---
title: "Cybersecurity Updates For The Week 51-2 of 2021 | Phish Protection"
description: "Cybersecurity Updates For The Week 51-2 of 2021: The Christmas holidays are one of the longest periods of the year when the majority of the employees are on."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-51-2-of-2021.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-51-2-of-2021/"
---

Quick Answer

The Christmas holidays are one of the longest periods of the year when the majority of the employees are on leave. This is usually a peak time for \_cyberattacks wherein threat actors remain active from the onset of December\_. As we step into yet another holiday season, more and more \[ransomware attacks\](/resources/ransomware-example/) are getting reported. To make this process of \[protection from phishing\](/) attacks easier, here are the top \[phishing news\](/tags/announcements/) this week.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-51-2-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2051-2%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-51-2-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-51-2-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-51-2-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2051-2%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2051-2%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-51-2-of-2021%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/12/what-is-spear-phishing-7463.jpg) 

The Christmas holidays are one of the longest periods of the year when the majority of the employees are on leave. This is usually a peak time for _cyberattacks wherein threat actors remain active from the onset of December_. As we step into yet another holiday season, more and more [ransomware attacks](/resources/ransomware-example/) are getting reported. To make this process of [protection from phishing](/) attacks easier, here are the top [phishing news](/tags/announcements/) this week.

### Desjardins Provides Settlement to Over 10 Million Customers Post 2019 Breach

_The Canadian financial services organization Desjardins had undergone a massive data breach in 2019_ when a malicious employee was found exposing the personal information of **over 9.7 million** customers. A class-action lawsuit was filed against Dejardins, which has been settled for CAD 201 million (about **$156 million**) compensation to all the involved customers.

The organization recently confirmed the settlement figure via a press release and specified that the amount [compensates for identity theft](https://portswigger.net/daily-swig/desjardins-data-breach-class-action-lawsuit-agreement-reaches-201-million) and time loss. In addition, all members are entitled to five years of no-cost credit monitoring from Equifax, which can then be extended to at least another five years of availing Desjardins’ [phishing protection services](/).

While the Superior Court of Québec has yet to approve the settlement agreement, attorneys representing the class action claim that members are pleased with the settlement amount and find it fair and timely.

### Cyberattack Brings Down Virginia Museum of Fine Arts’ Website

_A system security breach was detected in the IT system of the Virginia Museum of Fine Arts, which compelled it to bring down its website_. Till investigations into the [breach continue](https://www.securityweek.com/virginia-museum-shuts-down-website-amid-it-breach), the Museum has put up a temporary website to keep the necessary operations running despite the disruption. So far, there is no reason to suspect that the Museum attack is linked to the **ransomware attack** on Virginia legislative agencies. The Virginia State Police is currently investigating this attack on state legislative agencies.

![What is spear phishing](https://media.mailhop.org/phishprotection/images/2021/12/what-is-spear-phishing-7463.jpg) 

The Museum is doing everything in its capacity to restore its website at the earliest. Its initial investigation revealed that an unauthorized third-party accessed its systems even before this attack vector was detected in late November. As the Museum works on its [anti-phishing solutions](/products/advanced-threat-defense/), visitors are advised to go to the temporary website.

### Cyberattack Hits IT Enterprise Finite Recruitment

_The IT recruitment organization Finite Recruitment underwent a cyberattack in October 2021_, which affected a small subset of its data. The adversaries downloaded the organization’s data and published it on the dark web. However, this incident did not disrupt the enterprise operations. [Finite Group’s incident](https://www.zdnet.com/article/nsw-government-casual-recruiter-suffers-ransomware-hit/) response team was quick to take measures for [phishing attack prevention](/content/phishing-prevention/). They identified the attack vector and shut down the affected systems to ensure uninterrupted operations at other fronts.

Finite Recruitment is now in the process of contacting and notifying all affected individuals and stakeholders. _Conti ransomware is believed to be responsible for this breach_ as it has listed Finite’s data on a data leak site. The ransomware operators claim to have **stolen 300 GB of data** from Finite, which includes information about its contracts and finances. The listed data also contains a customer database wherein their phone numbers, contact details, addresses, email IDs, passport details, and other relevant data was stored.

Finite Recruitment is known for listing profiles of individuals for casual support staff roles. Though the breach had no direct impact on any NSW government services or agencies, the Department of Customer Service is in close contact with the organization to get to the roots of the attack.

### Ransomware Hits Coombe Hospital

_The Coombe Hospital in Ireland recently underwent a ransomware attack which compelled the hospital to lock down its IT services_. The hospital has [confirmed the breach](https://www.independent.ie/news/ransomware-cyberattack-hits-coombe-hospital-it-services-locked-down-as-precaution-41156106.html) and said that services continue as usual despite this technical disruption. Discussing its measures to [prevent phishing](/) attacks, the hospital said it is working with the HSE to investigate the breach and has disconnected itself from the national network as a precautionary measure.

