---
title: "Cyber Security News Update, Week 20 of 2021 | DuoCircle"
description: "Cyberattacks have manifolded over the years, and now email security service is not a matter of privileged cybersecurity investment but a necessity for all."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-20-of-2021/"
---

Quick Answer

Cybersecurity stories from the week of May 17, 2021: a ten-year-old code-injection flaw in PHP Composer, used by virtually every PHP project, was patched after researchers showed it could be used to compromise Packagist and supply malicious dependencies at scale. A Chinese military unit was reportedly buying English-language antivirus products, prompting analyst speculation about reverse-engineering or testing detection coverage. Chrome adopted a Windows 10 security feature designed to block unauthorized DLL injection. The Avaddon ransomware crew gave the NSW Labor Party 240 hours to pay before publishing stolen data. Researchers raised concerns about recycled US mobile numbers exposing previous owners to MFA hijacking. And Dell finally patched a 12-year-old vulnerability in its dbutil\_2\_3.sys driver shipped on hundreds of millions of systems.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-20-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cyber%20Security%20News%20Update%2C%20Week%2020%20of%202021&url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-20-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-20-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-20-of-2021%2F&title=Cyber%20Security%20News%20Update%2C%20Week%2020%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cyber%20Security%20News%20Update%2C%20Week%2020%20of%202021&body=Check out this article: undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-20-of-2021%2F "Share via Email") 

![cyber security](https://media.mailhop.org/duocircle/images/2021/05/SMTP-email-9072.jpg) 

Cyberattacks have manifolded over the years, and now [email security service](/) is not a matter of privileged cybersecurity investment but a necessity for all businesses, organizations, and individuals. In this post, we mention the top cyber headlines from this past week

## Ten-Year-Old Flaw In PHP Composer Fixed

_A cybersecurity researcher recently identified a critical vulnerability in a popular PHP package, Composer_. The vulnerability (CVE-2021-29472) existed in the source code of Composer and could be exploited to run **arbitrary commands**, compromise all PHP packages, and cause a [supply-chain attack](https://cyware.com/news/flaw-in-php-composer-could-allow-supply-chain-attacks-dbf1f693).

The vulnerability existed since November 2011 and was only spotted on 22nd April this year (imagine the damage that could have been caused!). However, _the maintainers took remediation cybersecurity measures soon after_. It is believed that URLs were inadequately handled for the repos in root composer .json files, which led to the security lapse. But the good thing is, the maintainers were proactive in fixing the parameter injection across all Composers, and the issue has now been resolved!

## Why Is This Chinese Military Unit Buying Anti-Virus Products In English Version?

[![Anti-Virus Products](https://media.mailhop.org/duocircle/images/2021/05/SMTP-server-mail-5074.jpg)](https://media.mailhop.org/duocircle/images/2021/05/SMTP-server-mail-5074.jpg)

The Chinese People’s Liberation Army (PLA) Unit 61419 purchased a range of antivirus products from western companies such as Trend Micro, McAfee, Kaspersky, Avira, Dr. Web, Bitdefender, Sophos ESET, and Symantec in early 2019\. But cybersecurity researchers at Recorded Future’s Insikt Group suspect that these so-called purchases were made in English and not the [localized versions](https://therecord.media/chinese-military-unit-accused-of-cyber-espionage-bought-multiple-western-antivirus-products/) (which increase our suspicions because the English versions would be inconvenient for Chinese system operators). _They suspect that Unit 61419 purchased the antivirus products to look for [zero-day](https://www.phishprotection.com/content/zero-day-attacks/) and other exploitable vulnerabilities_.

_The Japanese authorities accuse Unit 61419 of being linked to the cyber-espionage group Tick_. They substantiate their stand by citing the example of the 2019 attack on the Japanese company Mitsubishi Electric where the _Tick group abused a zero-day in the Trend Micro antivirus_. Software supply chain attacks characterize Chinese APT behavior, and this incident marks a **cyber-espionage campaign** existing for years now.

## Chrome Adopts Windows 10 Security Feature

_Google Chrome 90 has incorporated the new Windows 10 Hardware-enforced Stack Protection security feature_, which safeguards against Return-Oriented Programming (ROP) attacks. The Hardware-enforced Stack Protection uses CPU hardware to protect the application’s code, which provides added **cybersecurity protection** in [Chrome 90](https://ciso.economictimes.indiatimes.com/news/google-chrome-adopts-windows-10-security-feature/82408160) on Windows 20H1, Intel 11th Gen, or AMD Zen 3 CPUs. Intel and Microsoft have been using Control-flow Enforcement Technology (CET) to fight ROP attacks for years now.

CET’s shadow stacks, used for control transfer operations, are deemed problematic for some of the software existing on the Google Chrome platform. This is because the software that loads itself into Chrome may not always be compatible with CET’s mitigation measure. Since **ROP attacks are risky**, Google has instructed developers to debug specific problems in Chrome’s shadow stack.

## Avaddon Ransomware Gives NSW Labor Party 240 Hours To Pay Up

_The Russian ransomware group Avaddon recently attacked the NSW Labor Party_, and they are now threatening the company to comply with ransom demands within ten days (240 hours) to avoid data leaks. The [data compromised](https://www.smh.com.au/national/nsw/police-investigate-cyber-attack-on-nsw-labor-party-20210505-p57p4y.html?&web%5Fview=true) in this major attack include the driver’s licenses, passports, confidential contracts, employees’ details, and employment contracts of users.

