---
title: "Cyber Security News Update, Week 1 of 2022 | DuoCircle"
description: "Here are the top cybersecurity headlines this week to help you understand what’s going on in the cyber world and how you can plan to strengthen your."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-1-of-2022/"
---

Quick Answer

Week 1 of 2022 covered: the K-12 Cybersecurity Act becoming US law, requiring CISA to study K-12 risks within 120 days, publish guidelines, build training, and post resources publicly through DHS; Ukraine enacting the National Security and Defense Council's Information Security Strategy by presidential decree, citing Russia-linked threats; the AvosLocker ransomware gang publishing a free decryptor after attacking a US police department, claiming it tries to avoid government targets; India's draft Personal Data Protection Bill mandating breach reporting within 72 hours, with fines up to INR 50 million ($669,308) for non-reporting and three-year jail terms for intentional disclosure; a SophosLabs-discovered phishing campaign bypassing the patched MSHTML CVE-2021-40444 to deliver Formbook via crafted RAR archives; and Dridex banking trojan campaigns trolling researchers with racist comments and spamming employees with fake Omicron exposure notices and termination letters.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-1-of-2022%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cyber%20Security%20News%20Update%2C%20Week%201%20of%202022&url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-1-of-2022%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-1-of-2022%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-1-of-2022%2F&title=Cyber%20Security%20News%20Update%2C%20Week%201%20of%202022 "Share on Reddit") [ ](mailto:?subject=Cyber%20Security%20News%20Update%2C%20Week%201%20of%202022&body=Check out this article: undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-1-of-2022%2F "Share via Email") 

![Cyber Security](https://media.mailhop.org/duocircle/images/2022/01/spf-flattening-7011.jpg) 

Here are the top [cybersecurity headlines](/announcements) this week to help you understand what’s going on in the cyber world and how you can plan to strengthen your organization’s [security posture](/email-security/why-it-is-crucial-for-smes-to-have-a-robust-cybersecurity-posture/) in 2022.

## K-12 Cybersecurity Act Becomes Law

_US President Joe Biden recently signed the K-12 Cybersecurity Act into law which will add to the efforts at strengthening the cybersecurity of the K-12 educational institutions_. The [newly passed law](https://securityintelligence.com/news/what-is-k-12-cybersecurity-act/) will require the CISA director to analyze the cybersecurity risks facing K-12 schools **within 120 days** of the act being passed. The CISA director will also have to explore the possible [cybersecurity challenges](/email-security/global-email-security-opportunities-challenges-and-its-importance-post-covid-19/) faced by these K-12 schools, including securing information systems, implementing [cybersecurity protocols](/msp-email-security/cybersecurity-best-practices-every-msp-must-adopt/), and protecting sensitive employee and student and employee data.

After this initial study, the CISA director will have to pursue the second objective of the act, which is to publish guidelines for the schools to follow to reduce the risks from cyberattacks. The third objective states that CISA will then use the survey findings to develop an online training toolkit to educate officials on the best **cybersecurity tools and practices**. Finally, the fourth objective would be to make this entire study process, the guidelines, and the resultant toolkit available to the public on the Department of Homeland Security’s website.

The K-12 Cybersecurity Act became law at a crucial time when cyberattacks on these school systems were at their peak. This new law will now help better secure the information and future of kids.

[![Cybersecurity](https://media.mailhop.org/duocircle/images/2022/01/spf-flattening-7012.jpg)](https://media.mailhop.org/duocircle/images/2022/01/spf-flattening-7012.jpg)

## Ukraine Adopts NSDC’s Information Security Strategy

_Ukraine President Volodymyr Zelensky recently enforced the National Security and Defense Council’s decision on the Information Security Strategy_. The Ukrainian National News Agency, Ukrinform reports that the relevant decree (No.685/2021) is already upon the President’s website. President Volodymyr states in the decree that the [Information Security Strategy](https://www.ukrinform.net/rubric-polytics/3376991-president-enacts-ukraines-information-security-strategy.html) was approved in accordance with Article 13 of Ukraine’s Law ‘On National Security of Ukraine’ and Article 107 of the Constitution of Ukraine.

Furthermore, the decision of the National Security and Defense Council of Ukraine on the Doctrine of **Information Security** of Ukraine dating back to (29th December 2016) has been nullified. The President’s document further states that Ukraine is not alone in facing cybersecurity threats from Russia, and therefore adopting the Information Security Strategy was essential.

## AvosLocker Targets US Police Dept & Comes Back with Free Decryptor

_The AvosLocker ransomware recently attacked a US police department and provided the free decryptor soon after finding out that it had targeted a government agency_. When asked whether the threat actor doesn’t intentionally **target government agencies**, it affirmed the statement and said that it’s always hard to [get taxpayers](/phishing-protection/ransomware-taxpayers-are-worried-about-the-wrong-thing/)‘ money and, therefore, it tries to avoid attacking government agencies. However, the threat actor also mentioned that sometimes affiliates attack government agencies without consulting them first. While [sharing the free decryptor](https://www.bleepingcomputer.com/news/security/ransomware-gang-coughs-up-decryptor-after-realizing-they-hit-the-police/), AvosLocker refused to mention the files stolen or how they accessed the police department’s network.

Interestingly, their numbers have decreased ever since international law enforcement bodies have begun arresting and punishing ransomware actors. The recent arrest of members of Netwalker, REvil, Clop, and Egregor ransomware gangs undoubtedly served as a lesson to the rest who have shut their operations. These include BlackMatter, DarkSide, REvil, and Avaddon, but we cannot say for sure that they are gone as most of these threat actors continue to operate under different names. Therefore, it is best to continue the [ransomware protection](/email-security/5-ways-you-protect-your-business-from-ransomware/) measures and be safe rather than sorry.