As Coombe tries to measure the extent of the attack, it urges assessors to be a little patient. So far, the hospital has found no evidence of any impact on external systems, but that remains to be confirmed.

### Ransomware Hits Portland-based Enterprise McMenamins

_Renowned brewpub and hotel chain of Portland, McMenamins recently underwent a ransomware attack_. While all McMenamins locations remain operational, they suspect that a subset of their employee information may have been [exposed in the breach](https://www.kgw.com/article/news/local/mcmenamins-ransomware-attack/283-dc039d56-cf82-4f06-8862-c2f6223e3893). But there is no evidence to confirm the same. However, McMenamins is sure that no customer data (personal and financial information) was compromised in the attack. The organization discovered the **ransomware attack** on 12th December and took immediate measures for [protection from phishing](/blog/protection-from-phishing-a-growing-threat-in-todays-information-age/) attacks.

In addition, McMenamins has informed the FBI and hired third-party cybersecurity experts to investigate the breach. The employee data that was probably exposed includes their names, social security numbers, DOBs, addresses, bank details, etc. McMenamins is offering free [identity theft](/blog/understanding-business-identity-theft-and-what-makes-businesses-vulnerable-to-these-identity-thefts/) and credit monitoring services to employees through Experian as part of its **phishing prevention measures**.

### Wizard Spider Targets CS Energy

_Australian electricity utility organization CS Energy was recently targeted by the operators of the Russian threat actor group Wizard Spider._ It looks like Wizard Spider (the creator of Ryuk and the designer and distributor of Conti) had [CS Energy](https://cyware.com/news/wizard-spider-almost-blacked-out-3-million-australian-homes-8fa0cf7b) on its list for quite some time because the organization’s name recently appeared on Conti’s naming and shaming website.

The IT systems of CS Energy (owned by the Government of Queensland) were finally accessed by the malicious operators of Wizard Spider on 27th November. Consequently, **over 3,500 MW** of electricity production was hampered, which exposed more than **3 million homes** to a possible power cut. Fortunately, the organization’s IT team could avert the attack at the right time using its [anti-phishing protection](/blog/relevance-of-phishing-protection-for-ecommerce-businesses/) measures, and nothing drastic occurred.

### Experts Find New Financially Motivated Threat Group Called Karakurt

Accenture’s CIFR team has recently identified a financially motivated threat group called Karakurt, which remained unidentified until now. _Karakurt has been associated with extortion and data theft attacks in **over 40 enterprises**_ between September and November 2021.

The CIFR team notes that Karakurt is an opportunistic group that [targets small enterprises](https://thehackernews.com/2021/12/karakurt-new-emerging-data-theft-and.html) for monetary gains and is more interested in **data exfiltration** than ransomware deployment. Most of Karakurt’s victims are based in North America and Europe and include organizations across sectors like healthcare, entertainment, retail, industries, IT, etc. Karakurt uses living off the land (LotL) techniques wherein it abuses vulnerabilities in an organization’s software or operating system and moves laterally to exploit data.

![Phishing prevention](https://media.mailhop.org/phishprotection/images/2021/12/phishing-prevention-4864.jpg) 

Since Karakut’s intention is not to deploy ransomware, _organizations should consider keeping regular backups of data, using strong passwords, minimizing access to confidential systems, and patching vulnerabilities_ from time to time to **ensure protection** from cyberattacks.

### Beware of Magecart Attacks This Christmas

_The Christmas holiday season is the most vulnerable period in cybersecurity_ as attackers constantly look for unguarded networks and unsuspicious shoppers to launch their next attack. Magecart attackers are no different, they are all set to target your systems with their advanced tactics. It isn’t surprising to note that a [Magecart attack](https://cyware.com/news/new-card-skimmer-attacks-detected-ahead-of-christmas-shopping-season-0c634552) takes place **every 16 minute**s, and therefore, it is a need of the hour to ensure protection against Magecart attacks.

Lately, _the WooCommerce WordPress plugin retailers have been targeted by Magecart attackers_. This is because the plugin comes with customizable eCommerce technologies and is widely used by retailers. Cybersecurity experts have identified three skimmers targeting the WooCommerce plugin users. These include Select, WooTheme, and Gateway. Therefore, it is advised that retailers take [anti-phishing measures](/content/phishing-prevention/phishing-attack-prevention/) against credit card skimming attacks and deploy robust **malware detection** methods.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 51-2 of 2021","description":"Cybersecurity Updates For The Week 51-2 of 2021: The Christmas holidays are one of the longest periods of the year when the majority of the employees are on.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-51-2-of-2021/","datePublished":"2021-12-24T11:15:59.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-12-24T11:15:59.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-51-2-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1283,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/12/what-is-spear-phishing-7463.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 51-2 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-51-2-of-2021/"}]}
```