---
title: "Cyber Security News Update, Week 32 of 2022 | DuoCircle"
description: "Cybersecurity headlines this week cover some of the major global security updates."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-32-of-2022/"
---

Quick Answer

Cybersecurity headlines for the week of August 15, 2022\. The BlackCat (ALPHV) ransomware gang claimed an attack on Creos Luxembourg, the country's main electricity and gas pipeline operator, and threatened to leak stolen data. Google's August Android security bulletin patched 37 vulnerabilities, including a critical Android System flaw. The FCC warned Americans of a sharp rise in smishing (SMS phishing) attacks impersonating banks and delivery services. Singapore's Ministry of Defence announced a new Digital and Intelligence Service to focus on cyber defense for military networks. IBM and Arctic Wolf data showed BEC and ransomware activity continuing to climb. FEMA warned of unpatched flaws in older Emergency Alert System encoder/decoder devices that could let attackers send fake alerts over TV and radio.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-32-of-2022%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cyber%20Security%20News%20Update%2C%20Week%2032%20of%202022&url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-32-of-2022%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-32-of-2022%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-32-of-2022%2F&title=Cyber%20Security%20News%20Update%2C%20Week%2032%20of%202022 "Share on Reddit") [ ](mailto:?subject=Cyber%20Security%20News%20Update%2C%20Week%2032%20of%202022&body=Check out this article: undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-32-of-2022%2F "Share via Email") 

![cybersecurity](https://media.mailhop.org/duocircle/images/2022/08/sender-policy-framework.jpg) 

Cybersecurity headlines this week cover some of the major global security updates. You cannot miss catching up on these, as your next major security move might be suggested in one of these updates. Here are this week’s major [cybersecurity](/) updates for your perusal:

## BlackCat Ransomware Claims Attack on Creos Luxembourg SA

The [BlackCat Ransomware group](https://therecord.media/alphv-blackcat-posted-data-ireland-munster-technical-university/) (also known as ALPHV) has claimed responsibility for the recent cyberattack on Creos Luxembourg SA Creos, an electricity network and natural gas pipeline operator that supplies energy to five EU countries. The company underwent a cyberattack between 22-33 July and made it known two days later.

The attack brought down the **Creos customer portal**, but there were no interruptions in providing services. Reportedly, the adversaries had stolen some data from the compromised systems. The company took immediate [ransomware protection](/resources/locky-ransomware) measures and has asked customers to wait to receive their personalized breach notifications till the investigations are over.

Creos has urged all customers to reset their account passwords to **ensure cybersecurity**. Further, if they had used the same password in other online accounts, it was also advised to change those passwords. Creos has declined to comment further on the incident, but BlackCat has added Creos to its extortion site. BlackCat is now threatening to publish [150 GB](https://www.bleepingcomputer.com/news/security/blackcat-ransomware-claims-attack-on-european-gas-pipeline/?&web%5Fview=true) of stolen files from Creos. This includes _their bills, agreements, passports, contracts, and emails._

## Google Patches 37 Vulnerabilities in August Security Bulletin

In its monthly security bulletin for August, Google has patched 37 vulnerabilities affecting Android devices. These patches include one for a critical security flaw in the system component that could culminate in [remote code execution](https://www.imperva.com/learn/application-security/remote-code-execution/#:~:text=What%20Is%20Remote%20Code%20Execution,over%20public%20or%20private%20networks.). This flaw uses Bluetooth to spread and requires no other execution privileges. Tracked as CVE-2022-20345, the Bluetooth vulnerability gets patched this month for **Android 10, 11, 12, and 12L devices**.

Several remaining flaws were tagged high severity because they could lead to information disclosure or privilege escalation. They affected components such as _Kernel, Media Framework, System, MediaTek, Imaginary Technologies, Qualcomm, and Unisoc_.

Google advises Android partners to **fix all the** **cybersecurity** **issues** covered in the bulletin and get the security patches soon. The bulletin divides the vulnerable into [two security patch](https://www.infosecurity-magazine.com/news/google-patches-critical-android/?&web%5Fview=true) levels and urges Android partners to bundle the fixes they plan to address in a single update.

