---
title: "Cyber Security News Update, Week 24 of 2021 | DuoCircle"
description: "Those days are behind us when merely adopting traditional cybersecurity tools such as local anti-virus software used to be enough to identify and alert against."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-24-of-2021/"
---

Quick Answer

KPMG's report on the Reserve Bank of New Zealand breach traced the incident to a third-party file-sharing tool, Accellion FTA, which exposed personal and commercially sensitive data. ATM skimmers in Mexico's tourist zones are draining accounts of foreign visitors. Researchers found a wave of fake unsubscribe emails that confirm a live address rather than removing the recipient. The Bravomovies streaming scam tries to charge users to cancel a subscription they never started. HPE patched a critical zero-day (CVE-2021-31856) in its SIM software allowing remote code execution. And SEO-poisoned Google Search results for AnyDesk were dropping malware through lookalike download pages.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-24-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cyber%20Security%20News%20Update%2C%20Week%2024%20of%202021&url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-24-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-24-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-24-of-2021%2F&title=Cyber%20Security%20News%20Update%2C%20Week%2024%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cyber%20Security%20News%20Update%2C%20Week%2024%20of%202021&body=Check out this article: undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-24-of-2021%2F "Share via Email") 

![Cyber Security](https://media.mailhop.org/duocircle/images/2021/06/dmarc-report-6824.jpg) 

Those days are behind us when merely adopting traditional **cybersecurity tools** such as local anti-virus software used to be enough to identify and alert against possible cyber threats. Instead, _it’s the era of availing services from third-party vendors_, and this means any cyber risk to the vendor might be a security concern for the clientele. Among other interesting cyber news this week, here’s what the Reserve Bank of New Zealand found about its recent cyber breach.

## KPMG Findings Of Reserve Bank Attack: New Zealand

_The Reserve Bank of New Zealand’s supplier of file transfer application (FTA) Accellion underwent a cybersecurity incident back in January 2021_. Although Accellion did issue an alert for its customers (including the bank), the notification and breach warning never made it to the Reserve Bank systems. Consequently, all bank files exchanged over Accellion were compromised. This was the **second cyberattack in two months** to hit the bank related to a third-party application.

As a **ransomware protection** measure, the bank hired KPMG to investigate the breach and [strengthen loopholes](https://news.softpedia.com/news/new-zeeland-s-reserve-bank-taking-action-to-respond-to-data-breach-reports-533074.shtml?&web%5Fview=true) within the Reserve Bank’s cyber defenses. Adrian Orr, the Reserve Bank Governor, has asserted that the bank would incorporate all of KPMG’s recommendations as system security has always been its priority. Interestingly, the KPMG report states that though any fault of the bank didn’t directly trigger the attack, it could have been resisted if **proper security** controls were in place!

## Tourists Beware Of Using ATMs In Mexico

[![Romanian cybercriminal](https://media.mailhop.org/duocircle/images/2021/06/DMARC-report-service-3175.jpg)](https://media.mailhop.org/duocircle/images/2021/06/DMARC-report-service-3175.jpg)

Imagine traveling to a new city and withdrawing money from the ATM to perhaps do so touristy shopping. What if the ATM is used to conduct fraudulent transactions and rob you of your money while still in a foreign land? Florian Tudor or The Shark, a [Romanian cybercriminal](https://www.cyberscoop.com/mexico-atm-scam-florian-tudor-shark/) (who was also accused of attempted murder), _was recently arrested by the Mexican Police for conducting financial fraud using corrupt ATMs_. Tudor reportedly headed these campaigns and **stole over $1 billion** from tourists to date.

However, his arrest wasn’t as smooth as it sounds. As per reports, Tudor and his associates put up a great fight before finally succumbing to authorities’ might! There was shouting and wrestling culminating in officers carrying Tudor forcibly by his arms and legs. Tudor’s gang has been named ‘Riviera Maya’ by the Organized Crime and Corruption Reporting Project (OCCRP). _The gang has infiltrated over 100 ATMs throughout Mexico using Bluetooth skimmers and other malicious methods_. What feels like a failure of [cybersecurity practices](/content/protection-from-phishing) in this entire affair is the role of bank employees in the scam. Insider threats can sabotage even the most secure security walls. In this case, small bribery to the bank employees worked wonders for Tudor and the gang!

## Are Unsubscription Emails Genuine Today?

We are all tired of receiving newsletters and promotional emails from sites we don’t necessarily remember subscribing to, but _responding to an email to confirm unsubscription isn’t the best idea right now_. The adversaries have discovered another innovative way to verify the email addresses of prospective users whom they can target with **phishing emails**. This tactic involves sending an email with a subject like “Verification,” “Request, please confirm your unsubscription,” or “We\_need your confirmation ASAP.”

These emails [do not explain](https://www.bleepingcomputer.com/news/security/watch-out-these-unsubscribe-emails-only-lead-to-further-spam/?&web%5Fview=true) which service is being subscribed or unsubscribed per se; it just comes with two colorful boxes with links asking to subscribe or unsubscribe. An unsuspecting user who clicks on these _embedded links to (un)subscribe would fall into a trap where your mail client sends an email to several hacker-controlled email IDs_ and verifies your email account as a functioning email address, suitable for **phishing attacks**.

