---
title: "Cybersecurity Updates For The Week 6 of 2022 | Phish Protection"
description: "Cybersecurity Updates For The Week 6 of 2022: Phishing continues to be a primary contributor to cyber news headlines. Following are the most significant."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-6-of-2022.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-6-of-2022/"
---

Quick Answer

Phishing continues to be a primary contributor to cyber news headlines. Following are the most significant \[phishing news headlines\](/tags/announcements/) this week to help you plan your \[phishing prevention\](/) measures.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-6-of-2022%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%206%20of%202022&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-6-of-2022%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-6-of-2022%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-6-of-2022%2F&title=Cybersecurity%20Updates%20For%20The%20Week%206%20of%202022 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%206%20of%202022&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-6-of-2022%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2022/02/what-is-a-zero-day-attack-3673.jpg) 

Phishing continues to be a primary contributor to cyber news headlines. Following are the most significant [phishing news headlines](/tags/announcements/) this week to help you plan your [phishing prevention](/) measures.

### Ransomware Hits Swissport

_A ransomware attack recently targeted Swissport, the Swiss airport management service that affected its IT infrastructure_. In its statement, [Swissport said](https://www.zdnet.com/article/aviation-services-firm-swissport-reports-ransomware-incident/) that most of the attack had been contained and mentioned that it is taking necessary [anti-phishing measures](/blog/ransomware-hits-reason-why-businesses-need-to-adopt-robust-anti-phishing-measures/) to restore systems, particularly its delivery system.

Switzerland’s National Cyber Security Center has been trying to establish contact with Swissport, but its website is currently down. Around **22 flights** were delayed by about 20 minutes because of this incident. The company informed that its ground services at **307 locations**, including Zurich Airport, remain unaffected by the attack. The NCSC reported that this attack on Swissport could be a part of a coordinated attack on European transportation and gas services.

![What is a zero day attack](https://media.mailhop.org/phishprotection/images/2022/02/what-is-a-zero-day-attack-3673.jpg) 

### Data Breach Hits Morley Companies Inc. After Ransomware Attack

_The U.S-based business services provider Morley Companies Inc. underwent a ransomware attack_ on 1st August 2021, and now it has [detected a data breach](https://www.safetydetectives.com/news/business-services-provider-morley-discloses-ransomware-attack/) in its systems. _The company provides business services to Global 100 and Fortune 500 firms_ and believes that the data breach **affected over 500,000** contractors, employees, and clients. The firm is now sending out breach notifications to the affected individuals.

The adversaries believably accessed victims’ names, DOBs, social security numbers, health insurance details, client ID numbers, and medical diagnostic and treatment information. So far, Morley’s investigations have not found any concrete evidence of the misuse of the stolen credentials, but as a [phishing attack prevention](/) measure, it is providing two years of complimentary [identity theft protection](/blog/understanding-business-identity-theft-and-what-makes-businesses-vulnerable-to-these-identity-thefts/) service to all affected individuals.

Disclosing further details about its **preventive measures**, Morley said it has collaborated with cybersecurity experts to investigate the attack. It began sending out breach notifications on 18th January 2022 when it was finally confirmed that client and employee information was compromised. The cyber-intelligence platform HackNotice arguably saw Morley’s _sensitive data exhibited on the dark web last week_.

### Cyberattack Hits Pellissippi State Community College

_Tennessee-based Pellissippi State Community College recently underwent a cyberattack_ that resulted in [unauthorized access](https://www.securityweek.com/tennessee-community-college-suffers-ransomware-attack) of the personally identifiable information (PII) of its staff and faculty, and current and former students. The attack primarily focused on encrypting the school’s data and leveraging a **ransom payment**, but when Pellissippi State refused to comply with ransom demands, the adversaries stole sensitive data.

Fortunately, _the college’s credit card payment systems and main database remained unaffected by the breach_. Investigations into the matter revealed that adversaries accessed a system containing names, internal identification numbers, email addresses, and school passwords. So far, it is unclear whether adversaries accessed any other PII, but the school is taking necessary [phishing protection](/) measures. It has extended free **credit monitoring services** to all victims and continues investigating the attack.

### Cyberattack Targets British Council Via Unsecured Azure Blob Container

In December 2021, _cybersecurity researcher Bob Diachenko discovered an unprotected Azure blob container belonging to the British Council_. **Over 144,000 files** containing [British Council’s student records](https://www.bleepingcomputer.com/news/security/british-council-exposed-more-than-100-000-files-with-student-records/) were exposed online. The exposed student records include their names, usernames, student IDs, email addresses, enrolment dates, student status, study duration, notes, etc.

