--- title: "Cybersecurity Updates For The Week 44 | Phish Protection" description: "Cybersecurity Updates For The Week 44: The rate at which cybercrimes are propagating is beyond the imagination of an ordinary mind. All we can say is that." image: "https://phishprotection.com/og/blog/cybersecurity-updates-week-44.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-week-44/" --- Quick Answer The rate at which cybercrimes are propagating is beyond the imagination of an ordinary mind. All we can say is that \_the ill-motivated have begun to outnumber and outsmart the good actors in the cyberworld\_. This becomes evident in the endless stream of failed Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-week-44%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2044&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-week-44%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-week-44%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-week-44%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2044 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2044&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-week-44%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2019/10/what-is-phishing-3485.jpg) The rate at which cybercrimes are propagating is beyond the imagination of an ordinary mind. All we can say is that _the ill-motivated have begun to outnumber and outsmart the good actors in the cyberworld_. This becomes evident in the endless stream of failed[phishing prevention](/)measures that lead to major cybercrimes such as identity theft, financial losses, and sextortion campaigns on a daily basis. Here are the most recent cyber attacks that have made it to the headlines in the past week. ### Data Breach At Montana Hospital In a [sophisticated data breach](https://hotforsecurity.bitdefender.com/blog/hospital-leaks-129k-patient-records-in-sophisticated-phishing-scam-21674.html) that happened at a hospital in Kalispell, Montana, the health records of as many as **129,000 people** were compromised, making patients vulnerable to identity theft and fraud. Further investigations reveal that the attack was a planned and coordinated one, and although the authorities of Kalispell Regional Healthcare found out about the breach in June, it was very much existent before that as well. _The breach happened because of the hospital employees, who gave out their email login credentials unintentionally to the attackers who then used these to access and steal the details of the patients_. Among the compromised details were the **personal information** of patients such as names, addresses, medical record numbers, dates of birth, telephone numbers, email addresses, medical history and treatment information, date of service, treating and referring physician, medical bill account number, and health insurance information. In addition to this, there are high chances that the Social Security Numbers of over 250 patients were also exposed in the breach, which makes this attack more severe than previously anticipated. The hospital sent out letters to the affected patients informing that the breach was a very sophisticated one. As[anti-phishing protection](/), the hospital also sought the help of federal law enforcement. They blocked the infected email accounts of the employees and launched a strict investigation under the guidance of a renowned New York-based digital forensics firm. As compensation for the breach, the hospital is also offering free credit monitoring services to all patients who were victims of the cyber attack. ### Billtrust Undergoes Ransomware Attack ![What is phishing](https://media.mailhop.org/phishprotection/images/2019/10/what-is-phishing-3485.jpg) The renowned Business-to-business (B2B) payments provider company -Billtrust, recently found that it has [undergone a ransomware attack](https://krebsonsecurity.com/2019/10/ransomware-hits-b2b-payments-firm-billtrust/). Though the company hasn’t yet revealed much about the nature of the breach, officials have said that they are making all efforts to retrieve all locked files. Billtrust has announced that _it is still recovering from the attack and that they are almost in the last stage of recovering all files_. Billtrust enables its users to view invoices, pay, or request bills via email or fax and has a vast employee base with over **550 workers**. Although the breach comes as a setback, Billtrust isn’t the submissive kind and has begun employing[anti-phishing solutions](/). _They have hired a security firm and are also taking the help of law enforcement officials to get to the roots of the attack._ While efforts continue in trying to recover files, they are also taking simultaneous measures for strengthening the security measures adopted by the firm. The company continues to maintain its secrecy with regards to the **ransom payment**, and we cannot say for sure that they are retrieving files solely by themselves, or it’s actually a ransom payment that has rescued them. ### Easily Hackable Robots At Japanese Hotel Chain The Henn na Hotel from the Japanese hotel chain, HIS Group, boasts of being staffed not with humans of blood and flesh but with mechanical robots. The guests at the hotel are checked in by humanoid or dinosaur reception bots. However, [these robots can easily be hacked](https://www.theregister.co.uk/2019/10/22/japanese%5Fhotel%5Fchain%5Fsorry%5Fthat%5Fbedside%5Frobots%5Fmay%5Fhave%5Fwatched%5Fguests/) by any guest who stays in that particular room, _giving them access to the video footage of all other guests who stay in that room in the future_. This vulnerability in the robots of the hotel chain was pointed out by a **security researcher** who had warned the HIS Group in July. However, he received no response from the hotel group, and so he made his findings public 13 October 2019. The Tapia robots used in Henn na Hotel of Japan are the only ones detected with the security flaw at the moment, but it is uncertain whether the remaining hotels of the chain use the same robots. The hotel group finally broke their silence about the issue via a tweet where they apologized for the inconvenience caused to all