Avaddon is known for launching distributed **denial-of-service attacks** against victims who don’t comply with ransom demands. Cybersecurity researchers Matthew Westwood-Hill says that Avaddon remains within a network for quite some time before installing the ransomware. While the Australian Federal Police is aware of the **malicious tactics** of Avaddon, it isn’t doing anything about it. This recent Avaddon attack is one of the many that have hit the Australian cyber landscape in recent times.

[![Ransomware](https://media.mailhop.org/duocircle/images/2021/05/hosted-email-server-5074.jpg)](https://media.mailhop.org/duocircle/images/2021/05/hosted-email-server-5074.jpg)

## Are Recycled Phone Numbers Safe?

A study carried out by Princeton University’s Prof. Arvind Narayanan, and Kevin Lee suggests that _recycled phone numbers come with several security risks_. These include **phishing attacks**, account takeovers, hindrance in signing up for online services, etc. The study examined 259 recycled numbers, _66% of which were still associated with the previous owner_ and his/her online presence on various websites.

An attacker can easily surf through online number change interfaces to look for numbers associated with previous users’ online accounts in such a scenario. They can then retrieve these numbers, reset account passwords, use SMS-based multi-factor authentication and OTPs to log in. _Some numbers even displayed the linked email addresses which had been compromised before_. Over **171 of the surveyed numbers** were accessible on people search services like BeenVerified, exposing the sensitive information of [prior users](https://thehackernews.com/2021/05/new-study-warns-of-security-threats.html?&web%5Fview=true).

Two U.S. telecom service providers- T-Mobile and Verizon Wireless, were involved in the study, and none of them have altered their [email security](/) tools and strategies following this study. They have put up a post on their support page asking people to update their numbers on any linked accounts before deactivating a number.

## Dell Finally Resolves A 12-Year-Old Vulnerability.

_Dell has patched a 12-year-old vulnerability (CVE-2021-21551) in its Dell DBUtil driver_, and millions of Dell users now need to get the update. The bug existed in DBUtil 2.3 and let the OS interact with the computer’s hardware and BIOS. Exploiting the bug, the adversaries could access driver functions and introduce [malicious code](https://therecord.media/dell-patches-12-year-old-driver-vulnerability-impacting-millions-of-pcs/). However, _the vulnerability cannot be exploited online_; the adversaries can take over a compromised PC via a privilege escalation vulnerability.

Dell was informed about this bug three times in the past, but it’s only now that it has done something to ensure [ransomware protection](/advanced-threat-defense) for users. The company hopes to make the proof-of-concept code for CVE-2021-21551 accessible by 1st June. Users are advised to get the Dell DBUtil updates by then.

## Topics

NewsSecurityUpdates 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  News 3m  Alert: Fix SPF & DKIM Settings For Your Email Forwarding Set Up Through Microsoft o365 SMTP Server Or Your Emails May End Up In Spam  Jul 20, 2021 ](/blog/announcements/alert-fix-spf-dkim-settings-for-your-email-forwarding-set-up-through-microsoft-o365-smtp-server-or-your-emails-may-end-up-in-spam/)[  News 6m  Cyber Security News Update, Week 1 of 2022  Jan 7, 2022 ](/blog/announcements/cyber-security-news-update-week-1-of-2022/)[  News 7m  Cybersecurity News Update, Week 1 of 2023  Jan 1, 2023 ](/blog/announcements/cyber-security-news-update-week-1-of-2023/)[  News 5m  EasyPark Data Breach, Ohio Lottery Cyberattack, GTA 5 Leak, Cybersecurity News \[December 25, 2023\]  Jan 4, 2024 ](/blog/announcements/cyber-security-news-update-week-1-of-2024/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cyber Security News Update, Week 20 of 2021","description":"Cyberattacks have manifolded over the years, and now email security service is not a matter of privileged cybersecurity investment but a necessity for all.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-20-of-2021/","datePublished":"2021-05-14T14:59:35.000Z","dateModified":"2025-05-22T19:04:59.000Z","dateCreated":"2021-05-14T14:59:35.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-20-of-2021/"},"articleSection":"announcements","keywords":"News, Security, Updates","wordCount":924,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2021/05/SMTP-email-9072.jpg","caption":"cyber security","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"News"},{"@type":"ListItem","position":3,"name":"Cyber Security News Update, Week 20 of 2021","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-20-of-2021/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"News","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"Cyber Security News Update, Week 20 of 2021","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-20-of-2021/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cyber Security News Update, Week 20 of 2021","description":"Cyberattacks have manifolded over the years, and now email security service is not a matter of privileged cybersecurity investment but a necessity for all.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-20-of-2021/","datePublished":"2021-05-14T14:59:35.000Z","dateModified":"2025-05-22T19:04:59.000Z","dateCreated":"2021-05-14T14:59:35.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-20-of-2021/"},"articleSection":"announcements","keywords":"News, Security, Updates","wordCount":924,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2021/05/SMTP-email-9072.jpg","caption":"cyber security","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```