_Diachenko reports that a public search engine indexed the Azure blob container_. It included thousands of Excel spreadsheets and other files and could be viewed by anyone online. The leak was first detected on 5th December 2021 and immediately reported to the British Council. Having received no response from the organization after two days, the researchers took to Twitter to communicate with the British Council. _The council responded to the notification here and patched the vulnerability in two weeks_.

In its statement, the British Council said that the security of personal information is of utmost importance to them. It is working with its third-party service provider to ensure that such an unfortunate incident doesn’t happen again. The British Council adheres to regulatory obligations and is in constant touch with the Information Commissioner’s Office. Reportedly, the **144,000 files** contain the records of about 10,000 British Council students. To ensure [protection against phishing](/), British Council students are advised to look out for suspicious [phishing emails](/blog/sophisticated-new-tactic-makes-phishing-emails-harder-to-detect/) they may receive and change their login credentials for added security.

### Unsecured Securitas Server Exposes Airport Employees’ Data

The Stockholm-based electronic security solutions, on-site guarding fire & safety services, and enterprise risk management provider - _Securitas recently underwent a data breach_. First discovered by cybersecurity experts at SafetyDetectives, an [unprotected AWS S3 bucket](https://www.zdnet.com/article/unsecured-aws-server-exposed-airport-employee-records-3tb-in-data/) belonging to Securitas was exposing **over 1 million files** online. _The server contained **3TB of data** dating back to 2018 and involved the records of airport employees across four airports_, El Dorado International Airport (COL), José María Córdova International Airport (COL), Alfonso Bonilla Aragón International Airport (COL), and Aeropuerto Internacional Jorge Chávez (PE).

The misconfigured AWS bucket contained two primary datasets with PII, national ID card numbers, and photos. In addition, the bucket also included details of fueling lines, planes, and luggage handling. The adversaries could exfiltrate the unstripped. _EXIF data in the stolen photographs to procure the time, date, and GPS locations_. After discovering the bucket, the cybersecurity experts notified Securitas of the issue on 28th October 2021\. The latter responded and secured the database on 2nd November. Securitas also informed the Swedish CERT about the incident as part of its measures to [prevent phishing attacks](/content/phishing-prevention/prevent-phishing/).

\*\* \*\*

### DDoS Attack Hits Microsoft Azure Customer in Asia

_A massive 3.47 Tbps DDoS attack hit a Microsoft Azure cloud computing customer in Asia_ sometime in November 2021\. But Microsoft made the incident public only on 25th January 2022\. The [attack reportedly lasted for 15 minutes](https://www.hackread.com/microsoft-azure-customer-largest-tbps-ddos-attack/) and consisted of a botnet with **over 10,000** compromised IoT devices. These devices were from countries like India, Russia, China, Iran, Vietnam, Thailand, Taiwan, South Korea, Indonesia, and the United States.

![How to prevent phishing](https://media.mailhop.org/phishprotection/images/2022/02/how-to-prevent-phishing-5379.jpg) 

Microsoft’s [anti-phishing protection](/) measures in this incident culminated in its report “**Azure DDoS Protection** \- 2021 Q3 and Q4 DDoS attack trends.” _The company claims that the attack was mitigated soon after detection_, but the adversaries employed various methods of boosting the DDoS attack. The report further claimed that **DDoS attacks** had increased recently, with India, Hong Kong, and the US being prime targets.

\*\* \*\*

### Cyberattack Hits Major European Oil Terminals

_Some of the major oil ports in Western Europe recently became victims of a cyberattack_. The incident happens at a time when energy prices are soaring already. Belgian authorities have reportedly initiated an investigation into the breach, which [hacked the oil facilities](https://www.securityweek.com/european-oil-port-terminals-hit-cyberattack) in maritime entryways like Antwerp. On the other hand, the German prosecutors are investigating the cyberattack, which looks like a [ransomware attack](/resources/ransomware-attack-why-organizations-pay-ransom/) on oil networks.

As a result of the software hijack, operations at various European ports have been affected, particularly the unloading of barges. The EU’s Europol police agency has extended its support to German authorities in this **battle against the attackers**. _One of the worst-hit IT systems in this attack is the Amsterdam-Rotterdam-Antwerp oil trading hub_. The German security services have found evidence proving that the BlackCat [ransomware](/resources/top-all-time-ransomware-demands-by-hackers/) was deployed in the cyberattack in Germany. The Dutch National Cyber Security Centre also did its best to trace the attackers using cybersecurity tools.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 6 of 2022","description":"Cybersecurity Updates For The Week 6 of 2022: Phishing continues to be a primary contributor to cyber news headlines. Following are the most significant.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-6-of-2022/","datePublished":"2022-02-10T11:07:34.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2022-02-10T11:07:34.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-6-of-2022/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1221,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2022/02/what-is-a-zero-day-attack-3673.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 6 of 2022","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-6-of-2022/"}]}
```