customers. For ensuring[protection from phishing](/)attacks in the future, the hotel chain has updated all their robots and claim that there is no risk factor now. The future is indeed here, however _we have to be extremely careful with technology as it is our privacy that is at stake_. ### Samsung Galaxy S10 Blacklisted By Banking Apps In what seems like a significant security flaw, the screen protectors that come with Samsung Galaxy S10 units have found to be [highly vulnerable to random fingerprints!](https://www.ibtimes.com/banking-apps-blacklisted-samsung-galaxy-s10-after-fingerprint-vulnerability-was-2851509) Almost any user can access these devices using fingerprints to unlock it. This makes the devices very unsafe for all those users who prefer to do their dealings online. As a result, several banking apps have blacklisted the Samsung Galaxy S10. Banking apps are often dependent on **fingerprint authentication**, and therefore, the security flaw with S10 poses a severe threat to these apps. The apps have debarred S10 users from downloading the apps on their phones, and the remaining has removed the option of having a fingerprint scanner as a security measure. Samsung itself has warned its users about the vulnerability and advises them to refrain from using this feature until further notice. \_This is not the only \_ anti-phishing \_ measure adopted\_; the involved banks do not want any liability in case a phony fingerprint manages to get through the security measures. Therefore, banks like the **Nationwide Building Society** and the NatWest Bank in the UK have begun implementing their[phishing protection](/)measures. But it is about time that Samsung gets to work and tries to get rid of this security flaw. ### Chinese Browser Allows Admin Access To Everyone [The Chinese browser Maxthon has a security flaw](https://thenextweb.com/security/2019/10/23/major-chinese-browser-maxthon-has-a-bug-that-allows-anyone-admin-access/) in its Windows version, which enables an attacker to gain admin control and install malware into any system. This flaw was first identified by the security firm SafeBreach last month, and as per their reports, the bug allows an attacker to install a program that is operated by the “NT AUTHORITYSYSTEM,”, the admin account. The bug looks for a fake file called program.exe, which enables the hacker to create a dummy executable with the same name. Unaware of this, the browser still assumes that there is no threat, and this is where the hacker’s motives reach fulfillment. With this done, _the hacker now gets all admin privileges and can install malicious code and bypass windows security to run apps that may not otherwise get execution permission_. The Maxthon browser, which is used by over **670 million people**, is vulnerable only for the versions of Windows ranging from 5.1.0 to 5.2.7\. However, the browser hasn’t yet launched any patch or [phishing protection](/) service, which is why users must avoid using the browser until further notice from Maxthon. ### Gustuff Returns With Sophisticated Features The banking **trojan** “Gustuff”, which created much havoc in the past, is now back with a bang of several new features to attack the customers. This time around, the trojan shall make use of [malicious SMS messages to compromise systems](https://cyware.com/news/gustuff-trojan-returns-with-updated-features-f252cae8). _The prime targets of this trojan are the Australian banks and cryptocurrency wallets_. The new version of Gustuff is free from the similarities it earlier had with the banking trojan, Marcher. The trojan has also recruited sites’ mobile apps on its radar this time to increase its impact. _Researchers point out that this method is slow to trap victims but also has a low footprint._ The trojan can load webviews and can also obtain the necessary injection from a remote server. Its features further include detection prevention by anti-virus, anti-malware, and[phishing prevention](/products/advanced-threat-defense/)software. The trojan notifies users of a credit card information update via which they manage to get into a customer’s account and steal all their money. ### Ransomware Attack Hits The San Bernadino City Schools Joining the queue of schools that have been hit by cyber-attacks this year, [San Bernadino City Unified School District](https://www.scmagazine.com/home/security-news/ransomware/san-bernadino-city-schools-hit-with-ransomware/) undergoes a severe **ransomware attack** that succeeds in bringing down the school’s systems. The California school system reported the attack on October 20, where they stated that in spite of specific systems being brought down, the school continues to work manually to keep the functioning uninterrupted. _The attack locked some of the district files, but the authorities are quite confident that the attack has not lead to any data loss so far_. They have informed publicly that the details of the students and parents are secure and that nutrition services and transportation are not impacted. _They assured that attendance will be taken care of manually and that communication with school authorities can be done over the telephone_. The only thing that remains disrupted is the facility to converse with the teachers and staff via email, which shall not be reinstated until and unless the issue is wholly settled to ensure \[phishing email protection .