Therefore, the best way is to mark such emails without any description of what website/service you’re (un)subscribing to as spam and _refrain from clicking on an embedded link_. One major cybersecurity tip to remember in such cases is that genuine websites never send out (un)subscription emails without explaining their services.

## Do Not Worry About Cancelling Subscription To Bravomovies

_The notorious malware BazarLoader is causing havoc again, this time under the pretense of a movie streaming service_. Victims receive an email asking them to cancel their subscription to this so-called movie streaming service to prevent their credit cards from being charged in a typical attack. The landing page of this fake streaming service called BravoMovies lists several movie titles but downloads nothing but BazarLoader on [users’ devices](https://cyware.com/news/fake-streaming-service-spreads-bazarloader-f8bdeeab).

The fake email comes with customer care numbers which are, in reality, answered by actors from the malware group. _These people impersonate real call center executives and guide victims through the process of canceling a subscription they hadn’t signed up for in the first place_! Since [email security services](/) may not always be able to identify and report such malicious emails, users **must remain vigilant**, especially in current times of the pandemic when the use of online movie streaming sites has skyrocketed.

## HPE Fixes Zero-Day Vulnerability

The HPE Systems Insight Manager (SIM) software which provides remote support management and automation solutions for HPE networking products, storage, and servers, was _found with a zero-day remote code execution vulnerability_ in December last year. Tracked as CVE-2020-7200, the critical severity vulnerability enabled attackers with zero privilege to exploit it and execute code on vulnerable servers without any user interaction. It was found in the latest version of Hewlett Packard Enterprise’s SIM software with impacts only on the Windows version.

[![federated search](https://media.mailhop.org/duocircle/images/2021/06/DMARC-report-service-3482.jpg)](https://media.mailhop.org/duocircle/images/2021/06/DMARC-report-service-3482.jpg)

HPE has taken cybersecurity measures and released a **security update** that resolves the vulnerability. The SIM hotfix update kit requires admins to disable the “Federated CMS Configuration” and “Federated Search” features to eliminate the threat factor. This essentially means that the [federated search](https://www.bleepingcomputer.com/news/security/hpe-fixes-critical-zero-day-vulnerability-disclosed-in-december/?&web%5Fview=true) feature will no longer be functional.

## Google Search Results For AnyDesk May Download Malware

Have you looked up AnyDesk on Google lately? If yes, then chances are, you landed up at its fake version, _which has bested even the original AnyDesk ad campaign by bypassing Googe’s anti-malvertising screening policing_. Instead, clicking on the fake ad would install the malware, followed by a follow-on hands-on-keyboard activity.

Cybersecurity researchers believe that victims who downloaded the malicious program were tricked into executing the binary called AnyDeskSetup.exe. _The objective of this binary is to launch a PowerShell script on the users’ devices_. However, _Google was [quick to respond](https://threatpost.com/ad-malicious-version-anydesk/166525/?web%5Fview=true) to the ad abuse and removed it immediately_.

## Topics

NewsSecurityUpdates 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  News 3m  Alert: Fix SPF & DKIM Settings For Your Email Forwarding Set Up Through Microsoft o365 SMTP Server Or Your Emails May End Up In Spam  Jul 20, 2021 ](/blog/announcements/alert-fix-spf-dkim-settings-for-your-email-forwarding-set-up-through-microsoft-o365-smtp-server-or-your-emails-may-end-up-in-spam/)[  News 6m  Cyber Security News Update, Week 1 of 2022  Jan 7, 2022 ](/blog/announcements/cyber-security-news-update-week-1-of-2022/)[  News 7m  Cybersecurity News Update, Week 1 of 2023  Jan 1, 2023 ](/blog/announcements/cyber-security-news-update-week-1-of-2023/)[  News 5m  EasyPark Data Breach, Ohio Lottery Cyberattack, GTA 5 Leak, Cybersecurity News \[December 25, 2023\]  Jan 4, 2024 ](/blog/announcements/cyber-security-news-update-week-1-of-2024/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cyber Security News Update, Week 24 of 2021","description":"Those days are behind us when merely adopting traditional cybersecurity tools such as local anti-virus software used to be enough to identify and alert against.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-24-of-2021/","datePublished":"2021-06-10T13:40:09.000Z","dateModified":"2025-05-22T12:14:45.000Z","dateCreated":"2021-06-10T13:40:09.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-24-of-2021/"},"articleSection":"announcements","keywords":"News, Security, Updates","wordCount":1041,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2021/06/dmarc-report-6824.jpg","caption":"Cyber Security","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"News"},{"@type":"ListItem","position":3,"name":"Cyber Security News Update, Week 24 of 2021","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-24-of-2021/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"News","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"Cyber Security News Update, Week 24 of 2021","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-24-of-2021/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cyber Security News Update, Week 24 of 2021","description":"Those days are behind us when merely adopting traditional cybersecurity tools such as local anti-virus software used to be enough to identify and alert against.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-24-of-2021/","datePublished":"2021-06-10T13:40:09.000Z","dateModified":"2025-05-22T12:14:45.000Z","dateCreated":"2021-06-10T13:40:09.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-24-of-2021/"},"articleSection":"announcements","keywords":"News, Security, Updates","wordCount":1041,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2021/06/dmarc-report-6824.jpg","caption":"Cyber Security","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```
