continuous Attack

[MobileIron’s](https://cyware.com/news/hackers-utilizing-a-sporting-chance-to-abuse-mobileirons-mdm-servers-ea3e6e8c) Enterprise Mobile Device Management (MDM), a solution used to manage scores of mobile devices, _has been under relentless cyber-attacks_. There have been reports that several virtual actors have been trying to exploit the bugs in the MDM system and trying to penetrate the company networks.

It all started in September when a _researcher posted a Proof of Concept regarding a bug in MobileIron_. This talked about the apparent vulnerabilities and how they could be exploited.

The threat has been emanating primarily from **DDoS bots** and Chinese state-sponsored hacking groups. The three vulnerabilities, namely, CVE-2020-15505, CVE-2020-15506, and CVE-2020-15507, have been identified with the most hits.

### Remote Work Environments: Not So Remote Anymore

This year has seen organizations scale up their work from home paraphernalia with great alacrity and speed. This was to keep the wheels of the industry rolling that were hit by the pandemic. Remote working became a byword, and most offices now function from the comforts of the home. However, despite the best efforts, a survey by Cisco found that _only a few could scale up their remote operations while most were struggling at various stages_.

![Phishing prevention best practices](https://media.mailhop.org/phishprotection/images/2020/11/phishing-prevention-best-practices-7145.jpg) 

The pandemic has thrown up more unique challenges in cybersecurity that has kept the cybersecurity specialist in every organization on their toes. [Remote working](https://www.helpnetsecurity.com/2020/10/26/protect-remote-work/?web%5Fview=true) does throw up important questions regarding privacy since working on collaboration tools is the new normal. **60% of the respondents** were concerned regarding the same.

### Georgia Election Data Under Peril, Ransomware Attack Suspected

[Hall County, Georgia](https://threatpost.com/georgia-election-data-ransomware/160499/?web%5Fview=true), _faced the first of many expected malicious attacks on its databases_. While it did not impact the process of voting, it was a wake call for local governments to lock their systems down and secure them immediately. There have also been relentless **phishing attacks** on vulnerable systems.

It is expected that as the election proceeds, there will be more vicious attacks that will aim at dumping sensitive data and extort ransom.

This incident undoubtedly urges for the need to adopt robust [anti-phishing service](/) by organizations, especially by the government authorities.

### The Triton: A Russian Trojan

August 2017 saw a Saudi Refinery shutting down. _Trails found confirmed that the Trojan was ferocious, malicious, and pure evil_. Its sole intention was to disable safety systems and cause harm to the refinery.

The US Treasury has imposed sanctions on the Russian CSRI or Central Scientific Research Institute of Chemistry and Mechanics for leading the operation that almost blew the refinery apart. The malware responsible is known as [Triton](https://www.securityweek.com/us-treasury-sanctions-russian-institute-linked-triton-malware?&web%5Fview=true).

_Investigators have found that the Trojan would be rendering the internal security systems of the refinery useless_. This was a major breach of security, after which a thorough cleansing of the IT systems was held to check for embedded bots, which could later be activated to cause more harm.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 45 of 2020","description":"Cybersecurity Updates For The Week 45 of 2020: The world has been a busy place in the past week. There have been many activities in the cybersecurity domain.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-45-of-2020/","datePublished":"2020-11-06T09:59:18.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-11-06T09:59:18.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-45-of-2020/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1218,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/11/phishing-prevention-tips-7452.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 45 of 2020","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-45-of-2020/"}]}
```