[![ cybersecurity](https://media.mailhop.org/duocircle/images/2022/08/spf-validator-1314.jpg)](https://media.mailhop.org/duocircle/images/2022/08/spf-validator-1314.jpg)

## FCC Warns Americans of Growing Smishing Attacks

The Federal Communications Commission (FCC) has recently released a notice warning Americans of the growing number of [SMS phishing attacks](https://www.bleepingcomputer.com/news/security/irs-warns-americans-of-massive-rise-in-sms-phishing-attacks/). SMS phishing or smishing is a type of phishing where adversaries use **SMS texts to reach victims**. These SMS are usually embedded with links to fraudulent sites and pages spoofed by attackers to steal user credentials and financial data.

The FCC has been tracking consumer complaints reporting malicious text messages and calls. It is said that the number of malicious texts has increased from 15,300 in 2021 to 8,500 in 2022 (so far). Further, billions of robotexts are reported monthly, another threat vector.

Adversaries use different lures to trick users and **steal their personal information**. These texts usually impersonate reliable sources such as familiar businesses, government agencies, etc., and make claims of unpaid bills, law enforcement actions, issues with package delivery, or bank account-related problems.

When such texts reach you, the FCC advises you not to respond and refrain from **sharing personal informatio**n. No matter how insignificant the piece of information shared might seem to you, if it’s asked for in a suspicious text, then it can be used against you. Additionally, if you think you have received any [suspicious text](https://cyware.com/news/americans-warned-against-sms-phishing-by-fcc-741589ad), then the FCC urges you to report the text at the earliest to ensure cybersecurity for yourself and all others.

## Singapore to Set Up Cyber Defense Unit

In line with the increase in cybersecurity issues, Singapore has begun its work towards establishing a dedicated **cyber defense unit**. The country has passed a few amendments which grant creation of a new digital intelligence unit as part of the armed forces. It also enforces the appointment of a digital chief to ensure that cyber intrusions are handled efficiently, and **national** **cybersecurity** **is maintained**.

The Singaporean government has passed two bills to establish this digital intelligence unit. This unit would be the fourth service unit under the [Singapore Armed Forces (SAF)](https://en.wikipedia.org/wiki/Singapore%5FArmed%5FForces) and deal with battling online attacks. This DIS team shall function parallel to the Navy, the Army, and Air Force. This fourth DIS unit is set to operate by year-end and shall be headed by a **Chief of Digital and Intelligence Service (CDI)**.

The objective of the DIS is to ensure that **Singapore is well-protected** against the entire spectrum of [cyber threats](/phishing-protection/small-businesss-shocking-response-to-cyber-threats/). It shall operate as a full-fledged military service arm and protect Singapore’s critical cyber infrastructure. This [revolutionary measure](https://www.zdnet.com/article/singapore-takes-formal-step-towards-setting-up-cyber-defence-unit/?web%5Fview=true) to ensure cybersecurity for the nation also saw the Constitution amended to grant discretionary power to the president in appointing the CDI.

## BEC and Ransomware Attacks Increase

A recent cybersecurity report states that there has been a 70% increase in the number of [business email compromise (BEC)](https://www.tessian.com/blog/business-email-compromise-bec-examples/) and ransomware attacks reported in the past year. Further, software vulnerabilities were responsible for **50% of these reported attacks**, indicating the need for better cybersecurity training, password management, and patch management measures.

Cybersecurity is a major concern for US businesses, and with increasing [phishing attacks](/content/phishing-prevention/phishing-attacks), keeping businesses safe is becoming increasingly difficult. A study conducted by a renowned [cybersecurity firm](/) analyzed over 600 incident response cases from the past year to understand if there was any cybersecurity trend, pattern, or significant vulnerabilities.