\](/products/email-fraud-protection/) ### Zero Bank Balance A Call Away: SIM-Jackers In the latest innovation in the world of cybercriminals, the attackers can transfer all the money from our bank accounts by simply [getting a SIM card with the same number](https://www.vice.com/en%5Fuk/article/3kx4ej/sim-jacking-mobile-phone-fraud) we have registered with the bank. This was first pointed out by journalist and food writer Jack Monroe who lost £5,000 to a similar scheme. Dubbed as “**SIM-Jacking**”, this new form of cybercrime first sees the attacker deriving personal details of a victim either from social media or by fake company-calling them. Then, he uses these **stolen personal details** of victims to impersonate them and get new SIM cards with the same numbers they originally had. With this done, _the attackers can easily access all messages with passcodes, thereby hacking into virtual accounts held by the victims, be it their email, social media, or mobile banking accounts_. A former black hat hacker opines about SIM-Jacking that these attacks are bound to be successful because mobile phone carrier representatives are not always interested or even skeptical when they receive a call from a customer asking for a SIM swap. _They instantly do it, almost unquestioningly, and this is why SIM-Jacking has become so effective in recent times_. There is not much choice left with a customer if there are no measures to [prevent phishing](/) attacks from the service providers’ end. ### Smart Home Assistants Not Actually Cyber Smart The modern era has made us all dependent on electronic gadgets, which is in no way a bad thing if it doesn’t leak our personal information. However, research has shown that _the smart speaker voice apps are vulnerable to vishing (voice-phishing) attacks_, which are angled at extracting passwords. Among these devices, Amazon Echo and Kindle devices were found to be infected with two old **KRACK vulnerabilities**. The incorporation of these gadgets in modern homes is taking place rapidly with over **50 million installations** to date, but what cannot be denied is the fact that there has been a parallel rise in the number of [hacking or spying instances related to these gadgets](https://cyware.com/news/your-smart-home-assistants-could-be-your-next-cyber-threat-e901feef). Phishing and eavesdropping are the prevalent evils associated with smart speakers from Google and Amazon, both of which are exploitable through the backend. ![What is a zero day attack](https://media.mailhop.org/phishprotection/images/2019/10/what-is-a-zero-day-attack-4892.jpg) Whistleblowers claim to have heard couples having sex and criminals making drug deals on Siri and Alexa, respectively. But the good thing is that Amazon and Google have provided users with the Do’s and Don’ts list following which is sure to give them their due share of privacy. Incorporating the[anti-phishing tools](/office-365-phishing-protection/)recommended by them provides users with the satisfaction of not being spied upon when in the middle of something private and confidential. ### Alphabet Virus Scanner Prone To Data Breach The Israeli cybersecurity company Otorio Ltd. recently pointed out that companies are not using Alphabet Inc.’s virus scanner and similar products ethically. [Otorio has accused firms of leaking sensitive data](https://finance.yahoo.com/news/misuse-alphabet-virus-scanner-exposing-230000762.html) such as factory blueprints and intellectual property online. _Thousands of files were found exposed online from companies_ in the pharmaceutical, industrial, automotive, and food industries as part of a project to research the malware logged by VirusTotal (a branch of Alphabet). This might pave the way for a prospective hack as per Otorio experts. Upon dialogue with VirusTotal, Otorio found that even the latter felt the need for an awareness program regarding the functioning of their security applications. In its policy, VirusTotal explicitly asks users to share only those files which they want to be displayed publicly. However, there is a constant risk of the data uploaded being misused by ill-motivated researchers or hackers, which leaves the gates open for a ransomware attack. ### \*\*\*\*Malicious App ‘Yellow Camera’ Exposed Trend Micro researchers recently identified a [security flaw with the malicious beautification/editing app](https://cyware.com/news/malicious-photo-beautification-app-reads-sms-verification-codes-to-activate-wap-billing-5f26c9d5) called the ‘Yellow Camera’ app, which is mainly used by people in Southeast Asian countries such as Thailand and Malaysia. _The app activates the Wireless Application Protocol (WAP) billing without the user’s knowledge and also reads SMS verification codes from System Notifications_. Upon installation, the app asks for permission to access the ‘Notification’ feature. With that allowed, the app downloads a file “\[MCC+MNC\].log” containing **JavaScript payloads** and WAP subscription billing site address unto the user’s device. Post several other steps, the app finally gets access to the verification codes received on the device, which are used to make a fraudulent WAP subscription. Google exhibited prompt [protection against phishing](/) and immediately removed the bogus photo beautification app from the Google Play Store. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Cybersecurity ](/tags/cybersecurity/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 3m 13,000 Singapore-based students affected as a threat actor hacked into their devices! Aug 16, 2024 ](/blog/13000-singapore-based-students-affected-as-a-threat-actor-hacked-into-their-devices/)[ Intermediate 3m The 2024 Multi-Nation Elections Need to Steer Clear of Highly Potent Cyber Menaces May 9, 2024 ](/blog/2024-multi-nation-elections-cyber-threats-stay-vigilant/)[ Intermediate 6m 7 Commonly Overlooked But Crucial Security Threats That You Might be Ignoring Feb 6, 2023 ](/blog/7-commonly-overlooked-but-crucial-security-threats-that-you-might-be-ignoring/)[ Intermediate 17m 9+ Cybersecurity Software Solutions For Businesses To Use May 30, 2022 ](/blog/9-cybersecurity-software-solutions-businesses/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 44","description":"Cybersecurity Updates For The Week 44: The rate at which cybercrimes are propagating is beyond the imagination of an ordinary mind. All we can say is that.","url":"https://phishprotection.com/blog/cybersecurity-updates-week-44/","datePublished":"2019-10-29T19:19:01.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2019-10-29T19:19:01.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-week-44/"},"articleSection":"intermediate","keywords":"Cybersecurity","wordCount":2318,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2019/10/what-is-phishing-3485.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 44","item":"https://phishprotection.com/blog/cybersecurity-updates-week-44/"}]} ```