## India to Introduce Stricter Cyber Laws

The Indian government is considering introducing a _new bill called the Personal Data Protection (PDP) Bill which will mandate organizations to report cyber attacks **within 72 hours**_ (like other territories such as the EU, which follow GDPR guidelines). In addition, the RBI has specified that Indian enterprises will not be allowed to store payment card details from 1st January 2022\. Anybody or organization who is not the card issuer and card network cannot hold more than some basic details for identification (for instance, the card issuer’s name or the last four digits of the card).

The [new regulations](https://portswigger.net/daily-swig/indian-authorities-set-to-tighten-data-breach-laws-in-2022) also state that those failing to report a cybersecurity breach within 72 hours or intentionally leak users’ personal data without the data processor’s consent _can be subject to potential fine payments and jail terms_. The Personal Data Protection (PDP) Bill has listed all these regulations first proposed in December 2019\. It will likely be implemented within the next six months, with another two years for full implementation.

The regulations also mention the penalties for various non-conformities, an intentional disclosure of personal data invites a fine of up to INR 200,000 ($2678) or up to three years in prison, and a failure of reporting a data breach on time attracts a fine of **up to INR 50 million** ($669,308).

## New Phishing Campaign Bypasses Patched RCE Flaw

_SophosLabs’ cybersecurity experts have uncovered a new **phishing campaign** that bypasses a recently patched RCE flaw_ (dubbed CVE-2021-40444) [affecting MSHTML components](https://cyware.com/news/a-new-exploit-can-bypass-recently-patched-mshtml-flaw-6504e101). This new office exploit enables attackers to deliver Formbook malware. The reason behind this suspects to be the narrow focus of the patch, which failed to address the initial issue adequately.

_The adversaries send spam emails to victims with the maldoc as a specially crafted RAR archive_. This RAR file is written in Windows Script Host and communicates with a malicious JavaScript code once opened. The JavaScript code then uses the word doc to run the PowerShell command in the RAR file after launching the WSH script to get the Formbook **malware payload** from the attacker’s website.

On very rare occasions, **security patches** fail to fix security loopholes, and this is one such instance. This is the reason why it is recommended that organizations train their employees to identify [phishing emails](/phishing-protection/how-to-stop-phishing-emails-and-protect-your-organization-from-cyber-criminals/) and have some [email security](/) measures in place.

[![phishing](https://media.mailhop.org/duocircle/images/2022/01/spf-flattening-7013.jpg)](https://media.mailhop.org/duocircle/images/2022/01/spf-flattening-7013.jpg)

## Dridex Targets Employees and Researcher in the Name of Omicron

_The notorious banking malware Dridex is targeting cybersecurity researchers and organization employees with phishing emails_. These phishing emails come with infected Word or Excel attachments, which, once opened, download malware into the victim’s device. Once installed, Dridex tries to steal victims’ banking credentials and spread itself to other connected devices on the network.

In the latest Dridex attacks, _threat actors are trolling security researchers using racist comments and spamming employees with fake termination letters_. In some cases, the adversaries are using the fear of Omicron and sending emails to victims stating that they were exposed to a coworker who tested positive for the Omicron variant. The victims are asked to open the attached document for further details, which obviously leads to malware installation. Such malicious **phishing schemes** continue to keep evolving, and therefore it is advised to never open attachments in suspicious emails or those from unfamiliar sources.

## Topics

NewsSecurityUpdates 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  News 3m  Alert: Fix SPF & DKIM Settings For Your Email Forwarding Set Up Through Microsoft o365 SMTP Server Or Your Emails May End Up In Spam  Jul 20, 2021 ](/blog/announcements/alert-fix-spf-dkim-settings-for-your-email-forwarding-set-up-through-microsoft-o365-smtp-server-or-your-emails-may-end-up-in-spam/)[  News 7m  Cybersecurity News Update, Week 1 of 2023  Jan 1, 2023 ](/blog/announcements/cyber-security-news-update-week-1-of-2023/)[  News 5m  EasyPark Data Breach, Ohio Lottery Cyberattack, GTA 5 Leak, Cybersecurity News \[December 25, 2023\]  Jan 4, 2024 ](/blog/announcements/cyber-security-news-update-week-1-of-2024/)[  News 6m  Microsoft Cybersecurity Transparency, Chrome Update Required, Google Calendar Phishing, Cybersecurity News \[December 23, 2024\]  Jan 2, 2025 ](/blog/announcements/cyber-security-news-update-week-1-of-2025/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cyber Security News Update, Week 1 of 2022","description":"Here are the top cybersecurity headlines this week to help you understand what’s going on in the cyber world and how you can plan to strengthen your.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-1-of-2022/","datePublished":"2022-01-07T19:01:23.000Z","dateModified":"2025-05-22T12:41:39.000Z","dateCreated":"2022-01-07T19:01:23.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-1-of-2022/"},"articleSection":"announcements","keywords":"News, Security, Updates","wordCount":1120,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2022/01/spf-flattening-7011.jpg","caption":"Cyber Security","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"News"},{"@type":"ListItem","position":3,"name":"Cyber Security News Update, Week 1 of 2022","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-1-of-2022/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"News","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"Cyber Security News Update, Week 1 of 2022","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-1-of-2022/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cyber Security News Update, Week 1 of 2022","description":"Here are the top cybersecurity headlines this week to help you understand what’s going on in the cyber world and how you can plan to strengthen your.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-1-of-2022/","datePublished":"2022-01-07T19:01:23.000Z","dateModified":"2025-05-22T12:41:39.000Z","dateCreated":"2022-01-07T19:01:23.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-1-of-2022/"},"articleSection":"announcements","keywords":"News, Security, Updates","wordCount":1120,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2022/01/spf-flattening-7011.jpg","caption":"Cyber Security","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```