They found that 70% of all reported incidents were BEC and [ransomware attacks](/resources/ryuk-ransomware-attacks). In addition, 77% of all attacks had software vulnerabilities, phishing, and **poor passwords** as the initial attack vectors. While known software vulnerabilities led to 50% of the reported incidents, another 50% had not enabled security measures such as MFA. Poor patch management was another important factor, leading to attacks in 28% of the cases.

Healthcare, finance, legal and professional services, tech, manufacturing, wholesale and retail were the [top sectors](https://tech.co/news/70-of-cyberattacks-target-business-email-accounts?web%5Fview=true) targeted by these attacks and accounted for over 60% of the reported incidents.

[![Ransomware Attacks](https://media.mailhop.org/duocircle/images/2022/08/spf-record-generator-1112.jpg)](https://media.mailhop.org/duocircle/images/2022/08/spf-record-generator-1112.jpg)

## FEMA Warns of Vulnerabilities in TV and Radio Networks

The Federal Emergency Management Agency recently released an alert mentioning that software vulnerabilities in the TV and radio networks enable adversaries to **broadcast fake messages** using the alert system. It noted that some unpatched [Emergency Alert System (EAS)](https://www.fcc.gov/consumers/guides/emergency-alert-system-eas) devices are operating unsecured. Local and state officials use these national EAS devices to send emergency alerts about child abductions or natural disasters.

Hence, FEMA has urged operators to update their devices and address the software issues at the earliest. The advisory didn’t specify if fake alerts could be **transmitted over text messages**, but adversaries can very well release fake alerts over radio, TV, and cable networks. So far, there is no evidence of these vulnerabilities being exploited by [threat actors](https://edition.cnn.com/2022/08/03/politics/fema-emergency-alert-software-warning/index.html?&web%5Fview=true).

## Topics

NewsSecurityUpdates 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  News 3m  Alert: Fix SPF & DKIM Settings For Your Email Forwarding Set Up Through Microsoft o365 SMTP Server Or Your Emails May End Up In Spam  Jul 20, 2021 ](/blog/announcements/alert-fix-spf-dkim-settings-for-your-email-forwarding-set-up-through-microsoft-o365-smtp-server-or-your-emails-may-end-up-in-spam/)[  News 6m  Cyber Security News Update, Week 1 of 2022  Jan 7, 2022 ](/blog/announcements/cyber-security-news-update-week-1-of-2022/)[  News 7m  Cybersecurity News Update, Week 1 of 2023  Jan 1, 2023 ](/blog/announcements/cyber-security-news-update-week-1-of-2023/)[  News 5m  EasyPark Data Breach, Ohio Lottery Cyberattack, GTA 5 Leak, Cybersecurity News \[December 25, 2023\]  Jan 4, 2024 ](/blog/announcements/cyber-security-news-update-week-1-of-2024/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cyber Security News Update, Week 32 of 2022","description":"Cybersecurity headlines this week cover some of the major global security updates.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-32-of-2022/","datePublished":"2022-08-15T17:17:09.000Z","dateModified":"2025-04-29T10:50:27.000Z","dateCreated":"2022-08-15T17:17:09.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-32-of-2022/"},"articleSection":"announcements","keywords":"News, Security, Updates","wordCount":1134,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2022/08/sender-policy-framework.jpg","caption":"cybersecurity","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"News"},{"@type":"ListItem","position":3,"name":"Cyber Security News Update, Week 32 of 2022","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-32-of-2022/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"News","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"Cyber Security News Update, Week 32 of 2022","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-32-of-2022/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cyber Security News Update, Week 32 of 2022","description":"Cybersecurity headlines this week cover some of the major global security updates.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-32-of-2022/","datePublished":"2022-08-15T17:17:09.000Z","dateModified":"2025-04-29T10:50:27.000Z","dateCreated":"2022-08-15T17:17:09.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-32-of-2022/"},"articleSection":"announcements","keywords":"News, Security, Updates","wordCount":1134,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2022/08/sender-policy-framework.jpg","caption":"cybersecurity","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```